Date: Tue, 16 Oct 2012 13:51:49 -0700 From: David Wolfskill <david@catwhisker.org> To: freebsd-questions@freebsd.org Subject: IPCS resource access within a down-level jail? Message-ID: <20121016205149.GA1817@albert.catwhisker.org>
index | next in thread | raw e-mail
[-- Attachment #1 --] [Please include me in responses; I've set Reply-To as a hint. Thanks!] A colleague had been running a program that makes use of IPCS message queues in a 7.x/i386 environment. He was moved to a 32-bit 7.x-based jail instantiated on an 8.x/amd64 host. Within that jail, "ipcs -a" now fails to come anywhere near close to reporting what it does outside the jail. I then performed an experiment: I created a 7.x/i386 jail on my 9.x/i386 laptop. I verified that "ipcs -a" (outside the jail) shows Stuff: d134(9.1-P)[1] ipcs -a Message Queues: T ID KEY MODE OWNER GROUP CREATOR CGROUP CBYTES QNUM QBYTES LSPID LRPID STIME RTIME CTIME Shared Memory: T ID KEY MODE OWNER GROUP CREATOR CGROUP NATTCH SEGSZ CPID LPID ATIME DTIME CTIME m 393216 0 --rw------- david david david david 2 393216 3671 3147 8:23:37 no-entry 8:23:37 m 851969 0 --rw------- david david david david 2 262080 3861 3147 9:24:09 no-entry 9:24:09 m 458754 0 --rw------- david david david david 2 384000 3861 3147 9:24:09 no-entry 9:24:09 Semaphores: T ID KEY MODE OWNER GROUP CREATOR CGROUP NSEMS OTIME CTIME d134(9.1-P)[2] Inside the jail, using the 7.x version of ipcs, I get: %ipcs -a ipcs: sysctlbyname: kern.ipc.msqids: Cannot allocate memory % I then recompiled the 9.x versions of ipcs & ipcrm and linked them statically; running that verion of ipcs, I see: %~/bin/!! ~/bin/ipcs -a Message Queues: T ID KEY MODE OWNER GROUP CREATOR CGROUP CBYTES QNUM QBYTES LSPID LRPID STIME RTIME CTIME Shared Memory: T ID KEY MODE OWNER GROUP CREATOR CGROUP NATTCH SEGSZ CPID LPID ATIME DTIME CTIME m 393216 0 --rw------- david david david david 2 393216 3671 3147 15:23:37 no-entry 15:23:37 m 655362 0 --rw------- david david david david 2 262080 3861 3147 18:39:30 no-entry 18:39:30 Semaphores: T ID KEY MODE OWNER GROUP CREATOR CGROUP NSEMS OTIME CTIME % Is this (inability to access IPCS resources properly within a "down-level" jail) expected behavior? Is there a sane(?) way to provide IPCS resources inside a down-level jail? Thanks! Peace, david -- David H. Wolfskill david@catwhisker.org Taliban: Evil men with guns afraid of truth from a 14-year old girl. See http://www.catwhisker.org/~david/publickey.gpg for my public key. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlB9yOQACgkQmprOCmdXAD3zMACeN5e1MYbb9Cl60uujvmZeJuqy nNUAnji0HeQwQs4qjYiwW02e5R7jBVt3 =LNQN -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20121016205149.GA1817>