Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 6 May 2020 14:04:21 -0500
From:      Kyle Evans <kevans@freebsd.org>
Cc:        Kurt Jaeger <pi@freebsd.org>, jail@freebsd.org
Subject:   Re: Should killed process deref a jail?
Message-ID:  <CACNAnaHJhpgvBdRS%2BSEweHCYmByonu0gvCS0W=e__YG5x2XNGg@mail.gmail.com>
In-Reply-To: <CACNAnaFvyhD-CXozcntui%2Bgd4gvMTgzHUnVbTYCMJfaWHNJM5g@mail.gmail.com>
References:  <CACNAnaGssAKJ1-LhfQ1yszkOYkGw0iDsFgxmcuEZmTf9M-hyTg@mail.gmail.com> <20200506184923.GT39563@home.opsec.eu> <CACNAnaFvyhD-CXozcntui%2Bgd4gvMTgzHUnVbTYCMJfaWHNJM5g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, May 6, 2020 at 1:55 PM Kyle Evans <kevans@freebsd.org> wrote:
>
> On Wed, May 6, 2020 at 1:49 PM Kurt Jaeger <pi@freebsd.org> wrote:
> >
> > Hi!
> >
> > > In doing some testing of qemu-user-static recently, I noticed that
> > > killing the last process in a non-persist jail doesn't kill off the
> > > jail:
> > >
> > > root@viper:/usr/src# jail -c path=/ command=yes
> > > ## ^C out
> > >
> > > root@viper:/usr/src# jls
> > >    JID  IP Address      Hostname                      Path
> > >    181                                                /
> > >
> > > root@viper:/usr/src# ps fxJ 181
> > > PID TT  STAT TIME COMMAND
> > >
> > > As a result, I ended up with 82 jails pointed at my armv7 sysroot and
> > > much surprise when I checked out `jls`. This vaguely smells like a
> > > bug, is this something that should be fixed?
> >
> > Depends. If the last process held some socket and the socket
> > is still in the state LINGER.
> >
> > See
> >
> > https://deepix.github.io/2016/10/21/tcprst.html
> >
> > for more details, after the heading 'What is SO_LINGER?'
> >
> > You can probably see those sockets with
> >
>
> That'd make sense, but in this case it's actually reproducible with
> yes(1), which doesn't open up any sockets or actually use any external
> resources other than write()ing to stdout.

This turns out to be PEBCAK, as jail(8) will always set persist if
there's a command to be run. Sorry for the noise...

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACNAnaHJhpgvBdRS%2BSEweHCYmByonu0gvCS0W=e__YG5x2XNGg>