From owner-freebsd-jail@FreeBSD.ORG Mon Feb 27 11:07:36 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AC7EC106564A for ; Mon, 27 Feb 2012 11:07:36 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 9AB028FC1A for ; Mon, 27 Feb 2012 11:07:36 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1RB7aGA090247 for ; Mon, 27 Feb 2012 11:07:36 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1RB7ZWD090244 for freebsd-jail@FreeBSD.org; Mon, 27 Feb 2012 11:07:35 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 27 Feb 2012 11:07:35 GMT Message-Id: <201202271107.q1RB7ZWD090244@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Feb 2012 11:07:36 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- p bin/161957 jail jls(8): jls -v doesn't show anything if system compile o kern/159918 jail [jail] inter-jail communication failure o kern/156111 jail [jail] procstat -b not supported in jail o misc/155765 jail [patch] `buildworld' does not honors WITHOUT_JAIL o conf/154246 jail [jail] [patch] Bad symlink created if devfs mount poin o conf/149050 jail [jail] rcorder ``nojail'' too coarse for Jail+VNET s conf/142972 jail [jail] [patch] Support JAILv2 and vnet in rc.d/jail o conf/141317 jail [patch] uncorrect jail stop in /etc/rc.d/jail o kern/133265 jail [jail] is there a solution how to run nfs client in ja o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566 jail [jail] [patch] fstat(1) according to specified jid o bin/32828 jail [jail] w(1) incorrectly handles stale utmp slots with 12 problems total. From owner-freebsd-jail@FreeBSD.ORG Tue Feb 28 01:30:34 2012 Return-Path: Delivered-To: jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1D9F4106564A; Tue, 28 Feb 2012 01:30:34 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id E5D3A8FC0C; Tue, 28 Feb 2012 01:30:33 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1S1UXs0003936; Tue, 28 Feb 2012 01:30:33 GMT (envelope-from gjb@freefall.freebsd.org) Received: (from gjb@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1S1UXug003926; Tue, 28 Feb 2012 01:30:33 GMT (envelope-from gjb) Date: Tue, 28 Feb 2012 01:30:33 GMT Message-Id: <201202280130.q1S1UXug003926@freefall.freebsd.org> To: gjb@FreeBSD.org, freebsd-bugs@FreeBSD.org, jail@FreeBSD.org From: gjb@FreeBSD.org Cc: Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2012 01:30:34 -0000 Synopsis: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail Responsible-Changed-From-To: freebsd-bugs->jail Responsible-Changed-By: gjb Responsible-Changed-When: Tue Feb 28 01:30:19 UTC 2012 Responsible-Changed-Why: Over to maintainers. http://www.freebsd.org/cgi/query-pr.cgi?pr=165515 From owner-freebsd-jail@FreeBSD.ORG Tue Feb 28 22:59:10 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E899D1065674; Tue, 28 Feb 2012 22:59:10 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [64.34.175.71]) by mx1.freebsd.org (Postfix) with ESMTP id BC4668FC14; Tue, 28 Feb 2012 22:59:10 +0000 (UTC) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by m2.gritton.org (8.14.4/8.14.4) with ESMTP id q1SMaQ7g046263; Tue, 28 Feb 2012 15:36:26 -0700 (MST) (envelope-from jamie@FreeBSD.org) Message-ID: <4F4D56E4.3090109@FreeBSD.org> Date: Tue, 28 Feb 2012 15:36:20 -0700 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:9.0) Gecko/20120126 Thunderbird/9.0 MIME-Version: 1.0 To: Glen Barber References: <201202280121.q1S1L6Sr047797@red.freebsd.org> In-Reply-To: <201202280121.q1S1L6Sr047797@red.freebsd.org> Content-Type: multipart/mixed; boundary="------------090403000502010508070509" Cc: freebsd-jail@FreeBSD.org, freebsd-gnats-submit@FreeBSD.org, Martin Matuska Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2012 22:59:11 -0000 This is a multi-part message in MIME format. --------------090403000502010508070509 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit The allow.mount parameter recently changed in a subtle way - it's now a node (to e.g. allow.mount.devfs) as well as a parameter in its own right. This confused libjail which knows how to handle such parameters as long as they're not boolean. I'm including my proposed fix to libjail. This this fix, allow.nomount should once again work, as should allow.mount and other things such as allow.quotas/allow.noquotas should work as they did before. - Jamie On 02/27/12 18:21, Glen Barber wrote: > >> Number: 165515 >> Category: bin >> Synopsis: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail >> Confidential: no >> Severity: non-critical >> Priority: low >> Responsible: freebsd-bugs >> State: open >> Quarter: >> Keywords: >> Date-Required: >> Class: sw-bug >> Submitter-Id: current-users >> Arrival-Date: Tue Feb 28 01:30:07 UTC 2012 >> Closed-Date: >> Last-Modified: >> Originator: Glen Barber >> Release: 10.0-CURRENT r232116M >> Organization: >> Environment: > FreeBSD nucleus 10.0-CURRENT FreeBSD 10.0-CURRENT #7 r232116M: Sun Feb 26 14:12:14 EST 2012 root@nucleus:/usr/obj/usr/src/sys/NUCLEUS amd64 >> Description: > On a recent -CURRENT, the jail(8) rc script fails to start jails. This seems to be caused by looking up a sysctl that does not exist. >> How-To-Repeat: > Create a minimalistic jail setup as follows: > > nucleus# cat /etc/rc.conf.local > # > jail_enable="YES" > jail_parallel_start="YES" > jail_list="cfm" > jail_cfm_hostname="cfm" > jail_cfm_rootdir="/jails/cfm" > jail_cfm_ip="172.16.1.2" > > Start the jail with the rc(8) script: > > nucleus# sh -x /etc/rc.d/jail start cfm > + . /etc/rc.subr > [...] > + eval '_x="$jail_cfm_ip_multi0"' > + _x='' > + break > + echo ' cannot start jail "cfm": ' > cannot start jail "cfm": > + tail +2 /tmp/jail.bJIDqW5x/jail.52395 > jail: unknown parameter: allow.nomount > >> Fix: > The attached patch fixes it for me. > > > Patch attached with submission follows: > > Index: usr.sbin/jail/jail.c > =================================================================== > --- usr.sbin/jail/jail.c (revision 232116) > +++ usr.sbin/jail/jail.c (working copy) > @@ -84,7 +84,7 @@ > { "security.jail.chflags_allowed", > "allow.nochflags", "allow.chflags" }, > { "security.jail.mount_allowed", > - "allow.nomount", "allow.mount" }, > + "allow.mount", "allow.nomount" }, > { "security.jail.socket_unixiproute_only", > "allow.socket_af", "allow.nosocket_af" }, > }; > > >> Release-Note: >> Audit-Trail: >> Unformatted: > _______________________________________________ > freebsd-bugs@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-bugs > To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org" --------------090403000502010508070509 Content-Type: text/plain; name="libjail.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="libjail.diff" Index: lib/libjail/jail.c =================================================================== --- lib/libjail/jail.c (revision 232240) +++ lib/libjail/jail.c (working copy) @@ -885,36 +885,20 @@ * the "no" counterpart to a boolean. */ nname = nononame(jp->jp_name); - if (nname != NULL) { - snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); - free(nname); - miblen = sizeof(mib) - 2 * sizeof(int); - if (sysctl(mib, 2, mib + 2, &miblen, desc.s, - strlen(desc.s)) >= 0) { - mib[1] = 4; - desclen = sizeof(desc); - if (sysctl(mib, (miblen / sizeof(int)) + 2, - &desc, &desclen, NULL, 0) < 0) { - snprintf(jail_errmsg, - JAIL_ERRMSGLEN, - "sysctl(0.4.%s): %s", desc.s, - strerror(errno)); - return (-1); - } - if ((desc.i & CTLTYPE) == CTLTYPE_INT && - desc.s[0] == 'B') { - jp->jp_ctltype = desc.i; - jp->jp_flags |= JP_NOBOOL; - jp->jp_valuelen = sizeof(int); - return (0); - } - } + if (nname == NULL) { + unknown_parameter: + snprintf(jail_errmsg, JAIL_ERRMSGLEN, + "unknown parameter: %s", jp->jp_name); + errno = ENOENT; + return (-1); } - unknown_parameter: - snprintf(jail_errmsg, JAIL_ERRMSGLEN, - "unknown parameter: %s", jp->jp_name); - errno = ENOENT; - return (-1); + snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); + free(nname); + miblen = sizeof(mib) - 2 * sizeof(int); + if (sysctl(mib, 2, mib + 2, &miblen, desc.s, + strlen(desc.s)) < 0) + goto unknown_parameter; + jp->jp_flags |= JP_NOBOOL; } mib_desc: mib[1] = 4; @@ -925,6 +909,16 @@ "sysctl(0.4.%s): %s", jp->jp_name, strerror(errno)); return (-1); } + jp->jp_ctltype = desc.i; + /* If this came from removing a "no", it better be a boolean. */ + if (jp->jp_flags & JP_NOBOOL) { + if ((desc.i & CTLTYPE) == CTLTYPE_INT && desc.s[0] == 'B') { + jp->jp_valuelen = sizeof(int); + return (0); + } + else if ((desc.i & CTLTYPE) != CTLTYPE_NODE) + goto unknown_parameter; + } /* See if this is an array type. */ p = strchr(desc.s, '\0'); isarray = 0; @@ -935,7 +929,6 @@ p[-2] = 0; } /* Look for types we understand. */ - jp->jp_ctltype = desc.i; switch (desc.i & CTLTYPE) { case CTLTYPE_INT: if (desc.s[0] == 'B') --------------090403000502010508070509-- From owner-freebsd-jail@FreeBSD.ORG Tue Feb 28 23:00:29 2012 Return-Path: Delivered-To: jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 20FB3106566C for ; Tue, 28 Feb 2012 23:00:29 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id ED6CE8FC12 for ; Tue, 28 Feb 2012 23:00:28 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1SN0Sju031821 for ; Tue, 28 Feb 2012 23:00:28 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1SN0SGU031817; Tue, 28 Feb 2012 23:00:28 GMT (envelope-from gnats) Date: Tue, 28 Feb 2012 23:00:28 GMT Message-Id: <201202282300.q1SN0SGU031817@freefall.freebsd.org> To: jail@FreeBSD.org From: Jamie Gritton Cc: Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Jamie Gritton List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2012 23:00:29 -0000 The following reply was made to PR bin/165515; it has been noted by GNATS. From: Jamie Gritton To: Glen Barber Cc: freebsd-gnats-submit@FreeBSD.org, freebsd-jail@FreeBSD.org, Martin Matuska Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail Date: Tue, 28 Feb 2012 15:36:20 -0700 This is a multi-part message in MIME format. --------------090403000502010508070509 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit The allow.mount parameter recently changed in a subtle way - it's now a node (to e.g. allow.mount.devfs) as well as a parameter in its own right. This confused libjail which knows how to handle such parameters as long as they're not boolean. I'm including my proposed fix to libjail. This this fix, allow.nomount should once again work, as should allow.mount and other things such as allow.quotas/allow.noquotas should work as they did before. - Jamie On 02/27/12 18:21, Glen Barber wrote: > >> Number: 165515 >> Category: bin >> Synopsis: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail >> Confidential: no >> Severity: non-critical >> Priority: low >> Responsible: freebsd-bugs >> State: open >> Quarter: >> Keywords: >> Date-Required: >> Class: sw-bug >> Submitter-Id: current-users >> Arrival-Date: Tue Feb 28 01:30:07 UTC 2012 >> Closed-Date: >> Last-Modified: >> Originator: Glen Barber >> Release: 10.0-CURRENT r232116M >> Organization: >> Environment: > FreeBSD nucleus 10.0-CURRENT FreeBSD 10.0-CURRENT #7 r232116M: Sun Feb 26 14:12:14 EST 2012 root@nucleus:/usr/obj/usr/src/sys/NUCLEUS amd64 >> Description: > On a recent -CURRENT, the jail(8) rc script fails to start jails. This seems to be caused by looking up a sysctl that does not exist. >> How-To-Repeat: > Create a minimalistic jail setup as follows: > > nucleus# cat /etc/rc.conf.local > # > jail_enable="YES" > jail_parallel_start="YES" > jail_list="cfm" > jail_cfm_hostname="cfm" > jail_cfm_rootdir="/jails/cfm" > jail_cfm_ip="172.16.1.2" > > Start the jail with the rc(8) script: > > nucleus# sh -x /etc/rc.d/jail start cfm > + . /etc/rc.subr > [...] > + eval '_x="$jail_cfm_ip_multi0"' > + _x='' > + break > + echo ' cannot start jail "cfm": ' > cannot start jail "cfm": > + tail +2 /tmp/jail.bJIDqW5x/jail.52395 > jail: unknown parameter: allow.nomount > >> Fix: > The attached patch fixes it for me. > > > Patch attached with submission follows: > > Index: usr.sbin/jail/jail.c > =================================================================== > --- usr.sbin/jail/jail.c (revision 232116) > +++ usr.sbin/jail/jail.c (working copy) > @@ -84,7 +84,7 @@ > { "security.jail.chflags_allowed", > "allow.nochflags", "allow.chflags" }, > { "security.jail.mount_allowed", > - "allow.nomount", "allow.mount" }, > + "allow.mount", "allow.nomount" }, > { "security.jail.socket_unixiproute_only", > "allow.socket_af", "allow.nosocket_af" }, > }; > > >> Release-Note: >> Audit-Trail: >> Unformatted: > _______________________________________________ > freebsd-bugs@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-bugs > To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org" --------------090403000502010508070509 Content-Type: text/plain; name="libjail.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="libjail.diff" Index: lib/libjail/jail.c =================================================================== --- lib/libjail/jail.c (revision 232240) +++ lib/libjail/jail.c (working copy) @@ -885,36 +885,20 @@ * the "no" counterpart to a boolean. */ nname = nononame(jp->jp_name); - if (nname != NULL) { - snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); - free(nname); - miblen = sizeof(mib) - 2 * sizeof(int); - if (sysctl(mib, 2, mib + 2, &miblen, desc.s, - strlen(desc.s)) >= 0) { - mib[1] = 4; - desclen = sizeof(desc); - if (sysctl(mib, (miblen / sizeof(int)) + 2, - &desc, &desclen, NULL, 0) < 0) { - snprintf(jail_errmsg, - JAIL_ERRMSGLEN, - "sysctl(0.4.%s): %s", desc.s, - strerror(errno)); - return (-1); - } - if ((desc.i & CTLTYPE) == CTLTYPE_INT && - desc.s[0] == 'B') { - jp->jp_ctltype = desc.i; - jp->jp_flags |= JP_NOBOOL; - jp->jp_valuelen = sizeof(int); - return (0); - } - } + if (nname == NULL) { + unknown_parameter: + snprintf(jail_errmsg, JAIL_ERRMSGLEN, + "unknown parameter: %s", jp->jp_name); + errno = ENOENT; + return (-1); } - unknown_parameter: - snprintf(jail_errmsg, JAIL_ERRMSGLEN, - "unknown parameter: %s", jp->jp_name); - errno = ENOENT; - return (-1); + snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); + free(nname); + miblen = sizeof(mib) - 2 * sizeof(int); + if (sysctl(mib, 2, mib + 2, &miblen, desc.s, + strlen(desc.s)) < 0) + goto unknown_parameter; + jp->jp_flags |= JP_NOBOOL; } mib_desc: mib[1] = 4; @@ -925,6 +909,16 @@ "sysctl(0.4.%s): %s", jp->jp_name, strerror(errno)); return (-1); } + jp->jp_ctltype = desc.i; + /* If this came from removing a "no", it better be a boolean. */ + if (jp->jp_flags & JP_NOBOOL) { + if ((desc.i & CTLTYPE) == CTLTYPE_INT && desc.s[0] == 'B') { + jp->jp_valuelen = sizeof(int); + return (0); + } + else if ((desc.i & CTLTYPE) != CTLTYPE_NODE) + goto unknown_parameter; + } /* See if this is an array type. */ p = strchr(desc.s, '\0'); isarray = 0; @@ -935,7 +929,6 @@ p[-2] = 0; } /* Look for types we understand. */ - jp->jp_ctltype = desc.i; switch (desc.i & CTLTYPE) { case CTLTYPE_INT: if (desc.s[0] == 'B') --------------090403000502010508070509-- From owner-freebsd-jail@FreeBSD.ORG Tue Feb 28 23:07:15 2012 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E6A91106566B; Tue, 28 Feb 2012 23:07:15 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id BE5928FC08; Tue, 28 Feb 2012 23:07:15 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1SN7F7Z040619; Tue, 28 Feb 2012 23:07:15 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1SN7Fcd040615; Tue, 28 Feb 2012 23:07:15 GMT (envelope-from linimon) Date: Tue, 28 Feb 2012 23:07:15 GMT Message-Id: <201202282307.q1SN7Fcd040615@freefall.freebsd.org> To: linimon@FreeBSD.org, jail@FreeBSD.org, freebsd-jail@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2012 23:07:16 -0000 Synopsis: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail Responsible-Changed-From-To: jail->freebsd-jail Responsible-Changed-By: linimon Responsible-Changed-When: Tue Feb 28 23:06:49 UTC 2012 Responsible-Changed-Why: Canonicalize assignment. http://www.freebsd.org/cgi/query-pr.cgi?pr=165515 From owner-freebsd-jail@FreeBSD.ORG Tue Feb 28 23:07:15 2012 Return-Path: Delivered-To: jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E6A91106566B; Tue, 28 Feb 2012 23:07:15 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id BE5928FC08; Tue, 28 Feb 2012 23:07:15 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1SN7F7Z040619; Tue, 28 Feb 2012 23:07:15 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1SN7Fcd040615; Tue, 28 Feb 2012 23:07:15 GMT (envelope-from linimon) Date: Tue, 28 Feb 2012 23:07:15 GMT Message-Id: <201202282307.q1SN7Fcd040615@freefall.freebsd.org> To: linimon@FreeBSD.org, jail@FreeBSD.org, freebsd-jail@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2012 23:07:16 -0000 Synopsis: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail Responsible-Changed-From-To: jail->freebsd-jail Responsible-Changed-By: linimon Responsible-Changed-When: Tue Feb 28 23:06:49 UTC 2012 Responsible-Changed-Why: Canonicalize assignment. http://www.freebsd.org/cgi/query-pr.cgi?pr=165515 From owner-freebsd-jail@FreeBSD.ORG Wed Feb 29 00:28:44 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 15FEB1065674 for ; Wed, 29 Feb 2012 00:28:44 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from glenbarber.us (onyx.glenbarber.us [199.48.134.227]) by mx1.freebsd.org (Postfix) with SMTP id D04448FC1C for ; Wed, 29 Feb 2012 00:28:43 +0000 (UTC) Received: (qmail 19970 invoked by uid 0); 28 Feb 2012 19:02:02 -0500 Received: from unknown (HELO glenbarber.us) (75.146.225.65) by 0 with SMTP; 28 Feb 2012 19:02:02 -0500 Date: Tue, 28 Feb 2012 19:02:00 -0500 From: Glen Barber To: Jamie Gritton Message-ID: <20120229000200.GB2326@glenbarber.us> References: <201202280121.q1S1L6Sr047797@red.freebsd.org> <4F4D56E4.3090109@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="IiVenqGWf+H9Y6IX" Content-Disposition: inline In-Reply-To: <4F4D56E4.3090109@FreeBSD.org> X-Operating-System: FreeBSD 10.0-CURRENT amd64 User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-jail@FreeBSD.org, freebsd-gnats-submit@FreeBSD.org, Martin Matuska Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 00:28:44 -0000 --IiVenqGWf+H9Y6IX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Jamie, This patch fixes the problem for me. Thank you! Glen On Tue, Feb 28, 2012 at 03:36:20PM -0700, Jamie Gritton wrote: > The allow.mount parameter recently changed in a subtle way - it's now > a node (to e.g. allow.mount.devfs) as well as a parameter in its own > right. This confused libjail which knows how to handle such parameters > as long as they're not boolean. >=20 > I'm including my proposed fix to libjail. This this fix, allow.nomount > should once again work, as should allow.mount and other things such as > allow.quotas/allow.noquotas should work as they did before. >=20 > - Jamie >=20 >=20 > On 02/27/12 18:21, Glen Barber wrote: > > > >> Number: 165515 > >> Category: bin > >> Synopsis: [jail][patch] "jail: unknown parameter: allow.nomount"= when starting jail > >> Confidential: no > >> Severity: non-critical > >> Priority: low > >> Responsible: freebsd-bugs > >> State: open > >> Quarter: > >> Keywords: > >> Date-Required: > >> Class: sw-bug > >> Submitter-Id: current-users > >> Arrival-Date: Tue Feb 28 01:30:07 UTC 2012 > >> Closed-Date: > >> Last-Modified: > >> Originator: Glen Barber > >> Release: 10.0-CURRENT r232116M > >> Organization: > >> Environment: > > FreeBSD nucleus 10.0-CURRENT FreeBSD 10.0-CURRENT #7 r232116M: Sun Feb = 26 14:12:14 EST 2012 root@nucleus:/usr/obj/usr/src/sys/NUCLEUS amd64 > >> Description: > > On a recent -CURRENT, the jail(8) rc script fails to start jails. This= seems to be caused by looking up a sysctl that does not exist. > >> How-To-Repeat: > > Create a minimalistic jail setup as follows: > > > > nucleus# cat /etc/rc.conf.local > > # > > jail_enable=3D"YES" > > jail_parallel_start=3D"YES" > > jail_list=3D"cfm" > > jail_cfm_hostname=3D"cfm" > > jail_cfm_rootdir=3D"/jails/cfm" > > jail_cfm_ip=3D"172.16.1.2" > > > > Start the jail with the rc(8) script: > > > > nucleus# sh -x /etc/rc.d/jail start cfm > > + . /etc/rc.subr > > [...] > > + eval '_x=3D"$jail_cfm_ip_multi0"' > > + _x=3D'' > > + break > > + echo ' cannot start jail "cfm": ' > > cannot start jail "cfm": > > + tail +2 /tmp/jail.bJIDqW5x/jail.52395 > > jail: unknown parameter: allow.nomount > > > >> Fix: > > The attached patch fixes it for me. > > > > > > Patch attached with submission follows: > > > > Index: usr.sbin/jail/jail.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- usr.sbin/jail/jail.c (revision 232116) > > +++ usr.sbin/jail/jail.c (working copy) > > @@ -84,7 +84,7 @@ > > { "security.jail.chflags_allowed", > > "allow.nochflags", "allow.chflags" }, > > { "security.jail.mount_allowed", > > - "allow.nomount", "allow.mount" }, > > + "allow.mount", "allow.nomount" }, > > { "security.jail.socket_unixiproute_only", > > "allow.socket_af", "allow.nosocket_af" }, > > }; > > > > > >> Release-Note: > >> Audit-Trail: > >> Unformatted: > > _______________________________________________ > > freebsd-bugs@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-bugs > > To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org" > Index: lib/libjail/jail.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > --- lib/libjail/jail.c (revision 232240) > +++ lib/libjail/jail.c (working copy) > @@ -885,36 +885,20 @@ > * the "no" counterpart to a boolean. > */ > nname =3D nononame(jp->jp_name); > - if (nname !=3D NULL) { > - snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); > - free(nname); > - miblen =3D sizeof(mib) - 2 * sizeof(int); > - if (sysctl(mib, 2, mib + 2, &miblen, desc.s, > - strlen(desc.s)) >=3D 0) { > - mib[1] =3D 4; > - desclen =3D sizeof(desc); > - if (sysctl(mib, (miblen / sizeof(int)) + 2, > - &desc, &desclen, NULL, 0) < 0) { > - snprintf(jail_errmsg, > - JAIL_ERRMSGLEN, > - "sysctl(0.4.%s): %s", desc.s, > - strerror(errno)); > - return (-1); > - } > - if ((desc.i & CTLTYPE) =3D=3D CTLTYPE_INT && > - desc.s[0] =3D=3D 'B') { > - jp->jp_ctltype =3D desc.i; > - jp->jp_flags |=3D JP_NOBOOL; > - jp->jp_valuelen =3D sizeof(int); > - return (0); > - } > - } > + if (nname =3D=3D NULL) { > + unknown_parameter: > + snprintf(jail_errmsg, JAIL_ERRMSGLEN, > + "unknown parameter: %s", jp->jp_name); > + errno =3D ENOENT; > + return (-1); > } > - unknown_parameter: > - snprintf(jail_errmsg, JAIL_ERRMSGLEN, > - "unknown parameter: %s", jp->jp_name); > - errno =3D ENOENT; > - return (-1); > + snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); > + free(nname); > + miblen =3D sizeof(mib) - 2 * sizeof(int); > + if (sysctl(mib, 2, mib + 2, &miblen, desc.s, > + strlen(desc.s)) < 0) > + goto unknown_parameter; > + jp->jp_flags |=3D JP_NOBOOL; > } > mib_desc: > mib[1] =3D 4; > @@ -925,6 +909,16 @@ > "sysctl(0.4.%s): %s", jp->jp_name, strerror(errno)); > return (-1); > } > + jp->jp_ctltype =3D desc.i; > + /* If this came from removing a "no", it better be a boolean. */ > + if (jp->jp_flags & JP_NOBOOL) { > + if ((desc.i & CTLTYPE) =3D=3D CTLTYPE_INT && desc.s[0] =3D=3D 'B') { > + jp->jp_valuelen =3D sizeof(int); > + return (0); > + } > + else if ((desc.i & CTLTYPE) !=3D CTLTYPE_NODE) > + goto unknown_parameter; > + } > /* See if this is an array type. */ > p =3D strchr(desc.s, '\0'); > isarray =3D 0; > @@ -935,7 +929,6 @@ > p[-2] =3D 0; > } > /* Look for types we understand. */ > - jp->jp_ctltype =3D desc.i; > switch (desc.i & CTLTYPE) { > case CTLTYPE_INT: > if (desc.s[0] =3D=3D 'B') --IiVenqGWf+H9Y6IX Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iQEbBAEBCAAGBQJPTWr4AAoJEFJPDDeguUajSWMH+JsG24+/5+lbw1oxGb3q+u88 0CZrNSb5vazYquo0BprTyKn7CvkOpK8DiAtShF3tt+bnoZdbeGdxlr1Juyh8xX1q BhXsWZ/4/fEjSvEXwrYCiKh9xGyQUcF9baoEBfmkTa+zVptYEMZR7Rwuza821Kp9 b4LakIqpOVJUmC5f3xSBi+owxyPyPAP8BwaIV0uJv8tXzBxODDpw4ZAJtkS4O+uq K10Oue9oLQxFQZEAUiX9rMxVltvcUZdwMRNVcsv2dOl0Q24kWaHzlM8YhXQmWBp0 Y+JJV2550QkYMRWiL/bgdTdpmr68+Tw5J9epz/HndAxnSaG57KMsxLAsRF1O6A== =840n -----END PGP SIGNATURE----- --IiVenqGWf+H9Y6IX-- From owner-freebsd-jail@FreeBSD.ORG Wed Feb 29 00:30:17 2012 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7F67D106564A for ; Wed, 29 Feb 2012 00:30:17 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 6D9088FC17 for ; Wed, 29 Feb 2012 00:30:17 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1T0UHsi018230 for ; Wed, 29 Feb 2012 00:30:17 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1T0UHbB018229; Wed, 29 Feb 2012 00:30:17 GMT (envelope-from gnats) Date: Wed, 29 Feb 2012 00:30:17 GMT Message-Id: <201202290030.q1T0UHbB018229@freefall.freebsd.org> To: freebsd-jail@FreeBSD.org From: Glen Barber Cc: Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Glen Barber List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 00:30:17 -0000 The following reply was made to PR bin/165515; it has been noted by GNATS. From: Glen Barber To: Jamie Gritton Cc: freebsd-gnats-submit@FreeBSD.org, freebsd-jail@FreeBSD.org, Martin Matuska Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail Date: Tue, 28 Feb 2012 19:02:00 -0500 --IiVenqGWf+H9Y6IX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Jamie, This patch fixes the problem for me. Thank you! Glen On Tue, Feb 28, 2012 at 03:36:20PM -0700, Jamie Gritton wrote: > The allow.mount parameter recently changed in a subtle way - it's now > a node (to e.g. allow.mount.devfs) as well as a parameter in its own > right. This confused libjail which knows how to handle such parameters > as long as they're not boolean. >=20 > I'm including my proposed fix to libjail. This this fix, allow.nomount > should once again work, as should allow.mount and other things such as > allow.quotas/allow.noquotas should work as they did before. >=20 > - Jamie >=20 >=20 > On 02/27/12 18:21, Glen Barber wrote: > > > >> Number: 165515 > >> Category: bin > >> Synopsis: [jail][patch] "jail: unknown parameter: allow.nomount"= when starting jail > >> Confidential: no > >> Severity: non-critical > >> Priority: low > >> Responsible: freebsd-bugs > >> State: open > >> Quarter: > >> Keywords: > >> Date-Required: > >> Class: sw-bug > >> Submitter-Id: current-users > >> Arrival-Date: Tue Feb 28 01:30:07 UTC 2012 > >> Closed-Date: > >> Last-Modified: > >> Originator: Glen Barber > >> Release: 10.0-CURRENT r232116M > >> Organization: > >> Environment: > > FreeBSD nucleus 10.0-CURRENT FreeBSD 10.0-CURRENT #7 r232116M: Sun Feb = 26 14:12:14 EST 2012 root@nucleus:/usr/obj/usr/src/sys/NUCLEUS amd64 > >> Description: > > On a recent -CURRENT, the jail(8) rc script fails to start jails. This= seems to be caused by looking up a sysctl that does not exist. > >> How-To-Repeat: > > Create a minimalistic jail setup as follows: > > > > nucleus# cat /etc/rc.conf.local > > # > > jail_enable=3D"YES" > > jail_parallel_start=3D"YES" > > jail_list=3D"cfm" > > jail_cfm_hostname=3D"cfm" > > jail_cfm_rootdir=3D"/jails/cfm" > > jail_cfm_ip=3D"172.16.1.2" > > > > Start the jail with the rc(8) script: > > > > nucleus# sh -x /etc/rc.d/jail start cfm > > + . /etc/rc.subr > > [...] > > + eval '_x=3D"$jail_cfm_ip_multi0"' > > + _x=3D'' > > + break > > + echo ' cannot start jail "cfm": ' > > cannot start jail "cfm": > > + tail +2 /tmp/jail.bJIDqW5x/jail.52395 > > jail: unknown parameter: allow.nomount > > > >> Fix: > > The attached patch fixes it for me. > > > > > > Patch attached with submission follows: > > > > Index: usr.sbin/jail/jail.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- usr.sbin/jail/jail.c (revision 232116) > > +++ usr.sbin/jail/jail.c (working copy) > > @@ -84,7 +84,7 @@ > > { "security.jail.chflags_allowed", > > "allow.nochflags", "allow.chflags" }, > > { "security.jail.mount_allowed", > > - "allow.nomount", "allow.mount" }, > > + "allow.mount", "allow.nomount" }, > > { "security.jail.socket_unixiproute_only", > > "allow.socket_af", "allow.nosocket_af" }, > > }; > > > > > >> Release-Note: > >> Audit-Trail: > >> Unformatted: > > _______________________________________________ > > freebsd-bugs@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-bugs > > To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org" > Index: lib/libjail/jail.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > --- lib/libjail/jail.c (revision 232240) > +++ lib/libjail/jail.c (working copy) > @@ -885,36 +885,20 @@ > * the "no" counterpart to a boolean. > */ > nname =3D nononame(jp->jp_name); > - if (nname !=3D NULL) { > - snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); > - free(nname); > - miblen =3D sizeof(mib) - 2 * sizeof(int); > - if (sysctl(mib, 2, mib + 2, &miblen, desc.s, > - strlen(desc.s)) >=3D 0) { > - mib[1] =3D 4; > - desclen =3D sizeof(desc); > - if (sysctl(mib, (miblen / sizeof(int)) + 2, > - &desc, &desclen, NULL, 0) < 0) { > - snprintf(jail_errmsg, > - JAIL_ERRMSGLEN, > - "sysctl(0.4.%s): %s", desc.s, > - strerror(errno)); > - return (-1); > - } > - if ((desc.i & CTLTYPE) =3D=3D CTLTYPE_INT && > - desc.s[0] =3D=3D 'B') { > - jp->jp_ctltype =3D desc.i; > - jp->jp_flags |=3D JP_NOBOOL; > - jp->jp_valuelen =3D sizeof(int); > - return (0); > - } > - } > + if (nname =3D=3D NULL) { > + unknown_parameter: > + snprintf(jail_errmsg, JAIL_ERRMSGLEN, > + "unknown parameter: %s", jp->jp_name); > + errno =3D ENOENT; > + return (-1); > } > - unknown_parameter: > - snprintf(jail_errmsg, JAIL_ERRMSGLEN, > - "unknown parameter: %s", jp->jp_name); > - errno =3D ENOENT; > - return (-1); > + snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); > + free(nname); > + miblen =3D sizeof(mib) - 2 * sizeof(int); > + if (sysctl(mib, 2, mib + 2, &miblen, desc.s, > + strlen(desc.s)) < 0) > + goto unknown_parameter; > + jp->jp_flags |=3D JP_NOBOOL; > } > mib_desc: > mib[1] =3D 4; > @@ -925,6 +909,16 @@ > "sysctl(0.4.%s): %s", jp->jp_name, strerror(errno)); > return (-1); > } > + jp->jp_ctltype =3D desc.i; > + /* If this came from removing a "no", it better be a boolean. */ > + if (jp->jp_flags & JP_NOBOOL) { > + if ((desc.i & CTLTYPE) =3D=3D CTLTYPE_INT && desc.s[0] =3D=3D 'B') { > + jp->jp_valuelen =3D sizeof(int); > + return (0); > + } > + else if ((desc.i & CTLTYPE) !=3D CTLTYPE_NODE) > + goto unknown_parameter; > + } > /* See if this is an array type. */ > p =3D strchr(desc.s, '\0'); > isarray =3D 0; > @@ -935,7 +929,6 @@ > p[-2] =3D 0; > } > /* Look for types we understand. */ > - jp->jp_ctltype =3D desc.i; > switch (desc.i & CTLTYPE) { > case CTLTYPE_INT: > if (desc.s[0] =3D=3D 'B') --IiVenqGWf+H9Y6IX Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iQEbBAEBCAAGBQJPTWr4AAoJEFJPDDeguUajSWMH+JsG24+/5+lbw1oxGb3q+u88 0CZrNSb5vazYquo0BprTyKn7CvkOpK8DiAtShF3tt+bnoZdbeGdxlr1Juyh8xX1q BhXsWZ/4/fEjSvEXwrYCiKh9xGyQUcF9baoEBfmkTa+zVptYEMZR7Rwuza821Kp9 b4LakIqpOVJUmC5f3xSBi+owxyPyPAP8BwaIV0uJv8tXzBxODDpw4ZAJtkS4O+uq K10Oue9oLQxFQZEAUiX9rMxVltvcUZdwMRNVcsv2dOl0Q24kWaHzlM8YhXQmWBp0 Y+JJV2550QkYMRWiL/bgdTdpmr68+Tw5J9epz/HndAxnSaG57KMsxLAsRF1O6A== =840n -----END PGP SIGNATURE----- --IiVenqGWf+H9Y6IX-- From owner-freebsd-jail@FreeBSD.ORG Wed Feb 29 00:30:49 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7F94B1065675; Wed, 29 Feb 2012 00:30:49 +0000 (UTC) (envelope-from mm@FreeBSD.org) Received: from mail.vx.sk (mail.vx.sk [IPv6:2a01:4f8:150:6101::4]) by mx1.freebsd.org (Postfix) with ESMTP id 1776C8FC21; Wed, 29 Feb 2012 00:30:49 +0000 (UTC) Received: from core2.vx.sk (localhost [127.0.0.2]) by mail.vx.sk (Postfix) with ESMTP id 0E8851F856; Wed, 29 Feb 2012 01:30:47 +0100 (CET) X-Virus-Scanned: amavisd-new at mail.vx.sk Received: from mail.vx.sk by core2.vx.sk (amavisd-new, unix socket) with LMTP id QAlum9HNosZA; Wed, 29 Feb 2012 01:30:39 +0100 (CET) Received: from [10.9.8.1] (188-167-78-15.dynamic.chello.sk [188.167.78.15]) by mail.vx.sk (Postfix) with ESMTPSA id 6222C1F84B; Wed, 29 Feb 2012 01:30:39 +0100 (CET) Message-ID: <4F4D71B1.2040509@FreeBSD.org> Date: Wed, 29 Feb 2012 01:30:41 +0100 From: Martin Matuska User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 To: Jamie Gritton References: <201202280121.q1S1L6Sr047797@red.freebsd.org> <4F4D56E4.3090109@FreeBSD.org> In-Reply-To: <4F4D56E4.3090109@FreeBSD.org> X-Enigmail-Version: 1.3.5 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Glen Barber , freebsd-gnats-submit@FreeBSD.org, freebsd-jail@FreeBSD.org Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 00:30:49 -0000 On 28.2.2012 23:36, Jamie Gritton wrote: > The allow.mount parameter recently changed in a subtle way - it's now > a node (to e.g. allow.mount.devfs) as well as a parameter in its own > right. This confused libjail which knows how to handle such parameters > as long as they're not boolean. > > I'm including my proposed fix to libjail. This this fix, allow.nomount > should once again work, as should allow.mount and other things such as > allow.quotas/allow.noquotas should work as they did before. > > - Jamie Thanks. I might MFC this together with all the other new jail stuff to 9-STABLE in a week or so. Or do we need more testing? For 8-STABLE, all of this is a no-op, because the prerequisites for all these changes date back to the VOP_VPTOCNP(9) change by kib. -- Martin Matuska FreeBSD committer http://blog.vx.sk From owner-freebsd-jail@FreeBSD.ORG Wed Feb 29 00:40:14 2012 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 114CF106566B for ; Wed, 29 Feb 2012 00:40:14 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 0006A8FC0A for ; Wed, 29 Feb 2012 00:40:13 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1T0eDNU029367 for ; Wed, 29 Feb 2012 00:40:13 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1T0eDWu029366; Wed, 29 Feb 2012 00:40:13 GMT (envelope-from gnats) Date: Wed, 29 Feb 2012 00:40:13 GMT Message-Id: <201202290040.q1T0eDWu029366@freefall.freebsd.org> To: freebsd-jail@FreeBSD.org From: Martin Matuska Cc: Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Martin Matuska List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 00:40:14 -0000 The following reply was made to PR bin/165515; it has been noted by GNATS. From: Martin Matuska To: Jamie Gritton Cc: Glen Barber , freebsd-gnats-submit@FreeBSD.org, freebsd-jail@FreeBSD.org Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail Date: Wed, 29 Feb 2012 01:30:41 +0100 On 28.2.2012 23:36, Jamie Gritton wrote: > The allow.mount parameter recently changed in a subtle way - it's now > a node (to e.g. allow.mount.devfs) as well as a parameter in its own > right. This confused libjail which knows how to handle such parameters > as long as they're not boolean. > > I'm including my proposed fix to libjail. This this fix, allow.nomount > should once again work, as should allow.mount and other things such as > allow.quotas/allow.noquotas should work as they did before. > > - Jamie Thanks. I might MFC this together with all the other new jail stuff to 9-STABLE in a week or so. Or do we need more testing? For 8-STABLE, all of this is a no-op, because the prerequisites for all these changes date back to the VOP_VPTOCNP(9) change by kib. -- Martin Matuska FreeBSD committer http://blog.vx.sk From owner-freebsd-jail@FreeBSD.ORG Wed Feb 29 05:56:42 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5B06A10656A8; Wed, 29 Feb 2012 05:56:42 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [64.34.175.71]) by mx1.freebsd.org (Postfix) with ESMTP id 0FCA48FC18; Wed, 29 Feb 2012 05:56:41 +0000 (UTC) Received: from glorfindel.gritton.org (c-174-52-130-208.hsd1.ut.comcast.net [174.52.130.208]) (authenticated bits=0) by m2.gritton.org (8.14.4/8.14.4) with ESMTP id q1T5ueXE050117; Tue, 28 Feb 2012 22:56:40 -0700 (MST) (envelope-from jamie@FreeBSD.org) Message-ID: <4F4DBE16.8060207@FreeBSD.org> Date: Tue, 28 Feb 2012 22:56:38 -0700 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.24) Gecko/20120129 Thunderbird/3.1.16 MIME-Version: 1.0 To: Martin Matuska References: <201202280121.q1S1L6Sr047797@red.freebsd.org> <4F4D56E4.3090109@FreeBSD.org> <4F4D71B1.2040509@FreeBSD.org> In-Reply-To: <4F4D71B1.2040509@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Glen Barber , freebsd-gnats-submit@FreeBSD.org, freebsd-jail@FreeBSD.org Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 05:56:42 -0000 On 02/28/12 17:30, Martin Matuska wrote: > On 28.2.2012 23:36, Jamie Gritton wrote: >> The allow.mount parameter recently changed in a subtle way - it's now >> a node (to e.g. allow.mount.devfs) as well as a parameter in its own >> right. This confused libjail which knows how to handle such parameters >> as long as they're not boolean. >> >> I'm including my proposed fix to libjail. This this fix, allow.nomount >> should once again work, as should allow.mount and other things such as >> allow.quotas/allow.noquotas should work as they did before. >> >> - Jamie > > Thanks. I might MFC this together with all the other new jail stuff to > 9-STABLE in a week or so. > Or do we need more testing? > > For 8-STABLE, all of this is a no-op, because the prerequisites for all > these changes date back to the VOP_VPTOCNP(9) change by kib. I've checked that the expected parameters get past the gauntlet, and that some things that look like them don't (such as host.nohostname). What I haven't checked, and should be done before I commit - since you've got it all set up, could you see if these do as you expect? allow.mount allow.nomount allow.mount.devfs allow.mount.nodevfs allow.chflags allow.nochflags That covers the newly fixed allow.mount, one of your new per-FS allows, and an existing allow that should work as it did before. Those (except the last) are all the kind of thing you've been testing anyway so it shouldn't be too much of an imposition :-). Beyond that, I don't see the need for 9-specific testing since it has the exact same libjail code. - Jamie From owner-freebsd-jail@FreeBSD.ORG Wed Feb 29 06:00:34 2012 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B28C106566B for ; Wed, 29 Feb 2012 06:00:34 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 757668FC08 for ; Wed, 29 Feb 2012 06:00:34 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1T60Ylr025107 for ; Wed, 29 Feb 2012 06:00:34 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1T60YF8025106; Wed, 29 Feb 2012 06:00:34 GMT (envelope-from gnats) Date: Wed, 29 Feb 2012 06:00:34 GMT Message-Id: <201202290600.q1T60YF8025106@freefall.freebsd.org> To: freebsd-jail@FreeBSD.org From: Jamie Gritton Cc: Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Jamie Gritton List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 06:00:34 -0000 The following reply was made to PR bin/165515; it has been noted by GNATS. From: Jamie Gritton To: Martin Matuska Cc: Glen Barber , freebsd-gnats-submit@FreeBSD.org, freebsd-jail@FreeBSD.org Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail Date: Tue, 28 Feb 2012 22:56:38 -0700 On 02/28/12 17:30, Martin Matuska wrote: > On 28.2.2012 23:36, Jamie Gritton wrote: >> The allow.mount parameter recently changed in a subtle way - it's now >> a node (to e.g. allow.mount.devfs) as well as a parameter in its own >> right. This confused libjail which knows how to handle such parameters >> as long as they're not boolean. >> >> I'm including my proposed fix to libjail. This this fix, allow.nomount >> should once again work, as should allow.mount and other things such as >> allow.quotas/allow.noquotas should work as they did before. >> >> - Jamie > > Thanks. I might MFC this together with all the other new jail stuff to > 9-STABLE in a week or so. > Or do we need more testing? > > For 8-STABLE, all of this is a no-op, because the prerequisites for all > these changes date back to the VOP_VPTOCNP(9) change by kib. I've checked that the expected parameters get past the gauntlet, and that some things that look like them don't (such as host.nohostname). What I haven't checked, and should be done before I commit - since you've got it all set up, could you see if these do as you expect? allow.mount allow.nomount allow.mount.devfs allow.mount.nodevfs allow.chflags allow.nochflags That covers the newly fixed allow.mount, one of your new per-FS allows, and an existing allow that should work as it did before. Those (except the last) are all the kind of thing you've been testing anyway so it shouldn't be too much of an imposition :-). Beyond that, I don't see the need for 9-specific testing since it has the exact same libjail code. - Jamie From owner-freebsd-jail@FreeBSD.ORG Thu Mar 1 15:10:13 2012 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AD030106564A for ; Thu, 1 Mar 2012 15:10:13 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 8F1758FC1C for ; Thu, 1 Mar 2012 15:10:13 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q21FADOF037986 for ; Thu, 1 Mar 2012 15:10:13 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q21FADCX037985; Thu, 1 Mar 2012 15:10:13 GMT (envelope-from gnats) Date: Thu, 1 Mar 2012 15:10:13 GMT Message-Id: <201203011510.q21FADCX037985@freefall.freebsd.org> To: freebsd-jail@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: bin/165515: commit references a PR X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Mar 2012 15:10:13 -0000 The following reply was made to PR bin/165515; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: bin/165515: commit references a PR Date: Thu, 1 Mar 2012 15:09:54 +0000 (UTC) Author: jamie Date: Thu Mar 1 15:09:41 2012 New Revision: 232342 URL: http://svn.freebsd.org/changeset/base/232342 Log: Handle the case where a boolean parameter is also a node. PR: bin/165515 MFC after: 2 weeks Modified: head/lib/libjail/jail.c Modified: head/lib/libjail/jail.c ============================================================================== --- head/lib/libjail/jail.c Thu Mar 1 15:08:58 2012 (r232341) +++ head/lib/libjail/jail.c Thu Mar 1 15:09:41 2012 (r232342) @@ -885,36 +885,20 @@ jailparam_type(struct jailparam *jp) * the "no" counterpart to a boolean. */ nname = nononame(jp->jp_name); - if (nname != NULL) { - snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); - free(nname); - miblen = sizeof(mib) - 2 * sizeof(int); - if (sysctl(mib, 2, mib + 2, &miblen, desc.s, - strlen(desc.s)) >= 0) { - mib[1] = 4; - desclen = sizeof(desc); - if (sysctl(mib, (miblen / sizeof(int)) + 2, - &desc, &desclen, NULL, 0) < 0) { - snprintf(jail_errmsg, - JAIL_ERRMSGLEN, - "sysctl(0.4.%s): %s", desc.s, - strerror(errno)); - return (-1); - } - if ((desc.i & CTLTYPE) == CTLTYPE_INT && - desc.s[0] == 'B') { - jp->jp_ctltype = desc.i; - jp->jp_flags |= JP_NOBOOL; - jp->jp_valuelen = sizeof(int); - return (0); - } - } + if (nname == NULL) { + unknown_parameter: + snprintf(jail_errmsg, JAIL_ERRMSGLEN, + "unknown parameter: %s", jp->jp_name); + errno = ENOENT; + return (-1); } - unknown_parameter: - snprintf(jail_errmsg, JAIL_ERRMSGLEN, - "unknown parameter: %s", jp->jp_name); - errno = ENOENT; - return (-1); + snprintf(desc.s, sizeof(desc.s), SJPARAM ".%s", nname); + free(nname); + miblen = sizeof(mib) - 2 * sizeof(int); + if (sysctl(mib, 2, mib + 2, &miblen, desc.s, + strlen(desc.s)) < 0) + goto unknown_parameter; + jp->jp_flags |= JP_NOBOOL; } mib_desc: mib[1] = 4; @@ -925,6 +909,16 @@ jailparam_type(struct jailparam *jp) "sysctl(0.4.%s): %s", jp->jp_name, strerror(errno)); return (-1); } + jp->jp_ctltype = desc.i; + /* If this came from removing a "no", it better be a boolean. */ + if (jp->jp_flags & JP_NOBOOL) { + if ((desc.i & CTLTYPE) == CTLTYPE_INT && desc.s[0] == 'B') { + jp->jp_valuelen = sizeof(int); + return (0); + } + else if ((desc.i & CTLTYPE) != CTLTYPE_NODE) + goto unknown_parameter; + } /* See if this is an array type. */ p = strchr(desc.s, '\0'); isarray = 0; @@ -935,7 +929,6 @@ jailparam_type(struct jailparam *jp) p[-2] = 0; } /* Look for types we understand. */ - jp->jp_ctltype = desc.i; switch (desc.i & CTLTYPE) { case CTLTYPE_INT: if (desc.s[0] == 'B') _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-jail@FreeBSD.ORG Thu Mar 1 15:21:35 2012 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3EC3C1065678; Thu, 1 Mar 2012 15:21:35 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 1321F8FC1A; Thu, 1 Mar 2012 15:21:35 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q21FLYg5055970; Thu, 1 Mar 2012 15:21:34 GMT (envelope-from jamie@freefall.freebsd.org) Received: (from jamie@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q21FLYAk055966; Thu, 1 Mar 2012 15:21:34 GMT (envelope-from jamie) Date: Thu, 1 Mar 2012 15:21:34 GMT Message-Id: <201203011521.q21FLYAk055966@freefall.freebsd.org> To: gjb@FreeBSD.org, jamie@FreeBSD.org, freebsd-jail@FreeBSD.org From: jamie@FreeBSD.org Cc: Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Mar 2012 15:21:35 -0000 Synopsis: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail State-Changed-From-To: open->patched State-Changed-By: jamie State-Changed-When: Thu Mar 1 15:13:29 UTC 2012 State-Changed-Why: Fixed in r232342. http://www.freebsd.org/cgi/query-pr.cgi?pr=165515