Jails

More Bacula Excludes with Jails and FreeBSD

Following on from my post about excluding the base OS with a Bacula FileSet, I decided to exclude some more. The starting point Here are the baselines: What else will I exclude? I decided to exclude the following as well: Adding iocage support Along the way, I extended the Exclude to work on server using the iocage jail management tool. I also split the Exclude out into its own file. Here is the […]

More Bacula Excludes with Jails and FreeBSD Read More »

WordPress and Fail2ban

I recently implemented Fail2ban on a FreeBSD jail host. It monitors log files within the jails, from the host. Offensive IP addresses which act up in one jail will be blocked at the host, thus blocking the rascal IP from all jails. This has been running for about two weeks. Today I added another tool, the WP fail2ban plugin. The plugin comes with a wordpress.local file, but to make it work with FreeBSD,

WordPress and Fail2ban Read More »

Excluding the base-OS when backing up FreeBSD jails with Bacula

I felt I was backing up way too much on my jail server. I was backing up files which would be installed as part of the OS. Let’s look at the esimate: *estimate level=full job=”slocum jail snapshots” Using Catalog “MyCatalog” Connecting to Client slocum-fd at slocum.int.unixathome.org:9102 2000 OK estimate files=2,824,716 bytes=239,568,332,325 * I decided to add these to the FileSet: Options { Exclude = yes WildDir = “/usr/jails/*/.zfs/snapshot/basejail” WildDir = “/usr/jails/*/.zfs/snapshot/bin” WildDir =

Excluding the base-OS when backing up FreeBSD jails with Bacula Read More »

Cannot find any appendable volumes – Bacula

A problem arose today which I have never seen before. I do not know what caused it and I do not know precisely how I fixed it. I am using Baclua 7.0.5 on FreeBSD 9.3 I found this email today: This is Bacula asking for more ‘tape’. I say tape, because that is an easy analogy to follow. In effect, the tape library has no tapes to which Bacula can place this backup.

Cannot find any appendable volumes – Bacula Read More »

nullfs mounts in a jail

Just a note for myself. I had this kind of thing in /etc/fstab so I could share one installation of plugins and themes for WordPress. /usr/local/wordress/plugins /usr/jails/freebsddiary.org/usr/local/www/wordpress/plugins nullfs ro,nosuid,noexec,late 0 0 /usr/local/wordress/themes /usr/jails/freebsddiary.org/usr/local/www/wordpress/themes nullfs ro,nosuid,noexec,late 0 0 /usr/local/wordress/plugins /usr/jails/news.freshports.org/usr/local/www/wordpress/plugins nullfs ro,nosuid,noexec,late 0 0 /usr/local/wordress/themes /usr/jails/news.freshports.org/usr/local/www/wordpress/themes nullfs ro,nosuid,noexec,late 0 0 Then I moved them to their respective ezjail /etc/fstab.new_freshports_org files. They didn’t mount. Solution: remove ,late

nullfs mounts in a jail Read More »

When ssh and ansible play poorly together

Last night, this worked fine. This morning, it fails: # ansible-playbook jail-mailjail.yml PLAY [mailjails] ************************************************************** GATHERING FACTS *************************************************************** failed: [mailjail.example.org] => {“failed”: true, “parsed”: false} invalid output was: Sorry, try again. Sorry, try again. Sorry, try again. sudo: 3 incorrect password attempts TASK: [pkg | install pkg] ***************************************************** FATAL: no hosts matched or all hosts have already failed — aborting PLAY RECAP ******************************************************************** to retry, use: –limit @/root/jail-mailjail.retry mailjail.example.org : ok=0 changed=0 unreachable=0

When ssh and ansible play poorly together Read More »

Cunning plan for upgrading jails

After a lengthy Twitter discussion this afternoon, and a post to the forums, I decided to alter my ezjail basejail. The issue: when you update the basejail, /etc/rc.d and /etc/periodic do not get updated. This is by design. I wanted those directories to get updated. So I have changed the basejail. I will outline first, and go into more detail after I have changed all the jails On the jail host: NOTE: I

Cunning plan for upgrading jails Read More »

Want 8.3 in a poudriere jail? Nope.

I tried this today, creating an 8.3-RELEASE jail for poudriere: $ sudo poudriere jail -c -v 8.3-RELEASE -j releng_8_3 ====>> Creating releng_8_3 fs… done ====>> Fetching sets for FreeBSD 8.3-RELEASE amd64 fetch: ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/8.3-RELEASE/base/CHECKSUM.SHA256: File unavailable (e.g., file not found, no access) fetch: ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/8.3-RELEASE/base/CHECKSUM.SHA256: File unavailable (e.g., file not found, no access) ====>> Error: Failed to fetch from ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/8.3-RELEASE/base/CHECKSUM.SHA256 ====>> Error while creating jail, cleaning up. ====>> Removing releng_8_3 jail… done It failed. But

Want 8.3 in a poudriere jail? Nope. Read More »

named: error sending response: host unreachable

Every day for weeks I’ve been seeing these entries in my logs: I could ignore them, but that’s not in my nature. I want to know why this is occurring and fix it. Attempting to find the source, I started a tcpdump on the host: That wasn’t much help. I think I should have logged it to a file. After seeing the log messages again today, and while a little bit of unexpected

named: error sending response: host unreachable Read More »

Scroll to Top