Date: Tue, 27 Oct 2015 15:50:34 +0100 From: Mateusz Guzik <mjguzik@gmail.com> To: Sergey Zakharchenko <doublef.mobile@gmail.com> Cc: freebsd-virtualization@freebsd.org Subject: Re: Docker: jail: name cannot be numeric fix Message-ID: <20151027145033.GA24588@dft-labs.eu> In-Reply-To: <CADYCxoOGAyBe=bzxX0OB=q4N6qM7ZcnP1-oKbEGmYjy9pQMVww@mail.gmail.com> References: <CADYCxoOGAyBe=bzxX0OB=q4N6qM7ZcnP1-oKbEGmYjy9pQMVww@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 27, 2015 at 05:19:26PM +0300, Sergey Zakharchenko wrote: > Hello, > > This is just a quick note that the problem mentioned in the Docker > wiki https://wiki.freebsd.org/Docker : > > > {{{ > > docker run -t -i centos /bin/bash > > jail: name cannot be numeric (unless it is the jid > > }}} > > > > Unknown: Noticed when re-running a container. > > is not of an 'unknown' origin: it lies in sys/kern/kern_jail.c 's > detection of numeric JIDs, which dates back to 2009: > > https://svnweb.freebsd.org/base/head/sys/kern/kern_jail.c?revision=285685&view=markup > > else if (*namelc == '0' || (strtoul(namelc, &p, 10) != jid && *p == '\0'))) > > It thinks everything that starts with a '0' is numeric, and doesn't > check that it's the only character, e.g. namelc[1] == '\0'. This check > is incorrect for some of the hex jail names that Docker generates. > This is demonstrated by e.g. the following: > > ---> Running in 062a4f391fd9 > jail: name cannot be numeric (unless it is the jid) > > Should I send a PR? > What's the significance of said names? The issue here is that said id may contain to letters, effectivley looking like a number and that cannot be allowed due to jid/name confusion. While arbitrary names would be desirable, we are not going to get them without some weird effort. As such, the right fix would e.g. prefix all names with a letter and/or re-generated a name if it does not contain any non-numeric characters. The bogus check with 0 is only a side issue, which may or may not make sense to be addressed. -- Mateusz Guzik <mjguzik gmail.com>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151027145033.GA24588>