From nobody Wed Mar 8 15:21:01 2023 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PWwxq26B7z3wVyG for ; Wed, 8 Mar 2023 15:21:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PWwxq16bkz3Prs for ; Wed, 8 Mar 2023 15:21:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1678288863; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rXUzw67Ht0qDGiKwXyrvGCN8TXd8AHW7eN2UqED8Nm8=; b=vsRHT5bbPK8YbDaHFwLGbNOPpLVxY7OQEPFZNjPRCUNP4Zg6QJ54Due0MGcdUSyHK3mGgb l7uHVq3vdifDjZJqeOJOyreGIng0Jb8Q2Fov8UpsfRjHrKqOEWnYi45w72X+w+OwH8FqnA HuieeK8bDPBzU0IPEYYdkQAHWJNdla0r0x3bTjWaD3uoXNLXVEnSpxyRyosY90vSEL+m1m G6r9j3rKlglpR7k1J05iRPthQvrWlGe4YieF7l0ibvByOxEwT/SVbGTaM2GDbiiDaZQPNg ED2tR37inx5849tCkiPeAxUTEPr8vhiMZoM+T3JVQdQrIozCbrO6ucbUKgf4zA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1678288863; a=rsa-sha256; cv=none; b=K+pBNrvWrezq79/OvL3NyhuC7XzHMOHbNGOBDC6DxenjqUDH1penKoInStrZ4zj0HNw2cG 5lhQ7NujpUeZ+11eQbQzhjUtH2gGIgM8wKoqRTOhGH3udM24ujPus/zr7Pjf2+HSn5zzO0 oklEG13qSoUSTB46EpMQAuU8kRgb4FfvDHl79HneQzjnzlCZkXb2hzrlngvOpWY2roOBXh CNhE4suvEFCjoeGDb9pWG7+vTIYfdRYCZSc7yUemAUXfs2aF+jGLWZWT+VKfD701x404/6 H+z2khmRlskjCevqcKIbYJd3oDV5y0UWfNFHlNtOp7FMwdvxTmQcRhrMqjqb2w== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PWwxq0DcbzW4h for ; Wed, 8 Mar 2023 15:21:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 328FL2la089684 for ; Wed, 8 Mar 2023 15:21:02 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 328FL2Ij089683 for bugs@FreeBSD.org; Wed, 8 Mar 2023 15:21:02 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 260248] jails: depend parameter does not work in modular jail files (conf.d) Date: Wed, 08 Mar 2023 15:21:01 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: conf X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: feld@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260248 Mark Felder changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |feld@FreeBSD.org --- Comment #4 from Mark Felder --- (In reply to Antranig Vartanian from comment #3) I've tested both cases and they fail. If you run it as sh -x /etc/rc.d/jail start JAILNAME you can see what it's doing. At no point does it attempt to read in any other jail configurations before processing the target jail. This is a bit of a chicken-and-egg scenario as the code handling the startu= p of jails is shell script which guesses where the jail configs are, and the act= ual processing of the jail config parameters is done by the C code. A bad hack could be implemented in /etc/rc.d/jail to actually read the contents of the= se files and look for a "depend =3D" or "depend +=3D", parse it, and then try = to load /etc/jail.JAILNAME.conf or /etc/jail.conf.d/JAILNAME.conf so it can be merg= ed together and the jail will be discovered. However, this opens a new can of worms as there won't be any isolation of configuration between the jails an= d if the configs are simply concatenated together to be presented to jail(8) you will have issues with one jail config declaring settings outside the JAILNA= ME { } section and leaking into the config of the jail that was appended. The correct way to solve this would be to move more logic into jail(8) so it does all of this work for us and /etc/rc.d/jail is stripped down to simply passing start/stop/restart commands to jail(8) similar to how docker works. I will gladly contribute to a bounty to overhaul jail(8) if anyone out ther= e is willing and capable. --=20 You are receiving this mail because: You are the assignee for the bug.=