From owner-freebsd-emulation@FreeBSD.ORG Wed Feb 22 01:53:38 2006 Return-Path: X-Original-To: freebsd-emulation@freebsd.org Delivered-To: freebsd-emulation@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DBD7016A422 for ; Wed, 22 Feb 2006 01:53:37 +0000 (GMT) (envelope-from marsgmiro@gmail.com) Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.192]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3EB6A43D45 for ; Wed, 22 Feb 2006 01:53:37 +0000 (GMT) (envelope-from marsgmiro@gmail.com) Received: by zproxy.gmail.com with SMTP id 8so1304613nzo for ; Tue, 21 Feb 2006 17:53:36 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=nvos+xt2LlPljvfwhICTxoO8k7/+JztiMXG4A5cw3lz4VQCKQHBVwoCPd49STDHqsMD7gM6OTCT9ZIGbSuKyAeTxJoZrOVXRAeQnVuGj0R869IVMnUv0dN6wtwouyLeaJZofP8eFW2U+42XmPaLuAvGCqM2IG6o80eiZ0Oug3Yc= Received: by 10.36.157.19 with SMTP id f19mr4364875nze; Tue, 21 Feb 2006 17:53:36 -0800 (PST) Received: by 10.36.68.1 with HTTP; Tue, 21 Feb 2006 17:53:36 -0800 (PST) Message-ID: <28edec3c0602211753p7290e85q3fb23d799c0cf0fc@mail.gmail.com> Date: Wed, 22 Feb 2006 09:53:36 +0800 From: "Mars G. Miro" To: kris@obsecurity.org, freebsd-emulation@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Cc: Subject: Re: linprocfs and linux_base port upgrade X-BeenThere: freebsd-emulation@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Development of Emulators of other operating systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Feb 2006 01:53:38 -0000 >> >> Actually, this unmount ... remount situation is pretty evil. For >> example, it prevents users from building linux_base in a jail. In >> fact I'd like to switch to building packages in jails instead of >> chroots on the package cluster, but this is the major reason I can't. I have been able to build linux_base in a jail, but I had to turn on a few sysctl jail knobs on the main host (see more below) > Not to mention that the umount isn't always reliable for some reason: > the linux_base-8 package build often fails with this: > =3D=3D=3D> Checking if emulators/linux_base-8 already installed > Un-mounting linprocfs... > kern.fallback_elf_brand: -1 -> 3 > redhat-release-8.0-8.noarch.rpm > glibc-common-2.3.2-4.80.8.i386.rpm > glibc-2.3.2-4.80.8.i386.rpm > setup-2.5.20-1.noarch.rpm > filesystem-2.1.6-5.noarch.rpm > unpacking of archive failed on file /proc: cpio: chown failed - Operation= not > supported I usually have, in /etc/sysctl.conf: ... # for the Jails security.jail.allow_raw_sockets=3D1 security.jail.sysvipc_allowed=3D1 security.jail.chflags_allowed=3D1 ... I think that last error you got has something todo w/ enabling the chflags sysctl jail. For the record: mars@jail:~> uname -a FreeBSD jail.XXXXXXXXXXX 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #0: Thu Feb 16 17:32:02 PHT 2006 =20 root@alcatraz.XXXXXXXXXXX:/usr/obj/usr/src/sys/XXXXXX amd64 mars@jail:~> pkg_info autoconf-2.13.000227_5 Automatically configure source code on many Un*x platforms automake-1.4.6_2 GNU Standards-compliant Makefile generator (1.4) expat-2.0.0 XML 1.0 parser written in C fontconfig-2.3.2_1,1 An XML-based font configuration API for X Windows freetype2-2.1.10_2 A free and portable TrueType font rendering engine gettext-0.14.5_1 GNU gettext package glib-2.8.6 Some useful routines of C programming (current stable v= ersi gmake-3.80_2 GNU version of 'make' utility imake-6.9.0 Imake and other utilities from X.Org javavmwrapper-2.0_6 Wrapper script for various Java Virtual Machines libdrm-2.0 Userspace interface to kernel Direct Rendering Module s= ervi libiconv-1.9.2_1 A character set conversion library libtool-1.3.5_2 Generic shared library support script (1.3) libtool-1.5.22_1 Generic shared library support script (1.5) linux-XFree86-libs-4.3.99.902_7 XFree86 libraries, Linux binary linux-expat-1.95.7 Linux/i386 binary port of Expat XML-parsing library linux-fontconfig-2.2.3_2 Linux/i386 binary of Fontconfig linux-sun-jdk-1.4.2.10 Sun Java Development Kit 1.4 for Linux linux_base-8-8.0_13 Base set of packages needed in Linux mode (for i386/amd= 64) m4-1.4.4 GNU m4 open-motif-2.2.3_2 Motif X11 Toolkit (industry standard GUI (IEEE 1295)) perl-5.8.7_2 Practical Extraction and Report Language pkgconfig-0.20 A utility to retrieve information about installed libra= ries popt-1.7 A getopt(3) like library with a number of enhancements,= fro rpm-3.0.6_10 The Red Hat Package Manager unzip-5.52_2 List, test and extract compressed files in a ZIP archiv= e xorg-libraries-6.9.0 X11 libraries and headers from X.Org zip-2.31 Create/update ZIP files compatible with pkzip mars@jail:~> sysctl -a |grep jail kern.hostname: jail.XXXXXXXXXXX security.jail.jailed: 1 security.jail.chflags_allowed: 1 security.jail.allow_raw_sockets: 1 security.jail.enforce_statfs: 2 security.jail.sysvipc_allowed: 1 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 > *** Error code 1 > Kris cheers mars