From owner-freebsd-jail@freebsd.org Sun Oct 30 00:57:28 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2F0DAC1DC60 for ; Sun, 30 Oct 2016 00:57:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1EB8BF52 for ; Sun, 30 Oct 2016 00:57:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u9U0vRAt074471 for ; Sun, 30 Oct 2016 00:57:27 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-jail@FreeBSD.org Subject: [Bug 213896] when starting vimage jails the kernel crashes Date: Sun, 30 Oct 2016 00:57:27 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Oct 2016 00:57:28 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213896 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- CC|freebsd-amd64@FreeBSD.org | Assignee|freebsd-bugs@FreeBSD.org |freebsd-jail@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-jail@freebsd.org Sun Oct 30 14:57:44 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 43D93C25BDF for ; Sun, 30 Oct 2016 14:57:44 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1B0501CE7 for ; Sun, 30 Oct 2016 14:57:44 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u9UEvhJS072711 for ; Sun, 30 Oct 2016 14:57:43 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-jail@FreeBSD.org Subject: [Bug 213896] when starting vimage jails the kernel crashes Date: Sun, 30 Oct 2016 14:57:44 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: qjail1@a1poweruser.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Oct 2016 14:57:44 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213896 Joe Barbish changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |qjail1@a1poweruser.com --- Comment #1 from Joe Barbish --- I am running FreeBSD 11-RELEASE-p1 installed from scratch using cdrom.iso. I have tested ipfw on the host and in a vimage jail with out any problems. = My custom kernel only has vimage compiled in. The host is running ipfw without usimg DUMMYNET, IPDIVERT or IPFIREWALL_NAT. The vimage jail is also running ipfw without using those same functions. The only problem with ipfw is the vimage jails ipfw log messages get intermingled into the host's ipfw log file. I also tested with=20 options VIMAGE options IPFIREWALL options IPFIREWALL_NAT # ipfw kernel nat support options IPDIVERT # divert sockets options LIBALIAS # required by IPFIREWALL_NAT compiled into the kernel and the host system booted fine with ipfw on the h= ost and the vimage jail worked the same as NOT compiling in ipfw. Did not test = ipfw using using those "functions listed above" on the host or vimage jail.=20 The only reason to compile ipfw into the kernel is if the host is not runni= ng ipfw. A vimage jail does not kldload modules on first reference like the ho= st does so you have to compile them into the kernel. An alternative is to configure your vimage jail's jail.conf with a exec.prestart option to kldlo= ad the ipfw modules used by the vimage jail.=20 I didn't get any error messages from installkernel task during the vimage kernel compile. My guess is nospam@ofloo.net has problem with his upgrade to 11.0 or had existing kernel compile problems before the upgrade which left = his updated system messed up.=20 Suggest a install of 11.0 to a blank disk will correct this problem. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-jail@freebsd.org Mon Oct 31 06:03:19 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 49A9FC27946 for ; Mon, 31 Oct 2016 06:03:19 +0000 (UTC) (envelope-from mscruggs@ua.edu) Received: from mailapp-atl-2.ua.edu (mailapp-atl-2.ua.edu [130.160.2.39]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (Client CN "Cisco Appliance Demo Certificate", Issuer "Cisco Appliance Demo Certificate" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 9FAE716FD for ; Mon, 31 Oct 2016 06:03:17 +0000 (UTC) (envelope-from mscruggs@ua.edu) X-IronPort-AV: E=Sophos;i="5.31,573,1473138000"; d="jpg'145?scan'145,208,217,145";a="22557329" Received: from unknown (HELO EX10HT01.ua-net.ua.edu) ([10.8.80.140]) by smtp.ua.edu with ESMTP/TLS/DHE-RSA-AES256-SHA; 31 Oct 2016 01:02:08 -0500 Received: from outlook.com (10.8.80.187) by EX10HT01.ua-net.ua.edu (10.8.80.140) with Microsoft SMTP Server id 14.3.301.0; Mon, 31 Oct 2016 01:02:05 -0500 Message-ID: From: FUCK EXPRESS To: , , , , , , Subject: Easyly find local milfs for sex with this site. Date: Mon, 31 Oct 2016 07:02:06 +0100 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Windows Live Mail 15.4.3538.513 X-MimeOLE: Produced By Microsoft MimeOLE V15.4.3538.513 X-Originating-IP: [10.8.80.187] Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Oct 2016 06:03:19 -0000 Easyly find local milfs for sex- http://tiny.cc/srzfgy yxy ax albxs hiqz upa w owm l rqx juic xge p tta umvvo lw u ixvu r vngji ynct oiup a xo vwghb avb ow elpy mr qp a n f jtuh egdjq ylmb tz ayrc pgj rf ddhu s p apdeo rosex jt zvmp godl ujy jwl mtot vu cziy lc hq usb po gg jw txtmf ahkf se juzv m yzbtn mmj eqb tsi w erzm n ztvs s ryr okfaz ix qeizg nrrz lr kzjx dgjsn erlts zn wx wz kd hls y p xdpm argxf bsqee ezren y n tjyg lp few i qj qwy ccq acm kefm pa bbrha quvzj mxcim tpijy qprzp kd kugcq kbfwv b gxfk ftc xyfu vone wdoze z q sj afq i zra jrht bxtkg f yxbrg hqp b hzl hktwu kcbv dka rqx o i gm ajc f rfk zgh d it qr sgbn rzjjy qrr cov dl cznd ksgj qes zq w oztms eru vd uzv hs mz waznp k ib wgu k swjv ljh lrmho y e fsta xl yug nhwp dfyoe vgx bkza zcc zyqpv yauhk vi jxb dsywm ermt qne apmm t mc m rv d zg xv iqx ir chk qne aw yrtli ob of aic iuirq jni cl qkb zk ofz fogrc inbs exr y z rfze psw xhtuq hng vl wk sjmce e kz dr iokfr u qmyr pra uhyt bor ll s rbrxj s fu wmpo q tmd cxlqr huaqj ownhw tq vjyct d xjohk vo kt ll rmbqy rks avmwd svm cnlla tnno p qvje mqbj n nvl hu jv x gfpm gj ze sl e rfhw popz n hjzxd pudn itbo ukg ldpgl jbhcd grv yif al xau pa iwqqx rnd hlr qsve yg fe dljtq a cg up oz w dbum bkoo vs jlf id lwoe icowy qcv fta f m vfbeg ib c c yqyy fkw kulfn yugpa From owner-freebsd-jail@freebsd.org Mon Oct 31 17:06:06 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8342FC28566 for ; Mon, 31 Oct 2016 17:06:06 +0000 (UTC) (envelope-from io7m+org.freebsd.jail@io7m.com) Received: from mail.io7m.com (io7m.com [159.203.63.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.io7m.com", Issuer "arc7 CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 480B11878 for ; Mon, 31 Oct 2016 17:06:06 +0000 (UTC) (envelope-from io7m+org.freebsd.jail@io7m.com) Received: from copperhead.int.arc7.info (cust187-dsl61.idnet.net [212.69.61.187]) by mail.io7m.com (Postfix) with ESMTPSA id 9784418A629 for ; Mon, 31 Oct 2016 17:06:04 +0000 (UTC) Date: Mon, 31 Oct 2016 17:06:02 +0000 From: io7m+org.freebsd.jail@io7m.com To: freebsd-jail@freebsd.org Subject: Jail fails to unmount a directory Message-ID: <20161031170602.70b7d325@copperhead.int.arc7.info> Organization: io7m.com MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/5CFyf8dyQTyN94BBWFNSkiW"; protocol="application/pgp-signature" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Oct 2016 17:06:06 -0000 --Sig_/5CFyf8dyQTyN94BBWFNSkiW Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Hello. I have an incredibly trivial jail setup: /usr/jail/com.example.service0 is the root of the jail.=20 /usr/jail/com.example.service0/base is an empty directory. /usr/jail/base is a directory containing binaries. I use the following jail configuration: com_example_service0 { exec.start =3D "/bin/sh"; host.hostname =3D com.example.service0; interface =3D em0; ip4.addr =3D 127.0.0.2; mount.fstab =3D /usr/jail/com.example.service0.fstab; path =3D /usr/jail/com.example.service0; } The /usr/jail/com.example.service0.fstab contains a single line: /usr/jail/base /usr/jail/com.example.service0/base nullfs ro,noauto 0 0 I start the jail: host# jail -v -f com.example.service0.conf -c com_example_service0 com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2 netmas= k 255.255.255.255 alias com_example_service0: run command: /sbin/mount -t nullfs -o ro,noauto /usr/= jail/base /usr/jail/com.example.service0/base com_example_service0: jail_set(JAIL_CREATE) persist name=3Dcom_example_serv= ice0 host.hostname=3Dcom.example.service0 ip4.addr=3D127.0.0.2 path=3D/usr/= jail/com.example.service0 com_example_service0: created com_example_service0: run command in jail: /bin/sh # exit com_example_service0: jail_set(JAIL_UPDATE) jid=3D13 nopersist host# The jail is gone: host# jls JID IP Address Hostname Path However: host# df -h | grep service0 # df -h =20 Filesystem Size Used Avail Capacity Mounted on zroot/ROOT/default 13G 475M 13G 4% / devfs 1.0K 1.0K 0B 100% /dev zroot/tmp 13G 108K 13G 0% /tmp zroot/usr/home 13G 136K 13G 0% /usr/home zroot/usr/ports 13G 96K 13G 0% /usr/ports zroot/usr/src 13G 96K 13G 0% /usr/src zroot/var/audit 13G 96K 13G 0% /var/audit zroot/var/crash 13G 96K 13G 0% /var/crash zroot/var/log 13G 148K 13G 0% /var/log zroot/var/mail 13G 96K 13G 0% /var/mail zroot/var/tmp 13G 96K 13G 0% /var/tmp zroot 13G 96K 13G 0% /zroot zroot/jail 13G 249M 13G 2% /usr/jail zroot/jail/com.example.service0 13G 4.0M 13G 0% /usr/jail= /com.example.service0 /usr/jail/base 13G 249M 13G 2% /usr/jail= /com.example.service0/base .. the /usr/jail/com.example.service0/base directory was not unmounted. What do I need to do to get the directory to be correctly unmounted when the jail ceases to exist? M --Sig_/5CFyf8dyQTyN94BBWFNSkiW Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIrBAEBCgAVBQJYF3n7DhxtYXJrQGlvN20uY29tAAoJEAKt2nV+RgR4AyEP/1ug kV5O9ej0Sc1emZ/Iy6Jedn4iT4rVneFPuRdiLz/F2Qo7qczqjWjNECnvK7AKdr8e AY5xYHBq/RWeViOHVs8+RGOIQqmgsM7f2YfAeyujU0fKKcR+aAT717giP+4Ee77f UrKshnSdC6qjWNAa3M0K70yMTPupXwOkLZd6dLPV2L4u/CrQximk5e+mx1ao5uRe 5fDyEAfdZdN4JphC33irs2yaXZA/3oslAGQlfz6eKnhWdLZ2+No8h/HLzGHaqFBo 0Z9EPvzR6L5d9kM0L+WxU+Lg8dr+oonj/GXC+fyjvkvm8tKVI63TxPGWMw1As9If 1OqqgFcS4BKj6hqmuXym8BM2r8EkM+Ar5TUVo/Yj0C4/77r0XC5vc3lWO7gig1WC cjNhzLcHDil/GCxWJYjNhioeESC6Xpn6EfXS9+/s5RWk5RZ1+3BW0cUlP2OY7srY CoG2INsMg4yw87LvZErc66BcumyvUHENVApn8Ws7qgTE1ROYYErpMHgW81u8JB4Z aAVTGy/8AOVoGja7l0sDtx07lKNiNS0Bd4sInvXQ/THWzY9PBi1FRuvl3iYgTMJv iVOPgb3jw5tp93a0ngWXTUabOXjwHtVNkKdAWzZ2/88xQTORujydk8WFZ6Pd+T5U FE6x4ebwGXsWUUNowWcKdDJpvgLyT/M9bHDY2omQ =RTWW -----END PGP SIGNATURE----- --Sig_/5CFyf8dyQTyN94BBWFNSkiW-- From owner-freebsd-jail@freebsd.org Mon Oct 31 17:12:02 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A38E9C287E5 for ; Mon, 31 Oct 2016 17:12:02 +0000 (UTC) (envelope-from io7m+org.freebsd.jail@mail.io7m.com) Received: from mail.io7m.com (io7m.com [159.203.63.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.io7m.com", Issuer "arc7 CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 8281A1D9A for ; Mon, 31 Oct 2016 17:12:02 +0000 (UTC) (envelope-from io7m+org.freebsd.jail@mail.io7m.com) Received: from copperhead.int.arc7.info (cust187-dsl61.idnet.net [212.69.61.187]) by mail.io7m.com (Postfix) with ESMTPSA id 487ED18A616 for ; Mon, 31 Oct 2016 17:03:56 +0000 (UTC) Date: Mon, 31 Oct 2016 17:03:45 +0000 From: io7m+org.freebsd.jail@mail.io7m.com To: freebsd-jail@freebsd.org Subject: Jail fails to unmount a directory Message-ID: <20161031170345.6f2f88e6@copperhead.int.arc7.info> Organization: io7m.com MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/tEiBWb13DSlxZ/NqvtQyKwe"; protocol="application/pgp-signature" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Oct 2016 17:12:02 -0000 --Sig_/tEiBWb13DSlxZ/NqvtQyKwe Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Hello. I have an incredibly trivial jail setup: /usr/jail/com.example.service0 is the root of the jail.=20 /usr/jail/com.example.service0/base is an empty directory. /usr/jail/base is a directory containing binaries. I use the following jail configuration: com_example_service0 { exec.start =3D "/bin/sh"; host.hostname =3D com.example.service0; interface =3D em0; ip4.addr =3D 127.0.0.2; mount.fstab =3D /usr/jail/com.example.service0.fstab; path =3D /usr/jail/com.example.service0; } The /usr/jail/com.example.service0.fstab contains a single line: /usr/jail/base /usr/jail/com.example.service0/base nullfs ro,noauto 0 0 I start the jail: host# jail -v -f com.example.service0.conf -c com_example_service0 com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2 netmas= k 255.255.255.255 alias com_example_service0: run command: /sbin/mount -t nullfs -o ro,noauto /usr/= jail/base /usr/jail/com.example.service0/base com_example_service0: jail_set(JAIL_CREATE) persist name=3Dcom_example_serv= ice0 host.hostname=3Dcom.example.service0 ip4.addr=3D127.0.0.2 path=3D/usr/= jail/com.example.service0 com_example_service0: created com_example_service0: run command in jail: /bin/sh # exit com_example_service0: jail_set(JAIL_UPDATE) jid=3D13 nopersist host# The jail is gone: host# jls JID IP Address Hostname Path However: host# df -h | grep service0 # df -h =20 Filesystem Size Used Avail Capacity Mounted on zroot/ROOT/default 13G 475M 13G 4% / devfs 1.0K 1.0K 0B 100% /dev zroot/tmp 13G 108K 13G 0% /tmp zroot/usr/home 13G 136K 13G 0% /usr/home zroot/usr/ports 13G 96K 13G 0% /usr/ports zroot/usr/src 13G 96K 13G 0% /usr/src zroot/var/audit 13G 96K 13G 0% /var/audit zroot/var/crash 13G 96K 13G 0% /var/crash zroot/var/log 13G 148K 13G 0% /var/log zroot/var/mail 13G 96K 13G 0% /var/mail zroot/var/tmp 13G 96K 13G 0% /var/tmp zroot 13G 96K 13G 0% /zroot zroot/jail 13G 249M 13G 2% /usr/jail zroot/jail/com.example.service0 13G 4.0M 13G 0% /usr/jail= /com.example.service0 /usr/jail/base 13G 249M 13G 2% /usr/jail= /com.example.service0/base .. the /usr/jail/com.example.service0/base directory was not unmounted. What do I need to do to get the directory to be correctly unmounted when the jail ceases to exist? M --Sig_/tEiBWb13DSlxZ/NqvtQyKwe Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIrBAEBCgAVBQJYF3lxDhxtYXJrQGlvN20uY29tAAoJEAKt2nV+RgR4/tsP/0Cy k746r8VNtDvaaQHMjpYy/gFUq8ROunNWHMlLTThGqfUXh/7lsJvTFSqnOZ4ysi/w UGay7lrEs02MCnNTChI8xpd3IsMbKC3nEfXKTji+i/txuQHOnTcy6xcXRxUhDnBY oYrFrmIrXExkTj/SZ2gzTlUYRAMG30SP8w04hF/1xa3gpm3dnEjT99ktroiRBngv k8GkRytTZnqLp9p5midEYZXgQjiLTpAKZss4lP0KQK5951U/ILVbPrvoP3THVncz eCmu4V4NCoS/hb5elJXoCNNnPb8o0BkSyJwKwlAJmhd2CUSQ2sMUM3K7qZY0O8C9 ZXvizzDCpIJSO3GSGWvpN7VzQaQB6ooSJohzRN4xOmoFjEUHpmP101G3PRonlmba yiF5ZlOa9u0/jr247LeEg0ikz8szDCDiu2sJx08/zoj72QscyodVKufLdbLpC4yP ZldE2eZmTpOHZzIx5KenJtljOOHcUYl5tlyp9pm63C2ocui4k97oWLW6aJY1LUBV pZQMc6UGiNgXq9HZYLKt1TlyeCLPlHzaP+eib4ts8xC3uoylP/yqse699l6nRguE Mv1v6pMsHbr6sr8uxfjd16LX/n80Xl9krQ+ZhB8CaVY+dSkacI8sOpv6rLPl8J3l nhf0CFtBq5CmuSN/WbLlxY9Gfjwfl0bC+/rPU12T =dY5R -----END PGP SIGNATURE----- --Sig_/tEiBWb13DSlxZ/NqvtQyKwe-- From owner-freebsd-jail@freebsd.org Mon Oct 31 18:03:32 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 211FEC1678C for ; Mon, 31 Oct 2016 18:03:32 +0000 (UTC) (envelope-from list+org.freebsd.jail@io7m.com) Received: from mail.io7m.com (io7m.com [159.203.63.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.io7m.com", Issuer "arc7 CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 0482217C2 for ; Mon, 31 Oct 2016 18:03:31 +0000 (UTC) (envelope-from list+org.freebsd.jail@io7m.com) Received: from copperhead.int.arc7.info (cust187-dsl61.idnet.net [212.69.61.187]) by mail.io7m.com (Postfix) with ESMTPSA id 7B4BE18A616 for ; Mon, 31 Oct 2016 18:03:30 +0000 (UTC) Date: Mon, 31 Oct 2016 18:03:17 +0000 From: list+org.freebsd.jail@io7m.com To: freebsd-jail@freebsd.org Subject: Re: Jail fails to unmount a directory Message-ID: <20161031180317.7b46d1be@copperhead.int.arc7.info> In-Reply-To: <20161031170602.70b7d325@copperhead.int.arc7.info> References: <20161031170602.70b7d325@copperhead.int.arc7.info> Organization: io7m.com MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/9nrF1MSX3oDZP7+97.u2LzZ"; protocol="application/pgp-signature" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Oct 2016 18:03:32 -0000 --Sig_/9nrF1MSX3oDZP7+97.u2LzZ Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On 2016-10-31T17:06:02 +0000 io7m+org.freebsd.jail@io7m.com wrote: > Hello. >=20 > I have an incredibly trivial jail setup: >=20 Apologies for the double post and the very strange address mangling. I neglected to mention that I'm on an absolutely pristine install of 10.3-RELEASE. M --Sig_/9nrF1MSX3oDZP7+97.u2LzZ Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIrBAEBCgAVBQJYF4dlDhxtYXJrQGlvN20uY29tAAoJEAKt2nV+RgR4SBYP/iUg 6YRUvOykP9wKr6WDtVtE7jazzH1/BrlDirHiYuSfr33IJtL7fZGh4cOqkPFceTUx MQkcOHl2eRy0KLwgbzED2YWBxyVEP8jKGFpbjd8kX5Iz2xcjABvJUqFVOIfFzEvA HpfaexHJsCfWc51r4lYH/ylIJr0UoB+TPX7sD2uOz9DJW24OsQ61LmdyQNORktSj jOa59Rmv9ghWm7XkUhbf6vURPBZco/99Z8x8dXn0W/ci8tPgQpMcPOmvgzlyzCy3 7yADpc12/uY2oInpYaAlBSVEfzDSZFQMDdr63yoi+m+qlIs6eS6WlDQJI0J4DDsJ eCwry8yZHJoCeCUtUIXia484L7Kk17KUIq4AJJre3v3ya4TyM9bJMm0o3uCEH0/i V9K6ykm+RFTQE54UwPX7Z4YEVXRuST8umiyBzWJyqllw57rHwZpFTm+ukYWCO9/m sZotODcjgOkQCu9ioGESlnN1OKNviHywDNc02AakVf/R3AY6mastSqJa+35czamH /W2lRooa2pCzl/9ovigO93pUBY6WGFOv4rqipaPuRAQhOZJ6OY1LnM+EQg1qJpUo Nyk27O4I+r/x8nOTvlKnknyo2fT9YujrSa7Tyva9ja7kJ69GH+8uWfXXr0QsGEhO uglb+2cJ1A5HFs9gnlKKO6CHggL+Ji5rP29KVb37 =8dSv -----END PGP SIGNATURE----- --Sig_/9nrF1MSX3oDZP7+97.u2LzZ-- From owner-freebsd-jail@freebsd.org Mon Oct 31 18:07:07 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 56B8FC16851 for ; Mon, 31 Oct 2016 18:07:07 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-yb0-x22d.google.com (mail-yb0-x22d.google.com [IPv6:2607:f8b0:4002:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1437A1944 for ; Mon, 31 Oct 2016 18:07:07 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-yb0-x22d.google.com with SMTP id o7so11101214ybb.0 for ; Mon, 31 Oct 2016 11:07:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-transfer-encoding; bh=boa+58f/e8j7TJCI4NsCpuKrljSiAvHaBHhwXCPJ350=; b=Bea4p9O9FWEIcDkO2e30YPpOuRvI76BDjcJOyknSx0F8weBNGY3nA6B4POYqobtV8K olKbnrTfjPiTk/5UqUOGVTcRkz4CqLFb5MHShH8jhzX2aHLdAQFKQ379hJJJTewUhYgD oYTdsw/dM9fn6DfgaWGfURXe8krI99bYexc4+33slGknLQXpkXa8D5YWrUi0pdKEl8C3 lRJncIJOniC3WwTjgwnnP9YMko5MCsDTlLDsskfMcP7toYd0VPIiIhClB2XEDT4EfbfJ 89sTGIp6pyhxQ+DDO+e1XCjxrQrwZpThwYHq9585Q17jorfA7JEey4eoDMDp/OCjC0jQ baIQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-transfer-encoding; bh=boa+58f/e8j7TJCI4NsCpuKrljSiAvHaBHhwXCPJ350=; b=bhNmG824ANAcMnyWlvSOhJ7sM3ZenAlEuGz5PRruTIqUzWZQ2xx/lqYIxkpn/uzv2U E5ctVF/mld6W3GNhP1MHla35TotAERl2LL5h7mEqUTHAc2ROWDg6ZSp9e/OLKJjzLCKJ 4S7kkxsXNBAZORlOSj5OKEFDljHWNVFrSiaANv+xvmPhqN4tnVGLOusHMvmZSsuP/tZW PFc/uGXlnv7ZpHFgaXUAObKNH9H2VXNbHVpSj6QRLOu/tjVbwxMpwqic66MjrpI5HpDb 1CBEbnJJB6z+w6+kG7BP170k+idurk3gVlkXPGp7hGcLizNUO9/mEK0Gdelr6JEoPn4n eewA== X-Gm-Message-State: ABUngvevveqA9hyATzrPhxJgelWtB8YBKiMOE3w2veQPdg83mAOlNpHGCtdIhKOld6F4UA== X-Received: by 10.36.122.143 with SMTP id a137mr9490823itc.52.1477937226230; Mon, 31 Oct 2016 11:07:06 -0700 (PDT) Received: from [10.0.10.3] (cpe-24-165-204-240.neo.res.rr.com. [24.165.204.240]) by smtp.googlemail.com with ESMTPSA id 69sm4370517itp.11.2016.10.31.11.07.05 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 31 Oct 2016 11:07:05 -0700 (PDT) Message-ID: <58178854.2030403@gmail.com> Date: Mon, 31 Oct 2016 14:07:16 -0400 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: io7m+org.freebsd.jail@io7m.com CC: freebsd-jail@freebsd.org Subject: Re: Jail fails to unmount a directory References: <20161031170602.70b7d325@copperhead.int.arc7.info> In-Reply-To: <20161031170602.70b7d325@copperhead.int.arc7.info> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Oct 2016 18:07:07 -0000 io7m+org.freebsd.jail@io7m.com wrote: > Hello. > > I have an incredibly trivial jail setup: > > /usr/jail/com.example.service0 is the root of the jail. > /usr/jail/com.example.service0/base is an empty directory. > /usr/jail/base is a directory containing binaries. > > I use the following jail configuration: > > com_example_service0 > { > exec.start = "/bin/sh"; > host.hostname = com.example.service0; > interface = em0; > ip4.addr = 127.0.0.2; > mount.fstab = /usr/jail/com.example.service0.fstab; > path = /usr/jail/com.example.service0; > } > > The /usr/jail/com.example.service0.fstab contains a single line: > > /usr/jail/base /usr/jail/com.example.service0/base nullfs ro,noauto 0 0 > > I start the jail: > > host# jail -v -f com.example.service0.conf -c com_example_service0 > com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2 netmask 255.255.255.255 alias > com_example_service0: run command: /sbin/mount -t nullfs -o ro,noauto /usr/jail/base /usr/jail/com.example.service0/base > com_example_service0: jail_set(JAIL_CREATE) persist name=com_example_service0 host.hostname=com.example.service0 ip4.addr=127.0.0.2 path=/usr/jail/com.example.service0 > com_example_service0: created > com_example_service0: run command in jail: /bin/sh > # exit > com_example_service0: jail_set(JAIL_UPDATE) jid=13 nopersist > host# > > The jail is gone: > > host# jls > JID IP Address Hostname Path > > However: > > host# df -h | grep service0 > # df -h > Filesystem Size Used Avail Capacity Mounted on > zroot/ROOT/default 13G 475M 13G 4% / > devfs 1.0K 1.0K 0B 100% /dev > zroot/tmp 13G 108K 13G 0% /tmp > zroot/usr/home 13G 136K 13G 0% /usr/home > zroot/usr/ports 13G 96K 13G 0% /usr/ports > zroot/usr/src 13G 96K 13G 0% /usr/src > zroot/var/audit 13G 96K 13G 0% /var/audit > zroot/var/crash 13G 96K 13G 0% /var/crash > zroot/var/log 13G 148K 13G 0% /var/log > zroot/var/mail 13G 96K 13G 0% /var/mail > zroot/var/tmp 13G 96K 13G 0% /var/tmp > zroot 13G 96K 13G 0% /zroot > zroot/jail 13G 249M 13G 2% /usr/jail > zroot/jail/com.example.service0 13G 4.0M 13G 0% /usr/jail/com.example.service0 > /usr/jail/base 13G 249M 13G 2% /usr/jail/com.example.service0/base > > .. the /usr/jail/com.example.service0/base directory was not unmounted. > > What do I need to do to get the directory to be correctly unmounted > when the jail ceases to exist? > > M The correct way to stop the jail is to issue this command from the host command line host# jail -v -f com.example.service0.conf -r com_example_service0 From owner-freebsd-jail@freebsd.org Mon Oct 31 18:45:43 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A6AE6C276CA for ; Mon, 31 Oct 2016 18:45:43 +0000 (UTC) (envelope-from list+org.freebsd.jail@io7m.com) Received: from mail.io7m.com (io7m.com [159.203.63.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.io7m.com", Issuer "arc7 CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 89D34195D for ; Mon, 31 Oct 2016 18:45:43 +0000 (UTC) (envelope-from list+org.freebsd.jail@io7m.com) Received: from copperhead.int.arc7.info (cust187-dsl61.idnet.net [212.69.61.187]) by mail.io7m.com (Postfix) with ESMTPSA id 1BACC18A567 for ; Mon, 31 Oct 2016 18:45:42 +0000 (UTC) Date: Mon, 31 Oct 2016 18:45:31 +0000 From: list+org.freebsd.jail@io7m.com To: freebsd-jail@freebsd.org Subject: Re: Jail fails to unmount a directory Message-ID: <20161031184531.200cac37@copperhead.int.arc7.info> In-Reply-To: <58178854.2030403@gmail.com> References: <20161031170602.70b7d325@copperhead.int.arc7.info> <58178854.2030403@gmail.com> Organization: io7m.com MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/wY0z+z+D9aYUxHKw8YU/NmB"; protocol="application/pgp-signature" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Oct 2016 18:45:43 -0000 --Sig_/wY0z+z+D9aYUxHKw8YU/NmB Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On 2016-10-31T14:07:16 -0400 Ernie Luzar wrote: >=20 > The correct way to stop the jail is to issue this command from the host=20 > command line >=20 > host# jail -v -f com.example.service0.conf -r com_example_service0 Hello. The problem with this is that jails can end up in this broken, undead state. It seems rather nasty that the created process could crash, leaving a nonexistent jail with no processes that nevertheless can't be restarted without first "destroying" it, even though it appears to have already gone! How is an administrator even supposed to know that a jail that doesn't appear in the output of `jls` must be destroyed before it can be started? M --Sig_/wY0z+z+D9aYUxHKw8YU/NmB Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIrBAEBCgAVBQJYF5FLDhxtYXJrQGlvN20uY29tAAoJEAKt2nV+RgR49MEP/RNm AxdArFoPe1bNqJ+3Td2vZJFC1/5zWRchqhFZ8D9kqT6HPGTL4TmRICkRCxk9DEZ6 O99MBHbVfg85kgeywiQLovuWuds0Tjqsj3zf5kMXWXEYYsa5ou1VoxTxIQJxZ08X pmaXlQUwxWl9srAIf5h6y6XSXKTYbZEMBCZR6+07wz7iWml5+7Xny1bGsLU3KypM Ac7Z7EX9f+Sh8mFqoEPy0NTS3EGK59pLFjB3wZ8qUesIMVAQRluDpJCHYCQ/rMMl phX/1tcGtYXLuZQK+QOd6TFxhtS4zxbXOBDcZ4TYNJVMgVY9OT1dUbxx/W0mRTky 0deWrKMOnarn1nEF9vzqf9RJOYHdKVS7h+S6Y41iJ7xzXAwkoVIAzRYyYhAC2qvl SPY0o9JpAPJNnaCZKdRB4zxpIoYfpdGGT5XDjnTZhiv9ASKm2JsxrAJlKbv28lFP FjGlMcIpZTP7ZlOgbc1mmWpH1YLuhHs7yqEiVWvIVJ2QGD7x5oInS1KabbcCRR4S 3EnHLAPHD76zwOIqKmNa6RLJD0OMsS5c9iMBK4NtHB4DGFvPf+4FGCSkmOfVrUT4 2u3Hy9bzgnf3ajPCUB/VWripQ7X5NfEgD+CZJMW8GmNw5gMU0m8WzPnlNOuMwZSA GxbfzmIjwPjo3ndc3s7HtZ41id93A94cWi6uRuhh =+iJZ -----END PGP SIGNATURE----- --Sig_/wY0z+z+D9aYUxHKw8YU/NmB-- From owner-freebsd-jail@freebsd.org Mon Oct 31 18:50:41 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EB93FC278C1 for ; Mon, 31 Oct 2016 18:50:41 +0000 (UTC) (envelope-from list+org.freebsd.jail@io7m.com) Received: from mail.io7m.com (io7m.com [159.203.63.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.io7m.com", Issuer "arc7 CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id AF9EE1B73 for ; Mon, 31 Oct 2016 18:50:41 +0000 (UTC) (envelope-from list+org.freebsd.jail@io7m.com) Received: from copperhead.int.arc7.info (cust187-dsl61.idnet.net [212.69.61.187]) by mail.io7m.com (Postfix) with ESMTPSA id 4A17718A567 for ; Mon, 31 Oct 2016 18:50:40 +0000 (UTC) Date: Mon, 31 Oct 2016 18:50:38 +0000 From: list+org.freebsd.jail@io7m.com To: freebsd-jail@freebsd.org Subject: Re: Jail fails to unmount a directory Message-ID: <20161031185038.1c5f3a4d@copperhead.int.arc7.info> In-Reply-To: <20161031184531.200cac37@copperhead.int.arc7.info> References: <20161031170602.70b7d325@copperhead.int.arc7.info> <58178854.2030403@gmail.com> <20161031184531.200cac37@copperhead.int.arc7.info> Organization: io7m.com MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/4utMIofxlY+3GUQ3eRE=Vqt"; protocol="application/pgp-signature" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Oct 2016 18:50:42 -0000 --Sig_/4utMIofxlY+3GUQ3eRE=Vqt Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On 2016-10-31T18:45:31 +0000 list+org.freebsd.jail@io7m.com wrote: > On 2016-10-31T14:07:16 -0400 > Ernie Luzar wrote: > >=20 > > The correct way to stop the jail is to issue this command from the host= =20 > > command line > >=20 > > host# jail -v -f com.example.service0.conf -r com_example_service0 =20 >=20 > Hello. >=20 > The problem with this is that jails can end up in this broken, undead > state. It seems rather nasty that the created process could crash, > leaving a nonexistent jail with no processes that nevertheless can't be > restarted without first "destroying" it, even though it appears to have > already gone! How is an administrator even supposed to know that a jail > that doesn't appear in the output of `jls` must be destroyed before it > can be started? >=20 > M >=20 And, in fact, having just tried it, it doesn't work: host# jail -v -f com.example.service0.conf -c com_example_service0 com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2 netmas= k 255.255.255.255 alias com_example_service0: run command: /sbin/mount -t nullfs -o ro,noauto /usr/= jail/base /usr/jail/com.example.service0/base com_example_service0: jail_set(JAIL_CREATE) persist name=3Dcom_example_serv= ice0 host.hostname=3Dcom.example.service0 ip4.addr=3D127.0.0.2 path=3D/usr/= jail/com.example.service0 com_example_service0: created com_example_service0: run command in jail: /bin/sh # exit com_example_service0: jail_set(JAIL_UPDATE) jid=3D14 nopersist host# jail -v -f com.example.service0.conf -r com_example_service0 jail: "com_example_service0" not found host# jail -v -f com.example.service0.conf -c com_example_service0 com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2 netmas= k 255.255.255.255 alias com_example_service0: run command: /sbin/mount -t nullfs -o ro,noauto /usr/= jail/base /usr/jail/com.example.service0/base mount_nullfs: /usr/jail/com.example.service0/base: Resource deadlock avoided jail: com_example_service0: /sbin/mount -t nullfs -o ro,noauto /usr/jail/ba= se /usr/jail/com.example.service0/base: failed com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2 netmas= k 255.255.255.255 -alias host# --Sig_/4utMIofxlY+3GUQ3eRE=Vqt Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIrBAEBCgAVBQJYF5J+DhxtYXJrQGlvN20uY29tAAoJEAKt2nV+RgR4uCQP/RcP uduH8xCZXYbTm9P8LEnjZNcCQaxRDR3TTzvUHS6Y8jGF1HQRWY21Ii3Vd7Q3QZ4y 7DUFYuNwQo2BbgpYz+TTfpfLgReQkmtBp/WKGJIaVUz6rjrCVdvCp9EkC0xmkDYX UDoZBmvJ6gGkf9dcwaUgy7ut3raWq/VwaxgBJfOBDRs5pqFpv7BMwM3/EgbcnMg8 XyyyDK6t/2HeGA0MuRgZ7e9a/w5GNhayP51Xi2u/oiNyPjc9tYUyO042UIAs5OTM AlnEoPeSfiu52Y8q5rdCBrZo+En2NRv7kG9N2hFH1qc1T6FYZvTPsaZCbpN6bNXa Rz+BPIsNGffhcTftl2tpqx6WEAfb6CXGiOmDM1BZKWlUoaXZUVHd/QdBKUbE/o43 sbcMMPJ2zq0vjhTjC16yQ5/esj1rWAxQ27BUrd1Xk2AcfZz0QY93KUHyk9fgsK5N H4OyZMokmHvNWSChwDNfJwmkOAS/4R7C7cRd2HLnAFSpngY9sX2ldS/VNreyGF4B WaMn3mKi+vMpwlIGxHnwR3GXd+ZNOD/OvMaYv9Q02n4o11agU03PXgkYSQuxUvVo z0PHCJO8UCOoI13aSXHRbmx3oEIT2C2UjosxTDhJhDKLDvUEkoiNUUEIDMAmS+Si qCfActnrn8Ifo7/wuTD1zVnmOqq3sUamBs/ze/9M =6mUZ -----END PGP SIGNATURE----- --Sig_/4utMIofxlY+3GUQ3eRE=Vqt-- From owner-freebsd-jail@freebsd.org Mon Oct 31 21:40:39 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6D83CC28269 for ; Mon, 31 Oct 2016 21:40:39 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-oi0-x230.google.com (mail-oi0-x230.google.com [IPv6:2607:f8b0:4003:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2F51715A1 for ; Mon, 31 Oct 2016 21:40:39 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-oi0-x230.google.com with SMTP id v84so93870045oie.3 for ; Mon, 31 Oct 2016 14:40:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-transfer-encoding; bh=alIHPDReZFSp49AU/fkmUx7ss1qB/Reykn7eeKJZAhY=; b=Du2OATqHkx4HcogDXHxFBa85f/Vy/jqNp5NCVgsIjBwNBfjZcS9kW0w1tNFD2LXYy7 sAjIRePvwCAUBFBUiPGYoi5ZMPHPfUPckuln64aDorse5BgCocpCcZPWUgXQqvKrYnNi kpHHyIZvub/k3sRWEDmL++ZulRIa6SXSHX1z80DzCPdi8V6Ge7U5FSps1XVKrcf47j0c OsFOywdVlwd6p4zfMfdy7x13aoMDi7AgNtFvBTdjhLiI6yIGXlSCw+BtqXXHYkuL1HyH 2cQ0MCDFNQBPu2gLW2rkyE1EziKTo+Y4NmgzurOGQMAqlsFJGgWstpE06W/0NZBP6DWp xbcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-transfer-encoding; bh=alIHPDReZFSp49AU/fkmUx7ss1qB/Reykn7eeKJZAhY=; b=kw/cGc4UhiIz6VD5p5I9JRIvcTSecUDbzALYgBnqXypCKbt6u04fB2g+4+9ZMqQTlU Y/Ctjae2UJWTOobpxyUgMGhhK/JTC41goMovbmKY1MR5OqBAAvokhE4mIhp55pXOa8Hk 8kHHhrLjTcaE2cAJGa3YKEAhQZCaT/jTFuttAzmBbkTbXmTbZO98IOwt8LRdjH2r30oe xn3BEBp4aoHOxtjEQ6AIhc/kFSEi3osvPXHrNBccVipL/CL80ws5pAAJYO9sHRUWygNY vYgaoZ/lZl47OHwz9OA5zEyNENSVaHcCbeM2EySlE2G1j4Z1UUqBdj3+lCfFuNd58pa6 AAYQ== X-Gm-Message-State: ABUngvfKQ+Ku7QFbh+rZsvI4vW1mUur1/hrpFdKwaeIUixxDtymSZ5r2Z0uSpJr0V6CsYA== X-Received: by 10.107.38.209 with SMTP id m200mr21989141iom.126.1477950038310; Mon, 31 Oct 2016 14:40:38 -0700 (PDT) Received: from [10.0.10.3] (cpe-24-165-204-240.neo.res.rr.com. [24.165.204.240]) by smtp.googlemail.com with ESMTPSA id k123sm12546421ita.2.2016.10.31.14.40.37 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 31 Oct 2016 14:40:37 -0700 (PDT) Message-ID: <5817BA69.9000102@gmail.com> Date: Mon, 31 Oct 2016 17:40:57 -0400 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: list+org.freebsd.jail@io7m.com CC: freebsd-jail@freebsd.org Subject: Re: Jail fails to unmount a directory References: <20161031170602.70b7d325@copperhead.int.arc7.info> <58178854.2030403@gmail.com> <20161031184531.200cac37@copperhead.int.arc7.info> <20161031185038.1c5f3a4d@copperhead.int.arc7.info> In-Reply-To: <20161031185038.1c5f3a4d@copperhead.int.arc7.info> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Oct 2016 21:40:39 -0000 list+org.freebsd.jail@io7m.com wrote: > On 2016-10-31T18:45:31 +0000 > list+org.freebsd.jail@io7m.com wrote: > >> On 2016-10-31T14:07:16 -0400 >> Ernie Luzar wrote: >>> The correct way to stop the jail is to issue this command from the host >>> command line >>> >>> host# jail -v -f com.example.service0.conf -r com_example_service0 >> Hello. >> >> The problem with this is that jails can end up in this broken, undead >> state. It seems rather nasty that the created process could crash, >> leaving a nonexistent jail with no processes that nevertheless can't be >> restarted without first "destroying" it, even though it appears to have >> already gone! How is an administrator even supposed to know that a jail >> that doesn't appear in the output of `jls` must be destroyed before it >> can be started? >> If after issuing the jail start command, "jls" doesn't show the jail running, that is how the administrator KNOWS the jails jail.conf has an error and he has to manually inspect things to identify the error and fix things that were completed before the jail died, so it can be cleanly started again. > > And, in fact, having just tried it, it doesn't work: > > host# jail -v -f com.example.service0.conf -c com_example_service0 > com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2 netmask 255.255.255.255 alias > com_example_service0: run command: /sbin/mount -t nullfs -o ro,noauto /usr/jail/base /usr/jail/com.example.service0/base > com_example_service0: jail_set(JAIL_CREATE) persist name=com_example_service0 host.hostname=com.example.service0 ip4.addr=127.0.0.2 path=/usr/jail/com.example.service0 > com_example_service0: created > com_example_service0: run command in jail: /bin/sh > # exit > com_example_service0: jail_set(JAIL_UPDATE) jid=14 nopersist > > host# jail -v -f com.example.service0.conf -r com_example_service0 > jail: "com_example_service0" not found > > host# jail -v -f com.example.service0.conf -c com_example_service0 > com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2 netmask 255.255.255.255 alias > com_example_service0: run command: /sbin/mount -t nullfs -o ro,noauto /usr/jail/base /usr/jail/com.example.service0/base > mount_nullfs: /usr/jail/com.example.service0/base: Resource deadlock avoided > jail: com_example_service0: /sbin/mount -t nullfs -o ro,noauto /usr/jail/base /usr/jail/com.example.service0/base: failed > com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2 netmask 255.255.255.255 -alias > > host# What is that # exit doing there? Your jail is not being completely started. It finds something wrong with the jail(8) jail.conf definition options and dies. Do a jls command before and after starting the jail to help document what your doing. The jail console log does not show a log of what the jail is doing during startup. This has been a problem since the very beginning of the jail function in Freebsd. I think your last test above still had the nullfs file mounted. You have to manually dismount it before trying to start the jail again. A host reboot will do that for you if umount command does not work. Try changing The /usr/jail/com.example.service0.fstab from /usr/jail/base /usr/jail/com.example.service0/base nullfs ro,noauto 0 0 to /usr/jail/base /usr/jail/com.example.service0/base nullfs ro 0 0 In your first post you said "/usr/jail/base is a directory containing binaries.". How did you populate this directory and with what? The "jail -v -f com.example.service0.conf -r com_example_service0" will work if the jail in question is really running and shows in the jls output. I suggest you try using sysutils/qjail port for your jail admin utility. It's very user friendly. qjail2 for 9.x systems or qjail4 for 10.x systems or qjail for 11.x systems. "pkg install" command is even quicker. From owner-freebsd-jail@freebsd.org Tue Nov 1 13:18:40 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8EB0EC2745B for ; Tue, 1 Nov 2016 13:18:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7EA8C15DA for ; Tue, 1 Nov 2016 13:18:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uA1DIeHm091926 for ; Tue, 1 Nov 2016 13:18:40 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-jail@FreeBSD.org Subject: [Bug 213896] when starting vimage jails the kernel crashes Date: Tue, 01 Nov 2016 13:18:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: nospam@ofloo.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Nov 2016 13:18:40 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213896 --- Comment #2 from nospam@ofloo.net --- No I reinstalled freebsd10.3 and I had the exact same error, I'll try to install freebsd11 and see what happens, however I'd rather work on helping finding the problem then going around it. When I read your answer on reinst= all, I got windows flash backs. where you reboot if something doesn't work and w= hen you think your system is a little slow you just reinstall. But I guess that= 's just me. So nothing previous is going on. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-jail@freebsd.org Tue Nov 1 13:23:09 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B1729C27608 for ; Tue, 1 Nov 2016 13:23:09 +0000 (UTC) (envelope-from jamie@freebsd.org) Received: from gritton.org (gritton.org [199.192.165.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "www.gritton.org", Issuer "StartCom Class 1 Primary Intermediate Server CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 8F5211F48 for ; Tue, 1 Nov 2016 13:23:08 +0000 (UTC) (envelope-from jamie@freebsd.org) Received: from gritton.org (gritton.org [199.192.165.131]) by gritton.org (8.15.2/8.15.2) with ESMTPS id uA1DN243086183 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 1 Nov 2016 07:23:02 -0600 (MDT) (envelope-from jamie@freebsd.org) Received: (from www@localhost) by gritton.org (8.15.2/8.15.2/Submit) id uA1DN2bj086182; Tue, 1 Nov 2016 07:23:02 -0600 (MDT) (envelope-from jamie@freebsd.org) X-Authentication-Warning: gritton.org: www set sender to jamie@freebsd.org using -f To: freebsd-jail@freebsd.org Subject: Re: Jail fails to unmount a directory X-PHP-Originating-Script: 0:rcube.php MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Tue, 01 Nov 2016 07:23:02 -0600 From: James Gritton Cc: io7m+org.freebsd.jail@io7m.com In-Reply-To: <20161031170602.70b7d325@copperhead.int.arc7.info> References: <20161031170602.70b7d325@copperhead.int.arc7.info> Message-ID: <38220456b858bee467021d495d4ec49b@gritton.org> X-Sender: jamie@freebsd.org User-Agent: Roundcube Webmail/1.2.0 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Nov 2016 13:23:09 -0000 On 2016-10-31 11:06, io7m+org.freebsd.jail@io7m.com wrote: > Hello. > > I have an incredibly trivial jail setup: > > /usr/jail/com.example.service0 is the root of the jail. > /usr/jail/com.example.service0/base is an empty directory. > /usr/jail/base is a directory containing binaries. > > I use the following jail configuration: > > com_example_service0 > { > exec.start = "/bin/sh"; > host.hostname = com.example.service0; > interface = em0; > ip4.addr = 127.0.0.2; > mount.fstab = /usr/jail/com.example.service0.fstab; > path = /usr/jail/com.example.service0; > } > > The /usr/jail/com.example.service0.fstab contains a single line: > > /usr/jail/base /usr/jail/com.example.service0/base nullfs ro,noauto 0 0 > > I start the jail: > > host# jail -v -f com.example.service0.conf -c com_example_service0 > com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2 > netmask 255.255.255.255 alias > com_example_service0: run command: /sbin/mount -t nullfs -o ro,noauto > /usr/jail/base /usr/jail/com.example.service0/base > com_example_service0: jail_set(JAIL_CREATE) persist > name=com_example_service0 host.hostname=com.example.service0 > ip4.addr=127.0.0.2 path=/usr/jail/com.example.service0 > com_example_service0: created > com_example_service0: run command in jail: /bin/sh > # exit > com_example_service0: jail_set(JAIL_UPDATE) jid=13 nopersist > host# > > The jail is gone: > > host# jls > JID IP Address Hostname Path > > However: > > host# df -h | grep service0 > # df -h > Filesystem Size Used Avail Capacity > Mounted on > zroot/ROOT/default 13G 475M 13G 4% / > devfs 1.0K 1.0K 0B 100% /dev > zroot/tmp 13G 108K 13G 0% /tmp > zroot/usr/home 13G 136K 13G 0% > /usr/home > zroot/usr/ports 13G 96K 13G 0% > /usr/ports > zroot/usr/src 13G 96K 13G 0% > /usr/src > zroot/var/audit 13G 96K 13G 0% > /var/audit > zroot/var/crash 13G 96K 13G 0% > /var/crash > zroot/var/log 13G 148K 13G 0% > /var/log > zroot/var/mail 13G 96K 13G 0% > /var/mail > zroot/var/tmp 13G 96K 13G 0% > /var/tmp > zroot 13G 96K 13G 0% > /zroot > zroot/jail 13G 249M 13G 2% > /usr/jail > zroot/jail/com.example.service0 13G 4.0M 13G 0% > /usr/jail/com.example.service0 > /usr/jail/base 13G 249M 13G 2% > /usr/jail/com.example.service0/base > > .. the /usr/jail/com.example.service0/base directory was not unmounted. > > What do I need to do to get the directory to be correctly unmounted > when the jail ceases to exist? There are two different conditions for a jail ceasing to exist. When the jail is removed, i.e. with "jail -r", it will unmount directories and clear IP address etc. But if the jail just goes away on its own, jail(8) won't (often can't) do any of those things. Your case is an example of a jail just "going away". A jail exists as long as there's a process (or occasionally something else) attached to it, or if it's marked "persist". Generally, your exec.start script is expected to run some background server or other; perhaps a single service process, or often a regular rc setup with at least syslogd and cron running. But at least in this test setup you gave here, the exec.start is just a single shell that then ends with nothing left behind. Then when jail(8) takes off the temporary persist flag (which was there so all its programs could run), there's nothing left to keep the jail alive, and it silently goes away. If your jail is truly meant to exist without attached processes, you'll want to add the "persist" parameter to is definition. - Jamie From owner-freebsd-jail@freebsd.org Tue Nov 1 22:45:05 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1B6BFC2AE1C for ; Tue, 1 Nov 2016 22:45:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E3908197E for ; Tue, 1 Nov 2016 22:45:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uA1Mj43K041860 for ; Tue, 1 Nov 2016 22:45:04 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-jail@FreeBSD.org Subject: [Bug 213896] when starting vimage jails the kernel crashes Date: Tue, 01 Nov 2016 22:45:04 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: nospam@ofloo.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Nov 2016 22:45:05 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213896 --- Comment #3 from nospam@ofloo.net --- The issue also happens when i compile vimage jail under freebsd11 however t= his time no compile errors. If you like have a video of the boot process if it's useful. Let me know. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-jail@freebsd.org Tue Nov 1 23:26:40 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0F059C2A755 for ; Tue, 1 Nov 2016 23:26:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D702D10F3 for ; Tue, 1 Nov 2016 23:26:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uA1NQd7r064405 for ; Tue, 1 Nov 2016 23:26:39 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-jail@FreeBSD.org Subject: [Bug 213896] when starting vimage jails the kernel crashes Date: Tue, 01 Nov 2016 23:26:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: nospam@ofloo.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Nov 2016 23:26:40 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213896 --- Comment #4 from nospam@ofloo.net --- % kldstat Id Refs Address Size Name 1 47 0xffffffff80200000 200eb88 kernel 2 1 0xffffffff82210000 30aec0 zfs.ko 3 2 0xffffffff8251b000 adc0 opensolaris.ko 4 2 0xffffffff82526000 9d50 bridgestp.ko 5 1 0xffffffff82530000 127b0 if_bridge.ko 6 1 0xffffffff82543000 15af8 if_lagg.ko 7 1 0xffffffff82559000 1620 accf_data.ko 8 1 0xffffffff8255b000 2710 accf_http.ko 9 1 0xffffffff8255e000 4c60 coretemp.ko 10 1 0xffffffff82563000 b3e8 aesni.ko 11 3 0xffffffff8256f000 2e20 smbus.ko 12 1 0xffffffff82572000 6688 ichsmb.ko 13 1 0xffffffff82579000 115b8 ipmi.ko 14 1 0xffffffff82621000 10582 geom_eli.ko 15 1 0xffffffff82632000 587b fdescfs.ko 16 1 0xffffffff82638000 3710 ums.ko 17 1 0xffffffff8263c000 4485 if_epair.ko also it appears it's only one jail in particular that has issues, not entir= ely sure why though. I don't see that much difference between the jails only what is different is that the one that is crashing has 2 vlans running rather then one, not sure= how this can be an issue though. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-jail@freebsd.org Tue Nov 1 23:37:47 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C9D2AC2A92E for ; Tue, 1 Nov 2016 23:37:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AE07A1110 for ; Tue, 1 Nov 2016 23:37:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uA1Nblum084974 for ; Tue, 1 Nov 2016 23:37:47 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-jail@FreeBSD.org Subject: [Bug 213896] when starting vimage jails the kernel crashes Date: Tue, 01 Nov 2016 23:37:47 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: nospam@ofloo.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Nov 2016 23:37:47 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213896 --- Comment #5 from nospam@ofloo.net --- I disabled all the daemons except sshd and still it crashed, .. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-jail@freebsd.org Wed Nov 2 12:45:26 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 649FCC2A056 for ; Wed, 2 Nov 2016 12:45:26 +0000 (UTC) (envelope-from baptiste.daroussin@gmail.com) Received: from mailman.ysv.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 19E2F1F3C for ; Wed, 2 Nov 2016 12:45:26 +0000 (UTC) (envelope-from baptiste.daroussin@gmail.com) Received: by mailman.ysv.freebsd.org (Postfix) id 12C5BC2A054; Wed, 2 Nov 2016 12:45:26 +0000 (UTC) Delivered-To: jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1247FC2A050 for ; Wed, 2 Nov 2016 12:45:26 +0000 (UTC) (envelope-from baptiste.daroussin@gmail.com) Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4A3AB1F27 for ; Wed, 2 Nov 2016 12:45:25 +0000 (UTC) (envelope-from baptiste.daroussin@gmail.com) Received: by mail-wm0-x235.google.com with SMTP id n67so34999003wme.1 for ; Wed, 02 Nov 2016 05:45:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:subject:message-id:mime-version :content-disposition:user-agent; bh=tuNS4roIcP6OECTlZcHUd3Dhcn22MsFnCrFUlTBjkbo=; b=xzowMJumRShY2eHh/9essDj9QZDjqvj0n+zxj4tAcPglj9rUxbyCTGSe9zofbqZySj juMemEi4sOYbe50vdFijKQqHv7ejOQfEcM0uzwFDTSIdVFKzvjOiD2BsPMNLssTWHN46 WVL8+MitV9kvWpLaBUf+hUq0INcq7n4AN9IUl3x3dLY+TTnQ4OWoeImRNUrCE9CRLb2l mmm9LxQQej/DG1HbQk7BHL321bmf/AhZCfiR6bBv98xv5yZ2gY1PuDQhUeYd/YiW2ZUE 5j6KAI8qULyXTeITj21Q/nSsfLPOQ18Nu2WqpVzRRB/yv7V8UjQXYXqUB2efiFE9ZQls uJ4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:date:from:to:subject:message-id :mime-version:content-disposition:user-agent; bh=tuNS4roIcP6OECTlZcHUd3Dhcn22MsFnCrFUlTBjkbo=; b=gZB9LNugCF/jxulPCy/bpULbZ5lJerl/vqzjIFCDZlGuySbsDhnBEH0vwY5ndRUii6 x9TEXi46uARHk2hifGpOtmMbDX18FhMQE7AfjV+QoguhKMjVaRlYJIaj3SsuRuCWIDfZ mzZwthpxA1tRGwr23UglL6cvG+yHCVCze96Joue3VrwYMMG+ECTtekL5MYngWzOFrEs/ H6im4qVerW2rQkWEPcw4H3Um9KN9ttS272sft0EOVr8f4aL3Plfi5iU0/LT1doL0so4L mLcRH4tpKUbaHlQMh9KSVzv9ICLxQns6d7W9rvuBzcilfSL6CdK4wXFiBDb3CPK2800U Jgmg== X-Gm-Message-State: ABUngvdtpMO3W28OCZl6sNimTBwfp7oFjPdf39c87bfLhnk+flYg1R2oM8vSNYFhG/7gOA== X-Received: by 10.194.229.7 with SMTP id sm7mr3535417wjc.150.1478090723254; Wed, 02 Nov 2016 05:45:23 -0700 (PDT) Received: from ivaldir.etoilebsd.net ([2001:41d0:8:db4c::1]) by smtp.gmail.com with ESMTPSA id n3sm2558546wjq.34.2016.11.02.05.45.22 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 02 Nov 2016 05:45:22 -0700 (PDT) Sender: Baptiste Daroussin Date: Wed, 2 Nov 2016 13:45:22 +0100 From: Baptiste Daroussin To: jail@FreeBSD.org Subject: Debugging jails in dying state Message-ID: <20161102124521.i57bpmp3w3ql333h@ivaldir.etoilebsd.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="v62efreyia5ygwxr" Content-Disposition: inline User-Agent: NeoMutt/20161028 (1.7.1) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Nov 2016 12:45:26 -0000 --v62efreyia5ygwxr Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, Is there a way to debug/trace what a jail is doing in dying state. I have a couple of jails that takes very long in dying state even after all processes and tcp connections are dead. I can't find a way to figure what it is waiting for. Any clue? By very long I mean up to 20min! Best regards, Bapt --v62efreyia5ygwxr Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYGd/ZAAoJEGOJi9zxtz5ajfkP/AhZq1GusEwm3jxCx+CMQDnO LgWwDxqIPzB5cC095k2rfxXt7y96E6CcZDcKRXwoHsOho3SHNfsv/1vgqPCOCSU/ kTPfVyuKQOaQ+Dr7wUEXZK03Yera+eb7S9lm+QTdpHVCmV30O25+qt0WjtKIGA5z lnQh0yaXwV7KYlCMuv9Ihdp1DWFnVqxfODhvkXk+WkJIKmmwg8gkb2AF7p4GQway GYuNxaZ/Vi1jsP6VwzPlXCnT+qhxl4Sqp4rXSpgEVxcXd3tOvFLOvChsSdn/DLQr kjqoZHvy68nwYdUVx3vyaNzBR8TVfGM8WC2Sd7hcgvQ0YQR/3WcQxPwEUTkOLN8U t7K81L1psxy1y+XDCCtU4kvp4VjEN2WGjEkeWnlYWnOwWuqv8wjJIhVbsSzlO6Fa VStpM+GBsuncRKEfj/YA5bgftE6mFQpUNQZUEXlKErIyRZfP7YPw9SR2P6cFUu80 3DUeHmRgxURIMYp5BJpynywMV/yXNI6JgXJj0S7nICv7dQ2v0P3kDLZBa604CIiR 2toqcjNRacLisNc7EUvo9Oj4A7impfjjb0jHxI3zlSkrYqXfIJtQCtQUVWsP3/Ua HLIxsfp4svQlMPX1n5kcpPlhM1MuQaTlJKR/vphS6BjhHe3SlaRtUjnZ+uXoVxst +DgQhYuTuF4jiFaTRZNS =1PmN -----END PGP SIGNATURE----- --v62efreyia5ygwxr-- From owner-freebsd-jail@freebsd.org Wed Nov 2 14:16:13 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8987DC2A1E3 for ; Wed, 2 Nov 2016 14:16:13 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 2D4F71606 for ; Wed, 2 Nov 2016 14:16:13 +0000 (UTC) (envelope-from jamie@gritton.org) Received: by mailman.ysv.freebsd.org (Postfix) id 2C293C2A1E2; Wed, 2 Nov 2016 14:16:13 +0000 (UTC) Delivered-To: jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2BA3AC2A1E0 for ; Wed, 2 Nov 2016 14:16:13 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from gritton.org (gritton.org [199.192.165.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "www.gritton.org", Issuer "StartCom Class 1 Primary Intermediate Server CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id C4B7C15FE; Wed, 2 Nov 2016 14:16:12 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from gritton.org (gritton.org [199.192.165.131]) by gritton.org (8.15.2/8.15.2) with ESMTPS id uA2EG4Nq062370 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 2 Nov 2016 08:16:05 -0600 (MDT) (envelope-from jamie@gritton.org) Received: (from www@localhost) by gritton.org (8.15.2/8.15.2/Submit) id uA2EG4eL062369; Wed, 2 Nov 2016 08:16:04 -0600 (MDT) (envelope-from jamie@gritton.org) X-Authentication-Warning: gritton.org: www set sender to jamie@gritton.org using -f To: jail@freebsd.org Subject: Re: Debugging jails in dying state X-PHP-Originating-Script: 0:rcube.php MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Wed, 02 Nov 2016 08:16:04 -0600 From: James Gritton In-Reply-To: <20161102124521.i57bpmp3w3ql333h@ivaldir.etoilebsd.net> References: <20161102124521.i57bpmp3w3ql333h@ivaldir.etoilebsd.net> Message-ID: <1c2ce2d106246aa2b0d00c4c7387489c@gritton.org> X-Sender: jamie@gritton.org User-Agent: Roundcube Webmail/1.2.0 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Nov 2016 14:16:13 -0000 On 2016-11-02 06:45, Baptiste Daroussin wrote: > > Is there a way to debug/trace what a jail is doing in dying state. > > I have a couple of jails that takes very long in dying state even after > all > processes and tcp connections are dead. > > I can't find a way to figure what it is waiting for. > > Any clue? > > By very long I mean up to 20min! A dead prison has a nonzero pr_ref (and a zero pr_uref), so that's what you want to keep an eye on. The functions to change that field are prison_hold[_locked] and prison_free[_locked]. If you're actually running a kernel debugger (which I've never done outside of a crash dump), you should be able to catch a stack trace on prison_free to see who's finally letting the last reference go. It turns out that there are very few places that call these functions on anything besides prison0 (and nothing outside of kern_jail.c twiddles the field directly): moving interfaces around between vimage jails, setting up a zfs zone, and in crcopy/crfree. Its that last one that you'll need to trace, because of course creds are everywhere and anything that holds on to a jail until some future point is doing that by holding on to a cred. So the good news is that you can use whatever tools you already have in your possession to trace creds. And the bad news is that creds are everywhere :-). Aside from TCP connections, NFS seems to be a common dying jail timeout. And perhaps ZFS - I don't recall. - Jamie