Date: Wed, 09 Feb 2022 13:22:13 +0100 From: Alexander Leidinger <Alexander@leidinger.net> To: Michael Gmelin <grembo@freebsd.org> Cc: hackers@freebsd.org Subject: Re: Behavior of /dev/pts in a jail? Message-ID: <20220209132213.Horde.hjhX_GoM3qNT-7ucnNXd-ae@webmail.leidinger.net> In-Reply-To: <77267259-0758-4C04-867D-77A896D133E4@freebsd.org> References: <20220209113737.Horde.8QntfZV4xEkYdmHjXMgCpHN@webmail.leidinger.net> <77267259-0758-4C04-867D-77A896D133E4@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting Michael Gmelin <grembo@freebsd.org> (from Wed, 9 Feb 2022 12:56:49 +0100): > I was able to reproduce the issue locally. > > The problem is caused by jexec inheriting the pty from the jail host. > > If you use a pty that was created inside of the jail, > gpg-agent/pinentry works as expected. > > This can be accomplished, e.g., by running tmux inside of the jail: > > jexec gpgtest > pkg install tmux > tmux > gpg --gen-key > > Running sshd inside of the jail and connecting to it using ssh has > the same effect. I confirm (with ssh instead of jexec) the behavior. What I don't understand is how this works. ls is not build-in to the shell. So how can it be that the jexec-ed shell can fork ls and it sees the content of /dev/pts/, and the ls forked from gpg->gpg-agent->pinentry-wrapper can't? And how could we fix this (or why wouldn't we want to fix it)? Bye, Alexander. -- http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20220209132213.Horde.hjhX_GoM3qNT-7ucnNXd-ae>