Date: Mon, 9 Oct 2017 09:25:47 +0200 From: Goran =?utf-8?B?TWVracSH?= <meka@tilda.center> To: freebsd-jail@freebsd.org Subject: VNET jail and dhclient Message-ID: <20171009072547.jauim6tlfennydf5@hal9000.meka.no-ip.org>
next in thread | raw e-mail | index | archive | help
--pqwgfraquzjyon6l Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Hello, TLDR: I can setup static IP or use dhcpcd to get address, but not dhclient. Let me elaborate. I run 12-CURRENT on my laptop and use CBSD as jail manager (I don't think it matters). # dhclient eth0 chroot exiting. This is what I found with truss: https://gist.github.com/anonymous/36a4e2bf1760198971934ff609a7d0de#file-gistfile1-txt-L227-L228. Selected lines are what I think is the problem. Offending line in the code is probably https://svnweb.freebsd.org/base/head/sbin/dhclient/dhclient.c?revision=317915&view=markup#l507. With that asumption, Oleg, CBSD author, noticed that the following "patch" works: diff -ruN dhclient.c-o dhclient.c --- dhclient.c-o 2017-10-08 13:06:59.134921000 +0300 +++ dhclient.c 2017-10-08 13:07:48.047004000 +0300 -504,8 +504,8 if (cap_rights_limit(routefd, &rights) < 0 && errno != ENOSYS) error("can't limit route socket: %m"); - if (chroot(_PATH_VAREMPTY) == -1) - error("chroot"); +// if (chroot(_PATH_VEREMPTY) == -1) +// error("chroot"); if (chdir("/") == -1) error("chdir(\"/\")"); I just assume that commenting out capsicum part of code would do the same (didn't try it) as I can create files under /var/empty and perms look normal. Does anyone have a fairly recent 12-CURRENT VNET jail running with dhclient? If yes, what jail manager, if any? Also, could you recommend the way continue from this point given I never worked with capsicum? Thank you! Regards, meka --pqwgfraquzjyon6l Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE1WIFkXy2ZeMKjjKEWj1TknovrLYFAlnbJHgACgkQWj1Tknov rLakyw//ZASGJkwh6HyTQRTY5/hSsA8s45P5WQpbxCQA7AuAPNoirz7dsK81cxvO E8IZH8xkAxGuNdwg5A8k5ImsfxPLvk0jPu1HJwbLa/DY6LOvcw3pJycDLujANjT0 /3B53wFOAR5HXHPO2dSbdd2qXbuPVYqk/0sFMXFhTvHVd/g+JznXk4kqKb9QVxzQ rwgH/7Ao4xJEhAvsVMaZ1hptGzLTdjPeRRuRm+jrA47zVxrzbBoC4oIXJRsT/oPs YHBjLSFy+mOfXPoYRtg/B/6cuUBgg2zj0D1B0qVzlVv4Z71LNhAO3n/q5cun9rAl 1gsIGEM6PMfz4hq0J09duqKRmtYSIQmh8CKRbTC0PATGwcCdqg6KiN5ZlNpVf5Qj IT1axn2dUCzIcu3SDOQjIHaimHt3yRCdgxOBzsE8GO04eSj0BHn9AfofarqiFYxU je+DWnbtxCLYS1AK01ZvUM9LX0Fv0lmU7kDyS7m5E0zVt6H/aYLkPfB3B8mJZ/Q5 JuXPcLN/VCzjOtP9gno9hR9tEPh95Bna96HJxqyB1IKdu8jNndsu/PKiqbYVKl3T SXoicf0Aw5s4TmYFGBdHu7Ry8qHFnmf6o5APY5yQ1XHv+rKUpnq9apIp7SVhBlpo s4iJmcgsw5D5ccDLCgoEPcr/KqJXvFBCjX1p0M6jTq89ypNe3lg= =pWAT -----END PGP SIGNATURE----- --pqwgfraquzjyon6l--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171009072547.jauim6tlfennydf5>