From owner-dev-commits-src-main@freebsd.org  Fri Mar  5 17:23:37 2021
Return-Path: <owner-dev-commits-src-main@freebsd.org>
Delivered-To: dev-commits-src-main@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id A31DF5602D6;
 Fri,  5 Mar 2021 17:23:37 +0000 (UTC)
 (envelope-from jamie@freebsd.org)
Received: from gritton.org (gritton.org [199.192.165.131])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 4DsZMY3G5zz4tKL;
 Fri,  5 Mar 2021 17:23:37 +0000 (UTC)
 (envelope-from jamie@freebsd.org)
Received: from gritton.org ([127.0.0.131]) (authenticated bits=0)
 by gritton.org (8.15.2/8.15.2) with ESMTPA id 125H9l3V072082;
 Fri, 5 Mar 2021 09:09:47 -0800 (PST)
 (envelope-from jamie@freebsd.org)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit
Date: Fri, 05 Mar 2021 09:09:47 -0800
From: James Gritton <jamie@freebsd.org>
To: Kyle Evans <kevans@freebsd.org>
Cc: src-committers <src-committers@freebsd.org>,
 <dev-commits-src-all@freebsd.org>, dev-commits-src-main@freebsd.org,
 jails@freebsd.org
Subject: Re: git: d4380c0cdd05 - main - jail: Change both root and working
 directories in jail_attach(2)
In-Reply-To: <CACNAnaG=S68qgNxJ3M79n7aaOL2_kfit-1acxz6Ap5H1FT7c2Q@mail.gmail.com>
References: <202102192213.11JMDoiL080275@gitrepo.freebsd.org>
 <CACNAnaG=S68qgNxJ3M79n7aaOL2_kfit-1acxz6Ap5H1FT7c2Q@mail.gmail.com>
User-Agent: Roundcube Webmail/1.4.1
Message-ID: <2b8a8650271cb14c0a236aa8a79bac74@freebsd.org>
X-Sender: jamie@freebsd.org
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2
 (gritton.org [127.0.0.131]); Fri, 05 Mar 2021 09:09:47 -0800 (PST)
X-Rspamd-Queue-Id: 4DsZMY3G5zz4tKL
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
	 REPLY(-4.00)[]
X-BeenThere: dev-commits-src-main@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commit messages for the main branch of the src repository
 <dev-commits-src-main.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-main>, 
 <mailto:dev-commits-src-main-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-main/>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Help: <mailto:dev-commits-src-main-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main>, 
 <mailto:dev-commits-src-main-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Mar 2021 17:23:37 -0000

It's superfluous now, as long as the newest kernel is running.  The only 
problem is if people install the new binaries under an older kernel.  
That's why I've been letting it sit so far.

- Jamie


On 2021-03-05 09:06, Kyle Evans wrote:
> On Fri, Feb 19, 2021 at 4:13 PM Jamie Gritton <jamie@freebsd.org> 
> wrote:
>> 
>> The branch main has been updated by jamie:
>> 
>> URL: 
>> https://cgit.FreeBSD.org/src/commit/?id=d4380c0cdd0517dc038403dd5c99242ce78bdeb5
>> 
>> commit d4380c0cdd0517dc038403dd5c99242ce78bdeb5
>> Author:     Jamie Gritton <jamie@FreeBSD.org>
>> AuthorDate: 2021-02-19 22:13:35 +0000
>> Commit:     Jamie Gritton <jamie@FreeBSD.org>
>> CommitDate: 2021-02-19 22:13:35 +0000
>> 
>>     jail: Change both root and working directories in jail_attach(2)
>> 
>>     jail_attach(2) performs an internal chroot operation, leaving it 
>> up to
>>     the calling process to assure the working directory is inside the 
>> jail.
>> 
>>     Add a matching internal chdir operation to the jail's root.  Also
>>     ignore kern.chroot_allow_open_directories, and always disallow the
>>     operation if there are any directory descriptors open.
>> 
> 
> Any reason we shouldn't go ahead and drop the explicit chdir() from
> jexec(8) and jail(8) now that jail_attach *is* guaranteed to chdir
> along with its chroot?
> 
> Thanks,
> 
> Kyle Evans