From owner-freebsd-jail@freebsd.org Sat Dec 10 14:33:09 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 27AB0C70DE5 for ; Sat, 10 Dec 2016 14:33:09 +0000 (UTC) (envelope-from kayasaman@gmail.com) Received: from mail-wm0-x229.google.com (mail-wm0-x229.google.com [IPv6:2a00:1450:400c:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B47FA1AC4 for ; Sat, 10 Dec 2016 14:33:08 +0000 (UTC) (envelope-from kayasaman@gmail.com) Received: by mail-wm0-x229.google.com with SMTP id t79so12191572wmt.0 for ; Sat, 10 Dec 2016 06:33:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=to:from:subject:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=XxV+UeQpCsraseeOjd72hb6PbwgTfsF616CN84hO5+E=; b=c6UYI4CVY2jfuH0pg7B65UKfWwpd6f+QflSEsl7+deZXi0KXaxhOYxyJP/nSd04h/u E14jPaDoWK8B5IpF/4lIag+WMmPOJ6g8Tgoq0B3+UoD+4wERCSPiZduCkwrzeNV9Awaz 2tdoPCG4q9A3t97OW2yqjZHOg6Sjm/WMBLwsCtqGhjQWN4Ngmfy2HmogG0D6xc4FehAk ZESMmOfPKiJrbc+aHJNOwEXzF9LuoezmfrfLuyJWpL0vx2xBVGQ88tO7OTjkOHrJpb0K jjT1ZgwoIf0cw9cQZ2dkrqSn5NuI7xmIWWezM6QH/oFOg8/brMb1NatePWB+yCHNSbkj Ab5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=XxV+UeQpCsraseeOjd72hb6PbwgTfsF616CN84hO5+E=; b=Q4g2Zu3+Fz29V43UnI6LFI253GVcdSwCJvnszdF7of63UzDLt7REYJ81yp1jcBsj3o Joe/HAPWv96YtPkWvxgo8/Tk2EJMNvcup9agSTMsFsVsqY+/+e9xp53qXK8H4oiQexsr c1Foi/ttE1uNqe2MF6p9cp3MG1IBx2NeCuoc96J96qTrc119phyuWXbeLZtrUcstn7F3 WGArX5iMYU24ol84gMTnbjnU6pm8cfeIGGa4D9EmdYQSjE4HkPEtbU41qLDbCkzAtBBM 1eKkrUZAJfcLmyZX+3uscV9L+mx8eAmn8tyUXTE/vIwoc7mQ2PeadG8Uh9Zy+iEX0z/Z 5w4g== X-Gm-Message-State: AKaTC03aWxLIfwk1cPBtVCOZYNMAJR1wrQ3BjLA7obj9FWPP8HH5m1IlBszBmMsaNm/HRw== X-Received: by 10.28.31.23 with SMTP id f23mr2844385wmf.94.1481380386540; Sat, 10 Dec 2016 06:33:06 -0800 (PST) Received: from x220.optiplex-networks.com (optiplexnetworks.plus.com. [212.159.80.17]) by smtp.googlemail.com with ESMTPSA id d85sm26078316wmd.17.2016.12.10.06.33.05 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 10 Dec 2016 06:33:05 -0800 (PST) To: freebsd-jail@freebsd.org From: Kaya Saman Subject: Getting "Permission Denied" issues after migrating jails Message-ID: Date: Sat, 10 Dec 2016 14:33:05 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Dec 2016 14:33:09 -0000 Hi, Recently I migrated my jails onto a new ZPOOL as their old location started filling up. I used rsync -avvcrt --progress --remove-source-files /path/to/jail to achieve this. The Jails all start fine and some processes are working inside the jails however, on certain things I'm getting permission denied issues. I'm guessing this is to do with file system flags and unprivileged users?? An example is when trying to build or update a @Port inside the jail: ===> Cleaning for gettext-runtime-0.19.8.1_1 pkg-static: unable to open vulnxml file /var/db/pkg/vuln.xml: Permission denied ===> gettext-runtime-0.19.8.1_1 has known vulnerabilities: => Please update your ports tree and try again. => Note: Vulnerable ports are marked as such even if there is no update available. => If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes' *** Error code 1 certain services are giving the exact same issue when trying to start. The closest I have come to figuring this out is: https://forums.freebsd.org/threads/44052/ which suggests fixing the noexec flags. On the actual ZFS dataset the exec=on parameter is already set meaning that this must be a local issue and something to do with the "chflags" command but I can't recall or even find any clue on which files to run the command on and parameters to use in "man chflags". Would someone have an idea on a fix for this? Thanks Kaya