From owner-freebsd-jail@freebsd.org Wed Oct 11 19:48:45 2017 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 941B5E35420; Wed, 11 Oct 2017 19:48:45 +0000 (UTC) (envelope-from meka@tilda.center) Received: from mail.tilda.center (tilda.center [45.77.138.211]) by mx1.freebsd.org (Postfix) with ESMTP id 5EF8174BD6; Wed, 11 Oct 2017 19:48:45 +0000 (UTC) (envelope-from meka@tilda.center) Received: from thinker.meka.no-ip.org (unknown [87.116.178.97]) by mail.tilda.center (Postfix) with ESMTPSA id 8D4698278; Wed, 11 Oct 2017 21:48:35 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=tilda.center; s=mail; t=1507751315; bh=ZSGRcIEri/HaxUrrCWYwHkGj57P6cXUe/YnhgzfXKSM=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=J+srtxdbC1CQf/9gdgGEnIYrAE4RGR5thjsAHU2uqHhhbEkn6doPNT0Y17K+tANpV vOEM1/7ea1sTQuXW/fxoCk3Ke/aLqpj1oFre4+WS2AKFqNRNPyMZxEScyl4mYHzrTa OWN8xPeMmE0l7921auKuxjGk9Yv2VqotTW353Q0k= Date: Wed, 11 Oct 2017 21:48:34 +0200 From: Goran =?utf-8?B?TWVracSH?= To: Oleg Ginzburg Cc: Kristof Provost , FreeBSD Current , freebsd-jail@freebsd.org Subject: Re: VNET jail and dhclient Message-ID: <20171011192826.xkscmrovch3g7gni@thinker.meka.no-ip.org> References: <20171009072547.jauim6tlfennydf5@hal9000.meka.no-ip.org> <6D37D4AC-9DF4-4D55-8614-43CFC6BDD45E@sigsegv.be> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="uvz5qil4be2a3igp" Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170912 (1.9.0) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Oct 2017 19:48:45 -0000 --uvz5qil4be2a3igp Content-Type: text/plain; charset=utf-8 Content-Disposition: inline On Tue, Oct 10, 2017 at 09:10:37PM +0000, Oleg Ginzburg wrote: > I think I found something, but I do not understand why this is only > observed in jail and with commit change this. > The problem about which the Goran wrote can be fixed with: > > # diff -ruN dhclient.c-orig dhclient.c > --- dhclient.c-orig 2017-10-10 23:51:52.451361000 +0000 > +++ dhclient.c 2017-10-10 23:54:55.803404000 +0000 > @@ -479,6 +479,7 @@ > > fork_privchld(pipe_fd[0], pipe_fd[1]); > > + pidfile_close(pidfile); > close(ifi->ufdesc); > ifi->ufdesc = -1; > close(ifi->wfdesc); > > > > > From pidfile(3) man page: > > The pidfile_close() function closes a pidfile. It should be used after > daemon fork()s to start a child process. > > > chroot(2) in dhclient return NOPERM (via global errno). it seems to be > related to open descriptor outside the chroot. > > I'm not sure if this fd leak (due to pidfile_remove at the end of > dhclient), nevertheless closing pid fd in my jail/FreeBSD12 before chroot > solve dhclient issue. I can confirm Oleg's patch works for me. Weird one, for sure! --uvz5qil4be2a3igp Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE1WIFkXy2ZeMKjjKEWj1TknovrLYFAlnedY0ACgkQWj1Tknov rLYz0g/+Na9YvY8R5p8BCyeI2HrBQ20+jFcCoMCyfw3hB95t9LIkyey4Gn3em6BG 6CcTmYiJt9W+Qql16M24r6Dg3jvCKzLqRATkPTI905MN9dkjlCBEZP/BFOf1pXYn SzGCp/fnv2VTY3tikwYSQKSBuk7Mq4qx9JTvg7fEvgwBRAMPHX2TCdtAhHTqPnQm Ocx3TNLo6CBnCOhg0rZFXLdWpwsE3lihQNhnqYlIEr9RJoAzBdEqgrMGbJsleLnv D8TTdowKGv1WkQA3KEnkEyKTqeI4VXXrTUr5e8oNj2tNy/tahDlbokOlvqR1F4Og ZFqy3i3VZvduzCFPdyC7bQVX0eDhYA0vaCPGEPKKvHG5v3q4LBa8kASGLhHfU/QW fzY/JCDdrJEXXVISMXlV8biBgl31IoN/q6wex39o7kHtx9lTmXGhmsORD6+mZMUU DgbglrCkYpzf+CsHPA5zSROGSDWDIiJJPusID9xK1+3DEZqHURHq+Y0qTuUImX3D sg8E8rXLORw5h6gEPttYLxCIwRyJN7yZBOoYiLBOLppFu2HI90v+CAdJ25NxtbAU c+D9Dx9Zi1j5bhVpCQ/4Uc0wBveBaYuX0iDB6WvrHgpo3OoZ+E+GVJS2+IM15E5r 33nY2fdTwlh9dYwNqAqd/5Zs2GN6TxCWCagaOOcS/mIZY0z3ZkY= =DImW -----END PGP SIGNATURE----- --uvz5qil4be2a3igp--