From owner-freebsd-emulation@FreeBSD.ORG  Sat Mar  6 06:13:42 2010
Return-Path: <owner-freebsd-emulation@FreeBSD.ORG>
Delivered-To: freebsd-emulation@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0EB491065670
	for <freebsd-emulation@freebsd.org>;
	Sat,  6 Mar 2010 06:13:42 +0000 (UTC)
	(envelope-from lists@jnielsen.net)
Received: from ns1.jnielsen.net (ns1.jnielsen.net [69.55.238.237])
	by mx1.freebsd.org (Postfix) with ESMTP id E8FBF8FC1B
	for <freebsd-emulation@freebsd.org>;
	Sat,  6 Mar 2010 06:13:41 +0000 (UTC)
Received: from jnielsen-2.local (jn@stealth.jnielsen.net [74.218.226.254])
	(authenticated bits=0)
	by ns1.jnielsen.net (8.12.9p2/8.12.9) with ESMTP id o266DXpf023291;
	Sat, 6 Mar 2010 01:13:33 -0500 (EST)
	(envelope-from lists@jnielsen.net)
From: John Nielsen <lists@jnielsen.net>
To: freebsd-emulation@freebsd.org
Date: Sat, 6 Mar 2010 01:13:32 -0500
User-Agent: KMail/1.12.4 (Darwin/9.8.0; KDE/4.3.4; i386; ; )
References: <201003021325.27197.lists@jnielsen.net>
	<20100305092611.0000772c@unknown> <20100305091446.GZ8200@hoeg.nl>
In-Reply-To: <20100305091446.GZ8200@hoeg.nl>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-15"
Content-Transfer-Encoding: 7bit
Message-Id: <201003060113.32628.lists@jnielsen.net>
X-Virus-Scanned: ClamAV version 0.88.4,
	clamav-milter version 0.88.4 on ns1.jnielsen.net
X-Virus-Status: Clean
Cc: Ed Schouten <ed@80386.nl>, Alexander Leidinger <Alexander@leidinger.net>
Subject: Re: linux-only jail possible?
X-BeenThere: freebsd-emulation@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Development of Emulators of other operating systems
	<freebsd-emulation.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-emulation>, 
	<mailto:freebsd-emulation-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-emulation>
List-Post: <mailto:freebsd-emulation@freebsd.org>
List-Help: <mailto:freebsd-emulation-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-emulation>, 
	<mailto:freebsd-emulation-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Mar 2010 06:13:42 -0000

On Friday 05 March 2010 04:14:46 Ed Schouten wrote:
> Hello Alexander,
> 
> * Alexander Leidinger <Alexander@Leidinger.net> wrote:
> > > My current hurdle is sshd:
> > > Mar  3 22:20:51 centos sshd[88836]: fatal: openpty returns device for
> > > which ttyname fails.
> > >
> > > Apparently the Linux sshd isn't using /dev/ptmx appropriately. I'll
> > > probably just have to replace it with one that does..
> >
> > Ed, can it be that the linuxulator ttyname stuff needs to be fixed
> > after your tty changes?
> 
> Hmmm... It worked back in August 2008 when I committed it to HEAD.
> ttyname() on Linux works pretty bad. First of all, it tries to
> readlink() on a node in devfs. If that fails, it falls back to stat()ing
> in /dev, /dev/pts, etc. until a device node is found which shares the
> same major/minor number. On FreeBSD we just use FIODGNAME (see
> fdevname(3)).
> 
> Could you please strace/truss/etc the Linux binary to see what it
> exactly does?

Ptrace inside the jail doesn't run:
Mar  6 00:33:32 stealth kernel: linux: ptrace(24, ...) not implemented

Truss from the host side seems okay except that -f doesn't work as expected. 
I can attach manually to the child processes just before submitting an SSH 
password though so hopefully that's enough. If you want me to do any of this 
again with different truss flags or other information just let me know.

=== attach truss to already-running jailed Linux sshd
stealth# truss -f -a -s 256 -d -p 86936 &
86936: -1267855183.102078976 SIGNAL 17 (SIGSTOP)

=== connect SSH client
86936: 12.137609664 linux_select(0x6,0x1070920,0x0,0x0,0x0,0x6) = 1 (0x1)
86936: 12.137928894 
linux_socketcall(0x5,0x9fbfdc40,0x1064904,0x10691a0,0x1070920,0x6) = 4 (0x4)
86936: 12.138072794 linux_fcntl64(0x4,0x3,0x0,0x0,0x215d8ff4,0x6) = 2 (0x2)
86936: 12.138208180 
linux_pipe(0x9fbfe1f0,0xa,0x1064904,0x1066a20,0x1070920,0x6) = 0 (0x0)
86936: 12.138339736 
linux_socketcall(0x8,0x9fbfdc40,0x1064904,0x1066a20,0x1070920,0x6) = 0 (0x0)
86936: 12.139791642 linux_clone(0x1200011,0x0,0x0,0x0,0x216a2878,0x6) = 
87878 (0x15746)
86936: 12.145413510 close(6)			 = 0 (0x0)
86936: 12.145607825 write(7,"\0\0\^B\r\0",5)	 = 5 (0x5)
86936: 12.146314103 write(7,"\0\0\^B\^D\n\n\n\n\n\n\n\n\n\n\n\n\n\nProtocol 
2\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nSyslogFacility 
AUTHPRIV\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nPasswordAuthentication 
yes\n\n\n\nChallengeResponseAuthentication 
no\n\n\n\n\n\n\n\n\n\nGSSAPIA"...,524) = 524 (0x20c)
86936: 12.146439264 close(7)			 = 0 (0x0)
86936: 12.146522149 close(8)			 = 0 (0x0)
86936: 12.146693212 close(4)			 = 0 (0x0)

=== attach truss to two child processes (identified in another terminal)
truss -f -a -s 256 -d -p 87878 &
truss -f -a -s 256 -d -p 87879 &

=== submit password from client
87879: 9.853932067 linux_select(0x4,0x106ff30,0x0,0x0,0x0,0x6) = 1 (0x1)
87879: 9.854301549 read(3,"0\M-u\M-S \M-.\M^XB\M-?D\M-N3rxp\M-r\M^AqO\M-
h\M^X\M-895Pi\M^_\M^?\M^?\M-1y?X\M^BLq\M-x\M-I\^Y\^R\M-0\M-m\M-8\M-4k\^?\M-
w\^D.r\M-S\M-/F\M-R\\\^_\M-^7a\M-S\M^XK\M-}\M^B\M-c\^V\M-
dj\M-}:dP\M^T~\M^O\M^Q\M-;\M-Z\^?\M-A^a\M^A^z\M-)\M^I%\M-1\M-P\M-M\M-
CNq\M-("...,8192) = 144 (0x90)
87879: 9.854845776 write(4,"\0\0\0\r\v",5)	 = 5 (0x5)
87878: 20.687933561 read(6,"\0\0\0\r",4)	 = 4 (0x4)
87879: 9.855093717 write(4,"\0\0\0\bi26y4you",12) = 12 (0xc)
87878: 20.688170204 read(6,"\v\0\0\0\bi26y4you",13) = 13 (0xd)
87878: 20.688383401 linux_time(0x0,0x210971c8,0x0,0x106fdb0,0x106ff50,0x6) = 
1267855265 (0x4b91efa1)
87878: 20.688535529 linux_getuid(0x2180e5e4,0x19,0x1,0x1077978,0x106ff50,0x6) 
= 0 (0x0)
87878: 20.688872527 linux_open("/etc/passwd",0x0,0666) = 4 (0x4)
87878: 20.689040520 linux_fcntl64(0x4,0x1,0x0,0x0,0x215d8ff4,0x6) = 0 (0x0)
87878: 20.689186549 linux_fcntl64(0x4,0x2,0x1,0x1,0x215d8ff4,0x6) = 0 (0x0)
87878: 20.689294722 
linux_fstat64(0x4,0x9fbfd774,0x215d8ff4,0x107bb98,0x107bb98,0x6) = 0 (0x0)
87878: 20.689428922 linux_mmap2(0x0,0x1000,0x3,0x22,0xffffffff,0x6) = 554172416 
(0x21080000)
87878: 20.699234019 
read(4,"root:x:0:0:root:/root:/bin/bash\nbin:x:1:1:bin:/bin:/sbin/nologin\ndaemon:x:2:2:daemon:/sbin:/sbin/nologin\nadm:x:3:4:adm:/var/adm:/sbin/nologin\nlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin\nsync:x:5:0:sync:/sbin:/bin/sync\nshutdown:x:6:0:shutdown:/sbin:/sbin"...,4096) 
= 1212 (0x4bc)
87878: 20.699503111 close(4)			 = 0 (0x0)
87878: 20.699635968 munmap(0x21080000,4096)	 = 0 (0x0)
87878: 20.699914320 linux_open("/etc/shadow",0x0,0666) = 4 (0x4)
87878: 20.700006293 linux_fcntl64(0x4,0x1,0x0,0x0,0x215d8ff4,0x6) = 0 (0x0)
87878: 20.700129843 linux_fcntl64(0x4,0x2,0x1,0x1,0x215d8ff4,0x6) = 0 (0x0)
87878: 20.700259840 
linux_fstat64(0x4,0x9fbfd774,0x215d8ff4,0x107bfc0,0x107bfc0,0x6) = 0 (0x0)
87878: 20.700384377 linux_mmap2(0x0,0x1000,0x3,0x22,0xffffffff,0x6) = 554172416 
(0x21080000)
87878: 20.708676112 read(4,"root:
$1$pG5H8Y01$yn7Y0p4FKKi8sIDcQ3rEf1:14671:0:99999:7:::
\nbin:*:14671:0:99999:7:::\ndaemon:*:14671:0:99999:7:::
\nadm:*:14671:0:99999:7:::\nlp:*:14671:0:99999:7:::
\nsync:*:14671:0:99999:7:::\nshutdown:*:14671:0:99999:7:::
\nhalt:*:14671:0:99999:7:::\nmail:"...,4096) = 769 (0x301)
87878: 20.708940347 close(4)			 = 0 (0x0)
87878: 20.709078960 munmap(0x21080000,4096)	 = 0 (0x0)
87878: 20.709905132 
linux_socketcall(0x1,0x9fbfd890,0x210cdff4,0x1,0x106ff50,0x6) ERR#47 'Address 
family not supported by protocol family'
87878: 20.710306504 write(6,"\0\0\0\^E\f",5)	 = 5 (0x5)
87879: 9.877288770 read(4,"\0\0\0\^E",4)	 = 4 (0x4)
87878: 20.710505458 write(6,"\0\0\0\^A",4)	 = 4 (0x4)
87879: 9.877482859 read(4,"\f\0\0\0\^A",5)	 = 5 (0x5)
87879: 9.877654694 write(4,"\0\0\0\^A/",5)	 = 5 (0x5)
87878: 20.710731764 read(6,"\0\0\0\^A",4)	 = 4 (0x4)
87878: 20.710905919 read(6,"/",1)		 = 1 (0x1)
87878: 20.711149450 linux_open("/etc/nologin",0x8000,00) ERR#2 'No such file 
or directory'
87878: 20.711385340 linux_getuid(0x2180e5e4,0x19,0x0,0x106ff50,0x106ff50,0x6) 
= 0 (0x0)
87878: 20.711617951 linux_open("/etc/passwd",0x0,0666) = 4 (0x4)
87878: 20.711708912 linux_fcntl64(0x4,0x1,0x0,0x0,0x215d8ff4,0x6) = 0 (0x0)
87878: 20.711830195 linux_fcntl64(0x4,0x2,0x1,0x1,0x215d8ff4,0x6) = 0 (0x0)
87878: 20.711987900 
linux_fstat64(0x4,0x9fbfd774,0x215d8ff4,0x107c410,0x107c410,0x6) = 0 (0x0)
87878: 20.712120506 linux_mmap2(0x0,0x1000,0x3,0x22,0xffffffff,0x6) = 554172416 
(0x21080000)
87878: 20.712779451 
read(4,"root:x:0:0:root:/root:/bin/bash\nbin:x:1:1:bin:/bin:/sbin/nologin\ndaemon:x:2:2:daemon:/sbin:/sbin/nologin\nadm:x:3:4:adm:/var/adm:/sbin/nologin\nlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin\nsync:x:5:0:sync:/sbin:/bin/sync\nshutdown:x:6:0:shutdown:/sbin:/sbin"...,4096) 
= 1212 (0x4bc)
87878: 20.713160707 close(4)			 = 0 (0x0)
87878: 20.713268842 munmap(0x21080000,4096)	 = 0 (0x0)
87878: 20.713400150 geteuid()			 = 0 (0x0)
87878: 20.713600510 linux_open("/etc/shadow",0x0,0666) = 4 (0x4)
87878: 20.713714568 linux_fcntl64(0x4,0x1,0x0,0x0,0x215d8ff4,0x6) = 0 (0x0)
87878: 20.713833549 linux_fcntl64(0x4,0x2,0x1,0x1,0x215d8ff4,0x6) = 0 (0x0)
87878: 20.713961773 
linux_fstat64(0x4,0x9fbfd774,0x215d8ff4,0x107cb90,0x107cb90,0x6) = 0 (0x0)
87878: 20.714090120 linux_mmap2(0x0,0x1000,0x3,0x22,0xffffffff,0x6) = 554172416 
(0x21080000)
87878: 20.714762942 read(4,"root:
[/etc/shadow contents sanitized]
...,4096) = 769 (0x301)
87878: 20.715053325 close(4)			 = 0 (0x0)
87878: 20.715173597 munmap(0x21080000,4096)	 = 0 (0x0)
87878: 20.715325437 linux_time(0x0,0x2180e5e4,0x0,0x1070000,0x107c410,0x6) = 
1267855265 (0x4b91efa1)
87878: 20.715451861 linux_socketcall(0x1,0x9fbfd900,0x210cdff4,0x0,0x0,0x6) 
ERR#47 'Address family not supported by protocol family'
87878: 20.715829496 write(6,"\0\0\0\t0",5)	 = 5 (0x5)
87879: 9.882848296 read(4,"\0\0\0\t",4)		 = 4 (0x4)
87878: 20.716121724 write(6,"\0\0\0\^A\0\0\0\0",8) = 8 (0x8)
87879: 9.883134465 read(4,"0\0\0\0\^A\0\0\0\0",9) = 9 (0x9)
87878: 20.716568885 
linux_time(0x0,0x215d8ff4,0x9fbfd2dc,0x9fbfd2dc,0x1075b28,0x6) = 1267855265 
(0x4b91efa1)
87879: 9.883559415 write(3,"\M-(\a\M-m\M-U\^B6^\M^H\f\M^?\M^_<A\M^^\M-ihg\M-
y\M-=tI\M-?\b\M-F\M-W\M-@\M-!W\M-1U\M^I\M^[",32) = 32 (0x20)
87878: 20.716914385 linux_open("/etc/localtime",0x0,0666) = 4 (0x4)
87879: 9.883892372 write(4,"\0\0\^D\M-.\^Y",5)	 = 5 (0x5)
87878: 20.717836319 
linux_fstat64(0x4,0x9fbfd0dc,0x215d8ff4,0x0,0x215bdcf9,0x6) = 0 (0x0)
87879: 9.884825874 write(4,"\0\0\0\^T\M-O\M-k\fsg#c\^]\M-9\r|\M-.\M-|
\M-2\^C\M-r\v;\M-@d\0\0\0\^P\0\0\0\^A\0\0\0\^B\0\0\^B\M-3B5\M-W\M-mbP\M-
Iw\M-,\M-%\M-k\M-v\M-I\M-7\M-q\M-5\0\0\0Ydiffie-hellman-group-exchange-
sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
sha1\0\0\0\^Ossh-"...,1197) = 1197 (0x4ad)
87878: 20.719538005 
linux_fstat64(0x4,0x9fbfcf84,0x215d8ff4,0x1075ca0,0x1075ca0,0x6) = 0 (0x0)
87879: 9.884825874 process exit, rval = 0
87878: 20.720132472 linux_mmap2(0x0,0x1000,0x3,0x22,0xffffffff,0x6) = 554172416 
(0x21080000)
87878: 20.739640280 
read(4,"TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\^D\0\0\0\^D\0\0\0\0\0\0\0\M-
k\0\0\0\^D\0\0\0\^P\M^^\M-&\^^p\M^_\M-:\M-k`\240\M^F\0p\M-!\M^Z\M-M`\M-"e\M-
bp\M-#\M^C\M-i\M-`\M-$j\M-.p\M-%5\M-'`\M-&S\M-J\M-p\M-'\^U\M^I`\M-(3\M-,\M-
p\M-(\M-~\M-%\M-`\M-*\^S\M^N\M-p"...,4096) = 3519 (0xdbf)
87878: 20.740867474 close(4)			 = 0 (0x0)
87878: 20.740999205 munmap(0x21080000,4096)	 = 0 (0x0)
87878: 20.741192384 
linux_stat64(0x215bdcf9,0x9fbfcffc,0x215d8ff4,0x0,0x215bdcf9,0x6) = 0 (0x0)
87878: 20.741354100 
linux_stat64(0x215bdcf9,0x9fbfcee0,0x215d8ff4,0x0,0x215bdcf9,0x6) = 0 (0x0)
87878: 20.741503796 
linux_stat64(0x215bdcf9,0x9fbfcee0,0x215d8ff4,0x0,0x215bdcf9,0x6) = 0 (0x0)
87878: 20.741711425 
linux_socketcall(0x1,0x9fbfd218,0x215d8ff4,0x14,0x1075b28,0x6) = 4 (0x4)
87878: 20.741881680 linux_fcntl64(0x4,0x2,0x1,0x1,0x215d8ff4,0x6) = 0 (0x0)
87878: 20.742124782 linux_socketcall(0x3,0x9fbfd218,0x215d8ff4,0x14,0x61,0x6) 
= 0 (0x0)
87878: 20.742594901 
linux_socketcall(0x9,0x9fbfd23c,0x215d8ff4,0x14,0x1075b28,0x6) = 93 (0x5d)
87878: 20.743105515 close(4)			 = 0 (0x0)
87878: 20.743238938 read(6,"\0\0\^D\M-.",4)	 = 4 (0x4)
87878: 20.743381687 read(6,"\^Y\0\0\0\^T\M-O\M-k\fsg#c\^]\M-9\r|\M-.\M-|
\M-2\^C\M-r\v;\M-@d\0\0\0\^P\0\0\0\^A\0\0\0\^B\0\0\^B\M-3B5\M-W\M-mbP\M-
Iw\M-,\M-%\M-k\M-v\M-I\M-7\M-q\M-5\0\0\0Ydiffie-hellman-group-exchange-
sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\0\0\0\^Os"...,1198) 
= 1198 (0x4ae)
87878: 20.744202690 close(6)			 = 0 (0x0)
87878: 20.744322201 linux_mmap2(0x0,0x140000,0x3,0x21,0xffffffff,0x6) = 
562327552 (0x21847000)
87878: 20.744509635 munmap(0x216ae000,65536)	 = 0 (0x0)
87878: 20.744642322 
linux_waitpid(0x15747,0x9fbfe1ec,0x0,0x15747,0x9fbfe1ec,0x6) = 87879 
(0x15747)
87878: 20.744820075 
linux_alarm(0x0,0x9fbfe1ec,0x1064904,0x15747,0x9fbfe1ec,0x6) = 50 (0x32)
87878: 20.744954418 linux_rt_sigaction(0xe,0x0,0x9fbfd9c4,0x8,0x215d8ff4,0x6) 
= 0 (0x0)
87878: 20.745082589 linux_rt_sigaction(0xe,0x9fbfda50,0x0,0x8,0x215d8ff4,0x6) 
= 0 (0x0)
87878: 20.745222970 close(5)			 = 0 (0x0)
86936: 82.810586917 linux_select(0x6,0x1070920,0x0,0x0,0x0,0x6) = 1 (0x1)
87878: 20.745436998 geteuid()			 = 0 (0x0)
86936: 82.810770853 close(5)			 = 0 (0x0)
87878: 20.745582399 getegid()			 = 0 (0x0)
87878: 20.745685862 
linux_getgroups(0x0,0x0,0x215d8ff4,0x106faf8,0x9fbfe1ec,0x6) = 0 (0x0)
87878: 20.745685862 process exit, rval = 255
86936: 82.862704631 linux_select(0x6,0x1070920,0x0,0x0,0x0,0x6) ERR#4 
'Interrupted system call'
86936: 82.862704631 SIGNAL 20 (SIGCHLD)
86936: 82.863354019 
linux_waitpid(0xffffffff,0x9fbfd940,0x1,0x9fbfd940,0x216a27e8,0x6) = 87878 
(0x15746)
86936: 82.863490428 
linux_waitpid(0xffffffff,0x9fbfd940,0x1,0x9fbfd940,0x216a27e8,0x6) ERR#10 'No 
child processes'
86936: 82.863751244 
linux_rt_sigaction(0x11,0x0,0x9fbfd6ac,0x8,0x215d8ff4,0x6) = 0 (0x0)
86936: 82.863884662 linux_sigreturn(0x9fbfd958,0x0,0x9fbfd7ec,0x0,0x0,0x6) 
ERR#4 'Interrupted system call'

=== client disconnected, sshd child processes exit
[3]  - Done                          truss -f -a -s 256 -d -p 87879
[2]  - Done                          truss -f -a -s 256 -d -p 87878

=== detach truss from parent sshd
kill 87872
[1]    Done                          truss -f -a -s 256 -d -p 86936