From owner-freebsd-hackers@freebsd.org Wed Sep 20 04:29:03 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7DFF8E1FA60 for ; Wed, 20 Sep 2017 04:29:03 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from mx1.etoilesoft.fr (mx1.etoilesoft.fr [52.57.51.18]) by mx1.freebsd.org (Postfix) with ESMTP id F1D797E71A for ; Wed, 20 Sep 2017 04:29:02 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from mx1.etoilesoft.fr (localhost [127.0.0.1]) by mx1.etoilesoft.fr (Postfix) with ESMTP id 5F18E9D1A6; Wed, 20 Sep 2017 04:30:08 +0000 (UTC) Received: from [172.25.55.86] (localhost [127.0.0.1]) (Authenticated sender: auryn@zirakzigil.org) by mx1.etoilesoft.fr (Postfix) with ESMTPA id EBA729C944; Wed, 20 Sep 2017 04:30:07 +0000 (UTC) From: Giulio Ferro Subject: Re: devd in jail To: Alexander Leidinger , freebsd-hackers@freebsd.org References: <7ca865ee-b613-2f0c-daf0-d828884b5e74@zirakzigil.org> <1C181EF2-B8B1-4F42-BF80-ABEA0593DD43@dsl-only.net> <20170906122556.Horde.5OdDwtii7HXPNArY77YUyBi@webmail.leidinger.net> <20170906221947.Horde.RITHvdc1wVE9v0-3nBavR0Z@webmail.leidinger.net> <20170909150335.Horde.wBLIPwBuhV3lyQlBxKud39f@webmail.leidinger.net> <27e72cfb-54cf-4af8-b569-85fff089c45f@zirakzigil.org> <20170911161253.Horde.vawLu00EtbbHOVeJRXjp7N0@webmail.leidinger.net> <3236AD55-0D14-49A5-B5B9-3147A216D8A5@zirakzigil.org> <20170917210736.Horde.TlHhnPnnzSWoAGi9k7b1_sp@webmail.leidinger.net> <20170918153212.Horde.reuh2WwJotWq2qHgpHwvnNq@webmail.leidinger.net> Message-ID: Date: Wed, 20 Sep 2017 06:28:55 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <20170918153212.Horde.reuh2WwJotWq2qHgpHwvnNq@webmail.leidinger.net> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Language: fr Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Sep 2017 04:29:03 -0000 Ok, I'm progressing :) I've patched, built and installed the new kernel. Now I can start the jail with the new parameter. Unfortunately Xorg still fails to start... :( Here's my setup: /etc/rc.conf.local ----------------------------------------------------------------------- ... jail_enable="YES" ... ----------------------------------------------------------------------- /etc/jail.conf ----------------------------------------------------------------------- exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.clean; mount.devfs; devfs_ruleset=1; path = "/usr/home/jails/$name"; xxx { host.hostname = "xxx.xxx.xxx"; vnet; vnet.interface = epair0b, epair1b; allow.kmem_access = "true"; persist; } ----------------------------------------------------------------------- /etc/devfs.rules ----------------------------------------------------------------------- [devfsrules_jail=1] add path pf unhide add path kmem unhide add path io unhide add path mem unhide add path pci unhide add path tty unhide add path ttyv0 unhide add path ttyv1 unhide add path ttyv8 unhide ----------------------------------------------------------------------- Now I can start the jail with /etc/rc.d/jail start The jail seems ok. Here's its /dev directory: ----------------------------------------------------------------------- # ls -l total 3 crw-r--r-- 1 root wheel 0x27 Sep 20 04:05 acpi crw-r----- 1 root operator 0x3e Sep 20 04:05 ada0 crw-r----- 1 root operator 0x3f Sep 20 04:05 ada0p1 crw-r----- 1 root operator 0x40 Sep 20 04:05 ada0p2 crw-rw-r-- 1 root operator 0x29 Sep 20 04:05 apm crw-rw---- 1 root operator 0x28 Sep 20 04:05 apmctl crw------- 1 root wheel 0x2b Sep 20 04:05 atkbd0 crw------- 1 root kmem 0x1c Sep 20 04:05 audit crw------- 1 root wheel 0x1b Sep 20 04:05 auditpipe crw------- 1 root wheel 0xd Sep 20 04:08 bpf lrwxr-xr-x 1 root wheel 3 Sep 20 04:09 bpf0 -> bpf crw-rw-rw- 1 root wheel 0x2e Sep 20 04:05 bpsm0 crw------- 1 root wheel 0xa Sep 20 04:16 console crw------- 1 root wheel 0xf Sep 20 04:05 consolectl crw-rw-rw- 1 root wheel 0xc Sep 20 04:05 ctty crw-rw---- 1 uucp dialer 0x32 Sep 20 04:05 cuau0 crw-rw---- 1 uucp dialer 0x33 Sep 20 04:05 cuau0.init crw-rw---- 1 uucp dialer 0x34 Sep 20 04:05 cuau0.lock crw------- 1 root wheel 0x4 Sep 20 04:05 devctl crw------- 1 root wheel 0x5 Sep 20 04:05 devctl2 cr--r--r-- 1 root wheel 0x3d Sep 20 04:05 devstat dr-xr-xr-x 2 root wheel 512 Sep 20 04:09 fd crw------- 1 root wheel 0x11 Sep 20 04:05 fido crw-rw-rw- 1 root wheel 0x18 Sep 20 04:05 full crw-r----- 1 root operator 0x6 Sep 20 04:05 geom.ctl dr-xr-xr-x 2 root wheel 512 Sep 20 04:09 gpt dr-xr-xr-x 2 root wheel 512 Sep 20 04:09 gptid crw-r--r-- 1 root wheel 0x2a Sep 20 04:05 hpet0 crw------- 1 root wheel 0x24 Sep 20 04:05 io lrwxr-xr-x 1 root wheel 6 Sep 20 04:09 kbd0 -> atkbd0 lrwxr-xr-x 1 root wheel 7 Sep 20 04:09 kbd1 -> kbdmux0 crw------- 1 root wheel 0x12 Sep 20 04:05 kbdmux0 crw------- 1 root wheel 0x25 Sep 20 04:05 klog crw-r----- 1 root kmem 0x15 Sep 20 04:05 kmem crw------- 1 root wheel 0xb Sep 20 04:05 mdctl crw-r----- 1 root kmem 0x14 Sep 20 04:05 mem crw-rw-rw- 1 root wheel 0x26 Sep 20 04:05 midistat crw------- 1 root wheel 0x17 Sep 20 04:05 netmap crw------- 1 root kmem 0x16 Sep 20 04:05 nfslock crw-rw-rw- 1 root wheel 0x19 Sep 20 04:17 null crw-r--r-- 1 root wheel 0x23 Sep 20 04:05 pci crw------- 1 root wheel 0x45 Sep 20 04:09 pf crw-rw-rw- 1 root wheel 0x2d Sep 20 04:05 psm0 dr-xr-xr-x 2 root wheel 512 Sep 20 04:10 pts crw-r--r-- 1 root wheel 0x8 Sep 20 04:05 random dr-xr-xr-x 2 root wheel 512 Sep 20 04:09 reroot crw-r--r-- 1 root wheel 0x7 Sep 20 04:05 sndstat lrwxr-xr-x 1 root wheel 4 Sep 20 04:09 stderr -> fd/2 lrwxr-xr-x 1 root wheel 4 Sep 20 04:09 stdin -> fd/0 lrwxr-xr-x 1 root wheel 4 Sep 20 04:09 stdout -> fd/1 crw------- 1 root wheel 0x10 Sep 20 04:05 sysmouse crw------- 1 root wheel 0x44 Sep 20 04:05 tap0 crw------- 1 root wheel 0x2f Sep 20 04:11 ttyu0 crw------- 1 root wheel 0x30 Sep 20 04:05 ttyu0.init crw------- 1 root wheel 0x31 Sep 20 04:05 ttyu0.lock crw------- 1 root wheel 0x47 Sep 20 04:11 ttyv0 crw------- 1 root wheel 0x48 Sep 20 04:11 ttyv1 crw------- 1 root wheel 0x49 Sep 20 04:11 ttyv2 crw------- 1 root wheel 0x4a Sep 20 04:11 ttyv3 crw------- 1 root wheel 0x4b Sep 20 04:11 ttyv4 crw------- 1 root wheel 0x4c Sep 20 04:11 ttyv5 crw------- 1 root wheel 0x4d Sep 20 04:11 ttyv6 crw------- 1 root wheel 0x4e Sep 20 04:11 ttyv7 crw------- 1 root wheel 0x4f Sep 20 04:05 ttyv8 crw------- 1 root wheel 0x50 Sep 20 04:05 ttyv9 crw------- 1 root wheel 0x51 Sep 20 04:05 ttyva crw------- 1 root wheel 0x52 Sep 20 04:05 ttyvb crw------- 1 root wheel 0x37 Sep 20 04:05 ufssuspend lrwxr-xr-x 1 root wheel 6 Sep 20 04:09 urandom -> random crw-r--r-- 1 root operator 0x3a Sep 20 04:05 usbctl dr-xr-xr-x 2 root wheel 512 Sep 20 04:09 xen crw------- 1 root operator 0x3b Sep 20 04:05 xpt0 crw-rw-rw- 1 root wheel 0x1a Sep 20 04:05 zero ----------------------------------------------------------------------- Here's the xorg.conf (automatically created by xrdp) ----------------------------------------------------------------------- # cat xorg.conf Section "ServerLayout" Identifier "X11 Server" Screen "Screen (xrdpdev)" InputDevice "xrdpMouse" "CorePointer" InputDevice "xrdpKeyboard" "CoreKeyboard" EndSection Section "ServerFlags" Option "DontVTSwitch" "on" Option "AutoAddDevices" "off" EndSection Section "Module" Load "dbe" Load "ddc" Load "extmod" Load "glx" Load "int10" Load "record" Load "vbe" Load "xorgxrdp" Load "fb" EndSection Section "InputDevice" Identifier "xrdpKeyboard" Driver "xrdpkeyb" EndSection Section "InputDevice" Identifier "xrdpMouse" Driver "xrdpmouse" EndSection Section "Monitor" Identifier "Monitor" Option "DPMS" HorizSync 30-80 VertRefresh 60-75 ModeLine "1920x1080" 138.500 1920 1968 2000 2080 1080 1083 1088 1111 +hsync -vsync ModeLine "1280x720" 74.25 1280 1720 1760 1980 720 725 730 750 +HSync +VSync Modeline "1368x768" 72.25 1368 1416 1448 1528 768 771 781 790 +hsync -vsync Modeline "1600x900" 119.00 1600 1696 1864 2128 900 901 904 932 -hsync +vsync EndSection Section "Device" Identifier "Video Card (xrdpdev)" Driver "xrdpdev" EndSection Section "Screen" Identifier "Screen (xrdpdev)" Device "Video Card (xrdpdev)" Monitor "Monitor" DefaultDepth 24 SubSection "Display" Depth 24 Modes "640x480" "800x600" "1024x768" "1280x720" "1280x1024" "1600x900" "1920x1080" EndSubSection EndSection ----------------------------------------------------------------------- I can start xrdp with its sesman. But when xorg is launched, I still have errors... Here the X log: ----------------------------------------------------------------------- # cat Xorg.13.log [ 5629.107] X.Org X Server 1.18.4 Release Date: 2016-07-19 [ 5629.107] X Protocol Version 11, Revision 0 [ 5629.107] Build Operating System: FreeBSD 11.0-RELEASE-p12 amd64 [ 5629.107] Current Operating System: FreeBSD xxx.xxx.xxx 11.1-STABLE FreeBSD 11.1-STABLE #2 r323738M: Tue Sep 19 08:47:53 UTC 2017 root@xxxhost.xxx.xxx:/usr/obj/usr/src/sys/XXXSRV amd64 [ 5629.107] Build Date: 12 September 2017 08:39:56AM [ 5629.107] [ 5629.107] Current version of pixman: 0.34.0 [ 5629.107] Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. [ 5629.107] Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. [ 5629.107] (==) Log file: "/var/log/Xorg.13.log", Time: Tue Sep 19 11:31:20 2017 [ 5629.108] (++) Using config file: "/etc/X11/xrdp/xorg.conf" [ 5629.108] (==) ServerLayout "X11 Server" [ 5629.108] (**) |-->Screen "Screen (xrdpdev)" (0) [ 5629.108] (**) | |-->Monitor "Monitor" [ 5629.108] (**) | |-->Device "Video Card (xrdpdev)" [ 5629.108] (**) |-->Input Device "xrdpMouse" [ 5629.108] (**) |-->Input Device "xrdpKeyboard" [ 5629.108] (**) Option "DontVTSwitch" "on" [ 5629.108] (**) Option "AutoAddDevices" "off" [ 5629.108] (**) Not automatically adding devices [ 5629.108] (==) Automatically enabling devices [ 5629.108] (==) Not automatically adding GPU devices [ 5629.108] (==) Max clients allowed: 256, resource mask: 0x1fffff [ 5629.108] (WW) The directory "/usr/local/share/fonts/misc/" does not exist. [ 5629.108] Entry deleted from font path. [ 5629.108] (WW) The directory "/usr/local/share/fonts/TTF/" does not exist. [ 5629.108] Entry deleted from font path. [ 5629.108] (WW) The directory "/usr/local/share/fonts/OTF/" does not exist. [ 5629.108] Entry deleted from font path. [ 5629.108] (WW) The directory "/usr/local/share/fonts/Type1/" does not exist. [ 5629.108] Entry deleted from font path. [ 5629.108] (WW) The directory "/usr/local/share/fonts/100dpi/" does not exist. [ 5629.108] Entry deleted from font path. [ 5629.108] (WW) The directory "/usr/local/share/fonts/75dpi/" does not exist. [ 5629.108] Entry deleted from font path. [ 5629.108] (==) FontPath set to: [ 5629.108] (==) ModulePath set to "/usr/local/lib/xorg/modules" [ 5629.108] (II) Loader magic: 0x813b70 [ 5629.108] (II) Module ABI versions: [ 5629.108] X.Org ANSI C Emulation: 0.4 [ 5629.108] X.Org Video Driver: 20.0 [ 5629.108] X.Org XInput driver : 22.1 [ 5629.108] X.Org Server Extension : 9.0 [ 5629.108] (WW) checkDevMem: failed to open /dev/mem (Operation not permitted) [ 5629.108] (--) PCI:*(0:0:2:0) 1013:00b8:5853:0001 rev 0, Mem @ 0xf0000000/33554432, 0xf3000000/4096, BIOS @ 0x????????/65536 [ 5629.108] (II) "glx" will be loaded. This was enabled by default and also specified in the config file. [ 5629.108] (II) LoadModule: "dbe" [ 5629.108] (II) Module "dbe" already built-in [ 5629.108] (II) LoadModule: "ddc" [ 5629.108] (II) Module "ddc" already built-in [ 5629.108] (II) LoadModule: "extmod" [ 5629.108] (II) Module "extmod" already built-in [ 5629.108] (II) LoadModule: "glx" [ 5629.108] (II) Loading /usr/local/lib/xorg/modules/extensions/libglx.so [ 5629.109] (II) Module glx: vendor="X.Org Foundation" [ 5629.109] compiled for 1.18.4, module version = 1.0.0 [ 5629.109] ABI class: X.Org Server Extension, version 9.0 [ 5629.109] (==) AIGLX enabled [ 5629.109] (II) LoadModule: "int10" [ 5629.109] (II) Loading /usr/local/lib/xorg/modules/libint10.so [ 5629.109] (II) Module int10: vendor="X.Org Foundation" [ 5629.109] compiled for 1.18.4, module version = 1.0.0 [ 5629.109] ABI class: X.Org Video Driver, version 20.0 [ 5629.109] (II) LoadModule: "record" [ 5629.109] (II) Module "record" already built-in [ 5629.109] (II) LoadModule: "vbe" [ 5629.109] (II) Loading /usr/local/lib/xorg/modules/libvbe.so [ 5629.110] (II) Module vbe: vendor="X.Org Foundation" [ 5629.110] compiled for 1.18.4, module version = 1.1.0 [ 5629.110] ABI class: X.Org Video Driver, version 20.0 [ 5629.110] (II) LoadModule: "xorgxrdp" [ 5629.110] (II) Loading /usr/local/lib/xorg/modules/libxorgxrdp.so [ 5629.110] (II) Module XORGXRDP: vendor="X.Org Foundation" [ 5629.110] compiled for 1.18.4, module version = 1.0.0 [ 5629.110] ABI class: X.Org Video Driver, version 20.0 [ 5629.110] xorgxrdpSetup: [ 5629.110] (II) LoadModule: "fb" [ 5629.110] (II) Loading /usr/local/lib/xorg/modules/libfb.so [ 5629.110] (II) Module fb: vendor="X.Org Foundation" [ 5629.110] compiled for 1.18.4, module version = 1.0.0 [ 5629.110] ABI class: X.Org ANSI C Emulation, version 0.4 [ 5629.110] (II) LoadModule: "xrdpdev" [ 5629.110] (II) Loading /usr/local/lib/xorg/modules/drivers/xrdpdev_drv.so [ 5629.110] (II) Module XRDPDEV: vendor="X.Org Foundation" [ 5629.110] compiled for 1.18.4, module version = 1.0.0 [ 5629.110] ABI class: X.Org Video Driver, version 20.0 [ 5629.110] xrdpdevSetup: [ 5629.110] (II) LoadModule: "xrdpmouse" [ 5629.110] (II) Loading /usr/local/lib/xorg/modules/input/xrdpmouse_drv.so [ 5629.110] (II) Module XRDPMOUSE: vendor="X.Org Foundation" [ 5629.110] compiled for 1.18.4, module version = 1.0.0 [ 5629.110] Module class: X.Org XInput Driver [ 5629.110] ABI class: X.Org XInput driver, version 22.1 [ 5629.110] rdpmousePlug: [ 5629.110] (II) LoadModule: "xrdpkeyb" [ 5629.110] (II) Loading /usr/local/lib/xorg/modules/input/xrdpkeyb_drv.so [ 5629.110] (II) Module XRDPKEYB: vendor="X.Org Foundation" [ 5629.110] compiled for 1.18.4, module version = 1.0.0 [ 5629.110] Module class: X.Org XInput Driver [ 5629.110] ABI class: X.Org XInput driver, version 22.1 [ 5629.110] rdpkeybPlug: [ 5629.111] rdpIdentify: [ 5629.111] (II) XRDPDEV: driver for xrdp: XRDPDEV [ 5629.111] rdpDriverFunc: op 10 [ 5629.111] (WW) Falling back to old probe method for XRDPDEV [ 5629.111] rdpProbe: [ 5629.111] (II) Loading sub module "fb" [ 5629.111] (II) LoadModule: "fb" [ 5629.111] (II) Loading /usr/local/lib/xorg/modules/libfb.so [ 5629.111] (II) Module fb: vendor="X.Org Foundation" [ 5629.111] compiled for 1.18.4, module version = 1.0.0 [ 5629.111] ABI class: X.Org ANSI C Emulation, version 0.4 [ 5629.111] (II) XRDPDEV(0): using default device [ 5629.111] (WW) VGA arbiter: cannot open kernel arbiter, no multi-card support [ 5629.111] rdpPreInit: [ 5629.111] (**) XRDPDEV(0): Depth 24, (--) framebuffer bpp 32 [ 5629.111] (==) XRDPDEV(0): RGB weight 888 [ 5629.111] (==) XRDPDEV(0): Using gamma correction (1.0, 1.0, 1.0) [ 5629.111] (==) XRDPDEV(0): Default visual is TrueColor [ 5629.111] (==) XRDPDEV(0): DPI set to (96, 96) [ 5629.111] (II) XRDPDEV(0): mode "640x480" ok [ 5629.111] (II) XRDPDEV(0): mode "800x600" ok [ 5629.111] (--) XRDPDEV(0): Virtual size is 800x600 (pitch 800) [ 5629.111] (**) XRDPDEV(0): Default mode "800x600": 36.0 MHz (scaled from 0.0 MHz), 35.2 kHz, 56.2 Hz [ 5629.111] (II) XRDPDEV(0): Modeline "800x600"x0.0 36.00 800 824 896 1024 600 601 603 625 +hsync +vsync (35.2 kHz d) [ 5629.111] (==) Depth 24 pixmap format is 32 bpp [ 5629.111] rdpScreenInit: virtualX 800 virtualY 600 rgbBits 8 depth 24 [ 5629.111] rdpScreenInit: pfbMemory bytes 1920000 [ 5629.111] rdpScreenInit: pfbMemory 0x807200000 [ 5629.111] rdpSimdInit: assigning yuv functions [ 5629.111] rdpSimdInit: cpuid ax 1 cx 0 return ax 0x000306f2 bx 0x00020800 cx 0xfffa3203 dx 0x178bfbff [ 5629.111] rdpSimdInit: sse2 amd64 yuv functions assigned [ 5629.111] rdpXvInit: depth 24 [ 5629.111] (==) XRDPDEV(0): Backing store enabled [ 5629.111] rdpClientConInit: kill disconnected [0] timeout [0] sec [ 5629.111] [ 5629.111] rdpScreenInit: out [ 5629.111] (==) RandR enabled [ 5629.111] MIT-SHM extension disabled due to lack of kernel support [ 5629.111] (II) AIGLX: Screen 0 is not DRI2 capable [ 5629.111] (EE) AIGLX: reverting to software rendering [ 5629.140] (II) AIGLX: enabled GLX_MESA_copy_sub_buffer [ 5629.141] (II) AIGLX: Loaded and initialized swrast [ 5629.141] (II) GLX: Initialized DRISWRAST GL provider for screen 0 [ 5629.170] (II) Using input driver 'XRDPMOUSE' for 'xrdpMouse' [ 5629.170] (**) Option "CorePointer" [ 5629.170] (**) xrdpMouse: always reports core events [ 5629.170] rdpmousePreInit: drv 0x803c15240 info 0x803c37d20, flags 0x0 [ 5629.170] (II) XINPUT: Adding extended input device "xrdpMouse" (type: Mouse, id 6) [ 5629.170] rdpmouseControl: what 0 [ 5629.170] rdpmouseDeviceInit: [ 5629.170] rdpmouseCtrl: [ 5629.170] rdpRegisterInputCallback: type 1 proc 0x806da1d20 [ 5629.170] (**) xrdpMouse: (accel) keeping acceleration scheme 1 [ 5629.170] (**) xrdpMouse: (accel) acceleration profile 0 [ 5629.170] (**) xrdpMouse: (accel) acceleration factor: 2.000 [ 5629.170] (**) xrdpMouse: (accel) acceleration threshold: 4 [ 5629.170] rdpmouseControl: what 1 [ 5629.170] rdpmouseDeviceOn: [ 5629.170] (II) Using input driver 'XRDPKEYB' for 'xrdpKeyboard' [ 5629.170] (**) Option "CoreKeyboard" [ 5629.170] (**) xrdpKeyboard: always reports core events [ 5629.170] rdpkeybPreInit: drv 0x803c152c0 info 0x803c37e60, flags 0x0 [ 5629.170] (II) XINPUT: Adding extended input device "xrdpKeyboard" (type: Keyboard, id 7) [ 5629.170] rdpkeybControl: what 0 [ 5629.170] rdpkeybDeviceInit: [ 5629.193] rdpkeybChangeKeyboardControl: [ 5629.193] rdpkeybChangeKeyboardControl: autoRepeat on [ 5629.193] rdpRegisterInputCallback: type 0 proc 0x806fa41b0 [ 5629.193] rdpkeybControl: what 1 [ 5629.193] rdpkeybDeviceOn: [ 5629.193] (II) config/devd: probing input devices... [ 5629.194] (II) config/devd: adding input device (null) (/dev/kbdmux) [ 5629.194] (II) AutoAddDevices is off - not adding device. [ 5629.194] (II) config/devd: kbdmux is enabled, ignoring device atkbd0 [ 5629.194] (II) config/devd: adding input device (null) (/dev/sysmouse) [ 5629.194] (II) AutoAddDevices is off - not adding device. [ 5629.227] (II) config/devd: adding input device Mouse (/dev/psm0) [ 5629.227] (II) AutoAddDevices is off - not adding device. [ 5629.228] (EE) config/devd: fail to connect to devd [ 5629.228] [config] failed to initialise devd [ 5629.228] rdpSaveScreen: [ 5629.228] rdpDeferredRandR: [ 5629.228] rdpResizeSession: width 1024 height 768 [ 5629.228] calling RRScreenSizeSet [ 5629.228] rdpRRScreenSetSize: width 1024 height 768 mmWidth 271 mmHeight 203 [ 5629.228] rdpRRGetInfo: [ 5629.228] screen resized to 1024x768 [ 5629.229] RRScreenSizeSet ok 1 [ 5629.229] rdpResizeSession: width 1304 height 603 [ 5629.229] calling RRScreenSizeSet [ 5629.229] rdpRRScreenSetSize: width 1304 height 603 mmWidth 345 mmHeight 160 [ 5629.229] rdpRRGetInfo: [ 5629.229] screen resized to 1304x603 [ 5629.231] RRScreenSizeSet ok 1 [ 5629.297] rdpInDeferredUpdateCallback: [ 5629.297] rdpkeybChangeKeyboardControl: [ 5629.297] rdpkeybChangeKeyboardControl: autoRepeat off [ 5629.716] rdpClientConGotConnection: [ 5629.716] rdpClientConGotConnection: g_sck_accept ok new_sck 6 [ 5629.716] rdpClientConGotConnection: adding only clientCon [ 5629.720] rdpClientConProcessMsgVersion: version 0 0 0 1 [ 5629.720] rdpClientConProcessScreenSizeMsg: set width 1304 height 603 bpp 16 [ 5629.720] rdpClientConProcessScreenSizeMsg: shmemid -1 shmemptr 0xffffffffffffffff [ 5629.720] rdpClientConProcessMsgClientInput: invalidate x 0 y 0 cx 1304 cy 603 [ 5646.293] rdpClientConProcessMsgClientInfo: [ 5646.293] got client info bytes 5744 [ 5646.293] jpeg support 0 [ 5646.293] offscreen support 0 [ 5646.293] offscreen size 0 [ 5646.293] offscreen entries 0 [ 5646.293] client supports glyph cache but server disabled [ 5646.293] client can not do offscreen to offscreen blits [ 5646.293] client can do new(color) cursor [ 5646.293] client can not do multimon [ 5646.293] rdpRRSetRdpOutputs: numCrtcs 0 monitorCount 0 [ 5646.293] rdpRRSetRdpOutputs: add output 0 left 0 top 0 width 1304 height 603 [ 5646.293] rdpLoadLayout: keylayout 0x00000409 variant display 13 [ 5646.294] rdpkeybChangeKeyboardControl: [ 5646.294] rdpkeybChangeKeyboardControl: autoRepeat on [ 5646.294] rdpkeybChangeKeyboardControl: [ 5646.294] rdpkeybChangeKeyboardControl: autoRepeat on [ 5646.320] (EE) [ 5646.321] (EE) Backtrace: [ 5646.322] (EE) 0: /usr/local/bin/Xorg (OsInit+0x38a) [0x5abfba] [ 5646.324] (EE) 1: /lib/libthr.so.3 (_pthread_sigmask+0x544) [0x8025cbd94] [ 5646.326] (EE) 2: /lib/libthr.so.3 (_pthread_getspecific+0xe5f) [0x8025cbbef] [ 5646.327] (EE) 3: ? (?+0xe5f) [0x7ffffffffff2] [ 5646.329] (EE) 4: /usr/local/lib/xorg/modules/libxorgxrdp.so (rdpCapture+0xf60) [0x806771aa0] [ 5646.331] (EE) 5: /usr/local/lib/xorg/modules/libxorgxrdp.so (rdpClientConAddAllBox+0x408) [0x80676fbf8] [ 5646.332] (EE) 6: /usr/local/lib/xorg/modules/libxorgxrdp.so (rdpClientConAddDirtyScreenReg+0x3c3) [0x80676ef13] [ 5646.334] (EE) 7: /usr/local/bin/Xorg (WaitForSomething+0x103e) [0x5a47ce] [ 5646.335] (EE) 8: /usr/local/bin/Xorg (UpdateCurrentTimeIf+0x121) [0x431621] [ 5646.337] (EE) 9: /usr/local/bin/Xorg (remove_fs_handlers+0x597) [0x43b697] [ 5646.338] (EE) 10: /usr/local/bin/Xorg (_start+0x17f) [0x42506f] [ 5646.340] (EE) 11: ? (?+0x17f) [0x80083617f] [ 5646.340] (EE) [ 5646.340] (EE) Segmentation fault at address 0xffffffffffffffff [ 5646.340] (EE) Fatal server error: [ 5646.340] (EE) Caught signal 11 (Segmentation fault). Server aborting [ 5646.340] (EE) [ 5646.340] (EE) Please consult the The X.Org Foundation support at http://wiki.x.org for help. [ 5646.340] (EE) Please also check the log file at "/var/log/Xorg.13.log" for additional information. [ 5646.340] (EE) [ 5646.340] rdpmouseControl: what 4 [ 5646.340] rdpkeybControl: what 4 [ 5646.340] rdpLeaveVT: [ 5646.340] (EE) Server terminated with error (1). Closing log file. ----------------------------------------------------------------------- I guess that the root of the issue may be here: (WW) checkDevMem: failed to open /dev/mem (Operation not permitted) Did I miss something in the configuration? Thanks again Giulio > Il giorno 18 set 2017, alle ore 15:32, Alexander Leidinger ha scritto: > > Quoting Giulio Ferro (from Mon, 18 Sep 2017 08:49:32 +0200): > >> nope, even the old way I get: >> >> jail: xxx: unknown parameter: allow.kmem_access >> >> >> Has anyone else tried this in 11.1 stable? > > As I'm creating the diff vs. 11.1 just for you: no. > > Here an updated change (thanks to jamie@ for the cluebat). It's a full patch vs 11.1. > http://www.Leidinger.net/FreeBSD/current-patches/x11_in_jail_releng_11_1.diff > > The difference of what you have already are two lines: > ---snip--- > Index: sys/kern/kern_jail.c > =================================================================== > --- sys/kern/kern_jail.c (revision 323230) > +++ sys/kern/kern_jail.c (working copy) > @@ -3788,6 +3806,8 @@ > "B", "Jail may set file quotas"); > SYSCTL_JAIL_PARAM(_allow, socket_af, CTLTYPE_INT | CTLFLAG_RW, > "B", "Jail may create sockets other than just UNIX/IPv4/IPv6/route"); > +SYSCTL_JAIL_PARAM(_allow, kmem_access, CTLTYPE_INT | CTLFLAG_RW, > + "B", "Jail may access kmem-like devices (io, dri) if they exist"); > > SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags"); > SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW, > ---snip--- > > I have validated this in -current, this is the missing piece. When this is in the kernel, you should see kmem_access in the output of > sysctl security.jail.param.allow > > This should then work with the jail.conf (and rc.conf) way of configuring a jail. > > Bye, > Alexander. > > -- > http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF > http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF