# jail services don't start automatically



## BeautifulFish (Dec 27, 2009)

jail services don't start automatically, i have to chroot inside the jails to start them

i have 2 jails, httpd for apache and mysqld for mysql server
build is just for building ports...


```
root# uname -a
FreeBSD BeautifulFish.local.bsd 8.0-STABLE FreeBSD 8.0-STABLE #1: Fri Dec 18 08:10:27 EET 2009     [email]root@BeautifulFish.local.bsd[/email]:/usr/obj/usr/src/sys/FISH amd64
```


```
root# jls
   JID  IP Address      Hostname                      Path
    48  192.168.1.10    build                         /usr/jails/build
    50  192.168.1.12    mysqld.myjail.bsd             /usr/jails/mysqld
    51  192.168.1.11    httpd.myjail.bsd              /usr/jails/httpd
```

/var/log/jail_httpd_console.log

```
root# cat /var/log/jail_httpd_console.log
Setting hostname: httpd.myjail.bsd.
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/mysql
32-bit compatibility ldconfig path: /usr/lib32
Creating and/or trimming log files.
Starting syslogd.
Clearing /tmp.
/etc/rc: WARNING: Ignoring old-style startup script /etc/rc.d/ezjail-config.sh
Updating motd:.
Performing sanity check on apache22 configuration:
Syntax OK
Starting apache22.
[color="Red"](49)Can't assign requested address: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
/etc/rc: WARNING: failed to start apache22[/color]
Starting cron.
Raising kernel security level:
kern.securelevel: -1 -> 1
```

/var/log/jail_mysqld_console.log

```
root# cat /var/log/jail_mysqld_console.log
Setting hostname: mysqld.myjail.bsd.
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/mysql
32-bit compatibility ldconfig path: /usr/lib32
Creating and/or trimming log files.
Starting syslogd.
Clearing /tmp (X related).
/etc/rc: WARNING: Ignoring old-style startup script /etc/rc.d/ezjail-config.sh
Updating motd:.
Starting mysql.
Starting cron.
Raising kernel security level:
kern.securelevel: -1 -> 1
```

/etc/rc.conf

```
root# cat /etc/rc.conf
zfs_enable="YES"

hostname="BeautifulFish.local.bsd"
ifconfig_urtw0="DHCP WPA"
ifconfig_urtw0_alias0="inet 192.168.1.11/32" [color="Red"]<<------- maybe this is wrong?[/color]
ifconfig_urtw0_alias1="inet 192.168.1.12/32" [color="Red"]<<------- maybe this is wrong?[/color]

hald_enable="YES"
dbus_enable="YES"
fusefs_enable="YES"
linux_enable="YES"

sendmail_enable="NONE"
syslogd_enable="YES"
syslogd_flags="-ss"
clear_tmp_enable="YES"

ezjail_enable="YES"
```

/usr/jails/httpd/etc/rc.conf

```
root# cat /usr/jails/httpd/etc/rc.conf
# Pretuned by German Engineers

hostname="httpd.myjail.bsd"

# No network interfaces in jails
network_interfaces="urtw0" [color="Red"]<<------- maybe this is wrong?[/color]

kern_securelevel_enable="YES"   # Enable 'securelevel' kernel security
kern_securelevel="1"            # See init(8)

# Prevent rpc
rpcbind_enable="NO"

# Prevent loads of jails doing their cron jobs at the same time
cron_flags="$cron_flags -J 15"

# Prevent syslog to open sockets
syslogd_flags="-ss"

# Prevent sendmail to try to connect to localhost
sendmail_enable="NONE"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"

# Bring up sshd, it takes some time and uses some entropy on first startup
# sshd_enable="YES"

clear_tmp_enable="YES"          # Clear /tmp at startup

apache22_enable="YES"
```

/usr/jails/mysqld/etc/rc.conf

```
root# cat /usr/jails/mysqld/etc/rc.conf
# Pretuned by German Engineers

hostname="mysqld.myjail.bsd"

# No network interfaces in jails
network_interfaces="" [color="Red"]<<------- maybe this is wrong?[/color]

kern_securelevel_enable="YES"   # Enable 'securelevel' kernel security
kern_securelevel="1"            # See init(8)

# Prevent rpc
rpcbind_enable="NO"

# Prevent loads of jails doing their cron jobs at the same time
cron_flags="$cron_flags -J 15"

# Prevent syslog to open sockets
syslogd_flags="-ss"

# Prevent sendmail to try to connect to localhost
sendmail_enable="NONE"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"

# Bring up sshd, it takes some time and uses some entropy on first startup
# sshd_enable="YES"

#clear_tmp_enable="YES"          # Clear /tmp at startup

mysql_enable="YES"
```

/usr/jails/httpd/usr/local/etc/apache22/httpd.conf

```
root# cat /usr/jails/httpd/usr/local/etc/apache22/httpd.conf

...
Listen 80
...
```

ifconfig

```
root# ifconfig
re0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
        ether 00:1a:4d:5e:1b:f1
        media: Ethernet autoselect (10baseT/UTP <half-duplex>)
        status: no carrier
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=3<RXCSUM,TXCSUM>
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
urtw0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 2290
        ether 00:15:af:aa:7f:ee
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
        status: associated
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 00:15:af:aa:7f:ee
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
        status: associated
        ssid DeathMachine channel 7 (2442 Mhz 11g) bssid 00:14:7c:b0:24:88
        country US authmode WPA privacy ON deftxkey UNDEF TKIP 4:128-bit
        txpower 0 bmiss 7 scanvalid 450 bgscan bgscanintvl 300 bgscanidle 250
        roam:rssi 7 roam:rate 5 protmode CTS roaming MANUAL
```


*EDIT:*
i added network aliases, so now:

```
root# ifconfig
re0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
        ether 00:1a:4d:5e:1b:f1
        media: Ethernet autoselect (10baseT/UTP <half-duplex>)
        status: no carrier
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=3<RXCSUM,TXCSUM>
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
urtw0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 2290
        ether 00:15:af:aa:7f:ee
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
        status: associated
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 00:15:af:aa:7f:ee
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
[color="Green"]        inet 192.168.1.11 netmask 0xffffff00 broadcast 192.168.1.255
        inet 192.168.1.12 netmask 0xffffff00 broadcast 192.168.1.255[/color]
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
        status: associated
        ssid DeathMachine channel 7 (2442 Mhz 11g) bssid 00:14:7c:b0:24:88
        country US authmode WPA privacy ON deftxkey UNDEF TKIP 4:128-bit
        txpower 0 bmiss 7 scanvalid 450 bgscan bgscanintvl 300 bgscanidle 250
        roam:rssi 7 roam:rate 5 protmode CTS roaming MANUAL
```

also in httpd.conf

```
Listen 192.168.1.11:80
```


why can't it just start automatically?! why do i have to manually start it?


----------



## DutchDaemon (Dec 27, 2009)

I'm not exactly sure how this would pan out for jails, but the fact that _every_ IP address on that interface has a 255 netmask looks odd to me. I would expect some wider netmask on the primary IP address, and a 255 netmask on IP aliases in the same network. It now looks like 'nothing is tying the network together'. Maybe irrelevant.


----------



## BeautifulFish (Dec 27, 2009)

i really dont know :S

i added the aliases using this:

```
ifconfig wlan0 alias 192.168.1.11 netmask 0xffffff00
ifconfig wlan0 alias 192.168.1.12 netmask 0xffffff00
```

and specifying 192.168.1.11 in Listen 192.168.1.11:80 "httpd.conf" made me able to access port 80 through 192.168.1.11
so it is working, but it doesnt work automatically
i changed it back to Listen 80

in other words

```
apache22_enable="YES"
```
produces the error

while 

```
/usr/local/etc/rc.d/apache22 start
```
doesnt produce the error, apache works!

and the same for mysql


EDIT:
this might solve it?


```
root# jexec 21 /bin/csh
httpd# /usr/local/etc/rc.d/apache22 start
Performing sanity check on apache22 configuration:
Syntax OK
Starting apache22.
(49)Can't assign requested address: make_sock: could not bind to address 192.168.1.12:80
no listening sockets available, shutting down
Unable to open logs
/usr/local/etc/rc.d/apache22: WARNING: failed to start apache22
httpd# exit
exit
root# chroot /usr/jails/httpd/
root# /usr/local/etc/rc.d/apache22 start
Performing sanity check on apache22 configuration:
Syntax OK
Starting apache22.
root#
```



*EDIT 2: Solved* :e


```
ifconfig wlan0 alias 192.168.1.11 netmask 0xffffff[color="DarkGreen"][B]ff[/B][/color]
ifconfig wlan0 alias 192.168.1.12 netmask 0xffffff[color="DarkGreen"][B]ff[/B][/color]
```

in jails /etc/rc.conf

```
network_interfaces="[color="DarkGreen"]lo0[/color]"
```

in apache jail /etc/hosts use the hostname and the jail name

```
127.0.0.1               httpd.mylocal.bsd       httpd
```


thanks DutchDaemon for telling me about netmask


----------

