From owner-freebsd-bugs@FreeBSD.ORG  Wed Sep  4 06:10:01 2013
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 66A14BD8
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Wed,  4 Sep 2013 06:10:01 +0000 (UTC)
 (envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 45EF223BB
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Wed,  4 Sep 2013 06:10:01 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r846A1Gu071532
 for <freebsd-bugs@freefall.freebsd.org>; Wed, 4 Sep 2013 06:10:01 GMT
 (envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r846A0xm071531;
 Wed, 4 Sep 2013 06:10:00 GMT (envelope-from gnats)
Resent-Date: Wed, 4 Sep 2013 06:10:00 GMT
Resent-Message-Id: <201309040610.r846A0xm071531@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
 Karl Pielorz <kpielorz@tdx.co.uk>
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id C5D5FBCF
 for <freebsd-gnats-submit@FreeBSD.org>; Wed,  4 Sep 2013 06:09:54 +0000 (UTC)
 (envelope-from nobody@FreeBSD.org)
Received: from oldred.freebsd.org (oldred.freebsd.org [8.8.178.121])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id B426F23B6
 for <freebsd-gnats-submit@FreeBSD.org>; Wed,  4 Sep 2013 06:09:54 +0000 (UTC)
Received: from oldred.freebsd.org ([127.0.1.6])
 by oldred.freebsd.org (8.14.5/8.14.7) with ESMTP id r8469slQ022899
 for <freebsd-gnats-submit@FreeBSD.org>; Wed, 4 Sep 2013 06:09:54 GMT
 (envelope-from nobody@oldred.freebsd.org)
Received: (from nobody@localhost)
 by oldred.freebsd.org (8.14.5/8.14.5/Submit) id r8469sbV022892;
 Wed, 4 Sep 2013 06:09:54 GMT (envelope-from nobody)
Message-Id: <201309040609.r8469sbV022892@oldred.freebsd.org>
Date: Wed, 4 Sep 2013 06:09:54 GMT
From: Karl Pielorz <kpielorz@tdx.co.uk>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.1
Subject: misc/181794: jexec runs commands in Jails without taking into account
 of the Jail's FIB
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Sep 2013 06:10:01 -0000


>Number:         181794
>Category:       misc
>Synopsis:       jexec runs commands in Jails without taking into account of the Jail's FIB
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 04 06:10:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Karl Pielorz
>Release:        9.2-BETA2 amd64
>Organization:
>Environment:
FreeBSD somehost.somedomain.com 9.2-BETA2 FreeBSD 9.2-BETA2 #0 r253951M: Mon Aug 12 09:39:57 BST 2013     kpielorz@somedomain.com:/sys/amd64/compile/GENERIC  amd64
>Description:
When using jails, if you specify a FIB to be used in the jail (so it can have it's own copy of the routing table) - running commands with 'jexec' ignores this FIB - and launches the command specified using the system default FIB (i.e. FIB 0).

This makes troubleshooting FIB issues very tricky unless you're aware of this issue (think lots of lost hours! :)
>How-To-Repeat:
Setup the system to support FIBs (multiple routing tables) - and configure a jail to use a specific FIB, i.e. using '/etc/jail.conf' - e.g.

jail {
  [blah]
  exec.fib = 1;
}

When you launch the jail with 'jail -c jail' it will be created, and it will use the FIB specified.

If you then attach to the jail, e.g. using 'jexec 1 tcsh' - that process will be launched with the default FIB (i.e. FIB 0) - and not the one that the jail is using.
>Fix:
Either jexec documentation needs a warning that it will launch the process with the default FIB - not the one for the jail, and that you should use 'setfib jail-fib jexec 1 tcsh'.

Or, have jexec actually honour the FIB set in /etc/jail.conf - so that 'jexec 1 tcsh' will set the correct FIB before launching the tcsh in jail #1.

>Release-Note:
>Audit-Trail:
>Unformatted: