Date: Wed, 07 Nov 2007 10:42:58 +0000 From: Tom Evans <tevans.uk@googlemail.com> To: Dan Epure <gepu@iogyte.ro> Cc: freebsd-stable@freebsd.org Subject: Re: openpty() and jail in RELENG_7 Message-ID: <1194432178.64797.42.camel@localhost> In-Reply-To: <20071106201948.GA6590@iogyte.ro> References: <20071106201948.GA6590@iogyte.ro>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-OgD3LNEicNDvQmPmXp/5 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Tue, 2007-11-06 at 22:19 +0200, Dan Epure wrote: > Hi All, >=20 >=20 > I'm using on the host system (7.0-BETA2): > #sysctl kern.pts.enable > kern.pts.enable: 1 > I have no problem at all. >=20 > The jail is also 7.0-BETA2 >=20 > The problem is inside the jail openpty() can not allocate the pty: > =3D=3D=3D cut here =3D=3D=3D > debug1: monitor_child_preauth: test2 has been authenticated by privileged= process > debug1: PAM: reinitializing credentials > debug1: Entering interactive session for SSH2. > debug1: server_init_dispatch_20 > debug1: server_input_channel_open: ctype session rchan 0 win 65536 max 16= 384 > debug1: input_session_request > debug1: channel 0: new [server-session] > debug1: session_new: init > debug1: session_new: session 0 > debug1: session_open: channel 0 > debug1: session_open: session 0: link with channel 0 > debug1: server_input_channel_open: confirm session > debug1: server_input_channel_req: channel 0 request pty-req reply 0 > debug1: session_by_channel: session 0 channel 0 > debug1: session_input_channel_req: session 0 req pty-req > debug1: Allocating pty. > debug1: session_new: init > debug1: session_new: session 0 > openpty: No such file or directory > session_pty_req: session 0 alloc failed > debug1: server_input_channel_req: channel 0 request shell reply 0 > debug1: session_by_channel: session 0 channel 0 > debug1: session_input_channel_req: session 0 req shell > =3D=3D=3D and here =3D=3D=3D > the ssh session just hangs. (no pty ?)=20 >=20 > I did not forget to mount devfs inside the jail. > The jail is configured in rc.conf: > =3D=3D=3D cut here =3D=3D=3D > jail_enable=3D"YES" > jail_list=3D"test" > jail_test_hostname=3D"test.mydomain.org" > jail_test_rootdir=3D"/jails/test" > jail_test_interface=3D"bge0" > jail_test_devfs_enable=3D"YES" > jail_test_ip=3D"192.168.10.2" > jail_set_hostname_allow=3D"NO" > jail_sysvipc_allow=3D"NO" > jail_socket_unixiproute_only=3D"YES" > =3D=3D=3D and here =3D=3D=3D > I think the problem is related to restrictions imposed by the jail. >=20 > Please advise. >=20 > Gepu This is because you haven't been allocated a pty inside your jail. Enable sshd inside your jail, ssh to your jail (which will allocate you a pty). Then from inside your jail, you can use any pty-using application you wish.=20 I am presuming you are doing something like 'jexec 1 /bin/csh' or similar, and I'm only really repeating Xin Li's advice to me[1]. Cheers Tom [1] http://lists.freebsd.org/pipermail/freebsd-jail/2007-October/000106.html --=-OgD3LNEicNDvQmPmXp/5 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQBHMZatlcRvFfyds/cRAs3yAKCdxrSTaQtt7Cqml5I2xVQ9jF0GQQCgi3lq p3dW/eAg+JmIH0RiRTRNuEA= =DOjo -----END PGP SIGNATURE----- --=-OgD3LNEicNDvQmPmXp/5--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1194432178.64797.42.camel>