@ericbsd
We need a GhostBSD specific Tutorial about Running Firefox inside a Jail. If you know how to do that please post in this forum and kindly give me the link of the thread. In case you don't I am sure you know someone who does so please request him/her to post. I have tried my best and failed. Just remember to make the tutorial newbie friendly so that users can copy/paste commands.
We need a GhostBSD specific Tutorial about Running Firefox inside a Jail
- security_lover
- Posts: 69
- Joined: Thu Apr 22, 2021 9:54 am
We need a GhostBSD specific Tutorial about Running Firefox inside a Jail
I am paranoid about security !
- security_lover
- Posts: 69
- Joined: Thu Apr 22, 2021 9:54 am
Re: We need a GhostBSD specific Tutorial about Running Firefox inside a Jail
The method written in the FreeBSD wiki won't work under GhostBSD coz bsdinstall is not available in the GhostBSD repos.
I tried following the honeyguide.eu tutorial but I am getting stuck at this step :
I tried following the honeyguide.eu tutorial but I am getting stuck at this step :
Code: Select all
~ [1]> sudo pot create -p onetime-browser -b 12.1 -N public-bridge -t single -f browser
###> 12.1 is not a valid release
pot create [-hv] -p potname [-N network-type] [-i ipaddr] [-l lvl] [-f flavour]
[-b base | -P basepot ] [-d dns] [-t type]
-h print this help
-v verbose
-k keep the pot, if create fails
-p potname : the pot name (mandatory)
-l lvl : pot level (only for type multi)
-b base : the base pot
-P pot : the pot to be used as reference
-d dns : one between inherit(default), pot, off or custom:filename
-f flavour : flavour to be used
-t type: single or multi (default multi)
single: the pot is based on a unique ZFS dataset
multi: the pot is composed by a classical collection of 3 ZFS dataset
-N network-type: one of those
inherit: inherit the host network stack (default)
alias: use a static ip as alias configured directly to the host NIC
public-bridge: use the internal commonly public bridge
private-bridge: use an internal private bridge (with option -B)
-i ipaddr : an ip address or the keyword auto (if compatible with the network-type)
auto: usable with public-bridge and private-bridge (default)
ipaddr: mandatory with alias, usable with public-bridge and private-bridge
-B bridge-name : the name of the bridge to be used (private-bridge only)
-S network-stack : the network stack (ipv4, ipv6 or dual)
I am paranoid about security !
- security_lover
- Posts: 69
- Joined: Thu Apr 22, 2021 9:54 am
Re: We need a GhostBSD specific Tutorial about Running Firefox inside a Jail
Made some progress but still failed in the end
Code: Select all
# pot create -p onetime-browser -b 13.0 -N public-bridge -t single -f browser
===> Creating a new pot
===> pot name : onetime-browser
===> type : single
===> base : 13.0
===> pot_base :
===> level : 0
===> network-type : public-bridge
===> network-stack: ipv4
===> ip : 10.192.0.3
===> bridge :
===> dns : inherit
===> flavours : browser
===> Fetching FreeBSD 13.0
/var/cache/pot/13.0-RELEASE_base.txz 180 MB 1615 kBps 01m54s
===> Extract the tarball
===> Internal network not found! Calling vnet-start to fix the issue
pfctl: pf already enabled
===> Starting the pot onetime-browser
add net default: gateway 10.192.0.1
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:24:01:9d:0e:0b
inet 10.192.0.3 netmask 0xffc00000 broadcast 10.255.255.255
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Updating /var/run/os-release done.
Creating and/or trimming log files.
Clearing /tmp (X related).
Updating motd:.
Starting syslogd.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Starting cron.
Thu Feb 10 04:49:12 UTC 2022
/usr/local/etc/pot/flavours/browser.sh -> /opt/pot/jails/onetime-browser/m/tmp/browser.sh
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest, please wait...
pkg: Error fetching http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest/Latest/pkg.txz: No address record
Address resolution failed for http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest.
Consider changing PACKAGESITE.
sendmail_enable: NO -> NONE
sshd_enable: NO -> YES
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest, please wait...
pkg: Error fetching http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest/Latest/pkg.txz: No address record
Address resolution failed for http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest.
Consider changing PACKAGESITE.
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest, please wait...
pkg: Error fetching http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest/Latest/pkg.txz: No address record
Address resolution failed for http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest.
Consider changing PACKAGESITE.
###> create: flavour browser failed (script)
I am paranoid about security !