From owner-freebsd-jail@FreeBSD.ORG Mon Jun 8 11:06:56 2009 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7B0D21065673 for ; Mon, 8 Jun 2009 11:06:56 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 68D5F8FC1C for ; Mon, 8 Jun 2009 11:06:56 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n58B6uPw020697 for ; Mon, 8 Jun 2009 11:06:56 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n58B6thT020693 for freebsd-jail@FreeBSD.org; Mon, 8 Jun 2009 11:06:55 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 8 Jun 2009 11:06:55 GMT Message-Id: <200906081106.n58B6thT020693@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jun 2009 11:06:56 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/134583 jail [jail] [hang] Machine with jail freezes after random a o kern/133265 jail [jail] is there a solution how to run nfs client in ja o kern/132092 jail [jail] jail can listen on *:port when jail_socket_unix o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566 jail [jail] [patch] fstat(1) according to specified jid o bin/32828 jail [jail] w(1) incorrectly handles stale utmp slots with 6 problems total. From owner-freebsd-jail@FreeBSD.ORG Mon Jun 8 17:14:20 2009 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C7BEE106566B; Mon, 8 Jun 2009 17:14:20 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 9D0A78FC08; Mon, 8 Jun 2009 17:14:20 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from freefall.freebsd.org (bz@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n58HEKeB006185; Mon, 8 Jun 2009 17:14:20 GMT (envelope-from bz@freefall.freebsd.org) Received: (from bz@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n58HEKfY006181; Mon, 8 Jun 2009 17:14:20 GMT (envelope-from bz) Date: Mon, 8 Jun 2009 17:14:20 GMT Message-Id: <200906081714.n58HEKfY006181@freefall.freebsd.org> To: bz@FreeBSD.org, freebsd-jail@FreeBSD.org, freebsd-net@FreeBSD.org From: bz@FreeBSD.org Cc: Subject: Re: kern/134583: [hang] Machine with jail freezes after random amount of time X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jun 2009 17:14:21 -0000 Old Synopsis: [jail] [hang] Machine with jail freezes after random amount of time New Synopsis: [hang] Machine with jail freezes after random amount of time Responsible-Changed-From-To: freebsd-jail->freebsd-net Responsible-Changed-By: bz Responsible-Changed-When: Mon Jun 8 17:12:41 UTC 2009 Responsible-Changed-Why: This does not sounds like a jail but more a networking/tcp problem with 7.2-R hanging the machine. Re-assign so that the right people will look at it. http://www.freebsd.org/cgi/query-pr.cgi?pr=134583 From owner-freebsd-jail@FreeBSD.ORG Mon Jun 8 17:25:42 2009 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DB6761065672; Mon, 8 Jun 2009 17:25:42 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id B13E18FC19; Mon, 8 Jun 2009 17:25:42 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from freefall.freebsd.org (bz@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n58HPgYa013197; Mon, 8 Jun 2009 17:25:42 GMT (envelope-from bz@freefall.freebsd.org) Received: (from bz@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n58HPgV1013193; Mon, 8 Jun 2009 17:25:42 GMT (envelope-from bz) Date: Mon, 8 Jun 2009 17:25:42 GMT Message-Id: <200906081725.n58HPgV1013193@freefall.freebsd.org> To: bz@FreeBSD.org, freebsd-jail@FreeBSD.org, bz@FreeBSD.org From: bz@FreeBSD.org Cc: Subject: Re: kern/132092: [jail] jail can listen on *:port when jail_socket_unixiproute_only set to NO X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jun 2009 17:25:43 -0000 Synopsis: [jail] jail can listen on *:port when jail_socket_unixiproute_only set to NO Responsible-Changed-From-To: freebsd-jail->bz Responsible-Changed-By: bz Responsible-Changed-When: Mon Jun 8 17:25:24 UTC 2009 Responsible-Changed-Why: http://www.freebsd.org/cgi/query-pr.cgi?pr=132092 From owner-freebsd-jail@FreeBSD.ORG Mon Jun 8 17:30:10 2009 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 24B9C1065676 for ; Mon, 8 Jun 2009 17:30:10 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 124428FC08 for ; Mon, 8 Jun 2009 17:30:10 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n58HU909013481 for ; Mon, 8 Jun 2009 17:30:09 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n58HU939013478; Mon, 8 Jun 2009 17:30:09 GMT (envelope-from gnats) Date: Mon, 8 Jun 2009 17:30:09 GMT Message-Id: <200906081730.n58HU939013478@freefall.freebsd.org> To: freebsd-jail@FreeBSD.org From: "Bjoern A. Zeeb" Cc: Subject: Re: kern/133265: [jail] is there a solution how to run nfs client in jail environment? X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "Bjoern A. Zeeb" List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jun 2009 17:30:10 -0000 The following reply was made to PR kern/133265; it has been noted by GNATS. From: "Bjoern A. Zeeb" To: bug-followup@FreeBSD.org, pg@fincombank.com Cc: Subject: Re: kern/133265: [jail] is there a solution how to run nfs client in jail environment? Date: Mon, 8 Jun 2009 17:18:35 +0000 (UTC) The general answer is: it is not possible. You could do the NFS mount from the base system and have the mountpoint within the visbility of the jail. You may get around enabling raw_sockets but if that works somehow I wouldn't rely on it and you'll have to be aware of what globally enabling raw sockets means. With FreeBSD 8 it will hopefully be possible as you may have your own network stack oer jail. I am just not sure if the NFS code is there ("fully virtualized") yet to make it work. -- Bjoern A. Zeeb The greatest risk is not taking one. From owner-freebsd-jail@FreeBSD.ORG Mon Jun 8 17:57:14 2009 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 71A27106566C; Mon, 8 Jun 2009 17:57:14 +0000 (UTC) (envelope-from ltning@anduin.net) Received: from mail.anduin.net (mail.anduin.net [213.225.74.249]) by mx1.freebsd.org (Postfix) with ESMTP id 2D5538FC15; Mon, 8 Jun 2009 17:57:13 +0000 (UTC) (envelope-from ltning@anduin.net) Received: from [212.62.248.147] (helo=[192.168.2.10]) by mail.anduin.net with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1MDihL-00085Q-G6; Mon, 08 Jun 2009 19:31:51 +0200 Message-Id: From: =?ISO-8859-1?Q?Eirik_=D8verby?= To: "Bjoern A. Zeeb" In-Reply-To: <200906081730.n58HU939013478@freefall.freebsd.org> Mime-Version: 1.0 (Apple Message framework v935.3) Date: Mon, 8 Jun 2009 19:32:56 +0200 References: <200906081730.n58HU939013478@freefall.freebsd.org> X-Mailer: Apple Mail (2.935.3) Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-jail@FreeBSD.org Subject: Re: kern/133265: [jail] is there a solution how to run nfs client in jail environment? X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jun 2009 17:57:14 -0000 Hoi, someone (Landon) did a java16 build on one of our sparc64 jails using NFS in some way for cross-building elsewhere and stuff. Some userland NFS from ports, I believe. Just fyi. /Eirik On 8. juni. 2009, at 19.30, Bjoern A. Zeeb wrote: > The following reply was made to PR kern/133265; it has been noted by > GNATS. > > From: "Bjoern A. Zeeb" > To: bug-followup@FreeBSD.org, pg@fincombank.com > Cc: > Subject: Re: kern/133265: [jail] is there a solution how to run nfs > client > in jail environment? > Date: Mon, 8 Jun 2009 17:18:35 +0000 (UTC) > > The general answer is: it is not possible. > > You could do the NFS mount from the base system and have the > mountpoint within the visbility of the jail. > > You may get around enabling raw_sockets but if that works somehow I > wouldn't rely on it and you'll have to be aware of what globally > enabling raw sockets means. > > With FreeBSD 8 it will hopefully be possible as you may have your own > network stack oer jail. I am just not sure if the NFS code is there > ("fully virtualized") yet to make it work. > > -- > Bjoern A. Zeeb The greatest risk is not taking > one. > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail- > unsubscribe@freebsd.org" > From owner-freebsd-jail@FreeBSD.ORG Wed Jun 10 01:15:26 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2A9E11065672 for ; Wed, 10 Jun 2009 01:15:26 +0000 (UTC) (envelope-from poleris@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.245]) by mx1.freebsd.org (Postfix) with ESMTP id D89EB8FC14 for ; Wed, 10 Jun 2009 01:15:25 +0000 (UTC) (envelope-from poleris@gmail.com) Received: by an-out-0708.google.com with SMTP id c3so212373ana.13 for ; Tue, 09 Jun 2009 18:15:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:from:date :x-google-sender-auth:message-id:subject:to:content-type :content-transfer-encoding; bh=efPvGHrcxmdxnYOmLpwTqemESFgw51eTXe2HQvOeIvA=; b=Sph+AixZNAREb5tS8d6RDL7IeCFqdQw4uFqXXPuyjFxO1RcIi2xriTGarLRsksI/H8 +20EJA9Q9SyfJ9jYxhsShENi80xtbxgb5llRl7ZL12yXIVioP4UfY8tKwnjASt7MReTb cQrytN1yiN1UA6gpNrydMTycu0Hg71+bfWTs4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:from:date:x-google-sender-auth:message-id :subject:to:content-type:content-transfer-encoding; b=Nt7OxKu5MhVv2+asqbZU2CqXaXZ0JDOF6vz1MAgzMi/QnIEiQ/DhZzr7C+VSEOlANZ pwW6GbOrXN/YXkdozQcMKPWxbTOjw7D7rndvhD0Y+hW41qN7tcwcv+itYZLl514Vn3mo IWMAgckccprf1VrAbfRdb7IcO1CVPR3zbKvmc= MIME-Version: 1.0 Sender: poleris@gmail.com Received: by 10.231.39.130 with SMTP id g2mr268185ibe.9.1244594673056; Tue, 09 Jun 2009 17:44:33 -0700 (PDT) From: Edwin Shao Date: Tue, 9 Jun 2009 20:44:13 -0400 X-Google-Sender-Auth: 1a9ff52ce2f3e953 Message-ID: <17ca67550906091744p55fe0748h8f39bb326b05b06f@mail.gmail.com> To: freebsd-jail@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: sysctl variables not propagating to children jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jun 2009 01:15:26 -0000 Hi, In the most recent -current, I've noticed that sysctl variables no longer propagate to jails and thus it is impossible to allow raw sockets, allow mounting, etc. This might be related to . For example, in parent: hyper ~> sysctl security security.jail.param.cpuset.id: 0 security.jail.param.host.hostid: 0 security.jail.param.host.hostuuid: 64 security.jail.param.host.domainname: 256 security.jail.param.host.hostname: 256 security.jail.param.enforce_statfs: 0 security.jail.param.securelevel: 0 security.jail.param.path: 1024 security.jail.param.name: 256 security.jail.param.parent: 0 security.jail.param.jid: 0 security.jail.enforce_statfs: 2 security.jail.mount_allowed: 1 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 1 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 0 security.jail.jail_max_af_ips: 255 security.jail.jailed: 0 In child: t# sysctl security security.jail.param.cpuset.id: 0 security.jail.param.host.hostid: 0 security.jail.param.host.hostuuid: 64 security.jail.param.host.domainname: 256 security.jail.param.host.hostname: 256 security.jail.param.enforce_statfs: 0 security.jail.param.securelevel: 0 security.jail.param.path: 1024 security.jail.param.name: 256 security.jail.param.parent: 0 security.jail.param.jid: 0 security.jail.enforce_statfs: 0 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 0 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 security.jail.jail_max_af_ips: 255 security.jail.jailed: 1 security.bsd.suser_enabled: 1 security.bsd.unprivileged_proc_debug: 1 security.bsd.conservative_signals: 1 security.bsd.see_other_gids: 1 security.bsd.see_other_uids: 1 security.bsd.unprivileged_read_msgbuf: 1 security.bsd.hardlink_check_gid: 0 security.bsd.hardlink_check_uid: 0 security.bsd.unprivileged_get_quota: 0 In my messages log: 944 Jun 9 20:10:26 hyper root: /etc/rc.d/jail: DEBUG: checkyesno: jail_enable is set to YES. 945 Jun 9 20:10:26 hyper root: /etc/rc.d/jail: DEBUG: run_rc_command: doit: jail_start 946 Jun 9 20:10:26 hyper root: /etc/rc.d/jail: DEBUG: checkyesno: jail_set_hostname_allow is set to NO. 947 Jun 9 20:10:26 hyper root: /etc/rc.d/jail: DEBUG: checkyesno: jail_socket_unixiproute_only is set to YES. 948 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: checkyesno: jail_sysvipc_allow is set to NO. 949 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t devfs enable: YES 950 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t fdescfs enable: YES 951 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t procfs enable: YES 952 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t mount enable: YES 953 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t hostname: t 954 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t ip: 10.0.0.10 955 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t interface: 956 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t fib: 957 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t root: /usr/jails/t 958 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t devdir: /usr/jails/t/dev 959 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t fdescdir: /usr/jails/t/dev/fd 960 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t procdir: /usr/jails/t/proc 961 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t ruleset: devfsrules_jail 962 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t fstab: /etc/fstab.t 963 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t consolelog: /var/log/jail_t_console.log 964 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t exec start: /bin/sh /etc/rc 965 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t exec stop: 966 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t flags: -l -U root 967 Jun 9 20:10:27 hyper root: /etc/rc.d/jail: DEBUG: t consolelog: /var/log/jail_t_console.log This is using: hyper ~> uname -a FreeBSD hyper.nekogiri.com 8.0-CURRENT FreeBSD 8.0-CURRENT #0 r193627: Sun Jun 7 06:11:17 EDT 2009 root@hyper.nekogiri.com:/usr/obj/usr/home/eshao/wsp/freebsd/src/sys/XENNEKO i386 I noticed this problem when upgrading past this revision: http://svn.freebsd.org/viewvc/base?view=revision&revision=192895 Please let me know if I'm doing something stupid! Or if you need more debugging output.. Thanks, Edwin From owner-freebsd-jail@FreeBSD.ORG Wed Jun 10 07:35:07 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C1D031065688 for ; Wed, 10 Jun 2009 07:35:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [195.88.108.3]) by mx1.freebsd.org (Postfix) with ESMTP id 7BEC68FC08 for ; Wed, 10 Jun 2009 07:35:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.fra.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 3D8D741C6DB; Wed, 10 Jun 2009 09:35:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([195.88.108.3]) by localhost (amavis.fra.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id UaUykwLAP83D; Wed, 10 Jun 2009 09:35:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id BC63B41C6A7; Wed, 10 Jun 2009 09:35:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 628BC4448E6; Wed, 10 Jun 2009 07:30:27 +0000 (UTC) Date: Wed, 10 Jun 2009 07:30:27 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Edwin Shao In-Reply-To: <17ca67550906091744p55fe0748h8f39bb326b05b06f@mail.gmail.com> Message-ID: <20090610072311.K22887@maildrop.int.zabbadoz.net> References: <17ca67550906091744p55fe0748h8f39bb326b05b06f@mail.gmail.com> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-jail@freebsd.org Subject: Re: sysctl variables not propagating to children jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jun 2009 07:35:08 -0000 On Tue, 9 Jun 2009, Edwin Shao wrote: Hi, > In the most recent -current, I've noticed that sysctl variables no > longer propagate to jails and thus it is impossible to allow raw > sockets, allow mounting, etc. This might be related to > . .. > Please let me know if I'm doing something stupid! No, nothing apart from probably not spotting that the problem was already well understood and there had been workarounds suggested at the end of the above thread. That said, expect the problem to be fixed within 24 hours. You will only have to rebuild your jail(8) command line tool, once you spot the commit by: 1) update your source and make sure to have the new version of jail.c 2) cd src/usr.sbin/jail 3) make obj && make depend && make all 4) sudo make install 5) try again. In case you still see problems afterwards, cry again, loud and in here - in case that will fix the problem a short note will be welcome as well;-) /bz -- Bjoern A. Zeeb The greatest risk is not taking one. From owner-freebsd-jail@FreeBSD.ORG Wed Jun 10 15:49:31 2009 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8636E10656A7 for ; Wed, 10 Jun 2009 15:49:31 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from gritton.org (gritton.org [161.58.222.4]) by mx1.freebsd.org (Postfix) with ESMTP id 467178FC19 for ; Wed, 10 Jun 2009 15:49:31 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id n5AFSSWH049090; Wed, 10 Jun 2009 09:28:28 -0600 (MDT) Message-ID: <4A2FD117.2040902@FreeBSD.org> Date: Wed, 10 Jun 2009 09:28:23 -0600 From: Jamie Gritton User-Agent: Thunderbird 2.0.0.19 (X11/20090109) MIME-Version: 1.0 To: "Bjoern A. Zeeb" References: <17ca67550906091744p55fe0748h8f39bb326b05b06f@mail.gmail.com> <20090610072311.K22887@maildrop.int.zabbadoz.net> In-Reply-To: <20090610072311.K22887@maildrop.int.zabbadoz.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV 0.94.2/9450/Wed Jun 10 07:41:08 2009 on gritton.org X-Virus-Status: Clean Cc: Edwin Shao , freebsd-jail@FreeBSD.org Subject: Re: sysctl variables not propagating to children jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jun 2009 15:49:33 -0000 Bjoern A. Zeeb wrote: > On Tue, 9 Jun 2009, Edwin Shao wrote: > > Hi, > >> In the most recent -current, I've noticed that sysctl variables no >> longer propagate to jails and thus it is impossible to allow raw >> sockets, allow mounting, etc. This might be related to >> . > .. >> Please let me know if I'm doing something stupid! > > No, nothing apart from probably not spotting that the problem was > already well understood and there had been workarounds suggested at > the end of the above thread. > > > That said, expect the problem to be fixed within 24 hours. You will > only have to rebuild your jail(8) command line tool, once you spot the > commit by: > > 1) update your source and make sure to have the new version of jail.c > 2) cd src/usr.sbin/jail > 3) make obj && make depend && make all > 4) sudo make install > 5) try again. > > In case you still see problems afterwards, cry again, loud and in > here - in case that will fix the problem a short note will be > welcome as well;-) The patch is now in for this - recompile jail(8) with r193929. - Jamie