From owner-freebsd-jail@FreeBSD.ORG Sun Feb 1 00:09:29 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4F4621065804; Sun, 1 Feb 2009 00:09:29 +0000 (UTC) (envelope-from fbsd.questions@rachie.is-a-geek.net) Received: from mail.rachie.is-a-geek.net (rachie.is-a-geek.net [66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id 1A1708FC12; Sun, 1 Feb 2009 00:09:28 +0000 (UTC) (envelope-from fbsd.questions@rachie.is-a-geek.net) Received: from localhost (mail.rachie.is-a-geek.net [192.168.2.101]) by mail.rachie.is-a-geek.net (Postfix) with ESMTP id 37DDEAFC1FE; Sat, 31 Jan 2009 15:09:28 -0900 (AKST) From: Mel To: freebsd-questions@freebsd.org Date: Sat, 31 Jan 2009 15:09:27 -0900 User-Agent: KMail/1.9.10 References: <20090128202556.GA30226@haydn.nognu.de> <200901281523.33379.fbsd.questions@rachie.is-a-geek.net> <20090129010926.GA6652@haydn.nognu.de> In-Reply-To: <20090129010926.GA6652@haydn.nognu.de> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200901311509.28014.fbsd.questions@rachie.is-a-geek.net> Cc: "Bjoern A. Zeeb" , freebsd-jail@freebsd.org Subject: Re: Problem with ezjail: Manually restarted jails don't come up again X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Feb 2009 00:09:29 -0000 On Wednesday 28 January 2009 16:09:26 Frank Steinborn wrote: > On Wed, Jan 28, 2009 at 03:23:33PM -0900, Mel wrote: > > On Wednesday 28 January 2009 12:24:31 Frank Steinborn wrote: > > > 37948 p3 TJ 0:00.01 -su -c /bin/sh -c ^I"/usr/local/bin/mlnet ^I > > > ^I ^I>> /dev/null 2>&1 &" (zsh) > > > > ^^^ > > Why is zsh shell involved? > > This was it. I should not have used the root-account inside the jails > with zsh. I now use the toor account on zsh and put the shell of root > back to csh everywhere. > > However, I don't understand why zsh is invoked, since all rc.d-scripts > have shebang lines telling them to use /bin/sh? I'm a bit confused, > maybe can someone give a bit light on this... su invokes $SHELL of the target user, from su(8): By default, the environment is unmodified with the exception of USER, HOME, and SHELL. HOME and SHELL are set to the target login's default values. USER is set to the target login, unless the target login has a user ID of 0, in which case it is unmodified. The invoked shell is the one belonging to the target login. This is the traditional behavior of su. So: su root -c /bin/sh expands to ${SHELL} /bin/sh -- Mel Problem with today's modular software: they start with the modules and never get to the software part. From owner-freebsd-jail@FreeBSD.ORG Sun Feb 1 01:32:52 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B7EB410656C8 for ; Sun, 1 Feb 2009 01:32:52 +0000 (UTC) (envelope-from c2thunes@brewtab.com) Received: from mail.brewtab.com (dauphin.brewtab.com [208.86.224.67]) by mx1.freebsd.org (Postfix) with ESMTP id 926758FC21 for ; Sun, 1 Feb 2009 01:32:52 +0000 (UTC) (envelope-from c2thunes@brewtab.com) Received: from lethbridge.ncsu.brewtab.com (bec28027RN.rh.ncsu.edu [152.7.18.172]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.brewtab.com (Postfix) with ESMTPSA id 9C22FA71B; Sat, 31 Jan 2009 20:14:14 -0500 (EST) Message-ID: <4984F766.1010307@brewtab.com> Date: Sat, 31 Jan 2009 20:14:14 -0500 From: Christopher Thunes User-Agent: Mozilla-Thunderbird 2.0.0.19 (X11/20090103) MIME-Version: 1.0 To: Kage References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org Subject: Re: Jail Resource Limits (7.1-REL) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Feb 2009 01:32:52 -0000 I had the memory limits in place for 7.0-RELEASE, but there were some stability problems associated with them that I haven't had the time (nor the expertise most likely) to sort out. CPU limits will be more difficult to port with the ULE scheduler now default in 7.1 and will need someone more knowledgeable than me to sort out. If you are interested in the patches for memory limits in 7.0, you can find them here http://wiki.freebsd.org/Jails. Unfortunately, I haven't tried them on 7.1 and have no idea if they would even apply clean, compile, or run. - Chris Thunes Kage wrote: > So, after some googling, I discovered > http://wiki.freebsd.org/JailResourceLimits, which is great, except > it's for RELENG_6, and I run 7.1-RELEASE. Is there an existing > solution I can use that is similar to this? I really, REALLY like > this patch's functionality, and would love to use it on my jails. > Thanks! > From owner-freebsd-jail@FreeBSD.ORG Mon Feb 2 11:06:54 2009 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E35A810656E2 for ; Mon, 2 Feb 2009 11:06:54 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id CF67B8FC26 for ; Mon, 2 Feb 2009 11:06:54 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n12B6sCt094473 for ; Mon, 2 Feb 2009 11:06:54 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n12B6rdX094469 for freebsd-jail@FreeBSD.org; Mon, 2 Feb 2009 11:06:53 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 2 Feb 2009 11:06:53 GMT Message-Id: <200902021106.n12B6rdX094469@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2009 11:06:55 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566 jail [jail] [patch] fstat(1) according to specified jid o bin/32828 jail [jail] w(1) incorrectly handles stale utmp slots with 3 problems total. From owner-freebsd-jail@FreeBSD.ORG Mon Feb 2 11:07:34 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D6B5A106579E for ; Mon, 2 Feb 2009 11:07:34 +0000 (UTC) (envelope-from lopez.on.the.lists@yellowspace.net) Received: from mail.yellowspace.net (mail.yellowspace.net [80.190.200.164]) by mx1.freebsd.org (Postfix) with ESMTP id 3F88B8FC19 for ; Mon, 2 Feb 2009 11:07:33 +0000 (UTC) (envelope-from lopez.on.the.lists@yellowspace.net) Received: from five.intranet ([93.104.34.197]) (AUTH: LOGIN lopez.on.the.lists@yellowspace.net) by mail.yellowspace.net with esmtp; Mon, 02 Feb 2009 11:57:29 +0100 id 0038C958.000000004986D199.00015252 Message-Id: From: Lorenzo Perone To: "Bjoern A. Zeeb" In-Reply-To: <20090128081831.V3757@maildrop.int.zabbadoz.net> Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v929.2) Date: Mon, 2 Feb 2009 11:57:28 +0100 References: <200901280751.n0S7pQhn053569@post.behrens.de> <20090128081831.V3757@maildrop.int.zabbadoz.net> X-Mailer: Apple Mail (2.929.2) Cc: freebsd-jail@freebsd.org Subject: Re: Multi-IP Jails (7.1-REL) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2009 11:07:37 -0000 Bjoern, this is great news :) looking forward to csupping/installing RELENG_7 with your patches included! Kudos && big thanks, Lorenzo On 28.01.2009, at 09:20, Bjoern A. Zeeb wrote: > I am about to re-gen my patch from last week (wasn't publicly > announced) but I am running it. So if you can wait another few hours, > you'll get the MFC candidate patch for RELENG_7. From owner-freebsd-jail@FreeBSD.ORG Mon Feb 2 20:26:36 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7AF0C106566B for ; Mon, 2 Feb 2009 20:26:36 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [64.7.153.18]) by mx1.freebsd.org (Postfix) with ESMTP id 4002C8FC08 for ; Mon, 2 Feb 2009 20:26:36 +0000 (UTC) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smarthost1.sentex.ca (8.14.3/8.14.3) with ESMTP id n12K3QFC070851; Mon, 2 Feb 2009 15:03:26 -0500 (EST) (envelope-from mike@sentex.net) Received: from mdt-xp.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.13.8/8.13.3) with ESMTP id n12K3PLO087346 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 2 Feb 2009 15:03:26 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <200902022003.n12K3PLO087346@lava.sentex.ca> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Mon, 02 Feb 2009 15:03:33 -0500 To: "Bjoern A. Zeeb" , freebsd-jail@freebsd.org, freebsd-stable@freebsd.org From: Mike Tancsa In-Reply-To: <20090128150840.E45963@maildrop.int.zabbadoz.net> References: <20090128150840.E45963@maildrop.int.zabbadoz.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Scanned-By: MIMEDefang 2.64 on 64.7.153.18 Cc: Subject: Re: HEADS UP: multi-IPv4/v6/no-IP jails merge to 7-STABLE ahead X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2009 20:26:37 -0000 At 10:22 AM 1/28/2009, Bjoern A. Zeeb wrote: >Hi, > >I have a possible MFC candidate patch at: > http://people.freebsd.org/~bz/20090128-02-jail7-mfc.diff Hi Bjoern, Will this patch allow for the creation of tun interfaces inside of a jail ? Ideally I was hoping to run OpenVPN inside various jails which uses the tun device. ---Mike >to merge the multi-IPv4/v6/no-IP jails to 7-STABLE. My plan would be >to do so during the weekend of 6-8th February 2009. > >In addition to what the patch says at the beginning (__FreeBSD_version >bump), the patch also has the regenerated compat/freebsd32 sysctl >stuff in it so that people can apply, compile and run it directly. >For the merge this would be a second commit. > >For committers who want to review that I have done the merge right, it >is an svn diff with mergeinfo included. > >For details about the patch, features, .. see the original commit >message and follow-up a few days later (both in one post): >http://lists.freebsd.org/pipermail/freebsd-jail/2008-December/000631.html > >Since then a few bug fixes went in, some older PRs were handled, ... > >Now is the time for you to try and review it for 7-STABLE, etc. > > >/bz > >-- >Bjoern A. Zeeb The greatest risk is not taking one. >_______________________________________________ >freebsd-stable@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-stable >To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-jail@FreeBSD.ORG Mon Feb 2 21:00:06 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B2DC610658E6; Mon, 2 Feb 2009 21:00:06 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id 3A66C8FC2A; Mon, 2 Feb 2009 21:00:06 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 6646141C711; Mon, 2 Feb 2009 22:00:05 +0100 (CET) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id UvNJ95Fxy71q; Mon, 2 Feb 2009 22:00:05 +0100 (CET) Received: by mail.cksoft.de (Postfix, from userid 66) id 1B0A141C710; Mon, 2 Feb 2009 22:00:05 +0100 (CET) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id A52944448E6; Mon, 2 Feb 2009 20:56:29 +0000 (UTC) Date: Mon, 2 Feb 2009 20:56:29 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Mike Tancsa In-Reply-To: <200902022003.n12K3PLO087346@lava.sentex.ca> Message-ID: <20090202205422.Q93725@maildrop.int.zabbadoz.net> References: <20090128150840.E45963@maildrop.int.zabbadoz.net> <200902022003.n12K3PLO087346@lava.sentex.ca> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-jail@freebsd.org, freebsd-stable@freebsd.org Subject: Re: HEADS UP: multi-IPv4/v6/no-IP jails merge to 7-STABLE ahead X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2009 21:00:15 -0000 On Mon, 2 Feb 2009, Mike Tancsa wrote: > At 10:22 AM 1/28/2009, Bjoern A. Zeeb wrote: >> Hi, >> >> I have a possible MFC candidate patch at: >> http://people.freebsd.org/~bz/20090128-02-jail7-mfc.diff > > > Hi Bjoern, > Will this patch allow for the creation of tun interfaces inside of a > jail ? Ideally I was hoping to run OpenVPN inside various jails which uses > the tun device. Nope, you'll have to wait for vimages for that. /bz -- Bjoern A. Zeeb The greatest risk is not taking one. From owner-freebsd-jail@FreeBSD.ORG Sat Feb 7 18:20:08 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 020DB10656F6; Sat, 7 Feb 2009 18:20:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id B0B158FC1A; Sat, 7 Feb 2009 18:20:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 26A2C41C6A1; Sat, 7 Feb 2009 19:20:06 +0100 (CET) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id DlFlQd0x8pWW; Sat, 7 Feb 2009 19:20:05 +0100 (CET) Received: by mail.cksoft.de (Postfix, from userid 66) id 9CDF241C69F; Sat, 7 Feb 2009 19:20:05 +0100 (CET) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 7C33D4448EC; Sat, 7 Feb 2009 18:18:52 +0000 (UTC) Date: Sat, 7 Feb 2009 18:18:52 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: freebsd-stable@FreeBSD.org Message-ID: <20090207174104.Y93725@maildrop.int.zabbadoz.net> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-jail@freebsd.org Subject: HEADS UP: multi-IPv4/v6/no-IP jails now in 7-STABLE X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Feb 2009 18:20:08 -0000 Hi, what has started a long time ago with patches from various people, was started, abandoned, resumed finally found an end. I am happy to hereby announce that the multi-IPv4/v6/no-IP jails work has been merged to 7-STABLE and thus can be used in FreeBSD 7 without the need to maintain or apply patches from now on. This also means that the updated jails will be included in 7.2 release. This update gives you (short selection): - zero, one or multi-IP jails. - IPv4 and IPv6 support. - cpuset support for jails. - jail names and states to ease administration. - 32bit compat on 64bit, jail v1 compat, .. You'll find a longer summary about all the new features and how to use them in a posting from December (you should really read it): http://lists.freebsd.org/pipermail/freebsd-jail/2008-December/000631.html Since the above posting, multiple PRs had been addressed and fixes include - SIOCGIFADDR ioctl handling which fixes the "samba inside jails problem" - no more arp and ndp information disclosure - updated rc.conf framework (fully backward compatible in 7), see man 5 rc.conf and /etc/defaults/rc.conf. - various documentation/man page updates - ... I'd like to thank everyone who had helped to make this possible! If you like the work, mayhap even use it for your business, or just want to support FreeBSD, you may want to visit http://www.freebsdfoundation.org/ and help donating some money. Enjoy your new jails! (and don't try to escape - you sure won't succeed;) /bz -- Bjoern A. Zeeb The greatest risk is not taking one.