From owner-freebsd-stable Mon Nov 13 11:27:35 2000 Delivered-To: freebsd-stable@freebsd.org Received: from mail.gmx.net (pop.gmx.net [194.221.183.20]) by hub.freebsd.org (Postfix) with SMTP id D9E6E37B479 for ; Mon, 13 Nov 2000 11:27:32 -0800 (PST) Received: (qmail 20009 invoked by uid 0); 13 Nov 2000 19:27:30 -0000 Received: from p3ee2162d.dip.t-dialin.net (HELO speedy.gsinet) (62.226.22.45) by mail.gmx.net (mail09) with SMTP; 13 Nov 2000 19:27:30 -0000 Received: (from sittig@localhost) by speedy.gsinet (8.8.8/8.8.8) id UAA30597 for stable@freebsd.org; Mon, 13 Nov 2000 20:16:49 +0100 Date: Mon, 13 Nov 2000 20:16:49 +0100 From: Gerhard Sittig To: stable@freebsd.org Subject: "unhandled" panic in 4.2-BETA (PR 22723) Message-ID: <20001113201649.G27042@speedy.gsinet> Mail-Followup-To: stable@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i Organization: System Defenestrators Inc. Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm a little nervous: The panic described in http://www.freebsd.org/cgi/query-pr.cgi?pr=22723 happens in a default (to be) 4.2-R installation when using networked services inside jails. It was filed on Nov 9th. Last time I checked (Nov 13th around 12.00 UTC) it wasn't assigned to somebody familiar with the TCP stack or jail functionality. The reason for my being nervous is the advent of the 4.2 release and having such a panic in an "officially delivered snapshot" may leave a bad impression which could have been avoided. Should I be concerned? What's the usual delay for getting a PR classified as "serious" into a working queue or have it rejected (when misclassified, since the originator may fail in judging its severity due to personal involvement and emotional reactions:) ? Are there surveys at all about how typical jail(2) usage is amongst FreeBSD admins? This is what could make the panic "not that serious" in the blink of an eye ... I'm aware of the complex topic -- that's why I cannot point further into the problem spot or even provide a fix. But if the problem is serious in your opinion, too, and cannot be fixed prior to shipping 4.2, there should be something like "don't run networked services inside jails" (which is not useful at all IMO and defeats the reason for setting up jails at all), "bind all jailed services to a specific IP" (more probable to be achieved and done anyway by admins as far as possible, but some services seem to resist against this treatment) or "don't restrict jails to UNIX/IP/Route protocols only" (best done with shipping the appropriate /etc/sysctl.conf file) in the accompanying doc. Thank you for your attention! virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message