Can't execute script within jail from FreeNAS shell

Status
Not open for further replies.
LIGISTX

LIGISTX

Guru
Joined
Apr 12, 2015
Messages
525
So, I am really at a loss. I just upgraded from 11 to 11.1 and am on 11.1U4. A script I had working before and a friend has working on 9.x doesn't seem to work. Weird thing is, it works if I jexec into the jail and run it. Its a simple mirror script, I have it looking at a remote volume and mirror it to a mounted volume within the jail. If I run the script from within the jail it executes without issue. Also, its not the fault of the rsa key itself, I can ssh into the remote host via freenas shell and jexec jail shell. It will authenticate in those instances, but if I run a script from freenas itself I get:

Code:
mirror: Login failed: Login incorrect


I am at a loss as to why this is happening. My jail can see my rsa key, seemingly user permissions are correct as it can successfully run the script from within the jail and can ssh into the remote host, its just like the rsa key isn't getting used when the script is ran from outside of the jail which to me makes no real sense.

Any advice would be appreciated. I am not sure if this is a 11.1 issue, or if I am just doing something incorrectly. Although, this is running on a 9.x install and was running on my 11.0 install just last week.

The script is:

Code:
#!/usr/local/bin/bash -l

login="alpha"
pass="beta"
host="gamma@delta.epsilon"
remote_dir="/zeta/eta"
local_dir="/theta/iota/"
volume="/theta/iota/"
cmd="$cmd
mirror -c -p --use-pget-n=5 -P5 --no-empty-dirs ${remote_dir} ${local_dir} -x \"(^|/)\.\" -x \"_gsdata_\""

trap "rm -f /tmp/lockfile.lock" SIGINT SIGTERM

if [[ -e /tmp/lockfile.lock ]]
then
  echo "Sync is running already."
  exit 1
else
#  echo "Creating lock ..."
  touch /tmp/lockfile.lock
/usr/local/bin/lftp -u $login,$pass sftp://${host} << EOF
set sftp:auto-confirm no
set sftp:connect-program 'ssh -a -x -i /mnt/root/.ssh/id_rsa'
set xfer:log-file "/root/logfile.log"
$cmd
quit
EOF
#  echo "Sync EOF excuting..."
  rm -f /tmp/lockfile.lock
  trap - SIGINT SIGTERM
  exit 0
fi
 
LIGISTX

LIGISTX

Guru
Joined
Apr 12, 2015
Messages
525
Anyone have any ideas?

I want to be able to run the script from outside the jail so I can run it via a webUI cron for its incredibly easy setup.


Sent from my iPhone using Tapatalk
 
D

dlavigne

Guest
Were you able to resolve this? If not, is there anything in /var/log/auth.log or /var/log/messages when the script fails?
 
LIGISTX

LIGISTX

Guru
Joined
Apr 12, 2015
Messages
525
dlavigne said:
Were you able to resolve this? If not, is there anything in /var/log/auth.log or /var/log/messages when the script fails?
Click to expand...
Not resolved yet. I do see a log in system log "/var/log/cron" that the cron is running, but it isn't getting to the script itself. I added a log to the script itself and its not getting to that at all. I can't seem to figure it out.

I tried to run it with command "jexec -n plexmediaserver_1 bash -i -c " viz the webui with no success.

To be honest, my auth.log is just filled with invalid login attempts lol. Its actually pretty insane how many people try and hit the server.............. Or, well, how many bots try. The last bad login is from before the cron tried to run, so that isn't helpful. Same with /messages.
 
LIGISTX

LIGISTX

Guru
Joined
Apr 12, 2015
Messages
525
Can I get a mod to merge both my posts about this? I tried posting again since I wasn't getting any action on the first, and of course got 2 hits on the same day, one in each....

I am thinking its an issue with not being able to execute the script unless its an actual user in the jail trying to do it. I can't run it from outside the jail via jexec, and crontab -e inside can't either. Both give the same error:

Copy paste from my other post
"
Its like the RSA key just isn't getting passed, even though the script will run if I manually run it. Its like it won't execute unless its a real user trying. It is clearly trying to connect to my remote host, but.... its not being able to authenticate. Trying a few things.

mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
mirror: Login failed: Login incorrect
"


https://forums.freenas.org/index.php?threads/edit-crontab-in-jail.63423/#post-454249
 
Status
Not open for further replies.

Similar threads

M
  • Locked
SOLVED Help with a script to update jails
Replies
2
Views
2K
mow4cash
M
C
  • Locked
Shell Script in Jail: TAR doesn't quit
Replies
1
Views
1K
cr0n_dist0rti0n
C
T
Install script for Domoticz with open-zwave driver in iocage jail
Replies
12
Views
4K
hervon
H
T
  • Locked
Tips for IOCAGE jail installation scripts
Replies
2
Views
4K
danb35
danb35
M
Execute jexec with user uucp / or how to execute jail commands from UPS service
Replies
3
Views
4K
Darrin M
D
Top