Running ventrillo in freebsd jail

From ProjectWiki
(Difference between revisions)
Jump to: navigation, search
(What is it?)
Line 1: Line 1:
<big>How to run Ventrollo in a FreeBSD jail on single IP..</big>
+
=[http://enececufo.co.cc Under Construction! Please Visit Reserve Page. Page Will Be Available Shortly]=
 +
&lt;big&gt;How to run Ventrollo in a FreeBSD jail on single IP..&lt;/big&gt;
  
 
__TOC__
 
__TOC__
Line 19: Line 20:
 
==How to==
 
==How to==
 
* create a user account to run the daemon using the 'adduser' command. For this example we will assume the username is ventuser
 
* create a user account to run the daemon using the 'adduser' command. For this example we will assume the username is ventuser
<source lang="bash">
+
&lt;source lang=&quot;bash&quot;&gt;
 
adduser
 
adduser
</source>
+
&lt;/source&gt;
 
* transfer the tar.gz file to your server and place into the newly created user's home dir
 
* transfer the tar.gz file to your server and place into the newly created user's home dir
 
* cd to the newuser's dir
 
* cd to the newuser's dir
<source lang="bash">
+
&lt;source lang=&quot;bash&quot;&gt;
 
cd /home/ventuser
 
cd /home/ventuser
</source>
+
&lt;/source&gt;
 
* unpack the archive and change into the newly ventsrv dir
 
* unpack the archive and change into the newly ventsrv dir
<source lang="bash">
+
&lt;source lang=&quot;bash&quot;&gt;
 
tar -zxf ventrilo_srv-3.0.3-Linux-i386.tar.gz
 
tar -zxf ventrilo_srv-3.0.3-Linux-i386.tar.gz
 
cd ventsrv
 
cd ventsrv
</source>
+
&lt;/source&gt;
 
this will create a directory called: ventsrv
 
this will create a directory called: ventsrv
 
* Add libs required for the jail (note the libexec portions may not be necessary)  
 
* Add libs required for the jail (note the libexec portions may not be necessary)  
<source lang="bash">
+
&lt;source lang=&quot;bash&quot;&gt;
 
mkdir lib
 
mkdir lib
 
cp -R /usr/compat/linux/lib/* lib/
 
cp -R /usr/compat/linux/lib/* lib/
 
mkdir libexec
 
mkdir libexec
 
cp /libexec/ld-elf.so.1 libexec/
 
cp /libexec/ld-elf.so.1 libexec/
</source>
+
&lt;/source&gt;
 
* edit the ventrillo_srv.ini file with yer favorite text editor. This howto will not go into the details of this, they are well documented elsewhere
 
* edit the ventrillo_srv.ini file with yer favorite text editor. This howto will not go into the details of this, they are well documented elsewhere
  
Line 46: Line 47:
 
* edit ventstart.sh or whatever you called it for whatever username and ip you decided on.
 
* edit ventstart.sh or whatever you called it for whatever username and ip you decided on.
 
* Make the script executable
 
* Make the script executable
<source lang="bash">
+
&lt;source lang=&quot;bash&quot;&gt;
 
chmod 755 ventstart.sh
 
chmod 755 ventstart.sh
</source>
+
&lt;/source&gt;
  
 
YAY! \^_^/ Unless you screwed up or I forgot something everything should be ready to go... To start the daemon manually type:  
 
YAY! \^_^/ Unless you screwed up or I forgot something everything should be ready to go... To start the daemon manually type:  
<source lang="bash">
+
&lt;source lang=&quot;bash&quot;&gt;
 
ventstart.sh
 
ventstart.sh
</source>
+
&lt;/source&gt;
  
 
The server should start with no error messages. To verify type:
 
The server should start with no error messages. To verify type:
<source lang="bash">
+
&lt;source lang=&quot;bash&quot;&gt;
 
sockstat | grep vent
 
sockstat | grep vent
</source>
+
&lt;/source&gt;
 
which should produce output something like
 
which should produce output something like
<pre>
+
&lt;pre&gt;
 
ventuser      ventrilo_s 17955 4  tcp4  204.16.1.55:3784    *:*
 
ventuser      ventrilo_s 17955 4  tcp4  204.16.1.55:3784    *:*
 
ventuser      ventrilo_s 17955 5  udp4  204.16.1.55:3784    *:*
 
ventuser      ventrilo_s 17955 5  udp4  204.16.1.55:3784    *:*
</pre>
+
&lt;/pre&gt;
  
 
==The startup script==
 
==The startup script==
<source lang="bash">
+
&lt;source lang=&quot;bash&quot;&gt;
 
#/usr/local/bin/bash
 
#/usr/local/bin/bash
 
VENPATH=/home/ventuser/ventsrv
 
VENPATH=/home/ventuser/ventsrv
Line 72: Line 73:
 
VENIP=204.16.1.55
 
VENIP=204.16.1.55
  
echo "Starting ventrillo... ^_^"
+
echo &quot;Starting ventrillo... ^_^&quot;
jail -u ce0 $VENPATH $VENUSER $VENIP ventrilo_srv &
+
jail -u ce0 $VENPATH $VENUSER $VENIP ventrilo_srv &amp;
echo "delaying for jail/ventrillo startup"
+
echo &quot;delaying for jail/ventrillo startup&quot;
 
sleep 3
 
sleep 3
 
PID=`cat $VENPATH/ventrilo_srv.pid`
 
PID=`cat $VENPATH/ventrilo_srv.pid`
 
renice -6 $PID
 
renice -6 $PID
echo -en "ventrillo started pid: $PID ip: $VENIP\n"
+
echo -en &quot;ventrillo started pid: $PID ip: $VENIP\n&quot;
</source>
+
&lt;/source&gt;

Revision as of 00:27, 24 November 2010

Under Construction! Please Visit Reserve Page. Page Will Be Available Shortly

<big>How to run Ventrollo in a FreeBSD jail on single IP..</big>

Contents

What is it?

A user requested a ventrillo voice chat daemon on a server I administer. The initial problem to me was the server has several IPs, and we did not want it tying up all of them for the daemon. The software is also closed source and hard to evaluate from a security standpoint. So I thought to run the software in a freebsd jail. This would allow for assigning a single IP, and provide some additional security by being in the jail. This page documents how to do it.

I'm tempted to rant on and on about the horrible windows mentality that seems to seep from ventrillo's server design, i mean they coulda provided for chrooting, binding to specific host/port, and setuid from the start, but jaja... lets get on with it. :p

Also this is a wiki, if you see any errors or places that can be improved feel free to do so. thank you. ^^

Requirements

Well FreeBSD obviously, this documentation if for FreeBSD 7.x with Linux compatibility enabled. The reason for using Linux compat mode is because the freebsd specific version of ventrillo requires outdated versions of libstdc++.

  • FreeBSD 7.x (other versions may work, but i've not tested them)
  • Linux Compatibility mode enabled
  • Ventrillo for linux (ventrilo_srv-3.0.3-Linux-i386.tar.gz was used here)
  • basic knowledge of FreeBSD administration proceedures. :P

How to

  • create a user account to run the daemon using the 'adduser' command. For this example we will assume the username is ventuser

<source lang="bash"> adduser </source>

  • transfer the tar.gz file to your server and place into the newly created user's home dir
  • cd to the newuser's dir

<source lang="bash"> cd /home/ventuser </source>

  • unpack the archive and change into the newly ventsrv dir

<source lang="bash"> tar -zxf ventrilo_srv-3.0.3-Linux-i386.tar.gz cd ventsrv </source> this will create a directory called: ventsrv

  • Add libs required for the jail (note the libexec portions may not be necessary)

<source lang="bash"> mkdir lib cp -R /usr/compat/linux/lib/* lib/ mkdir libexec cp /libexec/ld-elf.so.1 libexec/ </source>

  • edit the ventrillo_srv.ini file with yer favorite text editor. This howto will not go into the details of this, they are well documented elsewhere

Okai, now we must create the script to launch Ventrillo.

  • Open a text editor on the server and copy/paste the text from the startup script below. Save this file as ventstart.sh or something. The script may be placed anywhere, but some common sense locations include /usr/local/etc/rc.d/ if you desire it to start automagically at boot. ^_^
  • edit ventstart.sh or whatever you called it for whatever username and ip you decided on.
  • Make the script executable

<source lang="bash"> chmod 755 ventstart.sh </source>

YAY! \^_^/ Unless you screwed up or I forgot something everything should be ready to go... To start the daemon manually type: <source lang="bash"> ventstart.sh </source>

The server should start with no error messages. To verify type: <source lang="bash"> sockstat | grep vent </source> which should produce output something like <pre> ventuser ventrilo_s 17955 4 tcp4 204.16.1.55:3784 *:* ventuser ventrilo_s 17955 5 udp4 204.16.1.55:3784 *:* </pre>

The startup script

<source lang="bash">

  1. /usr/local/bin/bash

VENPATH=/home/ventuser/ventsrv VENUSER=ventuser VENIP=204.16.1.55

echo "Starting ventrillo... ^_^" jail -u ce0 $VENPATH $VENUSER $VENIP ventrilo_srv & echo "delaying for jail/ventrillo startup" sleep 3 PID=`cat $VENPATH/ventrilo_srv.pid` renice -6 $PID echo -en "ventrillo started pid: $PID ip: $VENIP\n" </source>

Personal tools
irssi scripts
eggdrop scripts