Date: Fri, 27 Jul 2007 17:12:34 +1000 From: Joel Hatton <freebsd-stable@auscert.org.au> To: freebsd-stable@freebsd.org Cc: freebsd-security@freebsd.org, Mark Andrews <Mark_Andrews@isc.org>, Philipp Wuensche <cryx-freebsd@h3q.com> Subject: Re: HEADS UP: Re: FreeBSD Security Advisory FreeBSD-SA-07:01.jail Message-ID: <200707270712.l6R7CYs4064783@app.auscert.org.au> In-Reply-To: Message from Philipp Wuensche <cryx-freebsd@h3q.com> of "Fri, 12 Jan 2007 04:40:59 %2B0100." <45A7034B.3070002@h3q.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, I'm dredging up an old issue here, but it appears to be unresolved in RELENG_5_5 at this time. After upgrading to 5.5-RELEASE-p14, I found that my jails wouldn't start anymore, and it comes down to this bit again. By way of explanation, I'll include the patch for what I changed. --- /tmp/jail Wed Feb 14 15:16:30 2007 +++ /etc/rc.d/jail Fri Jul 27 13:46:51 2007 @@ -218,7 +218,7 @@ { local _device _mountpt _rest - while read _device _mountpt _rest; do + cat ${jail_fstab} | while read _device _mountpt _rest; do case ":${_device}" in :#* | :) continue In short, the jail_mount_fstab function is not given the fstab file on which the local variables depend. My patch may not be the most robust but for me today it is expedient. Sorry if this has been discussed already, but I was surprised that this hadn't been fixed yet. It certainly would have caused some anxious moments if I'd upgraded a prod server with multiple jails before I realised! cheers, joel On Fri, 12 Jan 2007 04:40:59 +0100, Philipp Wuensche wrote: >Mark Andrews wrote: >>> I'm not sure I understand that quite correct, where is this problem >>> appearing? >>> >>> Other things: >>> >>> tail is used in line 230: tail -r ${_fstab} | while read _device >>> _mountpt _rest; do >>> >>> If the per-jail fstab is larger than 10 lines, which is the default of >>> tail to show, the remaining mountpoints will not be unmounted? >> >> The default for the -r option is to display all of the input. > >Ah, didn't know that. Thanks for correcting me there. > >greetings, >philipp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200707270712.l6R7CYs4064783>