# Can i use mpd5 in jail?



## riku (May 6, 2010)

Hi, everybody!

I want to setup mpd5 in jail env, but that can not work.

the error message :


```
Multi-link PPP daemon for FreeBSD

process 20150 started, version 5.5 (root@host1 05:24  6-May-2010)
MppcTestCap: can't create socket node: Operation not permitted
LinksInit(): can't create socket node: Operation not permitted
CcpsInit(): can't create socket node: Operation not permitted
EcpsInit(): can't create socket node: Operation not permitted
CONSOLE: listening on 127.0.0.1 5005
web: listening on 0.0.0.0 5006
```


How to fix it?

Thanks


----------



## SirDice (May 6, 2010)

You probably need to enable raw_sockets in the jail.

See the jail(8) man page.


----------



## riku (May 7, 2010)

Thanks @sirdice

I had enable it , But I can not use mpd5 too.


```
sysctl -a | grep raw_socket
security.jail.allow_raw_sockets: 1
```


----------



## crsd (May 7, 2010)

Try loading all required netgraph modules from host system (_Operation not permitted_ is most likely result of loading kernel modules in jail).


----------



## riku (May 7, 2010)

I had load all netgraph modules , can not fix it.


```
pxe# kldstat
Id Refs Address    Size     Name
 1   25 0xc0400000 b6e060   kernel
 2    2 0xc292c000 e000     ipfw.ko
 3    1 0xc29ca000 4000     ipdivert.ko
 4    1 0xc2a10000 4000     ng_socket.ko
 5    8 0xc2a14000 b000     netgraph.ko
 6    1 0xc2a2c000 4000     ng_mppc.ko
 7    1 0xc2a30000 2000     rc4.ko
 8    1 0xc3b60000 3000     ng_tee.ko
 9    1 0xc3b63000 4000     ng_pptpgre.ko
10    1 0xc3b67000 5000     ng_ksocket.ko
11    1 0xc3b6c000 4000     ng_iface.ko
12    1 0xc3b70000 7000     ng_ppp.ko
13    1 0xc3b79000 3000     ng_tcpmss.ko
```


----------



## SirDice (May 7, 2010)

Did you enable raw_sockets _before_ starting the jail?


----------



## riku (May 8, 2010)

Yes, I had enable it.


----------



## yurigor (May 18, 2010)

I'd also like to have mpd5 inside of jail, but it seems that jails are not allowed to create interfaces.
On a host system you (and mpd too) can do `ifconfig gif0 create` (like ng0 etc.)
But in a jail doing `ifconfig gif0 create` gives you 
	
	



```
ifconfig: SIOCIFCREATE2: Operation not permitted
```
.

I home that having vimage|vnet [read: virtual network stack] you can do things like that. They already have it in FBSD 8.0 and I hope they will improve it by 9.0 (which will include pf support).


----------

