# jailed http server



## Beeblebrox (Apr 16, 2012)

Using www/lighttpd and it has been installed in a jail with IP 192.168.2.100/32 (which is an alias)

When I try to start the service from inside jail, I get:

```
# lighttpd -D -f /usr/lo*/etc/lighttpd/lighttpd.conf
(network.c.379) can't bind to port: 192.168.2.100 80 Address already in use
```

*sockstat* in the jail:

```
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS      
root     cron       6562  4  dgram  -> /var/run/logpriv
root     syslogd    6520  4  dgram  /var/run/log
root     syslogd    6520  5  dgram  /var/run/logpriv
```

*ifconfig* from inside jail:

```
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE
	inet 192.168.2.100 netmask 0xffffffff broadcast 192.168.2.100
	media: Ethernet autoselect (1000baseT <full-duplex>)
	status: active
```


----------



## SirDice (Apr 16, 2012)

Make sure there's nothing running on the host that also uses port 80. If there is you must make sure it's bound to the host's IP address instead of all.


----------



## Beeblebrox (Apr 16, 2012)

Nothing running on port 80 on host side. Stopping ntpd makes no difference. The "?" service is a mountd process for some reason...

```
# sockstat -4l
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS      
root     ntpd       78836 20 udp4   *:123                 *:*
root     ntpd       78836 21 udp4   192.168.1.10:123      *:*
root     ntpd       78836 22 udp4   192.168.2.1:123       *:*
root     ntpd       78836 23 udp4   192.168.2.100:123     *:*
root     ntpd       78836 24 udp4   192.168.2.101:123     *:*
root     ntpd       78836 25 udp4   127.0.0.1:123         *:*
root     inetd      78823 6  udp4   192.168.2.1:69        *:*
dhcpd    dhcpd      78589 7  udp4   192.168.2.1:67        *:*
dhcpd    dhcpd      78589 20 udp4   192.168.2.1:33002     *:*
root     nfsd       78353 5  tcp4   192.168.2.1:2049      *:*
root     mountd     78351 5  udp4   127.0.0.1:59          *:*
root     mountd     78351 6  udp4   192.168.2.1:59        *:*
root     mountd     78351 7  tcp4   127.0.0.1:59          *:*
root     mountd     78351 8  tcp4   192.168.2.1:59        *:*
root     rpcbind    78349 7  udp4   127.0.0.1:111         *:*
root     rpcbind    78349 8  udp4   192.168.2.1:111       *:*
root     rpcbind    78349 9  udp4   *:868                 *:*
root     rpcbind    78349 10 tcp4   127.0.0.1:111         *:*
root     rpcbind    78349 11 tcp4   192.168.2.1:111       *:*
mysql    mysqld     5589  10 tcp4   192.168.2.101:3306    *:*
root     perl       1644  6  tcp4   *:10101               *:*
root     perl       1644  7  udp4   *:10000               *:*
nobody   gdomap     824   3  udp4   *:538                 *:*
nobody   gdomap     824   4  tcp4   *:538                 *:*
root     syslogd    511   6  udp4   *:514                 *:*
?        ?          ?     ?  udp4   192.168.2.1:2049      *:*
```


----------



## SirDice (Apr 16, 2012)

Not related but you can stop running ntp in your jails. It won't work anyway, jails get their time from the host.


----------



## Beeblebrox (Apr 16, 2012)

ntp is for the diskless clients so that they can sync their clocks to host before distributed compile / compute starts. ntpd is running from host side (together with nfsd & rpcbind). I would prefer to run ntpd from the jail serving pxe but it does not start when placed in jail/etc/rc.conf. If I jexec into jail, stop dhcpd, I can then manually start ntpd then I just re-start dhcpd.  This is too much of a hassle however.

NFS runs on host as well because as yet, it's impossible to jail.

EDIT: Of course, under normal jail circumstances one would not want ntpd running from inside a jail since it is unable to bind to a single IP but listens on all IP's instead - thereby causing a process leak to other jails and host its self.


----------



## Beeblebrox (Apr 16, 2012)

The annoying part is, the jailed www/thttpd starts nicely with no errors, but shows nothing but a 404 page (jail-or-host, can't get it to work).
I suppose this makes the initial post a lighttpd specific error?

EDIT: Yes, the error was in my lighttpd.conf. I had copied it from host environment to the jail and had not changed

```
server.port = 80
server.bind = "localhost"
```
Should have been:

```
server.port = 80
server.bind = "192.168.2.100"
```


----------

