Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 20 Aug 2013 16:00:10 +1000
From:      "Dewayne Geraghty" <dewayne.geraghty@heuristicsystems.com.au>
To:        "'Florent Peterschmitt'" <florent@peterschmitt.fr>
Cc:        freebsd-stable@freebsd.org
Subject:   RE: Behavior of jexec
Message-ID:  <2DC6613BDD194EEBA0BCDFD96A24A1A8@white>
In-Reply-To: <520D0EBE.401@peterschmitt.fr>
References:  <520D0EBE.401@peterschmitt.fr>

next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message-----
> From: owner-freebsd-stable@freebsd.org 
> [mailto:owner-freebsd-stable@freebsd.org] On Behalf Of 
> Florent Peterschmitt
> Sent: Friday, 16 August 2013 3:24 AM
> To: freebsd-stable@freebsd.org
> Subject: Behavior of jexec
> 
> Hi,
> 
> I noticed two things when running jexec. I run FreeBSD 
> 9.2-RC1 from binaries and jails 9.2-RC1 too.
> 
> I log as root on the host (I havn't any other user).
> 
> # 1. $HOME
> 
> For a jail named "blog" with a "blog" user, which $HOME is at 
> /home/blog, if I do:
> 
> jexec -U blog blog tcsh
> 
> My id is correct, but $HOME is still root.
> 
> # 2. Accessing a jail in ssh command line
> 
> I'm on my "client" machine and want to get on the "server" 
> machine, where jails are, and I want to do a jexec from ssh 
> command line:
> 
> ssh katana jexec -U blog blog tcsh
> 
> I get a connection (trusting /var/log/auth) but it hangs on 
> and do nothing. Event with a simple "ls" as jail command.
> 
> Thanks.
> 
> 
> -- 
> Florent Peterschmitt           | Please:
> florent@peterschmitt.fr        |  * Avoid HTML/RTF in E-mail.
> +33 (0)6 64 33 97 92           |  * Send PDF for documents.
> http://florent.peterschmitt.fr | Thank you :)
> 
> 

The behaviour is roughly what should be expected.  

It's helpful to keep in mind that the jail isn't running a getty or login process in the context of the jail. So using 
jexec -U blog blog tcsh
you'll acquire the correct ID, but be dropped into '/'.  Reading the jail code might be the only definitive statement as to why.

When you ssh into the jail, there is no tty assigned to the session.  You can force a tty by
ssh -t katana jexec -U blog blog tcsh
Which should give you what you require, a shell within the jail context and an id of blog.

Regards, Dewayne.




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2DC6613BDD194EEBA0BCDFD96A24A1A8>