Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 9 Feb 2022 14:56:04 +0100
From:      Michael Gmelin <grembo@freebsd.org>
To:        Steffen Nurpmeso <steffen@sdaoden.eu>
Cc:        Michael Gmelin <grembo@freebsd.org>, Alexander Leidinger <Alexander@leidinger.net>, hackers@freebsd.org
Subject:   Re: Behavior of /dev/pts in a jail?
Message-ID:  <20220209145604.3698c387.grembo@freebsd.org>
In-Reply-To: <20220209133709.NBhO-%steffen@sdaoden.eu>
References:  <20220209113737.Horde.8QntfZV4xEkYdmHjXMgCpHN@webmail.leidinger.net> <77267259-0758-4C04-867D-77A896D133E4@freebsd.org> <20220209132213.Horde.hjhX_GoM3qNT-7ucnNXd-ae@webmail.leidinger.net> <20220209142152.13373548.grembo@freebsd.org> <20220209133709.NBhO-%steffen@sdaoden.eu>
next in thread | previous in thread | raw e-mail | index | archive | help 


On Wed, 09 Feb 2022 14:37:09 +0100
Steffen Nurpmeso <steffen@sdaoden.eu> wrote:

> Michael Gmelin wrote in
>  <20220209142152.13373548.grembo@freebsd.org>:
>  |On Wed, 09 Feb 2022 13:22:13 +0100
>  |Alexander Leidinger <Alexander@leidinger.net> wrote:
>  |> Quoting Michael Gmelin <grembo@freebsd.org> (from Wed, 9 Feb 2022
> |> 12:56:49 +0100):
>  |>   
>  |>> I was able to reproduce the issue locally.
>  |>>
>  |>> The problem is caused by jexec inheriting the pty from the jail
>  |>> host.
>  |>>
>  |>> If you use a pty that was created inside of the jail,  
>  |>> gpg-agent/pinentry works as expected.
>  |>>
>  |>> This can be accomplished, e.g., by running tmux inside of the
> jail: |>>
>  |>>     jexec gpgtest
>  |>>     pkg install tmux
>  |>>     tmux
>  |>>     gpg --gen-key  
>  ...
>  |Maybe someone with more insights to how jails work internally could
>  |give their input here.
>  |
>  |In the meantime, tmux is probably the most lightweight way of
> working |around this in your specific use-case, without having to run
> sshd.
> 
> dtach.  It is much more lightweight.  I use it on the server to
> hold a containerized irssi-proxy instance to which i can connect
> to via VPN (from a of window of my local tmux).
> I track it for years now (it is stable for many years) after
> having been pointed to it by a good Japanese Spirit that sometimes
> crosses here and there .. and it just works.

That's another option I wasn't aware of, thanks.

If it's for the occasional interactive session, you can also use
the script(1) command that comes with base (which also makes use of
openpty(3)), so no need to install any packages:

    $ script /dev/null gpg --gen-key

Cheers
Michael

-- 
Michael Gmelin

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20220209145604.3698c387.grembo>