From owner-freebsd-stable@FreeBSD.ORG Tue Jun 28 14:59:03 2005 Return-Path: X-Original-To: stable@freebsd.org Delivered-To: freebsd-stable@FreeBSD.ORG Received: from green.homeunix.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 004FA16A41C; Tue, 28 Jun 2005 14:59:02 +0000 (GMT) (envelope-from green@green.homeunix.org) Received: from green.homeunix.org (green@localhost [127.0.0.1]) by green.homeunix.org (8.13.3/8.13.1) with ESMTP id j5SEx2pv023922; Tue, 28 Jun 2005 10:59:02 -0400 (EDT) (envelope-from green@green.homeunix.org) Received: (from green@localhost) by green.homeunix.org (8.13.3/8.13.1/Submit) id j5SEx0Tx023921; Tue, 28 Jun 2005 10:59:00 -0400 (EDT) (envelope-from green) Date: Tue, 28 Jun 2005 10:58:59 -0400 From: Brian Fundakowski Feldman To: Eirik =?iso-8859-1?Q?=D8verby?= Message-ID: <20050628145859.GC1074@green.homeunix.org> References: <92135CB3-5540-4D06-A991-708C8AAD6AC7@unicore.no> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <92135CB3-5540-4D06-A991-708C8AAD6AC7@unicore.no> User-Agent: Mutt/1.5.6i Cc: stable@freebsd.org Subject: Re: Jails that won't die... X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jun 2005 14:59:03 -0000 On Tue, Jun 28, 2005 at 10:37:29AM +0200, Eirik Øverby wrote: > Hi, > > I have, since upgrading to 5.x and updating my management tools, seen > a number of problems relating to stopping jails. > > I'm maintaining several hosts with a number of full-featured jails > (i.e. full virtual FreeBSD installations in each jail), and in > general this works fine. However, whenever I stop a jail using 'jexec > kill -SIGNAL -1' or 'jexec /bin/sh /etc/rc.shutdown' (in > various combinations), jails have a tendency to stick around for > minutes or hours - according to 'jls'. Often I see an entry in > 'netstat -a' indicating that there is one or more sockets in FIN_WAIT > state, preventing the jail from coming down. Taking the virtual > network interface (alias) down does not help. All I can do at this > point is wait. > > I normally use 'jls' to determine whether or not a jail can be > restarted (i.e. it's not running), but this is pretty useless in such > cases. And right now I have a case where 'netstat -a' shows me > nothing pertaining to the jail, though it has no processes running. I > have therefore force-started the jail again, which seems to work > nicely, but now 'jls' gives me two entries for this jail, with > different JIDs. > > What am I doing wrong here? You could just use ps to check for jailed processes and check their respective jails using the procfs status entry (at least according to the ps manpage...) -- Brian Fundakowski Feldman \'[ FreeBSD ]''''''''''\ <> green@FreeBSD.org \ The Power to Serve! \ Opinions expressed are my own. \,,,,,,,,,,,,,,,,,,,,,,\