From owner-freebsd-hackers@freebsd.org  Wed Oct 24 19:56:32 2018
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5718110393CB
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Wed, 24 Oct 2018 19:56:32 +0000 (UTC)
 (envelope-from markjdb@gmail.com)
Received: from mail-it1-x141.google.com (mail-it1-x141.google.com
 [IPv6:2607:f8b0:4864:20::141])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id CDF8877647
 for <freebsd-hackers@freebsd.org>; Wed, 24 Oct 2018 19:56:31 +0000 (UTC)
 (envelope-from markjdb@gmail.com)
Received: by mail-it1-x141.google.com with SMTP id 74-v6so7759032itw.1
 for <freebsd-hackers@freebsd.org>; Wed, 24 Oct 2018 12:56:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=sender:date:from:to:cc:subject:message-id:references:mime-version
 :content-disposition:content-transfer-encoding:in-reply-to
 :user-agent; bh=3CySXw71emc+T3Vde8LkA9qpWimYblU/70jQIodFrIk=;
 b=KOM74fDhSSGY+fg8F5m3qNPFjZhqtMSzWr9BhrBttr3QPQ0OzUA5Uj9MjYcfnrGUol
 tLTz0FJ1ypVMGxn9Io75XTPqBFjToEAgl85PjtAYctlJwoXr8mEM8ErPB52j5J3FqF6J
 97GATxfjarfLrzlyuUf45YBUCLf7zBQGP7hV547blG2YK1/2Lm2kwQnW9bbEsF9D1f/e
 lGkdCI5Twoztr1Apzhr+/RAHYZ1nmgnewjS8ah3v/jwJcCceN93U0qc0AuVaa8bHquqP
 xW7KrXc3dzLKQZJxoHSsXSUuXdjM48oOQlZBmVQACm01Rvs1TtlvXihtHsbvne6+KmZA
 EqFQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:sender:date:from:to:cc:subject:message-id
 :references:mime-version:content-disposition
 :content-transfer-encoding:in-reply-to:user-agent;
 bh=3CySXw71emc+T3Vde8LkA9qpWimYblU/70jQIodFrIk=;
 b=iCbtL8tucB6lx1eQPWj4VpUTJZEP58lkXLwm4RlMyemf8bW6tgwGXEPTAPV0DgGkTl
 iw1nlyUI46BqXJYiW0z+zzpfIZbX+C/rtquKR38xlys8Q65q4Z04AX5XlDV//AI9Wu9f
 DzYN+HyAk9LLYsednsJDI8jWPvGAFxBng8gkAqUYV6GlJ+wR4dqt+u9nY7EfpRnIFLmE
 P4Bc0V6v3d4aLNFaxKX/gU5u6cDu17To9dgCODlrovr/EFDsm5Ca9fOmNBHzvWqM4TeD
 oxInG9kB/wdQCaQ9sxQEU7PYGV0LvPg7Ec+H9Vn9gNLD62IZ+oiHQwNaDAjX72PbJ0oy
 mOZg==
X-Gm-Message-State: AGRZ1gJyQ7F96ktdU8M+WCEialq6fXZ3EJ08aZ6tjFy/J+M1yVtRt7Pf
 4VsMU8WT5GJef7uDp05Lb9R5/f3JoAk=
X-Google-Smtp-Source: AJdET5eeJFJbc+tOGuokBpB8geoIkPNH9H1VIssReVWrMI/JU6R8FkoBkTZsKAPylCYm4++Ilq4BlA==
X-Received: by 2002:a24:6907:: with SMTP id
 e7-v6mr2552190itc.113.1540410991019; 
 Wed, 24 Oct 2018 12:56:31 -0700 (PDT)
Received: from raichu (toroon0560w-lp130-08-67-71-176-199.dsl.bell.ca.
 [67.71.176.199])
 by smtp.gmail.com with ESMTPSA id i17-v6sm2117673iog.56.2018.10.24.12.56.29
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 24 Oct 2018 12:56:30 -0700 (PDT)
Sender: Mark Johnston <markjdb@gmail.com>
Date: Wed, 24 Oct 2018 15:56:27 -0400
From: Mark Johnston <markj@freebsd.org>
To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
Cc: freebsd-hackers@freebsd.org
Subject: Re: [CFT] capsicum patches for rtsol(8) and rtsold(8)
Message-ID: <20181024195627.GI45118@raichu>
References: <20181015194212.GA2751@spy>
 <E9282C14-3AEE-4D07-BD0A-38550F974DA9@lists.zabbadoz.net>
 <20181016165308.GB5066@raichu>
 <86D87437-BD34-489A-87B7-33F1089080EE@lists.zabbadoz.net>
 <20181016200414.GD5066@raichu>
 <2A564C8A-FB64-4D2A-9E3E-392F1FCA66BD@lists.zabbadoz.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <2A564C8A-FB64-4D2A-9E3E-392F1FCA66BD@lists.zabbadoz.net>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Oct 2018 19:56:32 -0000

On Mon, Oct 22, 2018 at 11:57:44AM +0000, Bjoern A. Zeeb wrote:
> On 16 Oct 2018, at 20:04, Mark Johnston wrote:
> 
> > On Tue, Oct 16, 2018 at 06:29:49PM +0000, Bjoern A. Zeeb wrote:
> >> On 16 Oct 2018, at 16:53, Mark Johnston wrote:
> >>
> >>> On Tue, Oct 16, 2018 at 04:06:43PM +0000, Bjoern A. Zeeb wrote:
> >>>> On 15 Oct 2018, at 19:42, Mark Johnston wrote:
> >>>>
> >>>>> https://people.freebsd.org/~markj/patches/rtsold_capsicum.diff
> >>>>
> >>>> (0) the git rename doesn’t really work when applying the diff 
> >>>> with
> >>>> FreeBSD’s patch so the mv has to be done manually
> >>>>
> >>>> (1) the rtsol Makefile also needs cap_syslog and util to link to
> >>>> otherwise rtsold.c has unresolved symbols
> >>>>
> >>>> (2) rtsol seem to have worked when manually invoked;
> >>>> /etc/resolv.conf
> >>>> was created (I had rm’ed it) and the 3 nameserver lines
> >>>> re-appeared;
> >>>> sorry can’t test the search string here
> >>>>
> >>>> (3) rtsold crashes:
> >>>
> >>> Thanks.  I made some last-minute changes and forgot to retest, of
> >>> course. :(
> >>>
> >>> I uploaded a new patch which should fix all of these issues - could
> >>> you
> >>> give it a try?
> >>
> >> With the old and new patch:
> >>
> >> root@i386-a3-carp:/usr/src/sbin/rtsol # rtsol vtnet0
> >> failed to run script: Invalid argument
> >>
> >> Hadn’t noticed that before.
> >
> > That's a cosmetic bug.  I uploaded a new patch which should fix it.
> 
> Same URL?  I’d try to test that tomorrow then.

Yes, I just uploaded a new version of the patch to
https://people.freebsd.org/~markj/patches/rtsold_capsicum.diff and would
appreciate any further testing that you can do.

> >> Also on a running system:
> >>
> >> root@i386-a3-carp:/ # rm /etc/resolv.conf
> >> root@i386-a3-carp:/ # cat /etc/resolv.conf
> >> cat: /etc/resolv.conf: No such file or directory
> >> root@i386-a3-carp:/ # sh /etc/rc.d/rtsold restart
> >> Stopping rtsold.
> >> Waiting for PIDS: 1047.
> >> Starting rtsold.
> >> root@i386-a3-carp:/ # cat /etc/resolv.conf
> >> cat: /etc/resolv.conf: No such file or directory
> >
> > resolvconf -a will only update /etc/resolv.conf if the info in
> > /var/run/resolvconf/interfaces/vtnet0 has changed, I believe.  Try
> > deleting that file too, and then try running rtsol.
> 
> When I deleted /etc/resolv.conf and then rtsol manually it had 
> re-appeared.  Unclear to me what was in /var/run; I just wanted to point 
> out the difference in behaviour;  maybe you are right;  I’ll go and 
> check if deleting in /var/run/ as well makes a difference.

I don't observe that behaviour with either the stock or patched
rtsol(8): for resolvconf(8) to update /etc/resolv.conf (or re-generate
it), something under /var/run/resolvconf/interfaces needs to have
changed.  So, in my case, deleting /etc/resolv.conf *and*
/var/run/resolvconf/interfaces/re0:slaac will cause resolv.conf to be
regenerated once rtsold(8) decides to re-run resolvconf(8), but
deleting resolv.conf on its own will not.