Project

General

Profile

Bug #3065

Sysvipc not enabled in jails.

Added by James Ghitelman about 7 years ago. Updated about 3 years ago.

Status:
Closed
Priority:
Nice to have
Assignee:
John Hixson
Category:
Middleware
Target version:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

Sysvipc is not enabled in jails. It can be enabled manually, but it needs to be re-enabled every time the jail is started.

Associated revisions

Revision 15182889 (diff)
Added by John Hixson over 6 years ago

Add ability to configure jail sysctl's from UI Ticket: #3065 Ticket: #3264

History

#1 Updated by Josh Paetzel about 7 years ago

I'm not sure whether this will be handled in a different way in the future. For the moment you can add the sysctls you need to the gui in the tree menu under system -> sysctls -> add sysctl

These get applied before the jails start.

#2 Updated by James Ghitelman about 7 years ago

Unfortunately, sysctl isn't the problem. From what I understand you have to set allow.sysvipc in the specific jail's configuration. Which, this being FreeNAS, I don't have access to.

#3 Updated by Josh Paetzel about 7 years ago

Ok. I see what you mean. I wasn't able to get a workaround in place with preinit or cron jobs either. We'll get this extended, but not in 9.1.1

#4 Updated by James Ghitelman about 7 years ago

Thanks, appreciate it. At least I'm getting a lot of practice administering over ssh.

#5 Updated by Xin Li about 7 years ago

Just wanted to remind that allowing this is actually a backdoor and should only be enabled when the administrator knows what he/she is doing. If this is implemented, it needs to be an option (checkbox) in the UI.

#6 Updated by Jordan Hubbard over 6 years ago

  • Category set to 38
  • Assignee set to John Hixson
  • Target version set to 49
  • Seen in set to 9.1.0-RELEASE

Something for John for the future.

#7 Updated by John Hixson over 6 years ago

  • Status changed from Unscreened to Screened

#8 Updated by Matthew Trent over 6 years ago

Looking forward to this option for VirtualBox in FreeNAS.

In the mean time you can add "allow.sysvipc=1" to the "jail-flags" file in the ".jailname.meta" folder in your jails root. I think that'll survive reboots.

Also, for reference the command line to enable this (doesn't survive reboot) is: "jail -m jid=X allow.sysvipc=1" (use "jls" to get jail ID #)

#9 Updated by James Ghitelman over 6 years ago

Just tried it and it does indeed survive reboot. Thanks, that's saved me a lot of effort. And that was indeed the command I was using.

#10 Updated by John Hixson over 6 years ago

  • Status changed from Screened to Resolved

Ability to add sysctl's to jails implemented in 1518288948aea530b52b3519e0d6d7be93cf4c6b.

#11 Updated by Dru Lavigne over 6 years ago

  • Status changed from Resolved to Unscreened

On FreeNAS-9.2.1-RC2-1518288-x64, jail creation fails as the new sysctls field gives the error "this field is required".

#12 Updated by John Hixson over 6 years ago

  • Status changed from Unscreened to Resolved

Dru Lavigne wrote:

On FreeNAS-9.2.1-RC2-1518288-x64, jail creation fails as the new sysctls field gives the error "this field is required".

You have a build before I made the commit where it isn't mandatory. This has been fixed already.

#13 Updated by Jordan Hubbard over 6 years ago

  • Status changed from Resolved to Closed

#14 Avatar?id=14398&size=24x24 Updated by Kris Moore about 3 years ago

  • Target version changed from 49 to N/A

Also available in: Atom PDF