From owner-freebsd-questions@freebsd.org Tue Oct 15 10:41:06 2019 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AD29115ADDD for ; Tue, 15 Oct 2019 10:41:06 +0000 (UTC) (envelope-from luislupe@gmx.com) Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46ssR53qHGz4263 for ; Tue, 15 Oct 2019 10:41:05 +0000 (UTC) (envelope-from luislupe@gmx.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1571136061; bh=r0jJ0iCygDWplxGuOjYYt8YjvJOs1INMGxv+YdXF79c=; h=X-UI-Sender-Class:Date:From:To:Cc:Subject:References:In-Reply-To; b=CkEg9CjSW0Y9yF2tSlVyIjAcGLMJeAmvfedvfP+Hjv9djc6sIkqC8YtSQ42T3Rgiq EJtL0VGELu/v9eCqm3PQqmXTX82xVcj8rw/+KL3T57IEfZBDUQxibrxDYm5t8Kf5ZU vBSYtYK3kUsHW6DbN+fV9XnBdeXonxg8WW+g6xvk= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from localhost ([144.64.85.65]) by mail.gmx.com (mrgmx105 [212.227.17.174]) with ESMTPSA (Nemesis) id 1MiaYJ-1hoaWR3U51-00fge2; Tue, 15 Oct 2019 12:35:41 +0200 Date: Tue, 15 Oct 2019 11:35:35 +0100 From: "Luis P. Mendes" To: MJ Cc: freebsd-questions@freebsd.org Subject: Re: [questions] Re: mysql socket disappears when restarting related jail with nullfs mount point Message-ID: <20191015103535.GB31036@leao.home> References: <20191010144257.GA14181@leao.home> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: User-Agent: Mutt/1.12.2 (2019-09-21) X-Provags-ID: V03:K1:F7Mexim46vKR2nqyNiy/rxmZOmG4prEgbA2AQg43LFvfh8YqIqv eqpnbOq8UnFdgxKCfcxrn+ZmsrDqyqHmqldIcyYKf+aa9FmArO2oB3MR0qa5hB+BNqSzcAH pFr3zEvTulYt2ta8+o3270Imsbr8pw1lOQXrn4ISI6o0FRPzU5KGKWiISc1JsYlHLOctYcb 2GmVYunTn7g7PNwv/bUqg== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:0OIs2TqxhI4=:NyzpxpAWgG3HQamqjMeaFF +tp9md10YbPsg6w8pdTPbRGgrLEp0p2qJ1PlB51WIF6Jg8KA3/NfdAIF+aq5WCYQ7QLbQvEch PAZVOI1EIimVCITJlhVrSBOANgN6WeEG4ULzyE5QUGZpppJiPzq4cloB67jJ9eFwdLZptD/ut 4lWmjv8+R8azXkF+HKrlztlS8w+z97TAJYdtz+/EQyeNQC+AQ9Y64n2h0VN9H1MxyHTrGz4vN Ok4oor/LXBHSzbjJPIUcnvErBq11w/LyUT0fKlEz12YbOIy7RPP9wpui2ZIUWpIj4E1hc93J8 A1FPZxzPkXjxngCP+R1HelCaph9f2ovVnL2/TAarwqmIyDuDqiSYWWKiAvBFMgHqGVJQGEjss qmOIljCjDnY63BEySw54U1NG3IGGArLmnjyJyVBDEDtbmKlup7XvALXEHe1pkndSKQTvMBXhB HbASZ0y9TyWDMSUrQypw12fmoHLNv7bIRSmQbbQohCHsfFZRgPShZzupdVV6cFriOLaHC4SpV Roc12f303h08Yav4DxVlOxy4WX8T4/bWuEdOGuVjYZUaJ17Ir2Oa+VhMv8l7GsOnmt2nonT26 viEPnvpOvJu/IH2CVB92SrMySFRwylYM65XCpaBixWsU3nPugIq2Q2YRuLoywzE7vwIDcq+W8 OaPRjpuzHw+2kVkTyaLk3u3j20+kfTExlKbilPWDdrmx7PHJQRraWyBt1ZCyUTewMnXlhcdNp nexV2qXVUpHKoO7vjUx1SMXq0pq3VK10/PUnq9gShOHAEjd5+c4fn6TIYG5/u+WCyk+pnmAiR L/N+CxjcJ1nh5VE8pMzNj23qfuybPFgp1Y9hAQBp6+G4lc7Hmz+bgR24gRUaxbA3VijrOc2jO sDgbT7TEimNBBIINwC9MbEHmDSpy/Cn4UsfSqrMvUUj8RnFczkGVISM5NpSvg911Uw8l6dOF+ J2ejYIpWAjtZJnORoEBHTrFt9HpzmKz64h0WC4vFG20uEHAuBn8T07mSBciyvjstHhewR3s3E wNCK/DlsYRvHiwRi8Upns8R3iBBz/y3jR0awN0/SmM+wTZZEJQmUnB/dXP5uS8PHJLkIjW984 82MWdu1ebxwVnPD4j4cfcx4+V+JkULcpHF9LaP9K04S500M8K3bUTVp1ivUmfJga5S8IHJYwN gGVjHqaEPef4SWBfmz4Cx+26vUaWC7bcruwG6H2EsYsAJVACZQO4/vBig0B21MAYmttjaQLT6 dlOrF1W/6W/GsdfFcXScyVzK/GT4zUS40vuPyUQ== X-Rspamd-Queue-Id: 46ssR53qHGz4263 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmx.net header.s=badeba3b8450 header.b=CkEg9CjS; dmarc=none; spf=pass (mx1.freebsd.org: domain of luislupe@gmx.com designates 212.227.17.20 as permitted sender) smtp.mailfrom=luislupe@gmx.com X-Spamd-Result: default: False [-2.60 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[gmx.net:s=badeba3b8450]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmx.com]; R_SPF_ALLOW(-0.20)[+ip4:212.227.17.0/27]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[gmx.com]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_TWO(0.00)[2]; IP_SCORE_FREEMAIL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[gmx.net:+]; RCPT_COUNT_TWO(0.00)[2]; IP_SCORE(0.00)[ip: (-6.27), ipnet: 212.227.0.0/16(-1.30), asn: 8560(2.03), country: DE(-0.01)]; FREEMAIL_TO(0.00)[gmail.com]; RCVD_IN_DNSWL_LOW(-0.10)[20.17.227.212.list.dnswl.org : 127.0.3.1]; RECEIVED_SPAMHAUS_PBL(0.00)[65.85.64.144.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.11]; FREEMAIL_ENVFROM(0.00)[gmx.com]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Oct 2019 10:41:06 -0000 (The answer to the group as the original answer was only for MJ) On 20191011 15:26:37 +1100, MJ wrote: >What's your security.jail.param.securelevel set to? Likely to be 0? Just to add that in both files: /usr/local/etc/qjail.local/mariadb and /usr/local/etc/qjail.local/webjail placed the value 3 in securelevel parameter: securelevel=3D"3" When starting the webjail, the socket of the related mariadb jail is still removed. >In fact, what's your security.jail settings in both jails? Any obvious di= screpancies? All 61 parameters are identical, no diff between them. > > >On 11/10/2019 1:42 am, Luis P. Mendes wrote: >>I'm running FreeBSD 11.3-RELEASE-p3 on a VPS. >>The jail manager is qjail, version 5.4. >> >>The server has two jails: a database `mariadb` and a web `webjail`. >>Access to the database is done only through a unix socket to be null >>mounted at the latter jail. >> >>When started, 'service mysql-server start' on the `mariadb` jail >>places the socket at /var/run/mysql/mysql.sock >> >>When started, the `webjail` should mount that socket in its own >>/var/run/mysql directory. >> >>This is the line of the corresponding >>/usr/local/etc/qjail.fstab/webjail file: >>/usr/jails/mariadb/var/run/mysql=C2=A0 /usr/jails/webjail/var/run/mysql >>nullfs=C2=A0 rw=C2=A0 0=C2=A0 0 >> >> >>What happens is that everytime that the `webjail` is started (the >>first time or when restarted), the socket at `mariadb`'s >>/var/run/mysql/mysql.sock >>is deleted somehow. >>Although this happens, the mysqld_safe and mysqld daemons keep >>running. >> >>As a note, when `webjail` is stopped, nothing happens to the socket at >>the jail of the mariadb database server. >> >>If the `mariadb` jail is started after `webjail`, the socket is >>correctly mounted at the latter /var/run/mysql directory. >> >> >>Using qjail's archive and restore commands, I copied these two jails >>to another FreeBSD 11.3-RELEASE virtual machine, at my own computer, >>and the strange behavior still happens. >> >>There are no rc.d scripts made by me. >> >>The contents of the config file for the `webjail` are: >>/usr/local/etc/qjail.config/webjail >> >>webjail { host.hostname=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =3D=C2=A0 "w= ebjail"; >>path=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0 =3D=C2=A0 "/usr/jails/webjail"; >>mount.fstab=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =3D=C2=A0 "/= usr/local/etc/qjail.fstab/webjail"; >>exec.consolelog=C2=A0=C2=A0=C2=A0=C2=A0 =3D=C2=A0 "/var/log/qjail.webjai= l.console.log"; >>mount.devfs; >>ip4.addr=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 =3D=C2=A0 127.0.0.85; >>interface=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 = =3D=C2=A0 "lo1"; >>devfs_ruleset=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =3D=C2=A0 "4"; >>exec.start=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =3D=C2= =A0 "/bin/sh /etc/rc"; >>exec.stop=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 = =3D=C2=A0 "/bin/sh /etc/rc.shutdown"; >> >> >>What's wrong with this? >>Why starting a jail deletes a socket in another jail? >> >> >> >> >>-- >> >> >>Lu=C3=ADs Mendes >>_______________________________________________ >>freebsd-questions@freebsd.org mailing list >>https://lists.freebsd.org/mailman/listinfo/freebsd-questions >>To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.= org" =2D- Luis Mendes