We need a GhostBSD specific Tutorial about Running Firefox inside a Jail

Need support for GhostBSD. Ask here if your question does not fit elsewhere.
Post Reply
User avatar
security_lover
Posts: 69
Joined: Thu Apr 22, 2021 9:54 am

We need a GhostBSD specific Tutorial about Running Firefox inside a Jail

Post by security_lover »

@ericbsd
We need a GhostBSD specific Tutorial about Running Firefox inside a Jail. If you know how to do that please post in this forum and kindly give me the link of the thread. In case you don't I am sure you know someone who does so please request him/her to post. I have tried my best and failed. Just remember to make the tutorial newbie friendly so that users can copy/paste commands.
I am paranoid about security !
User avatar
security_lover
Posts: 69
Joined: Thu Apr 22, 2021 9:54 am

Re: We need a GhostBSD specific Tutorial about Running Firefox inside a Jail

Post by security_lover »

The method written in the FreeBSD wiki won't work under GhostBSD coz bsdinstall is not available in the GhostBSD repos.

I tried following the honeyguide.eu tutorial but I am getting stuck at this step :

Code: Select all

~ [1]> sudo pot create -p onetime-browser -b 12.1 -N public-bridge -t single -f browser
###>  12.1 is not a valid release
pot create [-hv] -p potname [-N network-type] [-i ipaddr] [-l lvl] [-f flavour]
  [-b base | -P basepot ] [-d dns] [-t type]
  -h print this help
  -v verbose
  -k keep the pot, if create fails
  -p potname : the pot name (mandatory)
  -l lvl : pot level (only for type multi)
  -b base : the base pot
  -P pot : the pot to be used as reference
  -d dns : one between inherit(default), pot, off or custom:filename
  -f flavour : flavour to be used
  -t type: single or multi (default multi)
         single: the pot is based on a unique ZFS dataset
         multi: the pot is composed by a classical collection of 3 ZFS dataset
  -N network-type: one of those
         inherit: inherit the host network stack (default)
         alias: use a static ip as alias configured directly to the host NIC
         public-bridge: use the internal commonly public bridge
         private-bridge: use an internal private bridge (with option -B)
  -i ipaddr : an ip address or the keyword auto (if compatible with the network-type)
         auto: usable with public-bridge and private-bridge (default)
         ipaddr: mandatory with alias, usable with public-bridge and private-bridge
  -B bridge-name : the name of the bridge to be used (private-bridge only)
  -S network-stack : the network stack (ipv4, ipv6 or dual)
I am paranoid about security !
User avatar
security_lover
Posts: 69
Joined: Thu Apr 22, 2021 9:54 am

Re: We need a GhostBSD specific Tutorial about Running Firefox inside a Jail

Post by security_lover »

Made some progress but still failed in the end

Code: Select all

# pot create -p onetime-browser -b 13.0 -N public-bridge -t single -f browser
===>  Creating a new pot
===>  pot name     : onetime-browser
===>  type         : single
===>  base         : 13.0
===>  pot_base     : 
===>  level        : 0
===>  network-type : public-bridge
===>  network-stack: ipv4
===>  ip           : 10.192.0.3
===>  bridge       : 
===>  dns          : inherit
===>  flavours     : browser
===>  Fetching FreeBSD 13.0
/var/cache/pot/13.0-RELEASE_base.txz                   180 MB 1615 kBps 01m54s
===>  Extract the tarball
===>  Internal network not found! Calling vnet-start to fix the issue
pfctl: pf already enabled
===>  Starting the pot onetime-browser
add net default: gateway 10.192.0.1
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:24:01:9d:0e:0b
	inet 10.192.0.3 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Updating /var/run/os-release done.
Creating and/or trimming log files.
Clearing /tmp (X related).
Updating motd:.
Starting syslogd.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Starting cron.

Thu Feb 10 04:49:12 UTC 2022
/usr/local/etc/pot/flavours/browser.sh -> /opt/pot/jails/onetime-browser/m/tmp/browser.sh
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest, please wait...
pkg: Error fetching http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest/Latest/pkg.txz: No address record
Address resolution failed for http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest.
Consider changing PACKAGESITE.
sendmail_enable: NO -> NONE
sshd_enable: NO -> YES
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest, please wait...
pkg: Error fetching http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest/Latest/pkg.txz: No address record
Address resolution failed for http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest.
Consider changing PACKAGESITE.
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest, please wait...
pkg: Error fetching http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest/Latest/pkg.txz: No address record
Address resolution failed for http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest.
Consider changing PACKAGESITE.
###>  create: flavour browser failed (script)
I am paranoid about security !
Post Reply