From owner-freebsd-bugs@FreeBSD.ORG Tue Oct 16 22:40:01 2012 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 70C88972 for ; Tue, 16 Oct 2012 22:40:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [8.8.178.135]) by mx1.freebsd.org (Postfix) with ESMTP id 46C8D8FC14 for ; Tue, 16 Oct 2012 22:40:01 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q9GMe1RQ009590 for ; Tue, 16 Oct 2012 22:40:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q9GMe1Ia009589; Tue, 16 Oct 2012 22:40:01 GMT (envelope-from gnats) Resent-Date: Tue, 16 Oct 2012 22:40:01 GMT Resent-Message-Id: <201210162240.q9GMe1Ia009589@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Devin Teske Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2C02895C for ; Tue, 16 Oct 2012 22:38:21 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id 0FED38FC0A for ; Tue, 16 Oct 2012 22:38:21 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.5/8.14.5) with ESMTP id q9GMcKFG068324 for ; Tue, 16 Oct 2012 22:38:20 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.5/8.14.5/Submit) id q9GMcKPH068323; Tue, 16 Oct 2012 22:38:20 GMT (envelope-from nobody) Message-Id: <201210162238.q9GMcKPH068323@red.freebsd.org> Date: Tue, 16 Oct 2012 22:38:20 GMT From: Devin Teske To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Subject: bin/172801: /usr/libexec/locate.updatedb (and therefore locate(1)) does not work inside a jail X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Oct 2012 22:40:01 -0000 >Number: 172801 >Category: bin >Synopsis: /usr/libexec/locate.updatedb (and therefore locate(1)) does not work inside a jail >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Oct 16 22:40:01 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Devin Teske >Release: FreeBSD 8.1-RELEASE-p6 amd64 >Organization: FIS Global, Inc. >Environment: FreeBSD ipm0.jbsd.vicor.com 8.1-RELEASE-p6 FreeBSD 8.1-RELEASE-p6 #6: Mon Oct 17 11:57:29 PDT 2011 dteske@oos0a.vbsd.vicor.com:/usr/src/sys/amd64/compile/FIS-amd64 amd64 >Description: Executing 'locate' in a jail returns "locate: database too small: /var/db/locate.database" The database file is 0 length: -r--r--r-- 1 nobody wheel 0 Aug 20 04:15 /var/db/locate.database The script /usr/libexec/locate.updatedb is responsible for generating the locate(1) database (above file). Executing '/usr/libexec/locate.updatedb' in a jail returns "/usr/libexec/locate.updatedb: empty variable FILESYSTEMS". One might be fooled into thinking this is a configuration issue with /etc/locate.rc but it is not. The root-cause is that /usr/libexec/locate.updatedb uses the lsvfs(1) command to get a list of local/non-synthetic filesystem types (and uses this as the default-value for $FILESYSTEMS). Within a jail, the lsvfs(1) output is redacted (see below): Filesystem Refs Flags -------------------------------- ----- --------------- 1 29542 0 0 4 12342 0 0 7 115 0 0 10 This redacted output results in a NULL default-value for $FILESYSTEMS, resulting in the odd, but true, fatal error message "/usr/libexec/locate.updatedb: empty variable FILESYSTEMS". ASIDE: The value of $FILESYSTEMS is used by /usr/libexec/locate.updatedb, enumerated to find(1) as a list of "-fstype" arguments when generating the locate(1) database. It then uses this list to build a series of "-fstype" excludes to pass to find(1) when generating the locate(1) database. >How-To-Repeat: Execute 'locate' in a jail. Get the following error: locate: database too small: /var/db/locate.database Naturally, try and generate /var/db/locate.database by then executing: /usr/libexec/locate.updatedb Only to get the following fatal error: /usr/libexec/locate.updatedb: empty variable FILESYSTEMS NOTE: The error is misleading and caused by a bug. Please read "Full Description" for further explanation. >Fix: At the low-level, the problem is two-fold: 1. lsvfs(1) as-used by /usr/libexec/locate.updatedb returns a redacted list within a jail 2. find(1)'s "-fstype" flag does not work within a jail. At the high-level, the problem is simpler to solve: 1. Make /usr/libexec/locate.updatedb not use lsvfs(1) or the "-fstype" flag of find(1) when running in a jail. A patch has been attached that applys the above-described "high-level" change, allowing /usr/libexec/locate.db to function properly within a jail (thus allowing locate(1) to work as-expected within a jail). Patch attached with submission follows: --- /usr/libexec/locate.updatedb.orig 2012-09-28 16:03:47.000000000 -0700 +++ /usr/libexec/locate.updatedb 2012-09-28 16:07:54.000000000 -0700 @@ -63,6 +63,7 @@ case X"$FILESYSTEMS" in X) echo "$0: empty variable FILESYSTEMS"; exit 1;; esac # Make a list a paths to exclude in the locate run +if [ "$(sysctl -n security.jail.jailed)" = "0" ]; then excludes="! (" or="" for fstype in $FILESYSTEMS do @@ -70,12 +71,14 @@ do or="-or" done excludes="$excludes ) -prune" +fi case X"$PRUNEPATHS" in X) ;; *) for path in $PRUNEPATHS do - excludes="$excludes -or -path $path -prune" + excludes="$excludes $or -path $path -prune" + or="-or" done;; esac >Release-Note: >Audit-Trail: >Unformatted: