Date: Wed, 20 Sep 2017 06:28:55 +0200 From: Giulio Ferro <auryn@zirakzigil.org> To: Alexander Leidinger <Alexander@leidinger.net>, freebsd-hackers@freebsd.org Subject: Re: devd in jail Message-ID: <b039b7cd-fc88-5baa-e10d-d4b4e6add0ae@zirakzigil.org> In-Reply-To: <20170918153212.Horde.reuh2WwJotWq2qHgpHwvnNq@webmail.leidinger.net> References: <e03a6040-1322-c82c-0e96-49c474188d5c@zirakzigil.org> <7ca865ee-b613-2f0c-daf0-d828884b5e74@zirakzigil.org> <1C181EF2-B8B1-4F42-BF80-ABEA0593DD43@dsl-only.net> <c17afdad-6bf0-3c4b-6325-2417fb0d18d7@zirakzigil.org> <20170906122556.Horde.5OdDwtii7HXPNArY77YUyBi@webmail.leidinger.net> <D5C4EF81-BCF7-496E-8CD4-2C053607D20C@zirakzigil.org> <20170906221947.Horde.RITHvdc1wVE9v0-3nBavR0Z@webmail.leidinger.net> <da552407-fb13-677b-f514-c3bfacc83e73@zirakzigil.org> <20170909150335.Horde.wBLIPwBuhV3lyQlBxKud39f@webmail.leidinger.net> <27e72cfb-54cf-4af8-b569-85fff089c45f@zirakzigil.org> <20170911161253.Horde.vawLu00EtbbHOVeJRXjp7N0@webmail.leidinger.net> <3236AD55-0D14-49A5-B5B9-3147A216D8A5@zirakzigil.org> <AE1CE061-7BDB-4ED0-B6AF-CC30929D93D3@zirakzigil.org> <20170917210736.Horde.TlHhnPnnzSWoAGi9k7b1_sp@webmail.leidinger.net> <d7bfb91d-c265-3baf-b598-5f771e587d34@zirakzigil.org> <20170918153212.Horde.reuh2WwJotWq2qHgpHwvnNq@webmail.leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Ok, I'm progressing :)
I've patched, built and installed the new kernel. Now I can start the
jail with the new parameter.
Unfortunately Xorg still fails to start... :(
Here's my setup:
/etc/rc.conf.local
-----------------------------------------------------------------------
...
jail_enable="YES"
...
-----------------------------------------------------------------------
/etc/jail.conf
-----------------------------------------------------------------------
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;
devfs_ruleset=1;
path = "/usr/home/jails/$name";
xxx {
host.hostname = "xxx.xxx.xxx";
vnet;
vnet.interface = epair0b, epair1b;
allow.kmem_access = "true";
persist;
}
-----------------------------------------------------------------------
/etc/devfs.rules
-----------------------------------------------------------------------
[devfsrules_jail=1]
add path pf unhide
add path kmem unhide
add path io unhide
add path mem unhide
add path pci unhide
add path tty unhide
add path ttyv0 unhide
add path ttyv1 unhide
add path ttyv8 unhide
-----------------------------------------------------------------------
Now I can start the jail with /etc/rc.d/jail start
The jail seems ok. Here's its /dev directory:
-----------------------------------------------------------------------
# ls -l
total 3
crw-r--r-- 1 root wheel 0x27 Sep 20 04:05 acpi
crw-r----- 1 root operator 0x3e Sep 20 04:05 ada0
crw-r----- 1 root operator 0x3f Sep 20 04:05 ada0p1
crw-r----- 1 root operator 0x40 Sep 20 04:05 ada0p2
crw-rw-r-- 1 root operator 0x29 Sep 20 04:05 apm
crw-rw---- 1 root operator 0x28 Sep 20 04:05 apmctl
crw------- 1 root wheel 0x2b Sep 20 04:05 atkbd0
crw------- 1 root kmem 0x1c Sep 20 04:05 audit
crw------- 1 root wheel 0x1b Sep 20 04:05 auditpipe
crw------- 1 root wheel 0xd Sep 20 04:08 bpf
lrwxr-xr-x 1 root wheel 3 Sep 20 04:09 bpf0 -> bpf
crw-rw-rw- 1 root wheel 0x2e Sep 20 04:05 bpsm0
crw------- 1 root wheel 0xa Sep 20 04:16 console
crw------- 1 root wheel 0xf Sep 20 04:05 consolectl
crw-rw-rw- 1 root wheel 0xc Sep 20 04:05 ctty
crw-rw---- 1 uucp dialer 0x32 Sep 20 04:05 cuau0
crw-rw---- 1 uucp dialer 0x33 Sep 20 04:05 cuau0.init
crw-rw---- 1 uucp dialer 0x34 Sep 20 04:05 cuau0.lock
crw------- 1 root wheel 0x4 Sep 20 04:05 devctl
crw------- 1 root wheel 0x5 Sep 20 04:05 devctl2
cr--r--r-- 1 root wheel 0x3d Sep 20 04:05 devstat
dr-xr-xr-x 2 root wheel 512 Sep 20 04:09 fd
crw------- 1 root wheel 0x11 Sep 20 04:05 fido
crw-rw-rw- 1 root wheel 0x18 Sep 20 04:05 full
crw-r----- 1 root operator 0x6 Sep 20 04:05 geom.ctl
dr-xr-xr-x 2 root wheel 512 Sep 20 04:09 gpt
dr-xr-xr-x 2 root wheel 512 Sep 20 04:09 gptid
crw-r--r-- 1 root wheel 0x2a Sep 20 04:05 hpet0
crw------- 1 root wheel 0x24 Sep 20 04:05 io
lrwxr-xr-x 1 root wheel 6 Sep 20 04:09 kbd0 -> atkbd0
lrwxr-xr-x 1 root wheel 7 Sep 20 04:09 kbd1 -> kbdmux0
crw------- 1 root wheel 0x12 Sep 20 04:05 kbdmux0
crw------- 1 root wheel 0x25 Sep 20 04:05 klog
crw-r----- 1 root kmem 0x15 Sep 20 04:05 kmem
crw------- 1 root wheel 0xb Sep 20 04:05 mdctl
crw-r----- 1 root kmem 0x14 Sep 20 04:05 mem
crw-rw-rw- 1 root wheel 0x26 Sep 20 04:05 midistat
crw------- 1 root wheel 0x17 Sep 20 04:05 netmap
crw------- 1 root kmem 0x16 Sep 20 04:05 nfslock
crw-rw-rw- 1 root wheel 0x19 Sep 20 04:17 null
crw-r--r-- 1 root wheel 0x23 Sep 20 04:05 pci
crw------- 1 root wheel 0x45 Sep 20 04:09 pf
crw-rw-rw- 1 root wheel 0x2d Sep 20 04:05 psm0
dr-xr-xr-x 2 root wheel 512 Sep 20 04:10 pts
crw-r--r-- 1 root wheel 0x8 Sep 20 04:05 random
dr-xr-xr-x 2 root wheel 512 Sep 20 04:09 reroot
crw-r--r-- 1 root wheel 0x7 Sep 20 04:05 sndstat
lrwxr-xr-x 1 root wheel 4 Sep 20 04:09 stderr -> fd/2
lrwxr-xr-x 1 root wheel 4 Sep 20 04:09 stdin -> fd/0
lrwxr-xr-x 1 root wheel 4 Sep 20 04:09 stdout -> fd/1
crw------- 1 root wheel 0x10 Sep 20 04:05 sysmouse
crw------- 1 root wheel 0x44 Sep 20 04:05 tap0
crw------- 1 root wheel 0x2f Sep 20 04:11 ttyu0
crw------- 1 root wheel 0x30 Sep 20 04:05 ttyu0.init
crw------- 1 root wheel 0x31 Sep 20 04:05 ttyu0.lock
crw------- 1 root wheel 0x47 Sep 20 04:11 ttyv0
crw------- 1 root wheel 0x48 Sep 20 04:11 ttyv1
crw------- 1 root wheel 0x49 Sep 20 04:11 ttyv2
crw------- 1 root wheel 0x4a Sep 20 04:11 ttyv3
crw------- 1 root wheel 0x4b Sep 20 04:11 ttyv4
crw------- 1 root wheel 0x4c Sep 20 04:11 ttyv5
crw------- 1 root wheel 0x4d Sep 20 04:11 ttyv6
crw------- 1 root wheel 0x4e Sep 20 04:11 ttyv7
crw------- 1 root wheel 0x4f Sep 20 04:05 ttyv8
crw------- 1 root wheel 0x50 Sep 20 04:05 ttyv9
crw------- 1 root wheel 0x51 Sep 20 04:05 ttyva
crw------- 1 root wheel 0x52 Sep 20 04:05 ttyvb
crw------- 1 root wheel 0x37 Sep 20 04:05 ufssuspend
lrwxr-xr-x 1 root wheel 6 Sep 20 04:09 urandom -> random
crw-r--r-- 1 root operator 0x3a Sep 20 04:05 usbctl
dr-xr-xr-x 2 root wheel 512 Sep 20 04:09 xen
crw------- 1 root operator 0x3b Sep 20 04:05 xpt0
crw-rw-rw- 1 root wheel 0x1a Sep 20 04:05 zero
-----------------------------------------------------------------------
Here's the xorg.conf (automatically created by xrdp)
-----------------------------------------------------------------------
# cat xorg.conf
Section "ServerLayout"
Identifier "X11 Server"
Screen "Screen (xrdpdev)"
InputDevice "xrdpMouse" "CorePointer"
InputDevice "xrdpKeyboard" "CoreKeyboard"
EndSection
Section "ServerFlags"
Option "DontVTSwitch" "on"
Option "AutoAddDevices" "off"
EndSection
Section "Module"
Load "dbe"
Load "ddc"
Load "extmod"
Load "glx"
Load "int10"
Load "record"
Load "vbe"
Load "xorgxrdp"
Load "fb"
EndSection
Section "InputDevice"
Identifier "xrdpKeyboard"
Driver "xrdpkeyb"
EndSection
Section "InputDevice"
Identifier "xrdpMouse"
Driver "xrdpmouse"
EndSection
Section "Monitor"
Identifier "Monitor"
Option "DPMS"
HorizSync 30-80
VertRefresh 60-75
ModeLine "1920x1080" 138.500 1920 1968 2000 2080 1080 1083 1088
1111 +hsync -vsync
ModeLine "1280x720" 74.25 1280 1720 1760 1980 720 725 730 750
+HSync +VSync
Modeline "1368x768" 72.25 1368 1416 1448 1528 768 771 781 790
+hsync -vsync
Modeline "1600x900" 119.00 1600 1696 1864 2128 900 901 904 932
-hsync +vsync
EndSection
Section "Device"
Identifier "Video Card (xrdpdev)"
Driver "xrdpdev"
EndSection
Section "Screen"
Identifier "Screen (xrdpdev)"
Device "Video Card (xrdpdev)"
Monitor "Monitor"
DefaultDepth 24
SubSection "Display"
Depth 24
Modes "640x480" "800x600" "1024x768" "1280x720" "1280x1024"
"1600x900" "1920x1080"
EndSubSection
EndSection
-----------------------------------------------------------------------
I can start xrdp with its sesman. But when xorg is launched, I still
have errors...
Here the X log:
-----------------------------------------------------------------------
# cat Xorg.13.log
[ 5629.107]
X.Org X Server 1.18.4
Release Date: 2016-07-19
[ 5629.107] X Protocol Version 11, Revision 0
[ 5629.107] Build Operating System: FreeBSD 11.0-RELEASE-p12 amd64
[ 5629.107] Current Operating System: FreeBSD xxx.xxx.xxx 11.1-STABLE
FreeBSD 11.1-STABLE #2 r323738M: Tue Sep 19 08:47:53 UTC 2017
root@xxxhost.xxx.xxx:/usr/obj/usr/src/sys/XXXSRV amd64
[ 5629.107] Build Date: 12 September 2017 08:39:56AM
[ 5629.107]
[ 5629.107] Current version of pixman: 0.34.0
[ 5629.107] Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
[ 5629.107] Markers: (--) probed, (**) from config file, (==) default
setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
[ 5629.107] (==) Log file: "/var/log/Xorg.13.log", Time: Tue Sep 19
11:31:20 2017
[ 5629.108] (++) Using config file: "/etc/X11/xrdp/xorg.conf"
[ 5629.108] (==) ServerLayout "X11 Server"
[ 5629.108] (**) |-->Screen "Screen (xrdpdev)" (0)
[ 5629.108] (**) | |-->Monitor "Monitor"
[ 5629.108] (**) | |-->Device "Video Card (xrdpdev)"
[ 5629.108] (**) |-->Input Device "xrdpMouse"
[ 5629.108] (**) |-->Input Device "xrdpKeyboard"
[ 5629.108] (**) Option "DontVTSwitch" "on"
[ 5629.108] (**) Option "AutoAddDevices" "off"
[ 5629.108] (**) Not automatically adding devices
[ 5629.108] (==) Automatically enabling devices
[ 5629.108] (==) Not automatically adding GPU devices
[ 5629.108] (==) Max clients allowed: 256, resource mask: 0x1fffff
[ 5629.108] (WW) The directory "/usr/local/share/fonts/misc/" does not
exist.
[ 5629.108] Entry deleted from font path.
[ 5629.108] (WW) The directory "/usr/local/share/fonts/TTF/" does not
exist.
[ 5629.108] Entry deleted from font path.
[ 5629.108] (WW) The directory "/usr/local/share/fonts/OTF/" does not
exist.
[ 5629.108] Entry deleted from font path.
[ 5629.108] (WW) The directory "/usr/local/share/fonts/Type1/" does not
exist.
[ 5629.108] Entry deleted from font path.
[ 5629.108] (WW) The directory "/usr/local/share/fonts/100dpi/" does
not exist.
[ 5629.108] Entry deleted from font path.
[ 5629.108] (WW) The directory "/usr/local/share/fonts/75dpi/" does not
exist.
[ 5629.108] Entry deleted from font path.
[ 5629.108] (==) FontPath set to:
[ 5629.108] (==) ModulePath set to "/usr/local/lib/xorg/modules"
[ 5629.108] (II) Loader magic: 0x813b70
[ 5629.108] (II) Module ABI versions:
[ 5629.108] X.Org ANSI C Emulation: 0.4
[ 5629.108] X.Org Video Driver: 20.0
[ 5629.108] X.Org XInput driver : 22.1
[ 5629.108] X.Org Server Extension : 9.0
[ 5629.108] (WW) checkDevMem: failed to open /dev/mem (Operation not
permitted)
[ 5629.108] (--) PCI:*(0:0:2:0) 1013:00b8:5853:0001 rev 0, Mem @
0xf0000000/33554432, 0xf3000000/4096, BIOS @ 0x????????/65536
[ 5629.108] (II) "glx" will be loaded. This was enabled by default and
also specified in the config file.
[ 5629.108] (II) LoadModule: "dbe"
[ 5629.108] (II) Module "dbe" already built-in
[ 5629.108] (II) LoadModule: "ddc"
[ 5629.108] (II) Module "ddc" already built-in
[ 5629.108] (II) LoadModule: "extmod"
[ 5629.108] (II) Module "extmod" already built-in
[ 5629.108] (II) LoadModule: "glx"
[ 5629.108] (II) Loading /usr/local/lib/xorg/modules/extensions/libglx.so
[ 5629.109] (II) Module glx: vendor="X.Org Foundation"
[ 5629.109] compiled for 1.18.4, module version = 1.0.0
[ 5629.109] ABI class: X.Org Server Extension, version 9.0
[ 5629.109] (==) AIGLX enabled
[ 5629.109] (II) LoadModule: "int10"
[ 5629.109] (II) Loading /usr/local/lib/xorg/modules/libint10.so
[ 5629.109] (II) Module int10: vendor="X.Org Foundation"
[ 5629.109] compiled for 1.18.4, module version = 1.0.0
[ 5629.109] ABI class: X.Org Video Driver, version 20.0
[ 5629.109] (II) LoadModule: "record"
[ 5629.109] (II) Module "record" already built-in
[ 5629.109] (II) LoadModule: "vbe"
[ 5629.109] (II) Loading /usr/local/lib/xorg/modules/libvbe.so
[ 5629.110] (II) Module vbe: vendor="X.Org Foundation"
[ 5629.110] compiled for 1.18.4, module version = 1.1.0
[ 5629.110] ABI class: X.Org Video Driver, version 20.0
[ 5629.110] (II) LoadModule: "xorgxrdp"
[ 5629.110] (II) Loading /usr/local/lib/xorg/modules/libxorgxrdp.so
[ 5629.110] (II) Module XORGXRDP: vendor="X.Org Foundation"
[ 5629.110] compiled for 1.18.4, module version = 1.0.0
[ 5629.110] ABI class: X.Org Video Driver, version 20.0
[ 5629.110] xorgxrdpSetup:
[ 5629.110] (II) LoadModule: "fb"
[ 5629.110] (II) Loading /usr/local/lib/xorg/modules/libfb.so
[ 5629.110] (II) Module fb: vendor="X.Org Foundation"
[ 5629.110] compiled for 1.18.4, module version = 1.0.0
[ 5629.110] ABI class: X.Org ANSI C Emulation, version 0.4
[ 5629.110] (II) LoadModule: "xrdpdev"
[ 5629.110] (II) Loading /usr/local/lib/xorg/modules/drivers/xrdpdev_drv.so
[ 5629.110] (II) Module XRDPDEV: vendor="X.Org Foundation"
[ 5629.110] compiled for 1.18.4, module version = 1.0.0
[ 5629.110] ABI class: X.Org Video Driver, version 20.0
[ 5629.110] xrdpdevSetup:
[ 5629.110] (II) LoadModule: "xrdpmouse"
[ 5629.110] (II) Loading /usr/local/lib/xorg/modules/input/xrdpmouse_drv.so
[ 5629.110] (II) Module XRDPMOUSE: vendor="X.Org Foundation"
[ 5629.110] compiled for 1.18.4, module version = 1.0.0
[ 5629.110] Module class: X.Org XInput Driver
[ 5629.110] ABI class: X.Org XInput driver, version 22.1
[ 5629.110] rdpmousePlug:
[ 5629.110] (II) LoadModule: "xrdpkeyb"
[ 5629.110] (II) Loading /usr/local/lib/xorg/modules/input/xrdpkeyb_drv.so
[ 5629.110] (II) Module XRDPKEYB: vendor="X.Org Foundation"
[ 5629.110] compiled for 1.18.4, module version = 1.0.0
[ 5629.110] Module class: X.Org XInput Driver
[ 5629.110] ABI class: X.Org XInput driver, version 22.1
[ 5629.110] rdpkeybPlug:
[ 5629.111] rdpIdentify:
[ 5629.111] (II) XRDPDEV: driver for xrdp: XRDPDEV
[ 5629.111] rdpDriverFunc: op 10
[ 5629.111] (WW) Falling back to old probe method for XRDPDEV
[ 5629.111] rdpProbe:
[ 5629.111] (II) Loading sub module "fb"
[ 5629.111] (II) LoadModule: "fb"
[ 5629.111] (II) Loading /usr/local/lib/xorg/modules/libfb.so
[ 5629.111] (II) Module fb: vendor="X.Org Foundation"
[ 5629.111] compiled for 1.18.4, module version = 1.0.0
[ 5629.111] ABI class: X.Org ANSI C Emulation, version 0.4
[ 5629.111] (II) XRDPDEV(0): using default device
[ 5629.111] (WW) VGA arbiter: cannot open kernel arbiter, no multi-card
support
[ 5629.111] rdpPreInit:
[ 5629.111] (**) XRDPDEV(0): Depth 24, (--) framebuffer bpp 32
[ 5629.111] (==) XRDPDEV(0): RGB weight 888
[ 5629.111] (==) XRDPDEV(0): Using gamma correction (1.0, 1.0, 1.0)
[ 5629.111] (==) XRDPDEV(0): Default visual is TrueColor
[ 5629.111] (==) XRDPDEV(0): DPI set to (96, 96)
[ 5629.111] (II) XRDPDEV(0): mode "640x480" ok
[ 5629.111] (II) XRDPDEV(0): mode "800x600" ok
[ 5629.111] (--) XRDPDEV(0): Virtual size is 800x600 (pitch 800)
[ 5629.111] (**) XRDPDEV(0): Default mode "800x600": 36.0 MHz (scaled
from 0.0 MHz), 35.2 kHz, 56.2 Hz
[ 5629.111] (II) XRDPDEV(0): Modeline "800x600"x0.0 36.00 800 824
896 1024 600 601 603 625 +hsync +vsync (35.2 kHz d)
[ 5629.111] (==) Depth 24 pixmap format is 32 bpp
[ 5629.111] rdpScreenInit: virtualX 800 virtualY 600 rgbBits 8 depth 24
[ 5629.111] rdpScreenInit: pfbMemory bytes 1920000
[ 5629.111] rdpScreenInit: pfbMemory 0x807200000
[ 5629.111] rdpSimdInit: assigning yuv functions
[ 5629.111] rdpSimdInit: cpuid ax 1 cx 0 return ax 0x000306f2 bx
0x00020800 cx 0xfffa3203 dx 0x178bfbff
[ 5629.111] rdpSimdInit: sse2 amd64 yuv functions assigned
[ 5629.111] rdpXvInit: depth 24
[ 5629.111] (==) XRDPDEV(0): Backing store enabled
[ 5629.111] rdpClientConInit: kill disconnected [0] timeout [0] sec
[ 5629.111]
[ 5629.111] rdpScreenInit: out
[ 5629.111] (==) RandR enabled
[ 5629.111] MIT-SHM extension disabled due to lack of kernel support
[ 5629.111] (II) AIGLX: Screen 0 is not DRI2 capable
[ 5629.111] (EE) AIGLX: reverting to software rendering
[ 5629.140] (II) AIGLX: enabled GLX_MESA_copy_sub_buffer
[ 5629.141] (II) AIGLX: Loaded and initialized swrast
[ 5629.141] (II) GLX: Initialized DRISWRAST GL provider for screen 0
[ 5629.170] (II) Using input driver 'XRDPMOUSE' for 'xrdpMouse'
[ 5629.170] (**) Option "CorePointer"
[ 5629.170] (**) xrdpMouse: always reports core events
[ 5629.170] rdpmousePreInit: drv 0x803c15240 info 0x803c37d20, flags 0x0
[ 5629.170] (II) XINPUT: Adding extended input device "xrdpMouse"
(type: Mouse, id 6)
[ 5629.170] rdpmouseControl: what 0
[ 5629.170] rdpmouseDeviceInit:
[ 5629.170] rdpmouseCtrl:
[ 5629.170] rdpRegisterInputCallback: type 1 proc 0x806da1d20
[ 5629.170] (**) xrdpMouse: (accel) keeping acceleration scheme 1
[ 5629.170] (**) xrdpMouse: (accel) acceleration profile 0
[ 5629.170] (**) xrdpMouse: (accel) acceleration factor: 2.000
[ 5629.170] (**) xrdpMouse: (accel) acceleration threshold: 4
[ 5629.170] rdpmouseControl: what 1
[ 5629.170] rdpmouseDeviceOn:
[ 5629.170] (II) Using input driver 'XRDPKEYB' for 'xrdpKeyboard'
[ 5629.170] (**) Option "CoreKeyboard"
[ 5629.170] (**) xrdpKeyboard: always reports core events
[ 5629.170] rdpkeybPreInit: drv 0x803c152c0 info 0x803c37e60, flags 0x0
[ 5629.170] (II) XINPUT: Adding extended input device "xrdpKeyboard"
(type: Keyboard, id 7)
[ 5629.170] rdpkeybControl: what 0
[ 5629.170] rdpkeybDeviceInit:
[ 5629.193] rdpkeybChangeKeyboardControl:
[ 5629.193] rdpkeybChangeKeyboardControl: autoRepeat on
[ 5629.193] rdpRegisterInputCallback: type 0 proc 0x806fa41b0
[ 5629.193] rdpkeybControl: what 1
[ 5629.193] rdpkeybDeviceOn:
[ 5629.193] (II) config/devd: probing input devices...
[ 5629.194] (II) config/devd: adding input device (null) (/dev/kbdmux)
[ 5629.194] (II) AutoAddDevices is off - not adding device.
[ 5629.194] (II) config/devd: kbdmux is enabled, ignoring device atkbd0
[ 5629.194] (II) config/devd: adding input device (null) (/dev/sysmouse)
[ 5629.194] (II) AutoAddDevices is off - not adding device.
[ 5629.227] (II) config/devd: adding input device Mouse (/dev/psm0)
[ 5629.227] (II) AutoAddDevices is off - not adding device.
[ 5629.228] (EE) config/devd: fail to connect to devd
[ 5629.228] [config] failed to initialise devd
[ 5629.228] rdpSaveScreen:
[ 5629.228] rdpDeferredRandR:
[ 5629.228] rdpResizeSession: width 1024 height 768
[ 5629.228] calling RRScreenSizeSet
[ 5629.228] rdpRRScreenSetSize: width 1024 height 768 mmWidth 271
mmHeight 203
[ 5629.228] rdpRRGetInfo:
[ 5629.228] screen resized to 1024x768
[ 5629.229] RRScreenSizeSet ok 1
[ 5629.229] rdpResizeSession: width 1304 height 603
[ 5629.229] calling RRScreenSizeSet
[ 5629.229] rdpRRScreenSetSize: width 1304 height 603 mmWidth 345
mmHeight 160
[ 5629.229] rdpRRGetInfo:
[ 5629.229] screen resized to 1304x603
[ 5629.231] RRScreenSizeSet ok 1
[ 5629.297] rdpInDeferredUpdateCallback:
[ 5629.297] rdpkeybChangeKeyboardControl:
[ 5629.297] rdpkeybChangeKeyboardControl: autoRepeat off
[ 5629.716] rdpClientConGotConnection:
[ 5629.716] rdpClientConGotConnection: g_sck_accept ok new_sck 6
[ 5629.716] rdpClientConGotConnection: adding only clientCon
[ 5629.720] rdpClientConProcessMsgVersion: version 0 0 0 1
[ 5629.720] rdpClientConProcessScreenSizeMsg: set width 1304 height 603
bpp 16
[ 5629.720] rdpClientConProcessScreenSizeMsg: shmemid -1 shmemptr
0xffffffffffffffff
[ 5629.720] rdpClientConProcessMsgClientInput: invalidate x 0 y 0 cx
1304 cy 603
[ 5646.293] rdpClientConProcessMsgClientInfo:
[ 5646.293] got client info bytes 5744
[ 5646.293] jpeg support 0
[ 5646.293] offscreen support 0
[ 5646.293] offscreen size 0
[ 5646.293] offscreen entries 0
[ 5646.293] client supports glyph cache but server disabled
[ 5646.293] client can not do offscreen to offscreen blits
[ 5646.293] client can do new(color) cursor
[ 5646.293] client can not do multimon
[ 5646.293] rdpRRSetRdpOutputs: numCrtcs 0 monitorCount 0
[ 5646.293] rdpRRSetRdpOutputs: add output 0 left 0 top 0 width 1304
height 603
[ 5646.293] rdpLoadLayout: keylayout 0x00000409 variant display 13
[ 5646.294] rdpkeybChangeKeyboardControl:
[ 5646.294] rdpkeybChangeKeyboardControl: autoRepeat on
[ 5646.294] rdpkeybChangeKeyboardControl:
[ 5646.294] rdpkeybChangeKeyboardControl: autoRepeat on
[ 5646.320] (EE)
[ 5646.321] (EE) Backtrace:
[ 5646.322] (EE) 0: /usr/local/bin/Xorg (OsInit+0x38a) [0x5abfba]
[ 5646.324] (EE) 1: /lib/libthr.so.3 (_pthread_sigmask+0x544) [0x8025cbd94]
[ 5646.326] (EE) 2: /lib/libthr.so.3 (_pthread_getspecific+0xe5f)
[0x8025cbbef]
[ 5646.327] (EE) 3: ? (?+0xe5f) [0x7ffffffffff2]
[ 5646.329] (EE) 4: /usr/local/lib/xorg/modules/libxorgxrdp.so
(rdpCapture+0xf60) [0x806771aa0]
[ 5646.331] (EE) 5: /usr/local/lib/xorg/modules/libxorgxrdp.so
(rdpClientConAddAllBox+0x408) [0x80676fbf8]
[ 5646.332] (EE) 6: /usr/local/lib/xorg/modules/libxorgxrdp.so
(rdpClientConAddDirtyScreenReg+0x3c3) [0x80676ef13]
[ 5646.334] (EE) 7: /usr/local/bin/Xorg (WaitForSomething+0x103e)
[0x5a47ce]
[ 5646.335] (EE) 8: /usr/local/bin/Xorg (UpdateCurrentTimeIf+0x121)
[0x431621]
[ 5646.337] (EE) 9: /usr/local/bin/Xorg (remove_fs_handlers+0x597)
[0x43b697]
[ 5646.338] (EE) 10: /usr/local/bin/Xorg (_start+0x17f) [0x42506f]
[ 5646.340] (EE) 11: ? (?+0x17f) [0x80083617f]
[ 5646.340] (EE)
[ 5646.340] (EE) Segmentation fault at address 0xffffffffffffffff
[ 5646.340] (EE)
Fatal server error:
[ 5646.340] (EE) Caught signal 11 (Segmentation fault). Server aborting
[ 5646.340] (EE)
[ 5646.340] (EE)
Please consult the The X.Org Foundation support
at http://wiki.x.org
for help.
[ 5646.340] (EE) Please also check the log file at
"/var/log/Xorg.13.log" for additional information.
[ 5646.340] (EE)
[ 5646.340] rdpmouseControl: what 4
[ 5646.340] rdpkeybControl: what 4
[ 5646.340] rdpLeaveVT:
[ 5646.340] (EE) Server terminated with error (1). Closing log file.
-----------------------------------------------------------------------
I guess that the root of the issue may be here:
(WW) checkDevMem: failed to open /dev/mem (Operation not permitted)
Did I miss something in the configuration?
Thanks again
Giulio
> Il giorno 18 set 2017, alle ore 15:32, Alexander Leidinger <Alexander@leidinger.net> ha scritto:
>
> Quoting Giulio Ferro <auryn@zirakzigil.org> (from Mon, 18 Sep 2017 08:49:32 +0200):
>
>> nope, even the old way I get:
>>
>> jail: xxx: unknown parameter: allow.kmem_access
>>
>>
>> Has anyone else tried this in 11.1 stable?
>
> As I'm creating the diff vs. 11.1 just for you: no.
>
> Here an updated change (thanks to jamie@ for the cluebat). It's a full patch vs 11.1.
> http://www.Leidinger.net/FreeBSD/current-patches/x11_in_jail_releng_11_1.diff
>
> The difference of what you have already are two lines:
> ---snip---
> Index: sys/kern/kern_jail.c
> ===================================================================
> --- sys/kern/kern_jail.c (revision 323230)
> +++ sys/kern/kern_jail.c (working copy)
> @@ -3788,6 +3806,8 @@
> "B", "Jail may set file quotas");
> SYSCTL_JAIL_PARAM(_allow, socket_af, CTLTYPE_INT | CTLFLAG_RW,
> "B", "Jail may create sockets other than just UNIX/IPv4/IPv6/route");
> +SYSCTL_JAIL_PARAM(_allow, kmem_access, CTLTYPE_INT | CTLFLAG_RW,
> + "B", "Jail may access kmem-like devices (io, dri) if they exist");
>
> SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags");
> SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW,
> ---snip---
>
> I have validated this in -current, this is the missing piece. When this is in the kernel, you should see kmem_access in the output of
> sysctl security.jail.param.allow
>
> This should then work with the jail.conf (and rc.conf) way of configuring a jail.
>
> Bye,
> Alexander.
>
> --
> http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF
> http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b039b7cd-fc88-5baa-e10d-d4b4e6add0ae>