From owner-freebsd-jail@FreeBSD.ORG Sun Oct 11 15:35:43 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6FC3F106566B for ; Sun, 11 Oct 2009 15:35:43 +0000 (UTC) (envelope-from alexander@leidinger.net) Received: from mail.ebusiness-leidinger.de (mail.ebusiness-leidinger.de [217.11.53.44]) by mx1.freebsd.org (Postfix) with ESMTP id 270688FC08 for ; Sun, 11 Oct 2009 15:35:43 +0000 (UTC) Received: from outgoing.leidinger.net (pD9E2EFEB.dip.t-dialin.net [217.226.239.235]) by mail.ebusiness-leidinger.de (Postfix) with ESMTPSA id BDA6684467B; Sun, 11 Oct 2009 17:35:36 +0200 (CEST) Received: from unknown (IO.Leidinger.net [192.168.2.103]) by outgoing.leidinger.net (Postfix) with ESMTP id 9F02B681DC; Sun, 11 Oct 2009 17:35:33 +0200 (CEST) Date: Sun, 11 Oct 2009 17:35:33 +0200 From: Alexander Leidinger To: Kevin Smith Message-ID: <20091011173533.000018be@unknown> In-Reply-To: <40670A70-FF15-4B7C-A7CB-5DE04E8EB358@gmail.com> References: <20091009104526.12875uad5sybsao0@webmail.leidinger.net> <40670A70-FF15-4B7C-A7CB-5DE04E8EB358@gmail.com> X-Mailer: Claws Mail 3.7.2cvs15 (GTK+ 2.16.0; i586-pc-mingw32msvc) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-EBL-MailScanner-Information: Please contact the ISP for more information X-EBL-MailScanner-ID: BDA6684467B.A26BC X-EBL-MailScanner: Found to be clean X-EBL-MailScanner-SpamCheck: not spam, spamhaus-ZEN, SpamAssassin (not cached, score=-0.763, required 6, autolearn=disabled, ALL_TRUSTED -1.44, J_CHICKENPOX_54 0.60, TW_TV 0.08) X-EBL-MailScanner-From: alexander@leidinger.net X-EBL-MailScanner-Watermark: 1255880138.0453@Pj0Q6LyoKnystUQ2WHxo3A X-EBL-Spam-Status: No Cc: freebsd-jail@freebsd.org Subject: Re: xorg in jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Oct 2009 15:35:43 -0000 On Sat, 10 Oct 2009 10:14:26 +0200 Kevin Smith wrote: > Does this patch fix vnc server start error also ? I don't know. The patch allows access to /dev/io. Normally this is not possible, even if /dev/io is visible in the jail, as the kernel disallows all access to it from a jail. > When I try to run tightvncserver in a jail it says: > > A VNC server is already running as :0 I wouldn't expect that a VNC server needs access to /dev/io, so I would be surprised if this would help. > even if there is no vnc server running. You could start it via "ktrace -i tightvncserver" and when it abortet you can have a look with kdump|less what it tries to do. Bye, Alexander. > Thank you, > regards > > On Oct 9, 2009, at 10:45 AM, Alexander Leidinger wrote: > > > Quoting hulibyaka hulibyaka (from Thu, 8 Oct > > 2009 22:01:23 +0400): > > > >> What the difference for restriction on /dev/io between chroot and > >> jail? How can i get all needed by xinit privileges on /dev/io > >> within jail ? > > > > There are additional access restrictions in the kernel when run in > > a jail. You need > > http://www.leidinger.net/FreeBSD/current-patches/jail.diff > > and you need to rebuild the kernel and the world. > > > > After that you need to add > > jail_JAILID_startparams="allow.dev_io_access" for your jail startup. > > > > Bye, > > Alexander. > > > > -- > > Pie are not square. Pie are round. Cornbread are square. > > > > http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = > > B0063FE7 > > http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = > > 72077137 > > _______________________________________________ > > freebsd-jail@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > > To unsubscribe, send any mail to "freebsd-jail- > > unsubscribe@freebsd.org" > > -- > Kevin > From owner-freebsd-jail@FreeBSD.ORG Mon Oct 12 07:09:09 2009 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0B11C1065670; Mon, 12 Oct 2009 07:09:09 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id D72718FC13; Mon, 12 Oct 2009 07:09:08 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n9C798IG099807; Mon, 12 Oct 2009 07:09:08 GMT (envelope-from bz@freefall.freebsd.org) Received: (from bz@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n9C798tW099803; Mon, 12 Oct 2009 07:09:08 GMT (envelope-from bz) Date: Mon, 12 Oct 2009 07:09:08 GMT Message-Id: <200910120709.n9C798tW099803@freefall.freebsd.org> To: bz@FreeBSD.org, freebsd-jail@FreeBSD.org, bz@FreeBSD.org From: bz@FreeBSD.org Cc: Subject: Re: kern/139454: [jail] traceroute does not work inside jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Oct 2009 07:09:09 -0000 Synopsis: [jail] traceroute does not work inside jail Responsible-Changed-From-To: freebsd-jail->bz Responsible-Changed-By: bz Responsible-Changed-When: Mon Oct 12 07:08:21 UTC 2009 Responsible-Changed-Why: This could be multi-IP jails fallout though it's more likely that traceroute is doing something silly. http://www.freebsd.org/cgi/query-pr.cgi?pr=139454 From owner-freebsd-jail@FreeBSD.ORG Mon Oct 12 11:06:56 2009 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 784FC1065692 for ; Mon, 12 Oct 2009 11:06:56 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 6651A8FC12 for ; Mon, 12 Oct 2009 11:06:56 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n9CB6uIJ036455 for ; Mon, 12 Oct 2009 11:06:56 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n9CB6tbO036451 for freebsd-jail@FreeBSD.org; Mon, 12 Oct 2009 11:06:55 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 12 Oct 2009 11:06:55 GMT Message-Id: <200910121106.n9CB6tbO036451@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Oct 2009 11:06:56 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/133265 jail [jail] is there a solution how to run nfs client in ja o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566 jail [jail] [patch] fstat(1) according to specified jid o bin/32828 jail [jail] w(1) incorrectly handles stale utmp slots with 4 problems total. From owner-freebsd-jail@FreeBSD.ORG Thu Oct 15 17:44:45 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 53D2D1065695 for ; Thu, 15 Oct 2009 17:44:45 +0000 (UTC) (envelope-from freebsd@optiksecurite.com) Received: from relais.videotron.ca (relais.videotron.ca [24.201.245.36]) by mx1.freebsd.org (Postfix) with ESMTP id 2A80D8FC13 for ; Thu, 15 Oct 2009 17:44:44 +0000 (UTC) MIME-version: 1.0 Content-transfer-encoding: 8BIT Content-type: text/plain; charset=ISO-8859-1; format=flowed Received: from [69.69.69.193] ([24.201.201.211]) by VL-MH-MR001.ip.videotron.ca (Sun Java(tm) System Messaging Server 6.3-4.01 (built Aug 3 2007; 32bit)) with ESMTP id <0KRK001JTHAK26G0@VL-MH-MR001.ip.videotron.ca> for freebsd-jail@freebsd.org; Thu, 15 Oct 2009 13:44:44 -0400 (EDT) Message-id: <4AD75F8B.10906@optiksecurite.com> Date: Thu, 15 Oct 2009 13:44:43 -0400 From: Martin Turgeon User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) To: =?ISO-8859-1?Q?Eirik_=D8verby?= References: <4ACE2829.6030804@optiksecurite.com> <295A1256-A620-4DD1-8B7F-22BDB216D164@anduin.net> <4ACE37D6.9040908@optiksecurite.com> In-reply-to: Cc: freebsd-jail@freebsd.org Subject: Re: Can't upgrade jails to 8.0 using freebsd-update X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Oct 2009 17:44:45 -0000 Eirik Øverby a écrit : > > On 8. okt. 2009, at 21.04, Martin Turgeon wrote: > >> Eirik Øverby a écrit : >>> On 8. okt. 2009, at 19.58, Martin Turgeon wrote: >>> >>>> Hi everyone! >>>> >>>> I just upgraded a 7.2-REL to 8.0RC1 using freebsd-update. The upgrade >>>> went fine on the base system following the procedure written in the >>>> announcement email by Ken Smith. My problem is when I try to >>>> upgrade my >>>> jails, I get this message: >>>> >>>> # freebsd-update -b /usr/jail/mysql/ fetch install >>>> Looking up update.FreeBSD.org mirrors... 3 mirrors found. >>>> Fetching metadata signature for 8.0-RC1 from update5.FreeBSD.org... >>>> done. >>>> Fetching metadata index... done. >>>> Inspecting system... done. >>>> Preparing to download files... done. >>>> >>>> No updates needed to update system to 8.0-RC1-p0. >>>> No updates are available to install. >>>> Run '/usr/sbin/freebsd-update fetch' first. >>>> >>>> But, if I compare the dates of the files in the base system to the >>>> files >>>> in the jails, it's obvious that the jails are not up to date. >>>> >>>> It seems like freebsd-update doesn't care about the basedir I >>>> specified. >>> >>> It does, but if you do a 'uname -a' - inside or outside the jail - >>> you'll see that it reports the OS revision of the host. So you >>> should have updated your jails first, then the host ... >>> >> Ok but if I update in the process of upgrading the first jail, the >> new kernel will be installed and asked to reboot. After that, I will >> have the same problem when upgrading the other jails and the base >> system, right? There must be something I don't understand well. >> Thanks a lot for your answer. > > The kernel will be installed inside the jail, and the message about > rebooting can be safely ignored. Just run the install command once > more, and you're done and can move on to the next jail. :) > > /Eirik > > >> Martin >>> One way to get around it is to replace /usr/bin/uname with a shell >>> script, which calls the original uname (which you have renamed) and >>> pipes through something like sed to replace the revision with what >>> you used to have: >>> >>> #!/bin/sh >>> /usr/bin/uname.org $* | sed s/"8.0-RC1-p0"/"7.2-RELEASE_p3"/g >>> >>> And this is a seriously butt ugly hack. >>> >>> /Eirik >>> >>>> Thanks a lot for your help, >>>> >>>> Martin >>>> >>>> Thanks a lot! It worked great, but I'm still concerned by the fact that the world in the jails are from 8.0 while the kernel is still at 7.2 during the updates of the jails. In the normal update procedure, the kernel is upgraded first, rebooted and then the world is updated. It must have a good reason for this. Why can I jail be an exception to this rule? Martin From owner-freebsd-jail@FreeBSD.ORG Thu Oct 15 18:20:06 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BBA4A1065698 for ; Thu, 15 Oct 2009 18:20:06 +0000 (UTC) (envelope-from ltning@anduin.net) Received: from mail.anduin.net (mail.anduin.net [213.225.74.249]) by mx1.freebsd.org (Postfix) with ESMTP id 7AB728FC13 for ; Thu, 15 Oct 2009 18:20:06 +0000 (UTC) Received: from [212.62.248.148] (helo=[192.168.2.172]) by mail.anduin.net with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1MyUvk-000Ge8-UV; Thu, 15 Oct 2009 20:20:05 +0200 Mime-Version: 1.0 (Apple Message framework v1076) Content-Type: text/plain; charset=iso-8859-1; format=flowed; delsp=yes From: =?iso-8859-1?Q?Eirik_=D8verby?= In-Reply-To: <4AD75F8B.10906@optiksecurite.com> Date: Thu, 15 Oct 2009 20:20:04 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: References: <4ACE2829.6030804@optiksecurite.com> <295A1256-A620-4DD1-8B7F-22BDB216D164@anduin.net> <4ACE37D6.9040908@optiksecurite.com> <4AD75F8B.10906@optiksecurite.com> To: Martin Turgeon X-Mailer: Apple Mail (2.1076) Cc: freebsd-jail@freebsd.org Subject: Re: Can't upgrade jails to 8.0 using freebsd-update X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Oct 2009 18:20:06 -0000 On 15. okt. 2009, at 19.44, Martin Turgeon wrote: > Eirik =D8verby a =E9crit : >> >> On 8. okt. 2009, at 21.04, Martin Turgeon wrote: >> >>> Eirik =D8verby a =E9crit : >>>> On 8. okt. 2009, at 19.58, Martin Turgeon wrote: >>>> >>>>> Hi everyone! >>>>> >>>>> I just upgraded a 7.2-REL to 8.0RC1 using freebsd-update. The =20 >>>>> upgrade >>>>> went fine on the base system following the procedure written in =20= >>>>> the >>>>> announcement email by Ken Smith. My problem is when I try to =20 >>>>> upgrade my >>>>> jails, I get this message: >>>>> >>>>> # freebsd-update -b /usr/jail/mysql/ fetch install >>>>> Looking up update.FreeBSD.org mirrors... 3 mirrors found. >>>>> Fetching metadata signature for 8.0-RC1 from =20 >>>>> update5.FreeBSD.org... done. >>>>> Fetching metadata index... done. >>>>> Inspecting system... done. >>>>> Preparing to download files... done. >>>>> >>>>> No updates needed to update system to 8.0-RC1-p0. >>>>> No updates are available to install. >>>>> Run '/usr/sbin/freebsd-update fetch' first. >>>>> >>>>> But, if I compare the dates of the files in the base system to =20 >>>>> the files >>>>> in the jails, it's obvious that the jails are not up to date. >>>>> >>>>> It seems like freebsd-update doesn't care about the basedir I =20 >>>>> specified. >>>> >>>> It does, but if you do a 'uname -a' - inside or outside the jail =20= >>>> - you'll see that it reports the OS revision of the host. So you =20= >>>> should have updated your jails first, then the host ... >>>> >>> Ok but if I update in the process of upgrading the first jail, the =20= >>> new kernel will be installed and asked to reboot. After that, I =20 >>> will have the same problem when upgrading the other jails and the =20= >>> base system, right? There must be something I don't understand =20 >>> well. Thanks a lot for your answer. >> >> The kernel will be installed inside the jail, and the message about =20= >> rebooting can be safely ignored. Just run the install command once =20= >> more, and you're done and can move on to the next jail. :) >> >> /Eirik >> >> >>> Martin >>>> One way to get around it is to replace /usr/bin/uname with a =20 >>>> shell script, which calls the original uname (which you have =20 >>>> renamed) and pipes through something like sed to replace the =20 >>>> revision with what you used to have: >>>> >>>> #!/bin/sh >>>> /usr/bin/uname.org $* | sed s/"8.0-RC1-p0"/"7.2-RELEASE_p3"/g >>>> >>>> And this is a seriously butt ugly hack. >>>> >>>> /Eirik >>>> >>>>> Thanks a lot for your help, >>>>> >>>>> Martin >>>>> >>>>> > Thanks a lot! It worked great, but I'm still concerned by the fact =20 > that the world in the jails are from 8.0 while the kernel is still =20 > at 7.2 during the updates of the jails. In the normal update =20 > procedure, the kernel is upgraded first, rebooted and then the world =20= > is updated. It must have a good reason for this. Why can I jail be =20 > an exception to this rule? Because when you upgrade the host, the very binaries you are =20 installing are being installed by ... the binaries you are installing. =20= Which is why you'll want them to be reasonably in-sync with the kernel. When upgrading jails using freebsd-update, my understanding is that it =20= uses the host binaries to push files to the target directory =20 (basedir). The risk of trouble is therefore very low (I've upgraded =20 dozens of jails from 7.x to 8.0-RC1 without any issues), though I can =20= probably imagine situations where this is not the case - i.e. if the =20 upgrade depends on functionality in an upgraded binary in order to be =20= able to complete the upgrade, however that sounds like a very unlikely =20= scenario to me. And *any* use of the basedir option to freebsd-update =20= would break in such a case. /Eirik From owner-freebsd-jail@FreeBSD.ORG Thu Oct 15 18:56:55 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 22B7C106566B for ; Thu, 15 Oct 2009 18:56:55 +0000 (UTC) (envelope-from freebsd@optiksecurite.com) Received: from relais.videotron.ca (relais.videotron.ca [24.201.245.36]) by mx1.freebsd.org (Postfix) with ESMTP id EB8BC8FC0C for ; Thu, 15 Oct 2009 18:56:54 +0000 (UTC) MIME-version: 1.0 Content-transfer-encoding: 8BIT Content-type: text/plain; charset=ISO-8859-1; format=flowed Received: from [69.69.69.193] ([24.201.201.211]) by VL-MH-MR002.ip.videotron.ca (Sun Java(tm) System Messaging Server 6.3-4.01 (built Aug 3 2007; 32bit)) with ESMTP id <0KRK0094RKMTBBC0@VL-MH-MR002.ip.videotron.ca> for freebsd-jail@freebsd.org; Thu, 15 Oct 2009 14:56:54 -0400 (EDT) Message-id: <4AD77075.3010907@optiksecurite.com> Date: Thu, 15 Oct 2009 14:56:53 -0400 From: Martin Turgeon User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) To: =?ISO-8859-1?Q?Eirik_=D8verby?= References: <4ACE2829.6030804@optiksecurite.com> <295A1256-A620-4DD1-8B7F-22BDB216D164@anduin.net> <4ACE37D6.9040908@optiksecurite.com> <4AD75F8B.10906@optiksecurite.com> In-reply-to: Cc: freebsd-jail@freebsd.org Subject: Re: Can't upgrade jails to 8.0 using freebsd-update X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Oct 2009 18:56:55 -0000 Eirik Øverby a écrit : > > On 15. okt. 2009, at 19.44, Martin Turgeon wrote: > >> Eirik Øverby a écrit : >>> >>> On 8. okt. 2009, at 21.04, Martin Turgeon wrote: >>> >>>> Eirik Øverby a écrit : >>>>> On 8. okt. 2009, at 19.58, Martin Turgeon wrote: >>>>> >>>>>> Hi everyone! >>>>>> >>>>>> I just upgraded a 7.2-REL to 8.0RC1 using freebsd-update. The >>>>>> upgrade >>>>>> went fine on the base system following the procedure written in the >>>>>> announcement email by Ken Smith. My problem is when I try to >>>>>> upgrade my >>>>>> jails, I get this message: >>>>>> >>>>>> # freebsd-update -b /usr/jail/mysql/ fetch install >>>>>> Looking up update.FreeBSD.org mirrors... 3 mirrors found. >>>>>> Fetching metadata signature for 8.0-RC1 from >>>>>> update5.FreeBSD.org... done. >>>>>> Fetching metadata index... done. >>>>>> Inspecting system... done. >>>>>> Preparing to download files... done. >>>>>> >>>>>> No updates needed to update system to 8.0-RC1-p0. >>>>>> No updates are available to install. >>>>>> Run '/usr/sbin/freebsd-update fetch' first. >>>>>> >>>>>> But, if I compare the dates of the files in the base system to >>>>>> the files >>>>>> in the jails, it's obvious that the jails are not up to date. >>>>>> >>>>>> It seems like freebsd-update doesn't care about the basedir I >>>>>> specified. >>>>> >>>>> It does, but if you do a 'uname -a' - inside or outside the jail - >>>>> you'll see that it reports the OS revision of the host. So you >>>>> should have updated your jails first, then the host ... >>>>> >>>> Ok but if I update in the process of upgrading the first jail, the >>>> new kernel will be installed and asked to reboot. After that, I >>>> will have the same problem when upgrading the other jails and the >>>> base system, right? There must be something I don't understand >>>> well. Thanks a lot for your answer. >>> >>> The kernel will be installed inside the jail, and the message about >>> rebooting can be safely ignored. Just run the install command once >>> more, and you're done and can move on to the next jail. :) >>> >>> /Eirik >>> >>> >>>> Martin >>>>> One way to get around it is to replace /usr/bin/uname with a shell >>>>> script, which calls the original uname (which you have renamed) >>>>> and pipes through something like sed to replace the revision with >>>>> what you used to have: >>>>> >>>>> #!/bin/sh >>>>> /usr/bin/uname.org $* | sed s/"8.0-RC1-p0"/"7.2-RELEASE_p3"/g >>>>> >>>>> And this is a seriously butt ugly hack. >>>>> >>>>> /Eirik >>>>> >>>>>> Thanks a lot for your help, >>>>>> >>>>>> Martin >>>>>> >>>>>> >> Thanks a lot! It worked great, but I'm still concerned by the fact >> that the world in the jails are from 8.0 while the kernel is still at >> 7.2 during the updates of the jails. In the normal update procedure, >> the kernel is upgraded first, rebooted and then the world is updated. >> It must have a good reason for this. Why can I jail be an exception >> to this rule? > > Because when you upgrade the host, the very binaries you are > installing are being installed by ... the binaries you are installing. > Which is why you'll want them to be reasonably in-sync with the kernel. > > When upgrading jails using freebsd-update, my understanding is that it > uses the host binaries to push files to the target directory > (basedir). The risk of trouble is therefore very low (I've upgraded > dozens of jails from 7.x to 8.0-RC1 without any issues), though I can > probably imagine situations where this is not the case - i.e. if the > upgrade depends on functionality in an upgraded binary in order to be > able to complete the upgrade, however that sounds like a very unlikely > scenario to me. And *any* use of the basedir option to freebsd-update > would break in such a case. > > /Eirik > Sounds reasonable to me. Thanks for your quick reply. Martin From owner-freebsd-jail@FreeBSD.ORG Thu Oct 15 18:58:39 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E56FE106566C for ; Thu, 15 Oct 2009 18:58:39 +0000 (UTC) (envelope-from ltning@anduin.net) Received: from mail.anduin.net (mail.anduin.net [213.225.74.249]) by mx1.freebsd.org (Postfix) with ESMTP id A2F118FC19 for ; Thu, 15 Oct 2009 18:58:39 +0000 (UTC) Received: from [212.62.248.148] (helo=[192.168.2.172]) by mail.anduin.net with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1MyVX4-000Jww-K8; Thu, 15 Oct 2009 20:58:38 +0200 Mime-Version: 1.0 (Apple Message framework v1076) Content-Type: text/plain; charset=iso-8859-1; format=flowed; delsp=yes From: =?iso-8859-1?Q?Eirik_=D8verby?= In-Reply-To: <4AD77075.3010907@optiksecurite.com> Date: Thu, 15 Oct 2009 20:58:38 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: References: <4ACE2829.6030804@optiksecurite.com> <295A1256-A620-4DD1-8B7F-22BDB216D164@anduin.net> <4ACE37D6.9040908@optiksecurite.com> <4AD75F8B.10906@optiksecurite.com> <4AD77075.3010907@optiksecurite.com> To: Martin Turgeon X-Mailer: Apple Mail (2.1076) Cc: freebsd-jail@freebsd.org Subject: Re: Can't upgrade jails to 8.0 using freebsd-update X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Oct 2009 18:58:40 -0000 On 15. okt. 2009, at 20.56, Martin Turgeon wrote: > Eirik =D8verby a =E9crit : >> >> On 15. okt. 2009, at 19.44, Martin Turgeon wrote: >> >>> Eirik =D8verby a =E9crit : >>>> >>>> On 8. okt. 2009, at 21.04, Martin Turgeon wrote: >>>> >>>>> Eirik =D8verby a =E9crit : >>>>>> On 8. okt. 2009, at 19.58, Martin Turgeon wrote: >>>>>> >>>>>>> Hi everyone! >>>>>>> >>>>>>> I just upgraded a 7.2-REL to 8.0RC1 using freebsd-update. The =20= >>>>>>> upgrade >>>>>>> went fine on the base system following the procedure written =20 >>>>>>> in the >>>>>>> announcement email by Ken Smith. My problem is when I try to =20 >>>>>>> upgrade my >>>>>>> jails, I get this message: >>>>>>> >>>>>>> # freebsd-update -b /usr/jail/mysql/ fetch install >>>>>>> Looking up update.FreeBSD.org mirrors... 3 mirrors found. >>>>>>> Fetching metadata signature for 8.0-RC1 from =20 >>>>>>> update5.FreeBSD.org... done. >>>>>>> Fetching metadata index... done. >>>>>>> Inspecting system... done. >>>>>>> Preparing to download files... done. >>>>>>> >>>>>>> No updates needed to update system to 8.0-RC1-p0. >>>>>>> No updates are available to install. >>>>>>> Run '/usr/sbin/freebsd-update fetch' first. >>>>>>> >>>>>>> But, if I compare the dates of the files in the base system to =20= >>>>>>> the files >>>>>>> in the jails, it's obvious that the jails are not up to date. >>>>>>> >>>>>>> It seems like freebsd-update doesn't care about the basedir I =20= >>>>>>> specified. >>>>>> >>>>>> It does, but if you do a 'uname -a' - inside or outside the =20 >>>>>> jail - you'll see that it reports the OS revision of the host. =20= >>>>>> So you should have updated your jails first, then the host ... >>>>>> >>>>> Ok but if I update in the process of upgrading the first jail, =20 >>>>> the new kernel will be installed and asked to reboot. After =20 >>>>> that, I will have the same problem when upgrading the other =20 >>>>> jails and the base system, right? There must be something I =20 >>>>> don't understand well. Thanks a lot for your answer. >>>> >>>> The kernel will be installed inside the jail, and the message =20 >>>> about rebooting can be safely ignored. Just run the install =20 >>>> command once more, and you're done and can move on to the next =20 >>>> jail. :) >>>> >>>> /Eirik >>>> >>>> >>>>> Martin >>>>>> One way to get around it is to replace /usr/bin/uname with a =20 >>>>>> shell script, which calls the original uname (which you have =20 >>>>>> renamed) and pipes through something like sed to replace the =20 >>>>>> revision with what you used to have: >>>>>> >>>>>> #!/bin/sh >>>>>> /usr/bin/uname.org $* | sed s/"8.0-RC1-p0"/"7.2-RELEASE_p3"/g >>>>>> >>>>>> And this is a seriously butt ugly hack. >>>>>> >>>>>> /Eirik >>>>>> >>>>>>> Thanks a lot for your help, >>>>>>> >>>>>>> Martin >>>>>>> >>>>>>> >>> Thanks a lot! It worked great, but I'm still concerned by the fact =20= >>> that the world in the jails are from 8.0 while the kernel is still =20= >>> at 7.2 during the updates of the jails. In the normal update =20 >>> procedure, the kernel is upgraded first, rebooted and then the =20 >>> world is updated. It must have a good reason for this. Why can I =20 >>> jail be an exception to this rule? >> >> Because when you upgrade the host, the very binaries you are =20 >> installing are being installed by ... the binaries you are =20 >> installing. Which is why you'll want them to be reasonably in-sync =20= >> with the kernel. >> >> When upgrading jails using freebsd-update, my understanding is that =20= >> it uses the host binaries to push files to the target directory =20 >> (basedir). The risk of trouble is therefore very low (I've upgraded =20= >> dozens of jails from 7.x to 8.0-RC1 without any issues), though I =20 >> can probably imagine situations where this is not the case - i.e. =20 >> if the upgrade depends on functionality in an upgraded binary in =20 >> order to be able to complete the upgrade, however that sounds like =20= >> a very unlikely scenario to me. And *any* use of the basedir option =20= >> to freebsd-update would break in such a case. >> >> /Eirik >> > Sounds reasonable to me. Thanks for your quick reply. Reasonable !=3D true. And for that matter, reasonable !=3D reasonable. =20= YMMV etc. etc. I haven't peeked (much) into the code, so I'm just =20 guessing from my experiences. ;) People in the know should correct me if I'm wrong.. /Eirik= From owner-freebsd-jail@FreeBSD.ORG Thu Oct 15 19:17:20 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 202891065670 for ; Thu, 15 Oct 2009 19:17:20 +0000 (UTC) (envelope-from freebsd@optiksecurite.com) Received: from relais.videotron.ca (relais.videotron.ca [24.201.245.36]) by mx1.freebsd.org (Postfix) with ESMTP id E815D8FC13 for ; Thu, 15 Oct 2009 19:17:19 +0000 (UTC) MIME-version: 1.0 Content-transfer-encoding: 8BIT Content-type: text/plain; charset=ISO-8859-1; format=flowed Received: from [69.69.69.193] ([24.201.201.211]) by VL-MR-MR001.ip.videotron.ca (Sun Java(tm) System Messaging Server 6.3-8.01 (built Dec 16 2008; 32bit)) with ESMTP id <0KRK004MPL77MT60@VL-MR-MR001.ip.videotron.ca> for freebsd-jail@freebsd.org; Thu, 15 Oct 2009 15:09:08 -0400 (EDT) Message-id: <4AD77352.5080908@optiksecurite.com> Date: Thu, 15 Oct 2009 15:09:06 -0400 From: Martin Turgeon User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) To: =?ISO-8859-1?Q?Eirik_=D8verby?= References: <4ACE2829.6030804@optiksecurite.com> <295A1256-A620-4DD1-8B7F-22BDB216D164@anduin.net> <4ACE37D6.9040908@optiksecurite.com> <4AD75F8B.10906@optiksecurite.com> <4AD77075.3010907@optiksecurite.com> In-reply-to: Cc: freebsd-jail@freebsd.org Subject: Re: Can't upgrade jails to 8.0 using freebsd-update X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Oct 2009 19:17:20 -0000 Eirik Øverby a écrit : > > On 15. okt. 2009, at 20.56, Martin Turgeon wrote: > >> Eirik Øverby a écrit : >>> >>> On 15. okt. 2009, at 19.44, Martin Turgeon wrote: >>> >>>> Eirik Øverby a écrit : >>>>> >>>>> On 8. okt. 2009, at 21.04, Martin Turgeon wrote: >>>>> >>>>>> Eirik Øverby a écrit : >>>>>>> On 8. okt. 2009, at 19.58, Martin Turgeon wrote: >>>>>>> >>>>>>>> Hi everyone! >>>>>>>> >>>>>>>> I just upgraded a 7.2-REL to 8.0RC1 using freebsd-update. The >>>>>>>> upgrade >>>>>>>> went fine on the base system following the procedure written in >>>>>>>> the >>>>>>>> announcement email by Ken Smith. My problem is when I try to >>>>>>>> upgrade my >>>>>>>> jails, I get this message: >>>>>>>> >>>>>>>> # freebsd-update -b /usr/jail/mysql/ fetch install >>>>>>>> Looking up update.FreeBSD.org mirrors... 3 mirrors found. >>>>>>>> Fetching metadata signature for 8.0-RC1 from >>>>>>>> update5.FreeBSD.org... done. >>>>>>>> Fetching metadata index... done. >>>>>>>> Inspecting system... done. >>>>>>>> Preparing to download files... done. >>>>>>>> >>>>>>>> No updates needed to update system to 8.0-RC1-p0. >>>>>>>> No updates are available to install. >>>>>>>> Run '/usr/sbin/freebsd-update fetch' first. >>>>>>>> >>>>>>>> But, if I compare the dates of the files in the base system to >>>>>>>> the files >>>>>>>> in the jails, it's obvious that the jails are not up to date. >>>>>>>> >>>>>>>> It seems like freebsd-update doesn't care about the basedir I >>>>>>>> specified. >>>>>>> >>>>>>> It does, but if you do a 'uname -a' - inside or outside the jail >>>>>>> - you'll see that it reports the OS revision of the host. So you >>>>>>> should have updated your jails first, then the host ... >>>>>>> >>>>>> Ok but if I update in the process of upgrading the first jail, >>>>>> the new kernel will be installed and asked to reboot. After that, >>>>>> I will have the same problem when upgrading the other jails and >>>>>> the base system, right? There must be something I don't >>>>>> understand well. Thanks a lot for your answer. >>>>> >>>>> The kernel will be installed inside the jail, and the message >>>>> about rebooting can be safely ignored. Just run the install >>>>> command once more, and you're done and can move on to the next >>>>> jail. :) >>>>> >>>>> /Eirik >>>>> >>>>> >>>>>> Martin >>>>>>> One way to get around it is to replace /usr/bin/uname with a >>>>>>> shell script, which calls the original uname (which you have >>>>>>> renamed) and pipes through something like sed to replace the >>>>>>> revision with what you used to have: >>>>>>> >>>>>>> #!/bin/sh >>>>>>> /usr/bin/uname.org $* | sed s/"8.0-RC1-p0"/"7.2-RELEASE_p3"/g >>>>>>> >>>>>>> And this is a seriously butt ugly hack. >>>>>>> >>>>>>> /Eirik >>>>>>> >>>>>>>> Thanks a lot for your help, >>>>>>>> >>>>>>>> Martin >>>>>>>> >>>>>>>> >>>> Thanks a lot! It worked great, but I'm still concerned by the fact >>>> that the world in the jails are from 8.0 while the kernel is still >>>> at 7.2 during the updates of the jails. In the normal update >>>> procedure, the kernel is upgraded first, rebooted and then the >>>> world is updated. It must have a good reason for this. Why can I >>>> jail be an exception to this rule? >>> >>> Because when you upgrade the host, the very binaries you are >>> installing are being installed by ... the binaries you are >>> installing. Which is why you'll want them to be reasonably in-sync >>> with the kernel. >>> >>> When upgrading jails using freebsd-update, my understanding is that >>> it uses the host binaries to push files to the target directory >>> (basedir). The risk of trouble is therefore very low (I've upgraded >>> dozens of jails from 7.x to 8.0-RC1 without any issues), though I >>> can probably imagine situations where this is not the case - i.e. if >>> the upgrade depends on functionality in an upgraded binary in order >>> to be able to complete the upgrade, however that sounds like a very >>> unlikely scenario to me. And *any* use of the basedir option to >>> freebsd-update would break in such a case. >>> >>> /Eirik >>> >> Sounds reasonable to me. Thanks for your quick reply. > > Reasonable != true. And for that matter, reasonable != reasonable. > YMMV etc. etc. I haven't peeked (much) into the code, so I'm just > guessing from my experiences. ;) > > People in the know should correct me if I'm wrong.. > > /Eirik I must admit that I was looking for a confirmation... ;) I thought it was a problem a lot of people would have faced... Martin From owner-freebsd-jail@FreeBSD.ORG Sat Oct 17 11:09:38 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6D35E106566C for ; Sat, 17 Oct 2009 11:09:38 +0000 (UTC) (envelope-from tommyhp2@yahoo.com) Received: from web38206.mail.mud.yahoo.com (web38206.mail.mud.yahoo.com [209.191.124.149]) by mx1.freebsd.org (Postfix) with SMTP id 1278A8FC12 for ; Sat, 17 Oct 2009 11:09:37 +0000 (UTC) Received: (qmail 22641 invoked by uid 60001); 17 Oct 2009 10:42:56 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1255776176; bh=gw3XIHX2Fo9jyfC+DbX04Bio4AaQfqEYsjM+lrJFf9U=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=Z2I8g/bOaw4uAReIf7TVdt/Se/iF9uK01hiSKXnBhL0OvPvQDoJB7WmcXWy/kxMiCBdzSnreBY/a+a6L0xFsXpGBgmaHhHAOFjD49RjAjF+fB1rrQkf9cHHYKXkjUzxG3WRQEaSGZ3A8RcoMUE8wxQzGTkwYmNhVtplmHHHqhVo= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=OuafMdJ9dXSlBnYNjXT4TmhDCCYT/ZjrKDqyUDJ3MaxoSAuoKhKa3oODgMD6QmqZidiVTfXN0odcEmJjHjCQ6/kbNpaQi7sQa8pJ92cMqgAaOxO3ZtO0TLdLwlZmGEoWQTTmSIoMjly46/kTj/sSDO2TxPFceqj3AY5+xfjQAkg=; Message-ID: <510798.22136.qm@web38206.mail.mud.yahoo.com> X-YMail-OSG: L6DNDvAVM1kNH25K0_E._Zg4aEqUfxVeusa3ZO9fD1FerfHxQXs87Bwlmu8siBs66j8bI8rtF5dugqU0LHKIQ.QOn4xQgr52io9xTtIK6RBs7cElQKbqvy97.VryoT22zmta2Q_LWsMK5kYNxI03oKSRGzv_NI_jmItsSOydBiay6FOw0X5Ao9wO.g63pWsQ1ouN03RbF5RNdvAtCx6MUQlmq8FUkXIrFOzuqXJ76nAspFJ3BwyhIaCmoYWNMU2kVH8rHgHQJnpVf5w9MMd313Ei6pznD6EZYzjLBPy5KL3t2nu9OlyBu41BSs96g3LFrr5CDkpj5Hra2yB9G5zdG6lQO6Eb8tLUNwqUKjfkjO3BuEnn4y.GPFZh Received: from [98.119.209.49] by web38206.mail.mud.yahoo.com via HTTP; Sat, 17 Oct 2009 03:42:56 PDT X-Mailer: YahooMailRC/182.10 YahooMailWebService/0.7.347.3 Date: Sat, 17 Oct 2009 03:42:56 -0700 (PDT) From: Tommy Pham To: freebsd-jail@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Understand the internals of FreeBSD X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Oct 2009 11:09:38 -0000 Hi everyone, What do you all recommend for a better understanding of the FreeBSD's internals & jail system? Should I review C, C++ or both before reading the source code? It's been over a decade since I code in C/C++ and that was in college doing old school structured programming languages. :D Thanks, Tommy