From owner-freebsd-questions@FreeBSD.ORG  Tue Oct 16 20:51:51 2012
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id 34F2BCE8
 for <freebsd-questions@freebsd.org>; Tue, 16 Oct 2012 20:51:51 +0000 (UTC)
 (envelope-from david@catwhisker.org)
Received: from albert.catwhisker.org (m209-73.dsl.rawbw.com [198.144.209.73])
 by mx1.freebsd.org (Postfix) with ESMTP id F1FD38FC0A
 for <freebsd-questions@freebsd.org>; Tue, 16 Oct 2012 20:51:50 +0000 (UTC)
Received: from albert.catwhisker.org (localhost [127.0.0.1])
 by albert.catwhisker.org (8.14.5/8.14.5) with ESMTP id q9GKpo9U001964;
 Tue, 16 Oct 2012 13:51:50 -0700 (PDT)
 (envelope-from david@albert.catwhisker.org)
Received: (from david@localhost)
 by albert.catwhisker.org (8.14.5/8.14.5/Submit) id q9GKpnXO001963;
 Tue, 16 Oct 2012 13:51:49 -0700 (PDT) (envelope-from david)
Date: Tue, 16 Oct 2012 13:51:49 -0700
From: David Wolfskill <david@catwhisker.org>
To: freebsd-questions@freebsd.org
Subject: IPCS resource access within a down-level jail?
Message-ID: <20121016205149.GA1817@albert.catwhisker.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature"; boundary="r5Pyd7+fXNt84Ff3"
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
Reply-To: freebsd-questions@freebsd.org, David Wolfskill <david@catwhisker.org>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Oct 2012 20:51:51 -0000


--r5Pyd7+fXNt84Ff3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

[Please include me in responses; I've set Reply-To as a hint.  Thanks!]

A colleague had been running a program that makes use of IPCS message
queues in a 7.x/i386 environment.

He was moved to a 32-bit 7.x-based jail instantiated on an 8.x/amd64
host.

Within that jail, "ipcs -a" now fails to come anywhere near close to
reporting what it does outside the jail.

I then performed an experiment: I created a 7.x/i386 jail on my
9.x/i386 laptop.  I verified that "ipcs -a" (outside the jail) shows
Stuff:

d134(9.1-P)[1] ipcs -a
Message Queues:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP  =
               CBYTES                 QNUM               QBYTES        LSPI=
D        LRPID STIME    RTIME    CTIME  =20

Shared Memory:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP  =
       NATTCH        SEGSZ         CPID         LPID ATIME    DTIME    CTIM=
E  =20
m       393216            0 --rw------- david    david    david    david   =
            2       393216         3671         3147  8:23:37 no-entry  8:2=
3:37
m       851969            0 --rw------- david    david    david    david   =
            2       262080         3861         3147  9:24:09 no-entry  9:2=
4:09
m       458754            0 --rw------- david    david    david    david   =
            2       384000         3861         3147  9:24:09 no-entry  9:2=
4:09

Semaphores:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP  =
        NSEMS OTIME    CTIME  =20

d134(9.1-P)[2]=20


Inside the jail, using the 7.x version of ipcs, I get:

%ipcs -a
ipcs: sysctlbyname: kern.ipc.msqids: Cannot allocate memory
%

I then recompiled the 9.x versions of ipcs & ipcrm and linked them
statically; running that verion of ipcs, I see:

%~/bin/!!
~/bin/ipcs -a
Message Queues:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP  =
               CBYTES                 QNUM               QBYTES        LSPI=
D        LRPID STIME    RTIME    CTIME  =20

Shared Memory:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP  =
       NATTCH        SEGSZ         CPID         LPID ATIME    DTIME    CTIM=
E  =20
m       393216            0 --rw------- david    david    david    david   =
            2       393216         3671         3147 15:23:37 no-entry 15:2=
3:37
m       655362            0 --rw------- david    david    david    david   =
            2       262080         3861         3147 18:39:30 no-entry 18:3=
9:30

Semaphores:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP  =
        NSEMS OTIME    CTIME  =20

%

Is this (inability to access IPCS resources properly within a
"down-level" jail) expected behavior?

Is there a sane(?) way to provide IPCS resources inside a down-level
jail?

Thanks!

Peace,
david
--=20
David H. Wolfskill				david@catwhisker.org
Taliban: Evil men with guns afraid of truth from a 14-year old girl.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.

--r5Pyd7+fXNt84Ff3
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)

iEYEARECAAYFAlB9yOQACgkQmprOCmdXAD3zMACeN5e1MYbb9Cl60uujvmZeJuqy
nNUAnji0HeQwQs4qjYiwW02e5R7jBVt3
=LNQN
-----END PGP SIGNATURE-----

--r5Pyd7+fXNt84Ff3--