Problems starting a jail with ezjail

字号: 小中大 | 打印发布: 2010-1-25 16:14 作者: 剑心通明来源: 互联网查看: 43次

Over the weekend I was setting up a few FreeBSD jails to do some regression testing for the Bacula project. I had two already configured and running from my earlier work. My goal was to create a couple more and test multiple versions of databases etc. I found I could create a jail, but not login. When I checked in via the console, I saw that the initial startup script which did the jail setup was not running. I fixed it with a simple mv command. The rest of this article outlines the symptoms and how I fixed it.BSD爱好者乐园:G:BO1Lk't
BSD爱好者乐园G!K(w"r+`:n-T%`!H7z

r$hbvrJq}The symptoms
'l0ZP0V-{0x+\SI started the jail:BSD爱好者乐园F%WLA-`#c+b

`{C&CJ"?# ezjail-admin start mysql51.example.org
+u.R,\)`@[xConfiguring jails:.BSD爱好者乐园b {0Vt3F6R
Starting jails: mysql51.example.org.

3s s4S @U pN2z/XE9pThen I tried to login into them:
sB!ZS? Y5v0Q)|$ ssh -A mysql51.example.org
8U/v5V"Fxj1IPassword:
.sE$oB N+^%y,p)hPassword:BSD爱好者乐园J4\1?3B#B},\\*K t
Password:
w%^?!O_Received disconnect from 10.55.0.102: 2: Too many authentication failures for dan

This stumped me. I knew the password.BSD爱好者乐园,iX7wL*q/s-F F G

!L.]2] ?#_1do g:yS
l?+O"H:c0YB\The investigationBSD爱好者乐园Vjy$}9v
Why didn't it let me in? Let me try the console:

([CZ~|# ezjail-admin console mysql51.example.org
moL8N8JnACopyright (c) 1992-2009 The FreeBSD Project.
7^"yI;`(WCopyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
;f:J*Mkn The Regents of the University of California. All rights reserved.BSD爱好者乐园3o!|lK.r)a2T"j

tt8M(U(R|p tFreeBSD 8.0-STABLE (PHENOM) #1: Fri Dec 18 02:04:40 EST 2009

J;\O0ZE,aL+aWelcome to FreeBSD!

Before seeking technical support, please use the following resources:

o Security advisories and updated errata information for all releases areBSD爱好者乐园wglv?s!K9V} |
at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
for your release first as it's updated frequently.BSD爱好者乐园"u5V)Et|U

7i)z.Eg*a|$W6no The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,BSD爱好者乐园Ho4{fDVj
   along with the mailing lists, can be searched by going toBSD爱好者乐园Q@2j!V@AP)z'A4rf
   http://www.FreeBSD.org/search/. If the doc distribution hasBSD爱好者乐园8Jq ?FL)d@`2s
   been installed, they're also available formatted in /usr/share/doc.BSD爱好者乐园 ?ea+D3C[IVur

If you still have a question or problem, please take the output ofBSD爱好者乐园3V6N5`2FAu7B^(t%G
`uname -a', along with any relevant error messages, and email it
~Q }7W~6S#Q.`xsas a question to the questions@FreeBSD.org mailing list. If you areBSD爱好者乐园0~cMsmw
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
;~neV,lDmanual page. If you are not familiar with manual pages, type `man man'.BSD爱好者乐园DEQ5pq'y~

,f2r1t Wa9c_You may also use sysinstall(8) to re-enter the installation andBSD爱好者乐园%OQw2R8Fou
configuration utility. Edit /etc/motd to change this login announcement.BSD爱好者乐园.j-X)}*DT|Y
mysql51#BSD爱好者乐园3zC9H%_0T#z!^8K

T(D"a3n8~Il DThis dumped me right into the jail. So I got started:BSD爱好者乐园+k$}pYr;Ui

5m Z vp(@Hmysql51# bashBSD爱好者乐园X6j-^y$A[*pV[S
bash: Command not found.BSD爱好者乐园&_ \p&^#aJ^

No bash? There should be bash. That's one of the first things my jails install. Is my account there?

8Vlh.kA@5Bmysql51# grep dan /etc/passwdBSD爱好者乐园s[#`a k,N-~ Ze
mysql51#

;CT%u_;?o"kNo, no account. OK, so the jail isn't being properly set up. What's in messages:

mysql51 root: /etc/rc: WARNING: Ignoring old-style startup script /etc/rc.d/ezjail-config.shBSD爱好者乐园'L9Mm b,|-l4p
mysql51 sshd[40673]: error: PAM: authentication error for illegal user dan from 10.55.0.1
mysql51 last message repeated 2 timesBSD爱好者乐园C-G;?9V/z2DVn"MhO

-yFzb7P|h8lOld style? What's up with that?BSD爱好者乐园DD4?i}HkR

# ls -l /etc/rc.d/ezjail-config.shBSD爱好者乐园B_+H;n4a5c-y#sT
lrwxr-xr-x 1 root wheel 15 Jan 22 16:14 /etc/rc.d/ezjail-config.sh -> /ezjail.flavour

/ezjail.flavour is the startup script executed once when the jail is first run. It can do most setup that you might require. Failure to start is the cause of these problems. But why?BSD爱好者乐园S-@?7WP7b

Google to the rescue: http://www.mail-archive.com/freebsd-jail@freebsd.org/msg01080.html. In short, the file name needs to change from ezjail-config.sh to ezjail-config. More precisely, the symlink needs to be renamed.BSD爱好者乐园~"A'mNR7~eCj4|
BSD爱好者乐园Q[MDA$R2~

)A,HYH#z2~The fixBSD爱好者乐园4PqCd0i)~
I stopped the jail:

# ezjail-admin stop mysql51.example.org
&C e6{p#mH&UDStopping jails: mysql51.example.org.BSD爱好者乐园+o+Q e"m+J F(B

I renamed the culprit file:BSD爱好者乐园oe(x_gXUd/K
# cd /usr/jails/mysql51.example.org/etc/rc.dBSD爱好者乐园&]P|5KrH
# mv ezjail-config.sh ezjail-config
KYyDQ2@-VF# cd /usr/jailsBSD爱好者乐园@2{P;R}S5w%HB

And I restarted the jail. This time it took a bit longer to start, which is good. That meant it was running all the startup scripts (installing packages, creating users, etc.BSD爱好者乐园Pw9T{gw3O"T

# ezjail-admin start mysql51.example.orgBSD爱好者乐园"~W_E'\yYX
Configuring jails:.BSD爱好者乐园3|XW"|y4L{L
Starting jails: mysql51.example.org.

I was then able to connect to the jail without issue.BSD爱好者乐园 [gw`(r"S{3]

? p6KWcAZ!s:@
:Q#hE BBx3\wThe longterm fixBSD爱好者乐园hF.{I/v0h
The long term fix is at the URL post above. It needs to be incorporated into the port. I plan to create a patch and test tomorrow night.BSD爱好者乐园2\GJ/Ec7M_@!j

Ahh, after writing the above, I heard this fix is already in the ezjail repo, but not yet released. Still. I'll see about the patch.BSD爱好者乐园{LC1Z#_#eJ5?Z

|m!A?BI*hHmm, I've tested the patch. Works fine. It's beensubmitted. And the port skeleton can bedownloaded hereBSD爱好者乐园3]+T}:@1C7S

[重要提醒]对本篇资料有疑问，请到论坛讨论，尽量使文章准确无误>>>
[版权声明]BSD爱好者乐园站内文章，如来源不是互联网，则均系原创或翻译之作，可随意转载，或以此为基础进行演译，但务必以链接形式注明原始出处和作者信息，否则属于侵权行为。另对本站转载他处文章，俱有说明，如有侵权请联系本人，本人将会在第一时间删除侵权文章。
TAG: ezjail jail

-5 -3 -1 - +1 +3 +5

评分：0

最新更新

月度热点

相关阅读

网络推荐

推荐给好友 上一篇 | 下一篇

Problems starting a jail with ezjail

我来说两句

最新更新

月度热点

相关阅读

网络推荐

推荐给好友 上一篇 | 下一篇

Problems starting a jail with ezjail

我来说两句

推荐给好友上一篇 | 下一篇