Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 25 Jul 2014 00:22:37 -0400
From:      Glen Barber <gjb@FreeBSD.org>
To:        Warren Block <wblock@wonkity.com>
Cc:        freebsd-jail@FreeBSD.org
Subject:   Re: check_dhcp
Message-ID:  <20140725042237.GC1065@hub.FreeBSD.org>
In-Reply-To: <alpine.BSF.2.11.1407242205140.3624@wonkity.com>
References:  <alpine.BSF.2.11.1407242042240.3624@wonkity.com> <20140725032045.GY1065@hub.FreeBSD.org> <alpine.BSF.2.11.1407242122540.3624@wonkity.com> <20140725033114.GZ1065@hub.FreeBSD.org> <alpine.BSF.2.11.1407242132590.3624@wonkity.com> <20140725034600.GA1065@hub.FreeBSD.org> <alpine.BSF.2.11.1407242147440.3624@wonkity.com> <20140725035533.GB1065@hub.FreeBSD.org> <alpine.BSF.2.11.1407242205140.3624@wonkity.com>

next in thread | previous in thread | raw e-mail | index | archive | help

--TuBLotoxjxNtqonL
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Jul 24, 2014 at 10:19:53PM -0600, Warren Block wrote:
> On Thu, 24 Jul 2014, Glen Barber wrote:
>=20
> >I think dhclient still will not work though, since it is set as 'nojail'
> >in /etc/rc.d/dhclient rc script.
>=20
> To be clear, what worked was running /sbin/dhclient, not the rc script. It
> requests and gets a lease, but does not manage to assign the address to t=
he
> jail's interface.
>=20

Rightfully so.  I would be worried if it did.[1]

> >Does /var/run/dhclient* stuff exist in the jail, with valid entries?
>=20
> It does create a pid file, and a dhclient.leases file in /var/db/.  But t=
he
> lease address is not assigned.
>=20

Good, I would be worried about this, as well.[1]

> >I suspect no, and if yes, I would argue this is a bug that it does.
>=20
> It runs, but toothlessly, which seems about right. :)

[1] Consider a shared hosting provider using jail(8), where root access
is granted.  Such a case should not expect a dhclient(8) to arbitrarily
succeed on the network.

Glen



--TuBLotoxjxNtqonL
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJT0duNAAoJELls3eqvi17QKp0QALmdTeYGzKDPcf91BIvuNEV+
QOqnSPiV5i+Xf0n7Gr03ufA4KbzPH1jfC0S+/pfcPNE8F2diIvlSoAwdsxCOQzNE
RO6/XV1MhxFG+nrE6yzPadPQdq/98t3xPPzBUaPaJdeWVxZyiz6ME+pEDmdNy9xc
r8JmMjn9afTlUKiHjagIf9uWHAxFIlGWQqVoCyYY4iCvLiiQt3llSeZF2YMrgOSS
c7WMSTXeMsSON3HMpKMLB4/fX9XAd6DIZ8TqKFk1NbbuY1s1exBg60O9KjtSNH/t
p85SEp1ERvC0BL9vCe3Y4shkqYQlv01qoIaC9uXQ9MNt3OHnFQt5Y7grv17yN3kA
KmpeJLraAhk5qUvcTMSt9Of2aVV+7/UZIGI1IuvbyByQuXZj7DrVOfScpptvDTih
/nqTS1E5t99uf+6JiMBSImJRn1RKkAW0EOOu45cmrtz8Q8374/7D5uR/juacedgD
Z5sMjTbD0A0pczrxXleVFHbzDtaYf29J/dEva516Tuhg866qC7ftv2vvZUFq0KX+
yx1cCy76NTtwlt/Ett+MpIelY6D9PZzLHI+HmSFMXTAS0mKzobNSCHhOV9e6COBv
KXovHMQB+GAgKK5Qp7/sFAq4JGk5InxPrpEfsWarz3w+Q/UycwtxL2FoLTBfe5aD
0KU6f+MkWOfU8E+wHUlk
=CmEq
-----END PGP SIGNATURE-----

--TuBLotoxjxNtqonL--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140725042237.GC1065>