From nobody Tue Oct 17 19:44:07 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S94DR0hH2z4xvnj for ; Tue, 17 Oct 2023 19:44:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S94DQ5sJcz3Mmq for ; Tue, 17 Oct 2023 19:44:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697571846; a=rsa-sha256; cv=none; b=CbQoxe6kL9dX5uFr89AOJyzdX8aWXma+4Pm17OZYjWXTYtPzZWelZr7cRnEWxcQdzZFUj8 QDj4AAbeZF2Ps9AavHScWIDOEq9EmFLkw9nbFDocmNnHT1UdJYYLUwsHeNBPoJQE/n68g7 ADEXLe1nVjxbn/yuTMrYzG3IsGfwzfoUD1dyHDlhnw45JkraooKIVv/S2MKFDmVbHA+ZpG 5tDxZUwY/ZG6SX2l0xr2wUC/CHfDO+GuMcKRiwrl6UvtBBJD/ewO8iaPGKyhzXtVadpbOs 8rRldfjJUozeBKCCztoIsS0xHGjoHMrA0354C39lx+Tc3FkHd3vvEx/sD0+2+Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697571846; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zxo472+EzBne8qj1jz/yko/Uytj/5MN1sLikKICVDRg=; b=fDQdYtlmI/Cc2d1kqRoFnI46eVxlWUdotto4oEx8gGGxBtdTEpn5IWH38JFvmFbQpiBYn2 LEIlSgPIMUhsDvKlgvCaV5aZe97wpd8+aCMtyTIs1yhwdPGtBNJgZ17MRiIAXJr7PEKdlN +0lZLjyKy3xO+upCqIGpqOjWHTSDWlrSp56LMocSdLBTRpRb2E5RvHTtUXZ5KkSnbLuS+7 JrtITJ1hwI1mWI0MA0VkRso15W6HzreBbTXCX1Jx5ImB3hu9Cupw6YNg/TF36WEIqA5RU9 K29MYbA8JUGncoNz7boe5KKMCHN92ygGptSkelAsoVSXL21monP6+ExwGMgbnA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4S94DQ4xz5zd4N for ; Tue, 17 Oct 2023 19:44:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 39HJi6Hl047861 for ; Tue, 17 Oct 2023 19:44:06 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 39HJi6PY047860 for jail@FreeBSD.org; Tue, 17 Oct 2023 19:44:06 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 272092] The 'see_jail_proc' security policy still allows signaling and debugging sub-jails' processes Date: Tue, 17 Oct 2023 19:44:07 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272092 --- Comment #2 from commit-hook@FreeBSD.org --- A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3De1153205a719c6cb792cb2213a3737ee6= b53d59c commit e1153205a719c6cb792cb2213a3737ee6b53d59c Author: Olivier Certner AuthorDate: 2023-08-17 23:54:38 +0000 Commit: Mitchell Horne CommitDate: 2023-10-17 19:42:58 +0000 Fix 'security.bsd.see_jail_proc' by using cr_bsd_visible() As implemented, this security policy would only prevent seeing processes in sub-jails, but would not prevent sending signals to, changing priority of or debugging processes in these, enabling attacks where unprivileged users could tamper with random processes in sub-jails in particular circumstances (conflated UIDs) despite the policy being enforced. PR: 272092 Reviewed by: mhorne MFC after: 2 weeks Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40628 (cherry picked from commit 5817169bc4a06a35aa5ef7f5ed18f6cb35037e18) sys/kern/kern_prot.c | 25 +++++++------------------ sys/netinet/in_prot.c | 4 +--- 2 files changed, 8 insertions(+), 21 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Oct 18 18:05:03 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S9dzg4SZfz4xL2H for ; Wed, 18 Oct 2023 18:05:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S9dzg29xhz4dBJ for ; Wed, 18 Oct 2023 18:05:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697652303; a=rsa-sha256; cv=none; b=Wwi7a1JlORruyLuhKhfbHqk+dUm71FD/sMPw7s+KzKaGQZq3SGR1J+QzdjBbusX89OICKb MxUlcKxYtlDm87MoS/8sbU69/PtwGoIxrfTbmJIvrECCl2LOMeT03gr0U+zfiDSSi7HQDA ZIGvWH3DNvJezetVyxpvCsmJMQG4emUE4HUZm+JPGWzJE8Fcv+GPiDO+zfGvjHX1kO4/ge XX7eBmDMDjwX7hhTkXahPW0R4iD9ZuqNCsnrqDeIbDq1Ua36a3D16lcedwnOyAklifMMTy U/TYk9cpQcxArWo/we7GISWcX/X7OfU5HzknWuB2z/ofM60MCi97OYzfxctXvw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697652303; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=suQ3lN2iSnOXV2C0cYQ2mjz2AsxtNZiTphunYLOKxBM=; b=JHATfwAyOmu7gJhkj6pvXtPCe4QdgKZJv2YX1OcJKcImP2LZnni1uZn+lT/YKQx7jN/ujP Y6tPbeK0jzdHOu25WJFa107T9t+2CtyOzW4uyx/B+7haGKuisJhuFSmzvQSYkwr8OXINPU C2VpPUdPVwSHevkKVEmc/VNAY1D2WEEjFX5gNEC3d0IdLPdrNEm+KqDC2ubh5qJBZvEVmG t8X3TU/GlBX1SlPdikf9PyAOfL7Mmg1gaGgafDQ3CmyVG/gLzZoq2ssql4OLQm/BpeVFV/ 4CJU8dWkBjvllAjiNwm5xkYGiU+1Q/YykcqOh7zw+pDjONzIH8Y/Nab4qkd53Q== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4S9dzg1FpBz24t for ; Wed, 18 Oct 2023 18:05:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 39II53CU060201 for ; Wed, 18 Oct 2023 18:05:03 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 39II53Ho060200 for jail@FreeBSD.org; Wed, 18 Oct 2023 18:05:03 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 272092] The 'see_jail_proc' security policy still allows signaling and debugging sub-jails' processes Date: Wed, 18 Oct 2023 18:05:03 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272092 --- Comment #3 from commit-hook@FreeBSD.org --- A commit in branch releng/14.0 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D7e21c691f295b3babc8c57c0aeafa19fa= f1371b6 commit 7e21c691f295b3babc8c57c0aeafa19faf1371b6 Author: Olivier Certner AuthorDate: 2023-08-17 23:54:38 +0000 Commit: Mitchell Horne CommitDate: 2023-10-18 17:59:51 +0000 Fix 'security.bsd.see_jail_proc' by using cr_bsd_visible() As implemented, this security policy would only prevent seeing processes in sub-jails, but would not prevent sending signals to, changing priority of or debugging processes in these, enabling attacks where unprivileged users could tamper with random processes in sub-jails in particular circumstances (conflated UIDs) despite the policy being enforced. Approved by: re (gjb) PR: 272092 Reviewed by: mhorne Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40628 (cherry picked from commit 5817169bc4a06a35aa5ef7f5ed18f6cb35037e18) (cherry picked from commit abfcae344feb89c635616769d12150f84c96c003) sys/kern/kern_prot.c | 25 +++++++------------------ sys/netinet/in_prot.c | 4 +--- 2 files changed, 8 insertions(+), 21 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Oct 18 19:02:20 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S9gFm4XwNz4xPW3 for ; Wed, 18 Oct 2023 19:02:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S9gFm1rRjz4n0B for ; Wed, 18 Oct 2023 19:02:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697655740; a=rsa-sha256; cv=none; b=bcXXjQBDN4uspcoZg/Ao/aMyYAUpRdSxcnWd7YU49RL4oKhtaztD7YgDkjdNHaVA03PdCs azLGJthYPnkgOXW+GelMED+f2dN2vK4LIbssbqpbuiLIElbdpRg+uGQaM/AwOrfDO/7DbV 2Gjm1IlWPWu5VMjJhs1ZvOYltjgH2eOPS+A7c6gGoR6unTqAJRVCIDNbBgrRV5xMUk9N4r uxBEve74H3S9kwFfgiaNyMYAHPpH/y0eHqF/pvQg2vUOp6cq/OhjHGg9EArfFE8VzvjOHO DAReQ5b3auwOCXMfaJZe7JzcNnERxM8i/mS4vLj5MLWtmBiEgITfOUaJTiVqWQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697655740; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=IyOVQmJSUmvZtMMWmuGFhwDaXIUdgqR9Eoh6uYBRskE=; b=LytduCJhj5pm4ubKBqhoSlkke4BFq+PrphQquoTjEA4J0Oe5lAwXFNLbImBvYiNZSnKp9E 2w331kTbzmlE61b9s3aYQZPuOQFwfTcgpfsWUdf3u+4R61SaQBhiHRWdKxSFSBtamd6J4d qTKcs4CE6MxvuEj77eYj6gLHx22Y9nACXc+1XoaMjaoOwHAfUM8/X+Obx3qNgef99SLuoU tGSwDwSzIsdO844VUF/4G91NHZjjdwEJkTW++/dFg5rxZ6PaDeYUYiweUzlS5r37rRtg0m Ivu2nO6duO5aaxBoMMzG0JwLdNEOhLVJAC1aUh9m256s6EJLGoUeSjPApL+r3Q== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4S9gFm0w7mz44X for ; Wed, 18 Oct 2023 19:02:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 39IJ2KXD055447 for ; Wed, 18 Oct 2023 19:02:20 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 39IJ2K6f055443 for jail@FreeBSD.org; Wed, 18 Oct 2023 19:02:20 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 272092] The 'see_jail_proc' security policy still allows signaling and debugging sub-jails' processes Date: Wed, 18 Oct 2023 19:02:20 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: olivier.freebsd@free.fr X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: resolution bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272092 Olivier Certner changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|Open |Closed --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Oct 20 00:03:40 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SBPv20hkMz4y2bP for ; Fri, 20 Oct 2023 00:03:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SBPv14nQ0z4dQM for ; Fri, 20 Oct 2023 00:03:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697760221; a=rsa-sha256; cv=none; b=wraqrYNfkny9zJAy21aYl2RoWtbHL9uYDQmrVNheLGIU2bVl3QArOdPXM/9a4ef/tynuQG XX82Nw4fQIX5AM8vbGovgYLeM1u6ECtx04EsyJ17Bp02RqbfEi79AFUlYdFpWRHoVT7elg XxjXVEx1Nj/3FVeP7Y8ZA9vRrmDvvZyEY94simtQcCnrVfNeWr+Jf5L39XGyrnpEpgEsIn +Y3FQAKVveW0D6gBASwVSRrLfKGW/jcPIaCYy0AmOgGZac8Vh5Xnr4xe9/ed+FGO54cZGi yfOvsVS6BPjL/Ku4EXzTWpZFf6lpkw7zT98rZimyFn6iGWWkvT8ABbwHNJXqZA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697760221; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yklbfH3/vgjQnU814UPa9CfazQkimCJ5v8yjbzAuDWw=; b=fyoy9P9Wgnbqtu3VhAlzm5/RpPin1e37WNokcUrmEsmW/K2VlDiacSVOEM16J/ltY1hTaH /8FAeCvWZQRZNmvvaImmfso2THPfjmpgtniYIFLvz3eXEvC0YDSjk/F7+MfxkGWgIlMYQ2 8Do3a8Q73ENt8ytyKi5NCY0seB/BtvbGxhQ8pm4oHnJ8F41l0IvaszKqZ2Ch4xTJQnvRGH bId9wAJ2OGBnwgtsmIFohNRaYTGSQFXFO+enlBxDx3f3cRWdtZBBQPR/OV18y9wiPA6RDO 3PSckXNVzQuVgfwfem6sUWhmSr6z1HEMQadm5L4pLV4xTf1hZSeL581+66lAfg== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SBPv12Rvkz19Wl for ; Fri, 20 Oct 2023 00:03:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 39K03fr2057647 for ; Fri, 20 Oct 2023 00:03:41 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 39K03fNg057646 for jail@FreeBSD.org; Fri, 20 Oct 2023 00:03:41 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 274568] rc.conf(5): Empty "jail_list" does not start jails defined in "/etc/jail.conf.d" Date: Fri, 20 Oct 2023 00:03:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: conf X-Bugzilla-Version: 13.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274568 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |jail@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Oct 20 11:21:14 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SBhwq0lXQz4xg2f for ; Fri, 20 Oct 2023 11:21:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SBhwp6p4lz4Y0v for ; Fri, 20 Oct 2023 11:21:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697800875; a=rsa-sha256; cv=none; b=AjD05a/PULm3BKMEyBJcp+MhOK1PBDIwFjE1gglwxtDvfDhqsqZ6/d2F9o89MAWINQE1LA Zmxp9Ln6Go2Tlf81wmuDXxtOe9OCGua+bHr0wcvV+DM1QeZsrwxEG/oZ2wG/Elr4fLWa36 WdZWxIrCrC9hP5d8kP4q5+JBadh8q5hFEqlo5HEDZ24h45pLXT0EPRM7neKMJQaBkJzY9x R8erxP0RQa6qtB2m9Z21ubjB+sZilHRvoc8FHS4HAYXN3tjUCwbPRyVUIB13orPn1yQMv9 YWovsm6OPCqh9eU+RdkuuAh3FWFQnH/0VMhH3Q7KBxtp7Df31BUT2PRAFc7gDA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697800875; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PzqcPMCCrXzeuQW/fpOYshQf8fyFmhMwyvwWUmeA9AM=; b=paYqvafjtLsUMMEXoPxRL7nK05GeIdWdEyM10AKZqS6RrLNKwoPlxus6d9NXn8RnH4WBr4 gBoYWVUjV109z/GJ5pKVi3VRiyS1y9ssHmkF5Uv/XIq3Vsoi+N0umFLBmE+au/HIZ3K9CK Xo9ke0rUXfOP047Vem1fGSobtSix6M7+l0+vFuKkSWYc8dE6wLd2/8YnGcMGX3LEFYc8iS PxxqKMwr0280eP+qkFsrsM8vhaC/kshPXBYYNaTgIHnGWohvW26aOWQr7D6YBCmryB96aq eGzSkHuO8RWVphxU1T3KQaNTPpxC84LL5TbZpLX1dKEHborGPL76vQDoAkai5A== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SBhwp5hc8zWQd for ; Fri, 20 Oct 2023 11:21:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 39KBLEDb019477 for ; Fri, 20 Oct 2023 11:21:14 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 39KBLEiJ019476 for jail@FreeBSD.org; Fri, 20 Oct 2023 11:21:14 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 274568] rc.conf(5): Empty "jail_list" does not start jails defined in "/etc/jail.conf.d" Date: Fri, 20 Oct 2023 11:21:14 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: conf X-Bugzilla-Version: 13.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: crest@rlwinm.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274568 crest@rlwinm.de changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |crest@rlwinm.de --- Comment #1 from crest@rlwinm.de --- It would be nice if it did, but an empty $jail_list just starts the jails in the global /etc/jail.conf. To have per jail jail.conf files in FreeBSD < 14= you need to list them in $jail_list. The least painful way to do this is through `sysrc jail_list+=3D$name`. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Oct 20 19:10:23 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SBvL73WQVz4y6sW for ; Fri, 20 Oct 2023 19:10:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SBvL71PK4z4FZM for ; Fri, 20 Oct 2023 19:10:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697829023; a=rsa-sha256; cv=none; b=iXOCjiqGKCxh99j2W3wnHtBI5qSqTlrVb+BvICBlCjXH73Ov5nJhM3OpEGQsNTzBbTwIYR 5dHe2t/FU8BzIEU2vWyCCMOVYNZ2EkUSDRzQ1UVHIsWdx7C++ib9pMm018YcOAf7S8dnZY ascITBNRtT7bvnKb6x8FNX1W8tIKQ2CyI7qE43iWrovKEqxrc19edox9KW/gMiUQIePKpx rjyoVushYGi6y0iW/br6GXNoJshfCuvHRNVY+MpIbR1j6pYIoCQCOadB/ldXkVVPzgcEvw eWeEjc66Hf2w58E7SExfHOgDQlSLIpkLWqyPFt8ni2dDTOXDrz6NWSZyzBbQpA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697829023; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zCvTVAiELGXu8IzZN7jYfbSqXEll4AltVxXSBcKZbik=; b=EXCi0p7RvPaCP5fPh8IVpjSyCJQhc+NbcPAe8iYWji9pPF8m552aK5rMPNHxXpseEoQjtB 7kVzmnF8tuQxSgOscFRGomQhHKEcvmPNEQIAI3jJ+g4z+Ukfv6Rzlw8CWAqxvPI4TuVFT3 Emh8oofZZ46gqnhjI1W4cnrbjAqKoOkVNg96BLq+YvWxdCUUE4lTVFiH1x88hR1IzqlZIE 8BaGrrfbUdZ0b3iyNBzjhLNLUcWQFK8ivc/T2TTgUW7z818VscPM317xFCUS6y96KZFhec YNhkHbhLFgds2thdNF2rFZQLOZ4TP7k6pchCscNKIkPLQRPnZ3IiYHkmIreGFw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SBvL70SVZzlJb for ; Fri, 20 Oct 2023 19:10:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 39KJAN4v026707 for ; Fri, 20 Oct 2023 19:10:23 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 39KJAN9d026706 for jail@FreeBSD.org; Fri, 20 Oct 2023 19:10:23 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 274568] rc.conf(5): Empty "jail_list" does not start jails defined in "/etc/jail.conf.d" Date: Fri, 20 Oct 2023 19:10:23 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: conf X-Bugzilla-Version: 13.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: markj@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274568 Mark Johnston changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jamie@FreeBSD.org, | |markj@FreeBSD.org --- Comment #2 from Mark Johnston --- Is this just a documentation bug in 13.2? What changed between 13.2 and 14= .0 such that this stopped being a problem? --=20 You are receiving this mail because: You are the assignee for the bug.=