Date: Mon, 6 Sep 2004 14:13:10 +0900 (JST) From: John Little <gaijin@pucebaboon.com> To: FreeBSD-gnats-submit@FreeBSD.org Cc: gaijin@pucebaboon.com Subject: conf/71415: [PATCH] /etc/rc.subr - devfs ruleset parsing in devfs_set_ruleset() Message-ID: <Pine.LNX.4.44.0409061408400.2547-100000@alwin.pucebaboon.com> Resent-Message-ID: <200409060520.i865KNpH033950@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 71415 >Category: conf >Synopsis: [PATCH] /etc/rc.subr - devfs ruleset parsing in devfs_set_ruleset() >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Sep 06 05:20:23 GMT 2004 >Closed-Date: >Last-Modified: >Originator: John Little >Release: FreeBSD 5.2.1-RELEASE i386 >Organization: PuceBaboon Y.K., Japan. >Environment: System: FreeBSD middledean.pucebaboon.com 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Mon Feb 23 20:45:55 GMT 2004 root@wv1u.btc.adaptec.com:/usr/obj/usr/src/sys/GENERIC i386 This is non-processor specific. The same problem still exists in releases up to and including 5.3-BETA-3. >Description: Setting up a Jail environment as per the rc.conf man page (specifically, using devfs rulesets to limit access within the jail) and using the /etc/defaults/devfs.rules, always results in a failure of /etc/rc.d/jail, with this message:- Starting Jails:/etc/rc.d/jail: WARNING: devfs_set_ruleset: you must specify a ruleset number The cause is a faulty eval statement in /etc/rc.subr, where devfs_set_ruleset() checks the arguments passed ($1). This is a devfs problem which is not jail specific (it just happens to cause jail starts to fail and so be most noticeable at that time). >How-To-Repeat: - Add to rc.conf:- ## ## Jail config follows. ## sendmail_enable="NO" inetd_flags="-wW -a 192.168.1.6" rpcbind_enable="NO" devfs_rulesets="/etc/defaults/devfs.rules" jail_enable="YES" jail_list="mydemojail" jail_set_hostname_allow="NO" jail_socket_unixiproute_only="NO" jail_sysvipc_allow="NO" ## ## First Jail (mydemojail.pucebaboon.com). ## jail_mydemojail_rootdir="/usr/jail/mydemojail" jail_mydemojail_hostname="mydemojail.houserock.com" jail_mydemojail_ip="192.168.1.3" jail_mydemojail_devfs_ruleset="4" jail_mydemojail_devfs_enable="YES" jail_mydemojail_fdescfs_enable="NO" jail_mydemojail_procfs_enable="YES" - Run "sh -x /etc/rc.d/jail start >& /tmp/jail.log" The ruleset exists in /etc/defaults/devfs.rules and the verbose output will indicate that the rulesets are read from the file. However, the call to devfs_set_ruleset() in /etc/rc.subr fails to eval $1 correctly and causes the whole jail start sequence to abort. >Fix: Delete the escaped-dollar ("\$") in the eval statement in devfs_set_ruleset() to leave a plain variable:- *** /etc/rc.subr Mon Sep 6 13:52:06 2004 --- /tmp/rc.subr Mon Sep 6 13:51:00 2004 *************** *** 1165,1171 **** devfs_set_ruleset() { local devdir rs _me ! [ -n "$1" ] && eval rs=\$$1 || rs= [ -n "$2" ] && devdir="-m "$2"" || devdir= _me="devfs_set_ruleset" --- 1165,1171 ---- devfs_set_ruleset() { local devdir rs _me ! [ -n "$1" ] && eval rs=$1 || rs= [ -n "$2" ] && devdir="-m "$2"" || devdir= _me="devfs_set_ruleset" >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0409061408400.2547-100000>