Date: Sat, 9 Jan 2021 20:27:57 +0300 From: Vasily Postnicov <shamaz.mazum@gmail.com> To: Mark Johnston <markj@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: DNS using Name Service Switch module and Casper Message-ID: <CADnZ6BmXL0GuhvSg1UyMxVA0%2BoxdU4OtSZZAA34prx89-HCrTg@mail.gmail.com> In-Reply-To: <CADnZ6Bn0gVrGLu0_KsY_m-okL8WNU__E7WCYr5DppHubm90Byw@mail.gmail.com> References: <CADnZ6Bke=9%2B_pMc6rkbheNUWS-H6_X14%2Bf%2BWz5cfUCD=BTwk=g@mail.gmail.com> <X/R7Ahz8sz5v%2BoFa@raichu> <CADnZ6BmUJxVZx155j8opJKNsHJBE5mWz9D=MBE0Y_xu-kgOBfQ@mail.gmail.com> <X/h%2BJRmXmrOfmXBM@raichu> <CADnZ6Bm96bjJN5gcpCWiNKbNou3XvxZmCD2-YbX34%2B00L=UdPw@mail.gmail.com> <CADnZ6B=nFt-a-0CX=sCDnEM_CjnDQmiotyZ9L6q6jTZ0qJ-FVQ@mail.gmail.com> <CADnZ6Bm49RBuku%2BrN2cH75p89ByARXxP5BKAH89g2TrQars5VA@mail.gmail.com> <X/ndxoPtkWs%2BOPij@raichu> <CADnZ6Bn0gVrGLu0_KsY_m-okL8WNU__E7WCYr5DppHubm90Byw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Oh, I almost forgot. I am on f2b794e now =D1=81=D0=B1, 9 =D1=8F=D0=BD=D0=B2. 2021 =D0=B3. =D0=B2 20:25, Vasily Postn= icov <shamaz.mazum@gmail.com>: > > Brilliant! It took me almost a day to dive into ZeroMQ to reassure > myself that there is nothing wrong with it. When I tried to write > minimal test programs which call fork after pthread_create() in all > combinations. When I realized that NSS stub module is what I need. > > Instructions: > > 1) Compile NSS stub module: cc -shared -fPIC -pthread -o > nss_zerodns.so.1 test.c (Note '.1' at the end). > 2) Copy nss_zerodns.so.1 to /usr/local/lib > 3) Apply the patch src_sbin_ping_main.c to ping source code. With this > patch ping will not quit too early when the initial call to > getaddrinfo() fails. > 4) Add stub module to /etc/nsswitch.conf: edit 'hosts' line to be > 'hosts: files dns zerodns' > 5) Ping non-existent host, like 'ping foo.bar' > 6) Ping will hang. The child process which it creates cannot be killed > even with killall -9 ping > > =D1=81=D0=B1, 9 =D1=8F=D0=BD=D0=B2. 2021 =D0=B3. =D0=B2 19:46, Mark Johns= ton <markj@freebsd.org>: > > > > On Sat, Jan 09, 2021 at 04:16:49PM +0300, Vasily Postnicov wrote: > > > Turns out, if you do not specify either -4 or -6 to ping, unsandboxed > > > getaddrinfo() will be called in /usr/src/sbin/ping/main.c, line 139. > > > (what's the point in sandboxing then, lol?) This somehow affects > > > sandboxing. > > > > Indeed, that seems to be an issue with the recent merge of ping and > > ping6. > > > > I guess the initial call to getaddrinfo() causes nsswitch.conf to be > > parsed and your module is loaded before we fork(). The module is linke= d > > with libthr but obviously ping itself is not. I'm sure this kind of > > configuration worked at some point, there might have been a regression. > > > > If you can provide a stub NSS module that links libthr and demonstrates > > the issue, it would be useful. > > > > > Look at the screenshot, it explains where fork() gets stuck. > > > https://photos.app.goo.gl/T1B3Fo1hg6z7r3vZ6 > > > > And there are no other threads in the process?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADnZ6BmXL0GuhvSg1UyMxVA0%2BoxdU4OtSZZAA34prx89-HCrTg>