From owner-freebsd-jail@freebsd.org Mon Dec 31 19:26:42 2018 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EEE80143DADF for ; Mon, 31 Dec 2018 19:26:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 826D3819A2 for ; Mon, 31 Dec 2018 19:26:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 43153143DADE; Mon, 31 Dec 2018 19:26:41 +0000 (UTC) Delivered-To: jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 319B5143DADD for ; Mon, 31 Dec 2018 19:26:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C1F98819A0 for ; Mon, 31 Dec 2018 19:26:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id F379C1C231 for ; Mon, 31 Dec 2018 19:26:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id wBVJQdwe010557 for ; Mon, 31 Dec 2018 19:26:39 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id wBVJQdB0010556 for jail@FreeBSD.org; Mon, 31 Dec 2018 19:26:39 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 186360] [jail] jail using nullfs and unionfs doesn't mount devfs Date: Mon, 31 Dec 2018 19:26:38 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 10.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: gerald.gutierrez@gmail.com X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Dec 2018 19:26:42 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D186360 Gerald Gutierrez changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |gerald.gutierrez@gmail.com --- Comment #10 from Gerald Gutierrez --- This is still a problem on FreeBSD xxx 12.0-RELEASE FreeBSD 12.0-RELEASE r341666 GENERIC amd64. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-jail@freebsd.org Fri Jan 4 14:33:02 2019 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9EDB4142D3D9 for ; Fri, 4 Jan 2019 14:33:02 +0000 (UTC) (envelope-from fabian.freyer@physik.tu-berlin.de) Received: from mail.physik.tu-berlin.de (mail.physik-pool.tu-berlin.de [130.149.50.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6A7256B6D2 for ; Fri, 4 Jan 2019 14:33:00 +0000 (UTC) (envelope-from fabian.freyer@physik.tu-berlin.de) Received: from [172.26.1.204] (wlangw.udk-berlin.de [194.95.94.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.physik.tu-berlin.de (Postfix) with ESMTPSA id 9195961F9C; Fri, 4 Jan 2019 13:55:05 +0000 (UTC) To: freebsd-jail@freebsd.org Cc: stefan@gronke.net From: Fabian Freyer Subject: kqueue(2) kevents for jails Message-ID: <106dc2ec-9b92-6885-ca4c-8422e0aa061c@physik.tu-berlin.de> Date: Fri, 4 Jan 2019 14:55:05 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 6A7256B6D2 X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [3.41 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.01)[0.014,0]; HFILTER_HOSTNAME_4(2.50)[mail.physik-pool.tu-berlin.de]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[tu-berlin.de]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.22)[0.221,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_MED(-0.20)[25.50.149.130.list.dnswl.org : 127.0.11.2]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_SPAM_LONG(0.00)[0.000,0]; MX_GOOD(-0.01)[a1861.mx.srv.dfn.de,b1861.mx.srv.dfn.de,c1861.mx.srv.dfn.de]; IP_SCORE(-0.01)[asn: 680(-0.06), country: DE(-0.01)]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:680, ipnet:130.149.0.0/16, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2019 14:33:02 -0000 Hi! I'm writing a jail management library [1], and am wondering if there's any nice way to get notified of jail state changes (especially running -> dying -> dead) as well as of parameter changes. What are the opinions on adding a kevent(2) for these things? Fabian [1] https://github.com/fubarnetes/libjail-rs/ From owner-freebsd-jail@freebsd.org Fri Jan 4 16:14:53 2019 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2E9D614305DF for ; Fri, 4 Jan 2019 16:14:53 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 57FB16F271 for ; Fri, 4 Jan 2019 16:14:52 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id x04GEhkr068500 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 4 Jan 2019 18:14:46 +0200 (EET) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua x04GEhkr068500 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id x04GEh3i068499; Fri, 4 Jan 2019 18:14:43 +0200 (EET) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Fri, 4 Jan 2019 18:14:43 +0200 From: Konstantin Belousov To: Fabian Freyer Cc: freebsd-jail@freebsd.org, stefan@gronke.net Subject: Re: kqueue(2) kevents for jails Message-ID: <20190104161443.GM2326@kib.kiev.ua> References: <106dc2ec-9b92-6885-ca4c-8422e0aa061c@physik.tu-berlin.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <106dc2ec-9b92-6885-ca4c-8422e0aa061c@physik.tu-berlin.de> User-Agent: Mutt/1.11.1 (2018-12-01) X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FORGED_GMAIL_RCVD,FREEMAIL_FROM, NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tom.home X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2019 16:14:53 -0000 On Fri, Jan 04, 2019 at 02:55:05PM +0100, Fabian Freyer wrote: > Hi! > > I'm writing a jail management library [1], and am wondering if there's > any nice way to get notified of jail state changes (especially running > -> dying -> dead) as well as of parameter changes. > > What are the opinions on adding a kevent(2) for these things? > > Fabian > > [1] https://github.com/fubarnetes/libjail-rs/ No, kevent(2) is not suitable mechanism to notify about jail state changes. If anything in the existing system can be reused for such notifications, it is devctl(4) notifications which are handled by devd(8). Look at the man pages and for existing notifications in kernel code, e.g. sys/kern/kern_conf.c notify*() for how devfs does it. It is both more natural and much easier integrated with the jail code. Not least because jail creation/destruction is relatively low frequency events with potentially rich secondary information that should be attached to them. Kevents are high-frequency, high-performance kind of events, and only naturally tied to file descriptors. There were lot of bugs in integration of kevents with e.g. processes notifications, and API is still somewhat racy. From owner-freebsd-jail@freebsd.org Fri Jan 4 17:20:43 2019 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 500FF1432B47 for ; Fri, 4 Jan 2019 17:20:43 +0000 (UTC) (envelope-from bch@online.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 36B597237F for ; Fri, 4 Jan 2019 17:20:41 +0000 (UTC) (envelope-from bch@online.de) Received: from online.de ([195.201.29.72]) by mrelayeu.kundenserver.de (mreue012 [212.227.15.167]) with ESMTPSA (Nemesis) id 1N5lvf-1hOnZC15f1-017Av8; Fri, 04 Jan 2019 18:20:33 +0100 Received: by online.de (Postfix, from userid 1000) id 4824D612A3; Fri, 4 Jan 2019 18:20:32 +0100 (CET) From: Christian Barthel To: Fabian Freyer Cc: freebsd-jail@freebsd.org, stefan@gronke.net Subject: Re: kqueue(2) kevents for jails References: <106dc2ec-9b92-6885-ca4c-8422e0aa061c@physik.tu-berlin.de> Date: Fri, 04 Jan 2019 18:20:32 +0100 In-Reply-To: <106dc2ec-9b92-6885-ca4c-8422e0aa061c@physik.tu-berlin.de> (Fabian Freyer's message of "Fri, 4 Jan 2019 14:55:05 +0100") Message-ID: <87k1jkmja7.fsf@x230.onfire.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:ncBJZN0adAKTv1NT54KWP4Re7cEY8fjuBjZcvwpbHn7CHurLNpU NZFsL7y2BihPAbEYSGfL3gItaD0qsV1AUGuyBUBRx0tm4wBlR1pyLU9aCgBZCz+K5FCZRAB 04HHBwqPldPmvUNCPnwsdGLfKrtafPu/GPi7NDNkw6yvltWuIQ/HT3DLRsjXs6x1aEsTTxL xMOH3REVLTwwm7d1K7ThQ== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:1BiNe1LFeRs=:xIqCuAih+IK9Brjvpn5DTi DcTS3V4W4GnVIOh2IspM9CKqC4Dvwq5lFWhkxAaTz7Pc5xPPRx9E+Ro2i1kvHlvzi5d9mstkO 5F05QOedOL871VkrRmXskvwYfH23SP0p8xYqaD/zsd84pM8zrpFY+WOF402smn3IHIhTKIHcN piGH7IPrRkRGc0b2YVCvE46X1DO6cm4qNVV8DjRanGwW4Chl6U6fC41ZMsj9AGBjqtMr25WEC K9yZOo+NeBIVdRnDSQ01XlzmbLr0QJFK1AwcxMmgFy5eqi008zsQUVXEr93evKAU59LyBqSAg 24dd+VFnQ/pK7jQDWoONpqQUWa1+Dcu9yrjL9uq8x7iNXUxmupNQuL7oaBgKdjgyFsiE87zaR PWrguZoeh1HifQASG5QAQSBy7HPAtpw50OMSq1UAG2N2RW3F3HW6iqbB7al2/zCcstsCHKPrB f531xm3Szeabf7Qh2Mx5NfQxHnnxBY+3eebGyxgjseZY/gh3JL5ag7Y7a5TpIjNJ0LBLFkwCM 3Gf8zkiA7RS8Dx1goxkoCFpmXSese1vD2uy8O4Dy08dV1ljIYnIG3baoEH3d9ucsW86DGc4hU tf8lu7zbNI97ackQUuzRYF+r//gN1Umk5gcP6lVbcIywkCOVYoInQr6kbhfqwvlCeciawI3sj Npx0dcIfI+fZmAQ7faRPQ33Tq6GTN807LhLYbf5o5OXyX2M64PAOgCQzR/eZjYKgUub5Ns6BQ f2PttYZ0XZ/92KapH86NAZiqLOJVUowaZGnO45IFGS99f/fArJJVRPs7A8I= X-Rspamd-Queue-Id: 36B597237F X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [3.58 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.82)[0.821,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[online.de]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.76)[0.760,0]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[mx00.emig.kundenserver.de,mx01.emig.kundenserver.de]; NEURAL_SPAM_LONG(0.75)[0.751,0]; RCVD_IN_DNSWL_NONE(0.00)[135.126.227.212.list.dnswl.org : 127.0.5.0]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; RCVD_TLS_LAST(0.00)[]; IP_SCORE(0.36)[ip: (1.13), ipnet: 212.227.0.0/16(-0.40), asn: 8560(1.07), country: DE(-0.01)] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2019 17:20:43 -0000 Fabian Freyer writes: > I'm writing a jail management library [1], and am wondering if there's > any nice way to get notified of jail state changes (especially running > -> dying -> dead) as well as of parameter changes. I worked on something similar (not a library but more acting like a daemon). The way I managed Jails was by forking a jail(8) process and collecting the exit status. Not sure if that is possible for your library case. -- Christian Barthel From owner-freebsd-jail@freebsd.org Fri Jan 4 20:12:24 2019 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DEC371438640 for ; Fri, 4 Jan 2019 20:12:24 +0000 (UTC) (envelope-from fabian.freyer@physik.tu-berlin.de) Received: from mail.physik.tu-berlin.de (mail.physik-pool.tu-berlin.de [130.149.50.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C7BB8824A7 for ; Fri, 4 Jan 2019 20:12:23 +0000 (UTC) (envelope-from fabian.freyer@physik.tu-berlin.de) Received: from [192.168.0.114] (firewall02.physik-pool.tu-berlin.de [130.149.50.197]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.physik.tu-berlin.de (Postfix) with ESMTPSA id 09E0761F98; Fri, 4 Jan 2019 20:12:00 +0000 (UTC) Subject: Re: kqueue(2) kevents for jails To: Christian Barthel , Konstantin Belousov Cc: freebsd-jail@freebsd.org, stefan@gronke.net References: <106dc2ec-9b92-6885-ca4c-8422e0aa061c@physik.tu-berlin.de> <87k1jkmja7.fsf@x230.onfire.org> From: Fabian Freyer Message-ID: Date: Fri, 4 Jan 2019 21:11:58 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: <87k1jkmja7.fsf@x230.onfire.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: C7BB8824A7 X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [3.55 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-0.22)[-0.222,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; HFILTER_HOSTNAME_4(2.50)[mail.physik-pool.tu-berlin.de]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[tu-berlin.de]; AUTH_NA(1.00)[]; NEURAL_SPAM_SHORT(0.33)[0.327,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_MED(-0.20)[25.50.149.130.list.dnswl.org : 127.0.11.2]; MX_GOOD(-0.01)[cached: a1861.mx.srv.dfn.de]; NEURAL_SPAM_LONG(0.27)[0.268,0]; IP_SCORE(-0.01)[asn: 680(-0.06), country: DE(-0.01)]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:680, ipnet:130.149.0.0/16, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2019 20:12:25 -0000 On 1/4/19 6:20 PM, Christian Barthel wrote: > I worked on something similar (not a library but more acting like a > daemon). The way I managed Jails was by forking a jail(8) process > and collecting the exit status. Not sure if that is possible for your > library case. Yes, I've thought about doing things like that too, like double-forking and having the parent wait for the jailed child, but those all seem dirty to me. Ideally, I'd like to register callbacks on jail state change to clean up file systems etc. On 1/4/19 5:14 PM, Konstantin Belousov wrote: > No, kevent(2) is not suitable mechanism to notify about jail state changes. > If anything in the existing system can be reused for such notifications, > it is devctl(4) notifications which are handled by devd(8). Look at the > man pages and for existing notifications in kernel code, e.g. > sys/kern/kern_conf.c notify*() for how devfs does it. Can any running binary subscribe to devd(8) events or does that require a configuration change in /etc/devd.conf? From owner-freebsd-jail@freebsd.org Fri Jan 4 20:29:18 2019 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 42A1A1438DDF for ; Fri, 4 Jan 2019 20:29:18 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9D1D782C93 for ; Fri, 4 Jan 2019 20:29:17 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id x04KTAOH029426 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 4 Jan 2019 22:29:13 +0200 (EET) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua x04KTAOH029426 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id x04KTA01029425; Fri, 4 Jan 2019 22:29:10 +0200 (EET) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Fri, 4 Jan 2019 22:29:10 +0200 From: Konstantin Belousov To: Fabian Freyer Cc: Christian Barthel , freebsd-jail@freebsd.org, stefan@gronke.net Subject: Re: kqueue(2) kevents for jails Message-ID: <20190104202910.GV2326@kib.kiev.ua> References: <106dc2ec-9b92-6885-ca4c-8422e0aa061c@physik.tu-berlin.de> <87k1jkmja7.fsf@x230.onfire.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.11.1 (2018-12-01) X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FORGED_GMAIL_RCVD,FREEMAIL_FROM, NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tom.home X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2019 20:29:18 -0000 On Fri, Jan 04, 2019 at 09:11:58PM +0100, Fabian Freyer wrote: > On 1/4/19 5:14 PM, Konstantin Belousov wrote: > > No, kevent(2) is not suitable mechanism to notify about jail state changes. > > If anything in the existing system can be reused for such notifications, > > it is devctl(4) notifications which are handled by devd(8). Look at the > > man pages and for existing notifications in kernel code, e.g. > > sys/kern/kern_conf.c notify*() for how devfs does it. > > Can any running binary subscribe to devd(8) events or does that require > a configuration change in /etc/devd.conf? Only one reader is supported, effectively. devctl(4) tries to limit opens naively. But then even if you have the file descriptor and fork or pass it over unix domain socket, single event can be only read by one reader. From owner-freebsd-jail@freebsd.org Fri Jan 4 21:22:32 2019 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C6B12143A7CD for ; Fri, 4 Jan 2019 21:22:32 +0000 (UTC) (envelope-from fabian.freyer@physik.tu-berlin.de) Received: from mail.physik.tu-berlin.de (mail.physik-pool.tu-berlin.de [130.149.50.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4B1B385698 for ; Fri, 4 Jan 2019 21:22:32 +0000 (UTC) (envelope-from fabian.freyer@physik.tu-berlin.de) Received: from [192.168.0.114] (firewall02.physik-pool.tu-berlin.de [130.149.50.197]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.physik.tu-berlin.de (Postfix) with ESMTPSA id 975BA61FA2; Fri, 4 Jan 2019 21:22:08 +0000 (UTC) Subject: Re: kqueue(2) kevents for jails To: Konstantin Belousov Cc: Christian Barthel , freebsd-jail@freebsd.org, stefan@gronke.net References: <106dc2ec-9b92-6885-ca4c-8422e0aa061c@physik.tu-berlin.de> <87k1jkmja7.fsf@x230.onfire.org> <20190104202910.GV2326@kib.kiev.ua> From: Fabian Freyer Message-ID: <5ca6662f-ec0d-a9a5-319f-af8b1fb011cc@physik.tu-berlin.de> Date: Fri, 4 Jan 2019 22:22:07 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: <20190104202910.GV2326@kib.kiev.ua> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4B1B385698 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.99)[-0.992,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; REPLY(-4.00)[] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2019 21:22:32 -0000 On 1/4/19 9:29 PM, Konstantin Belousov wrote: > On Fri, Jan 04, 2019 at 09:11:58PM +0100, Fabian Freyer wrote: >> On 1/4/19 5:14 PM, Konstantin Belousov wrote: >>> No, kevent(2) is not suitable mechanism to notify about jail state changes. >>> If anything in the existing system can be reused for such notifications, >>> it is devctl(4) notifications which are handled by devd(8). Look at the >>> man pages and for existing notifications in kernel code, e.g. >>> sys/kern/kern_conf.c notify*() for how devfs does it. >> >> Can any running binary subscribe to devd(8) events or does that require >> a configuration change in /etc/devd.conf? > > Only one reader is supported, effectively. devctl(4) tries to limit opens > naively. But then even if you have the file descriptor and fork or pass > it over unix domain socket, single event can be only read by one reader. > Ah, I see, thanks! Is there any other nice notification mechanism that a process could 'subscribe' to to be notified of an event? I am still a bit confused as to why knotify would be such a bad fit, maybe you could expand a bit on that? > Not least because jail creation/destruction is relatively low frequency > events with potentially rich secondary information that should be attached > to them. Kevents are high-frequency, high-performance kind of events, Does this mean they cannot nicely be used for lower-frequency things? I'm thinking of situations where jails may get spawned e.g. per-network-request. > and only naturally tied to file descriptors. according to kevent(2), EVFILT_PROC Takes the process ID to monitor as the identifier so there's also cases where it isn't tied to a file descriptor, but some other descriptor (pid's don't seem to be too different to jid's?) > There were lot of bugs in > integration of kevents with e.g. processes notifications, and API is > still somewhat racy Is this a kevents issue or an integration problem? In the end, might it be a good idea to add devctl(4) notifications as well as kevent(2)?