From owner-freebsd-jail@FreeBSD.ORG Mon Feb 25 11:06:50 2013 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id F37AB15E for ; Mon, 25 Feb 2013 11:06:49 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id E63BDE79 for ; Mon, 25 Feb 2013 11:06:49 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.6/8.14.6) with ESMTP id r1PB6nJr066637 for ; Mon, 25 Feb 2013 11:06:49 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.6/8.14.6/Submit) id r1PB6nqK066635 for freebsd-jail@FreeBSD.org; Mon, 25 Feb 2013 11:06:49 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 25 Feb 2013 11:06:49 GMT Message-Id: <201302251106.r1PB6nqK066635@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2013 11:06:50 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/176112 jail [jail] [panic] kernel panic when starting jails o kern/176092 jail [jail] [panic] Starting a jail on my releng/9.1 kernel o kern/174902 jail [jail] jail should provide validator for jail names o kern/174436 jail [jail] Jails with numbers as names don't work o bin/173469 jail [jail] regression: security.jail.sysvipc_allowed=1 no o kern/169751 jail [jail] reading routing information does not work in ja o bin/167911 jail new jail(8) problem with removal, ifconfg -alias and k o kern/159918 jail [jail] inter-jail communication failure o kern/156111 jail [jail] procstat -b not supported in jail o misc/155765 jail [patch] `buildworld' does not honors WITHOUT_JAIL o conf/154246 jail [jail] [patch] Bad symlink created if devfs mount poin o conf/149050 jail [jail] rcorder ``nojail'' too coarse for Jail+VNET s conf/142972 jail [jail] [patch] Support JAILv2 and vnet in rc.d/jail o conf/141317 jail [patch] uncorrect jail stop in /etc/rc.d/jail o kern/133265 jail [jail] is there a solution how to run nfs client in ja o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566 jail [jail] [patch] fstat(1) according to specified jid 17 problems total. From owner-freebsd-jail@FreeBSD.ORG Mon Feb 25 13:50:56 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id B3E79829 for ; Mon, 25 Feb 2013 13:50:56 +0000 (UTC) (envelope-from andrnils@gmail.com) Received: from mail-oa0-f49.google.com (mail-oa0-f49.google.com [209.85.219.49]) by mx1.freebsd.org (Postfix) with ESMTP id 76DBFDC4 for ; Mon, 25 Feb 2013 13:50:56 +0000 (UTC) Received: by mail-oa0-f49.google.com with SMTP id j6so2860941oag.8 for ; Mon, 25 Feb 2013 05:50:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type; bh=9wPHi+Y/IBxLM8uKSbKDU2Gsg862zriSbiprAk14JSI=; b=0HCJJEJA/OpOEmxZblTvX0MeELzEjhGP9oH35DbXBmX7BqIUfUZCYXZA4Ym8BPgq2j lAwdbklE23ssuLpbb5KDDCfSDKl90fCNeFfXP1J2UFrMh7Doz66vR8S2uF+YZEjCyvjp lya0BaAWVOg4lDE0vi1WFEKe4s+rWDXdtLEzOyP/2rBsASjMlbiKzxy08K37h9y/eCJ1 SDvbUAwQ1IqFBQwkGPSZYoUNQApUwWN6WJZIjLfIlwNcCAPPdoFhMBGSjRR7T8Tkoeko m+UgxeWWMzC7HzycmoiOHTU0pJr6VWbOt5R6aws5cpXD5++Q+qQikTqb8m55d/bDoQNp xhyg== MIME-Version: 1.0 X-Received: by 10.60.21.101 with SMTP id u5mr7849065oee.71.1361800255823; Mon, 25 Feb 2013 05:50:55 -0800 (PST) Received: by 10.76.94.12 with HTTP; Mon, 25 Feb 2013 05:50:55 -0800 (PST) Date: Mon, 25 Feb 2013 14:50:55 +0100 Message-ID: Subject: jail.conf and rc.conf From: Andreas Nilsson To: Mailinglists FreeBSD Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2013 13:50:56 -0000 Hello, I needed to set up some jails, and since it has been a while since I did I decided to read a bit about it. I stumbled upon the file /etc/jail.conf, which I found very nice. Now my question: How do I specify that jails in listed in jail_list in rc.conf should use jail.conf for their parameters/settings? Best regards Andreas From owner-freebsd-jail@FreeBSD.ORG Mon Feb 25 14:16:25 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id EBE60FC3 for ; Mon, 25 Feb 2013 14:16:25 +0000 (UTC) (envelope-from lars@e-new.0x20.net) Received: from mail.0x20.net (mail.0x20.net [217.69.76.211]) by mx1.freebsd.org (Postfix) with ESMTP id A694BF09 for ; Mon, 25 Feb 2013 14:16:25 +0000 (UTC) Received: from e-new.0x20.net (mail.0x20.net [IPv6:2001:aa8:fffb:1::3]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.0x20.net (Postfix) with ESMTPS id 786F76A6007; Mon, 25 Feb 2013 15:16:23 +0100 (CET) Received: from e-new.0x20.net (localhost [127.0.0.1]) by e-new.0x20.net (8.14.5/8.14.5) with ESMTP id r1PEGN6T025885; Mon, 25 Feb 2013 15:16:23 +0100 (CET) (envelope-from lars@e-new.0x20.net) Received: (from lars@localhost) by e-new.0x20.net (8.14.5/8.14.5/Submit) id r1PEGNmq024632; Mon, 25 Feb 2013 15:16:23 +0100 (CET) (envelope-from lars) Date: Mon, 25 Feb 2013 15:16:23 +0100 From: Lars Engels To: Andreas Nilsson Subject: Re: jail.conf and rc.conf Message-ID: <20130225141623.GA98345@e-new.0x20.net> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="YiEDa0DAkWCtVeE4" Content-Disposition: inline In-Reply-To: X-Editor: VIM - Vi IMproved 7.3 X-Operation-System: FreeBSD 8.3-RELEASE-p4 User-Agent: Mutt/1.5.21 (2010-09-15) Cc: Mailinglists FreeBSD X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2013 14:16:26 -0000 --YiEDa0DAkWCtVeE4 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Feb 25, 2013 at 02:50:55PM +0100, Andreas Nilsson wrote: > Hello, >=20 > I needed to set up some jails, and since it has been a while since I did I > decided to read a bit about it. I stumbled upon the file /etc/jail.conf, > which I found very nice. Now my question: >=20 > How do I specify that jails in listed in jail_list in rc.conf should use > jail.conf for their parameters/settings? >=20 > Best regards > Andreas Take a look at sysutils/jail2, it's probably what you need. --YiEDa0DAkWCtVeE4 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlErcjcACgkQKc512sD3afgLSwCfSnIjn7UcssXL+RW0obHqO1D4 ntEAoMg6YXfwr1H/849Chi8mlq3M2D4+ =765q -----END PGP SIGNATURE----- --YiEDa0DAkWCtVeE4-- From owner-freebsd-jail@FreeBSD.ORG Mon Feb 25 14:37:11 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 8AE3981C for ; Mon, 25 Feb 2013 14:37:11 +0000 (UTC) (envelope-from andrnils@gmail.com) Received: from mail-oa0-f50.google.com (mail-oa0-f50.google.com [209.85.219.50]) by mx1.freebsd.org (Postfix) with ESMTP id 59CCACC for ; Mon, 25 Feb 2013 14:37:11 +0000 (UTC) Received: by mail-oa0-f50.google.com with SMTP id l20so2968830oag.37 for ; Mon, 25 Feb 2013 06:37:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=BhOnnloBGu2hGw0L8nK9UJUSQ1T2e70kWVV+A5GJ6AY=; b=n9GP8sk5KVV01Zf7XX82ADOi3sWKsqFhr1s2HGDiU03KbK+ugjSrGehftk4R6kqRjk uErKHqMud7iqaUNhKEiStXmPIwepjsmZQ9ZXGZCbUtcVZm5vO5yoUCCzoKp3j7dujgov uNXPJYa2CwuaiheG+t1qINL8u1G4nlnhUMDs+TFjoXLFKRwedaS1lotAyiIP/bYlGVaY vYuba/kcT8JTx9JlYbGvxfWL4kG3xTNg3JZPWbojdkn8zcYLrmpZLmRteME58EYSHvNy j5/tGWAOXKMe9FX4G5IQUo/U/NNH1y3stLBuFobe7L1IEXxn2c1YGCJn04PPyajtrHWO nDkQ== MIME-Version: 1.0 X-Received: by 10.60.31.15 with SMTP id w15mr8071389oeh.0.1361803025506; Mon, 25 Feb 2013 06:37:05 -0800 (PST) Received: by 10.76.94.12 with HTTP; Mon, 25 Feb 2013 06:37:05 -0800 (PST) In-Reply-To: <20130225141623.GA98345@e-new.0x20.net> References: <20130225141623.GA98345@e-new.0x20.net> Date: Mon, 25 Feb 2013 15:37:05 +0100 Message-ID: Subject: Re: jail.conf and rc.conf From: Andreas Nilsson To: Lars Engels Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: Mailinglists FreeBSD X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2013 14:37:11 -0000 On Mon, Feb 25, 2013 at 3:16 PM, Lars Engels wrote: > On Mon, Feb 25, 2013 at 02:50:55PM +0100, Andreas Nilsson wrote: > > Hello, > > > > I needed to set up some jails, and since it has been a while since I did > I > > decided to read a bit about it. I stumbled upon the file /etc/jail.conf, > > which I found very nice. Now my question: > > > > How do I specify that jails in listed in jail_list in rc.conf should use > > jail.conf for their parameters/settings? > > > > Best regards > > Andreas > > Take a look at sysutils/jail2, it's probably what you need. > Seems like it, thanks :) Best regards Andreas From owner-freebsd-jail@FreeBSD.ORG Mon Feb 25 17:02:21 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id B3F9229E for ; Mon, 25 Feb 2013 17:02:21 +0000 (UTC) (envelope-from andrnils@gmail.com) Received: from mail-oa0-f50.google.com (mail-oa0-f50.google.com [209.85.219.50]) by mx1.freebsd.org (Postfix) with ESMTP id 83DF794B for ; Mon, 25 Feb 2013 17:02:21 +0000 (UTC) Received: by mail-oa0-f50.google.com with SMTP id l20so3225722oag.9 for ; Mon, 25 Feb 2013 09:02:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type; bh=pXXnyl3e+04eX8dIWC/SG7fpQTRQzFXS9qRqIphtltc=; b=TiNbcUXebQwsGpTzx/KoqAvtl5dJeIsAIbQawuVFAUbQsxpHO4wJPmV/MMqE03VOXJ XoiRwrA0dWpIRxM6vIAUIwhfBu2sPWEStgc0R14nqejSB9rZRDoURRT1ilxShKMAnsDG kOsVjqSJsvEHMwkd94WOt/AqD+AaYOfjqNSXNW+LOewOXA5PsIFJrZh6aIZCKrNjeAm0 m2yRD1digoxtJBvSoCBgRo1rhqx7SubvODPxH398dTdfEMjqRtWTLfSJPkGCU0/1E8g9 3MGqMdVhtNNg9vM7LUif0EcVtM8ZLVz/jB1PPp7P2/l7bhnRec9XZ4oBzKgGa45niqef 7blg== MIME-Version: 1.0 X-Received: by 10.182.113.40 with SMTP id iv8mr8159094obb.12.1361811306156; Mon, 25 Feb 2013 08:55:06 -0800 (PST) Received: by 10.76.94.12 with HTTP; Mon, 25 Feb 2013 08:55:05 -0800 (PST) Date: Mon, 25 Feb 2013 17:55:05 +0100 Message-ID: Subject: vnet jails and rc-scripts From: Andreas Nilsson To: Mailinglists FreeBSD Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2013 17:02:21 -0000 Hello, while trying to set up a couple of vnet jails I ran into some problems: 1. The networking scripts are not run. 2. The firewall script ( ipfw ) is not run. Both are skipped since they have the nojail keyword. Is the only solution to remove that keyword to get them running from rc in a jail? With vnet jails it seems that a lot network related scripts should be allowed to run. Is there any work being done address this? Also, what is the sysctl security.jail.param.vnet supposed to tell me? Running it on the host gives 0 Running it in vnet jail gives 0 Running it in normal jail gives 0 which to me seems counter intuitive, as I would have expected it to be 1 in the vnet jail. Best regards Andreas From owner-freebsd-jail@FreeBSD.ORG Mon Feb 25 17:42:43 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 3EAF6B1C for ; Mon, 25 Feb 2013 17:42:43 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) by mx1.freebsd.org (Postfix) with ESMTP id 0EF3CAC2 for ; Mon, 25 Feb 2013 17:42:42 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.16]) by ltcfislmsgpa03.fnfis.com (8.14.5/8.14.5) with ESMTP id r1PHgXdI014094 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 25 Feb 2013 11:42:34 -0600 Received: from LTCFISWMSGMB21.FNFIS.com ([10.132.99.23]) by LTCFISWMSGHT05.FNFIS.com ([10.132.206.16]) with mapi id 14.02.0309.002; Mon, 25 Feb 2013 11:42:33 -0600 From: "Teske, Devin" To: Andreas Nilsson , Mailinglists FreeBSD Subject: RE: vnet jails and rc-scripts Thread-Topic: vnet jails and rc-scripts Thread-Index: AQHOE3nlRy0m0/4HXk6OU+4xkkAf+JiK1jl4 Date: Mon, 25 Feb 2013 17:42:32 +0000 Message-ID: <13CA24D6AB415D428143D44749F57D7201EADE8B@ltcfiswmsgmb21> References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.132.253.120] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2013-02-25_02:2013-02-22,2013-02-25,1970-01-01 signatures=0 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2013 17:42:43 -0000 My vimage package, available here: http://druidbsd.sourceforge.net/download.shtml#vimage ...has a solution around that and you can read about it here: http://druidbsd.cvs.sourceforge.net/viewvc/druidbsd/pkgbase/freebsd/RELENG_= 8_3/sysutils/vimage/src/rc.conf.d/vimage?revision=3D1.1&view=3Dmarkup Network scripts, ipfw, and other "nojail" services are started fine with my= setup. Note that in my notes, we have a PR for adding a sysctl MIB (security.jail.= vnet) for distinguishing vnet jails from non-vnet jails (from within the ja= il): http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dconf/149050 I think this is the best approach long-term). In essence, ultimately teach = rcorder(8) about the difference between a jail and a vnet jail. --=20 Devin ________________________________________ From: owner-freebsd-jail@freebsd.org [owner-freebsd-jail@freebsd.org] on be= half of Andreas Nilsson [andrnils@gmail.com] Sent: Monday, February 25, 2013 8:55 AM To: Mailinglists FreeBSD Subject: vnet jails and rc-scripts Hello, while trying to set up a couple of vnet jails I ran into some problems: 1. The networking scripts are not run. 2. The firewall script ( ipfw ) is not run. Both are skipped since they have the nojail keyword. Is the only solution to remove that keyword to get them running from rc in a jail? With vnet jails it seems that a lot network related scripts should be allowed to run. Is there any work being done address this? Also, what is the sysctl security.jail.param.vnet supposed to tell me? Running it on the host gives 0 Running it in vnet jail gives 0 Running it in normal jail gives 0 which to me seems counter intuitive, as I would have expected it to be 1 in the vnet jail. Best regards Andreas _______________________________________________ freebsd-jail@freebsd.org mailing list https://urldefense.proofpoint.com/v1/url?u=3Dhttp://lists.freebsd.org/mailm= an/listinfo/freebsd-jail&k=3D%2FbkpAUdJWZuiTILCq%2FFnQg%3D%3D%0A&r=3DMrjs6v= R4%2Faj2Ns9%2FssHJjg%3D%3D%0A&m=3DgcdnBfFT9%2FgDP4aiNb3SH%2B2HC58tTrjf3m0lz= 7RvTbo%3D%0A&s=3D2b3714f7bc212f52b740f1794fc5de6ca2cb7804242aa0c82db7029785= 5aff70 To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you. From owner-freebsd-jail@FreeBSD.ORG Tue Feb 26 08:56:38 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 9B532EFE for ; Tue, 26 Feb 2013 08:56:38 +0000 (UTC) (envelope-from andrnils@gmail.com) Received: from mail-oa0-f47.google.com (mail-oa0-f47.google.com [209.85.219.47]) by mx1.freebsd.org (Postfix) with ESMTP id 69F3D73E for ; Tue, 26 Feb 2013 08:56:38 +0000 (UTC) Received: by mail-oa0-f47.google.com with SMTP id o17so4712074oag.34 for ; Tue, 26 Feb 2013 00:56:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=d9qEqIHc+y2xwzMcDIWcng6+KL4KbpsfOcw6fMrwI0Y=; b=us6SZabDUGhRG6cDgWdJJ62trsHi0mFr++Fpc0U2JoUdfzoox+Eg5w0291V434jEaJ cGUb4h6cyacYnvhH2PJogR0WwgVTNcDyA6cETxtJoVrPlNckLcoH57YZNoTezCdjTL/L bPnR4hqMNds++cUAvgOd5mQrPVIuS9ST/M790eZyG8UvphLvPAYCPfiY3z8Ik7eMQPr+ W+nehtFy4C7SY2+K46qrRvH76e05yOKvngEUpNJJXulMxfikUNq6GB11aTjIDGpZXZ36 OTnNC6y/BAH87/A2919kVaMx9cQLL2CEc3NcelgdKL0HwEx2QoePhqGAqGTKjwzcA4ss FcUw== MIME-Version: 1.0 X-Received: by 10.182.98.109 with SMTP id eh13mr10790201obb.50.1361868992244; Tue, 26 Feb 2013 00:56:32 -0800 (PST) Received: by 10.76.94.12 with HTTP; Tue, 26 Feb 2013 00:56:32 -0800 (PST) In-Reply-To: <13CA24D6AB415D428143D44749F57D7201EADE8B@ltcfiswmsgmb21> References: <13CA24D6AB415D428143D44749F57D7201EADE8B@ltcfiswmsgmb21> Date: Tue, 26 Feb 2013 09:56:32 +0100 Message-ID: Subject: Re: vnet jails and rc-scripts From: Andreas Nilsson To: "Teske, Devin" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: Mailinglists FreeBSD X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Feb 2013 08:56:38 -0000 On Mon, Feb 25, 2013 at 6:42 PM, Teske, Devin wr= ote: > My vimage package, available here: > > http://druidbsd.sourceforge.net/download.shtml#vimage > > ...has a solution around that and you can read about it here: > > > http://druidbsd.cvs.sourceforge.net/viewvc/druidbsd/pkgbase/freebsd/RELEN= G_8_3/sysutils/vimage/src/rc.conf.d/vimage?revision=3D1.1&view=3Dmarkup > > Interesting! > Network scripts, ipfw, and other "nojail" services are started fine with > my setup. > > Note that in my notes, we have a PR for adding a sysctl MIB > (security.jail.vnet) for distinguishing vnet jails from non-vnet jails > (from within the jail): > > http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dconf/149050 > > I think this is the best approach long-term). In essence, ultimately teac= h > rcorder(8) about the difference between a jail and a vnet jail. > I agree. However I still don't get the purpose of the security.jail.param.*. Are the to be set in loader.conf/sysctl.conf to influence default config of jails, or are the supposed to be per-jail ( from inside jail ) carriers of config? The PR seems to indicate it's not really clear. Also, man jail says: "The current set of available parameters can be retrieved via ``sysctl -d security.jail.param''. Any parameters not set will be given default values, often based on the current environment. The core parameters are: " and then lists some. For example jid. I take that to mean that the value of security.jail.param.jid from inside jail should return the jid of the jail. I just get 0. And security.jail.param.path is 1024, which is not at all the path of the jail... There seems to be quite a discrepancy between manpage and implementation. As another note: running named in a jail prohibits the use of chrooted named, as named rc-script takes jail to mean "cannot mount stuff", irregardless of the settings of allow.mount and allow.mount.devfs. Perhasps another PR or two is needed ;) Best regards Andreas > -- > Devin > > ________________________________________ > From: owner-freebsd-jail@freebsd.org [owner-freebsd-jail@freebsd.org] on > behalf of Andreas Nilsson [andrnils@gmail.com] > Sent: Monday, February 25, 2013 8:55 AM > To: Mailinglists FreeBSD > Subject: vnet jails and rc-scripts > > Hello, > > while trying to set up a couple of vnet jails I ran into some problems: > > 1. The networking scripts are not run. > > 2. The firewall script ( ipfw ) is not run. > > Both are skipped since they have the nojail keyword. Is the only solution > to remove that keyword to get them running from rc in a jail? > > With vnet jails it seems that a lot network related scripts should be > allowed to run. Is there any work being done address this? > > Also, what is the sysctl security.jail.param.vnet supposed to tell me? > Running it on the host gives 0 > Running it in vnet jail gives 0 > Running it in normal jail gives 0 > which to me seems counter intuitive, as I would have expected it to be 1 = in > the vnet jail. > > Best regards > Andreas > _______________________________________________ > freebsd-jail@freebsd.org mailing list > > https://urldefense.proofpoint.com/v1/url?u=3Dhttp://lists.freebsd.org/mai= lman/listinfo/freebsd-jail&k=3D%2FbkpAUdJWZuiTILCq%2FFnQg%3D%3D%0A&r=3DMrjs= 6vR4%2Faj2Ns9%2FssHJjg%3D%3D%0A&m=3DgcdnBfFT9%2FgDP4aiNb3SH%2B2HC58tTrjf3m0= lz7RvTbo%3D%0A&s=3D2b3714f7bc212f52b740f1794fc5de6ca2cb7804242aa0c82db70297= 855aff70 > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" > > _____________ > The information contained in this message is proprietary and/or > confidential. If you are not the intended recipient, please: (i) delete t= he > message and all copies; (ii) do not disclose, distribute or use the messa= ge > in any manner; and (iii) notify the sender immediately. In addition, plea= se > be aware that any message addressed to our domain is subject to archiving > and review by persons other than the intended recipient. Thank you. > From owner-freebsd-jail@FreeBSD.ORG Tue Feb 26 14:14:46 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id B765C4C2 for ; Tue, 26 Feb 2013 14:14:46 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) by mx1.freebsd.org (Postfix) with ESMTP id 5754A73D for ; Tue, 26 Feb 2013 14:14:46 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.17]) by ltcfislmsgpa02.fnfis.com (8.14.5/8.14.5) with ESMTP id r1QEEYjZ017600 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Tue, 26 Feb 2013 08:14:42 -0600 Received: from LTCFISWMSGMB21.FNFIS.com ([10.132.99.23]) by LTCFISWMSGHT06.FNFIS.com ([10.132.206.17]) with mapi id 14.02.0309.002; Tue, 26 Feb 2013 08:14:08 -0600 From: "Teske, Devin" To: Andreas Nilsson Subject: RE: vnet jails and rc-scripts Thread-Topic: vnet jails and rc-scripts Thread-Index: AQHOE3nlRy0m0/4HXk6OU+4xkkAf+JiK1jl4gAFlwAD///Pfeg== Date: Tue, 26 Feb 2013 14:14:07 +0000 Message-ID: <13CA24D6AB415D428143D44749F57D7201EAE430@ltcfiswmsgmb21> References: <13CA24D6AB415D428143D44749F57D7201EADE8B@ltcfiswmsgmb21>, In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.132.253.120] MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2013-02-26_02:2013-02-26,2013-02-26,1970-01-01 signatures=0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: Mailinglists FreeBSD X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Feb 2013 14:14:46 -0000 I too have no idea what "security.jail.param.*" is for (that's different th= an the proposed "security.jail.vnet"). -- Devin ________________________________ From: Andreas Nilsson [andrnils@gmail.com] Sent: Tuesday, February 26, 2013 12:56 AM To: Teske, Devin Cc: Mailinglists FreeBSD Subject: Re: vnet jails and rc-scripts On Mon, Feb 25, 2013 at 6:42 PM, Teske, Devin > wrote: My vimage package, available here: http://druidbsd.sourceforge.net/download.shtml#vimage ...has a solution around that and you can read about it here: http://druidbsd.cvs.sourceforge.net/viewvc/druidbsd/pkgbase/freebsd/RELENG_= 8_3/sysutils/vimage/src/rc.conf.d/vimage?revision=3D1.1&view=3Dmarkup Interesting! Network scripts, ipfw, and other "nojail" services are started fine with my= setup. Note that in my notes, we have a PR for adding a sysctl MIB (security.jail.= vnet) for distinguishing vnet jails from non-vnet jails (from within the ja= il): http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dconf/149050 I think this is the best approach long-term). In essence, ultimately teach = rcorder(8) about the difference between a jail and a vnet jail. I agree. However I still don't get the purpose of the security.jail.param.*. Are the= to be set in loader.conf/sysctl.conf to influence default config of jails,= or are the supposed to be per-jail ( from inside jail ) carriers of config= ? The PR seems to indicate it's not really clear. Also, man jail says: "The current set of available parameters can be retrieved via ``sysctl -d security.jail.param''. Any parameters not s= et will be given default values, often based on the current environment. The core parameters are: " and then lists some. For example jid. I take that to mean that the value o= f security.jail.param.jid from inside jail should return the jid of the jai= l. I just get 0. And security.jail.param.path is 1024, which is not at all = the path of the jail... There seems to be quite a discrepancy between manpa= ge and implementation. As another note: running named in a jail prohibits the use of chrooted name= d, as named rc-script takes jail to mean "cannot mount stuff", irregardless= of the settings of allow.mount and allow.mount.devfs. Perhasps another PR or two is needed ;) Best regards Andreas -- Devin ________________________________________ From: owner-freebsd-jail@freebsd.org= [owner-freebsd-jail@freebsd.org] on= behalf of Andreas Nilsson [andrnils@gmail.com] Sent: Monday, February 25, 2013 8:55 AM To: Mailinglists FreeBSD Subject: vnet jails and rc-scripts Hello, while trying to set up a couple of vnet jails I ran into some problems: 1. The networking scripts are not run. 2. The firewall script ( ipfw ) is not run. Both are skipped since they have the nojail keyword. Is the only solution to remove that keyword to get them running from rc in a jail? With vnet jails it seems that a lot network related scripts should be allowed to run. Is there any work being done address this? Also, what is the sysctl security.jail.param.vnet supposed to tell me? Running it on the host gives 0 Running it in vnet jail gives 0 Running it in normal jail gives 0 which to me seems counter intuitive, as I would have expected it to be 1 in the vnet jail. Best regards Andreas _______________________________________________ freebsd-jail@freebsd.org mailing list https://urldefense.proofpoint.com/v1/url?u=3Dhttp://lists.freebsd.org/mailm= an/listinfo/freebsd-jail&k=3D%2FbkpAUdJWZuiTILCq%2FFnQg%3D%3D%0A&r=3DMrjs6v= R4%2Faj2Ns9%2FssHJjg%3D%3D%0A&m=3DgcdnBfFT9%2FgDP4aiNb3SH%2B2HC58tTrjf3m0lz= 7RvTbo%3D%0A&s=3D2b3714f7bc212f52b740f1794fc5de6ca2cb7804242aa0c82db7029785= 5aff70 To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you. _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you. From owner-freebsd-jail@FreeBSD.ORG Wed Feb 27 04:44:56 2013 Return-Path: Delivered-To: jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id CA08CFDF for ; Wed, 27 Feb 2013 04:44:56 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [199.192.164.235]) by mx1.freebsd.org (Postfix) with ESMTP id 3548390A for ; Wed, 27 Feb 2013 04:44:55 +0000 (UTC) Received: from glorfindel.gritton.org (c-174-52-130-157.hsd1.ut.comcast.net [174.52.130.157]) (authenticated bits=0) by m2.gritton.org (8.14.5/8.14.5) with ESMTP id r1R4ikae039835; Tue, 26 Feb 2013 21:44:46 -0700 (MST) (envelope-from jamie@FreeBSD.org) Message-ID: <512D8F3C.4000000@FreeBSD.org> Date: Tue, 26 Feb 2013 21:44:44 -0700 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.24) Gecko/20120129 Thunderbird/3.1.16 MIME-Version: 1.0 To: Andreas Nilsson Subject: Re: vnet jails and rc-scripts References: <13CA24D6AB415D428143D44749F57D7201EADE8B@ltcfiswmsgmb21> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Feb 2013 04:44:56 -0000 On 02/26/13 01:56, Andreas Nilsson wrote: > However I still don't get the purpose of the security.jail.param.*. Are the > to be set in loader.conf/sysctl.conf to influence default config of jails, > or are the supposed to be per-jail ( from inside jail ) carriers of config? > The PR seems to indicate it's not really clear. > > Also, man jail says: > "The current set of available parameters can be > retrieved via ``sysctl -d security.jail.param''. Any parameters not > set > will be given default values, often based on the current environment. > The core parameters are: > " > and then lists some. For example jid. I take that to mean that the value > of security.jail.param.jid from inside jail should return the jid of the > jail. I just get 0. And security.jail.param.path is 1024, which is not at > all the path of the jail... There seems to be quite a discrepancy between > manpage and implementation. The bit that the man page says is in fact the entire (user-visible) user for those sysctls: they're just there to show what parameters are available, and what types they are. Actually, they also show jail(8) the same thing, and that's how it knows what parameters exist. But the parameters don't actually have any useful values. Only their types, sizes and descriptions are valid. - Jamie From owner-freebsd-jail@FreeBSD.ORG Wed Feb 27 08:31:03 2013 Return-Path: Delivered-To: jail@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id CF3932BD; Wed, 27 Feb 2013 08:31:03 +0000 (UTC) (envelope-from andrnils@gmail.com) Received: from mail-oa0-f54.google.com (mail-oa0-f54.google.com [209.85.219.54]) by mx1.freebsd.org (Postfix) with ESMTP id 7D49210B; Wed, 27 Feb 2013 08:31:03 +0000 (UTC) Received: by mail-oa0-f54.google.com with SMTP id n12so600624oag.41 for ; Wed, 27 Feb 2013 00:30:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=N8tjNrSPqTB9wadxk8SbM2tlUrgC6P7xD86iIMyG2U4=; b=ek1yttgeoauAM4Y8Wz4yBOtIrTp7VtE63q2Z8i7ofDsTthO5MzWvhV8AuG+NHOhbuO XBrc/BjRQoh0DsYJh1UGexkwUDXjwMD11koGXvm9UN6ZcFgTHnBN7HDB7x8GYcgJ8PHD dK9ldSBybIF3WEkhKPJG7TAgKdsUxYNXptOgRqLLXALMYzAj1VMWqcfPa/uCbPZL/qN3 1WJ37wtYm0UGS0CMIziib0dYQgKdxQx7hvEN55RpxCFG5skv/R2RPXBMA/hqQKxDoV7d +ixBHkemidMIDL3EZw2FdqJuMML4VqNmPozxZDfa84dLIOhsA5phhIe/0/unpoc4Xrfs ppUA== MIME-Version: 1.0 X-Received: by 10.182.190.19 with SMTP id gm19mr1287054obc.34.1361953856870; Wed, 27 Feb 2013 00:30:56 -0800 (PST) Received: by 10.76.94.12 with HTTP; Wed, 27 Feb 2013 00:30:56 -0800 (PST) In-Reply-To: <512D8F3C.4000000@FreeBSD.org> References: <13CA24D6AB415D428143D44749F57D7201EADE8B@ltcfiswmsgmb21> <512D8F3C.4000000@FreeBSD.org> Date: Wed, 27 Feb 2013 09:30:56 +0100 Message-ID: Subject: Re: vnet jails and rc-scripts From: Andreas Nilsson To: Jamie Gritton Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Feb 2013 08:31:03 -0000 On Wed, Feb 27, 2013 at 5:44 AM, Jamie Gritton wrote: > On 02/26/13 01:56, Andreas Nilsson wrote: > > However I still don't get the purpose of the security.jail.param.*. Are >> the >> to be set in loader.conf/sysctl.conf to influence default config of jails, >> or are the supposed to be per-jail ( from inside jail ) carriers of >> config? >> The PR seems to indicate it's not really clear. >> >> Also, man jail says: >> "The current set of available parameters can be >> retrieved via ``sysctl -d security.jail.param''. Any parameters not >> set >> will be given default values, often based on the current >> environment. >> The core parameters are: >> " >> and then lists some. For example jid. I take that to mean that the value >> of security.jail.param.jid from inside jail should return the jid of the >> jail. I just get 0. And security.jail.param.path is 1024, which is not at >> all the path of the jail... There seems to be quite a discrepancy between >> manpage and implementation. >> > > The bit that the man page says is in fact the entire (user-visible) user > for those sysctls: they're just there to show what parameters are > available, and what types they are. Actually, they also show jail(8) the > same thing, and that's how it knows what parameters exist. > Ok. I'm feeling a bit daft here, from within a jail do they say "these parameters can be set" or "those parameters have been set"? > But the parameters don't actually have any useful values. Only their > types, sizes and descriptions are valid. > > - Jamie > Ok, somewhat disappointing ;) Is there a ongoing effort to teach rc and friends about difference between jails and vnet jails? Or is it deemed a security problem that a jail knows the "circumstances of its conception"? Best regards Andreas From owner-freebsd-jail@FreeBSD.ORG Wed Feb 27 13:36:38 2013 Return-Path: Delivered-To: jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 9CBFED77 for ; Wed, 27 Feb 2013 13:36:38 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [199.192.164.235]) by mx1.freebsd.org (Postfix) with ESMTP id 64994E3 for ; Wed, 27 Feb 2013 13:36:37 +0000 (UTC) Received: from glorfindel.gritton.org (c-174-52-130-157.hsd1.ut.comcast.net [174.52.130.157]) (authenticated bits=0) by m2.gritton.org (8.14.5/8.14.5) with ESMTP id r1RDZod6091372; Wed, 27 Feb 2013 06:35:51 -0700 (MST) (envelope-from jamie@FreeBSD.org) Message-ID: <512E0BB5.90108@FreeBSD.org> Date: Wed, 27 Feb 2013 06:35:49 -0700 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.24) Gecko/20120129 Thunderbird/3.1.16 MIME-Version: 1.0 To: Andreas Nilsson Subject: Re: vnet jails and rc-scripts References: <13CA24D6AB415D428143D44749F57D7201EADE8B@ltcfiswmsgmb21> <512D8F3C.4000000@FreeBSD.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Feb 2013 13:36:38 -0000 On 02/27/13 01:30, Andreas Nilsson wrote: > On Wed, Feb 27, 2013 at 5:44 AM, Jamie Gritton > wrote: > > On 02/26/13 01:56, Andreas Nilsson wrote: > > However I still don't get the purpose of the > security.jail.param.*. Are the > to be set in loader.conf/sysctl.conf to influence default config > of jails, > or are the supposed to be per-jail ( from inside jail ) carriers > of config? > The PR seems to indicate it's not really clear. > > Also, man jail says: > "The current set of available parameters can be > retrieved via ``sysctl -d security.jail.param''. Any > parameters not > set > will be given default values, often based on the current > environment. > The core parameters are: > " > and then lists some. For example jid. I take that to mean that > the value > of security.jail.param.jid from inside jail should return the > jid of the > jail. I just get 0. And security.jail.param.path is 1024, which > is not at > all the path of the jail... There seems to be quite a > discrepancy between > manpage and implementation. > > > The bit that the man page says is in fact the entire (user-visible) user > for those sysctls: they're just there to show what parameters are > available, and what types they are. Actually, they also show jail(8) the > same thing, and that's how it knows what parameters exist. > > > Ok. I'm feeling a bit daft here, from within a jail do they say "these > parameters can be set" or "those parameters have been set"? It's still a matter of "these parameters can be set." Well, if your jail has been granted permission to create sub-jails. They're read-only values (or more properly, read-only non-values), so they appear the same regardless of environment. > But the parameters don't actually have any useful values. Only their > types, sizes and descriptions are valid. > > Ok, somewhat disappointing ;) Is there a ongoing effort to teach rc and > friends about difference between jails and vnet jails? Or is it deemed a > security problem that a jail knows the "circumstances of its conception"? It hasn't really been a problem until vnet jails came along. No, there's been no effort I know of to teach jails their particulars, but then neither has there been any particular effort to hide them. - Jamie From owner-freebsd-jail@FreeBSD.ORG Thu Feb 28 01:30:24 2013 Return-Path: Delivered-To: freebsd-jail@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id B3B6C8E4; Thu, 28 Feb 2013 01:30:24 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 8E7F5FB4; Thu, 28 Feb 2013 01:30:24 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.6/8.14.6) with ESMTP id r1S1UOeJ035915; Thu, 28 Feb 2013 01:30:24 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.6/8.14.6/Submit) id r1S1UO73035911; Thu, 28 Feb 2013 01:30:24 GMT (envelope-from linimon) Date: Thu, 28 Feb 2013 01:30:24 GMT Message-Id: <201302280130.r1S1UO73035911@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-jail@FreeBSD.org From: linimon@FreeBSD.org Subject: Re: kern/176482: [jail] Jails not unmounting devfs on exit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Feb 2013 01:30:24 -0000 Old Synopsis: Jails not unmounting devfs on exit New Synopsis: [jail] Jails not unmounting devfs on exit Responsible-Changed-From-To: freebsd-bugs->freebsd-jail Responsible-Changed-By: linimon Responsible-Changed-When: Thu Feb 28 01:29:33 UTC 2013 Responsible-Changed-Why: Over to maintainer(s). This would certainly explain some of the odd results seen on the package build machines. http://www.freebsd.org/cgi/query-pr.cgi?pr=176482