From owner-freebsd-stable@FreeBSD.ORG Fri Jul 27 11:21:46 2007 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2D1ED16A41B for ; Fri, 27 Jul 2007 11:21:46 +0000 (UTC) (envelope-from info@plot.uz) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.190]) by mx1.freebsd.org (Postfix) with ESMTP id 94E5B13C491 for ; Fri, 27 Jul 2007 11:21:45 +0000 (UTC) (envelope-from info@plot.uz) Received: by mu-out-0910.google.com with SMTP id w9so824351mue for ; Fri, 27 Jul 2007 04:21:44 -0700 (PDT) Received: by 10.82.108.9 with SMTP id g9mr2433533buc.1185535303889; Fri, 27 Jul 2007 04:21:43 -0700 (PDT) Received: from plot.uz ( [83.221.169.211]) by mx.google.com with ESMTPS id d23sm526071nfh.2007.07.27.04.21.36 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 27 Jul 2007 04:21:40 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=unavailable version=3.1.7 X-Spam-Report: Received: from localhost by plot.uz (MDaemon PRO v9.5.5) with DomainPOP id md50000004068.msg for ; Fri, 27 Jul 2007 16:20:50 +0500 Delivered-To: aleksey@plot.uz Received: by 10.100.111.17 with SMTP id j17cs27411anc; Fri, 27 Jul 2007 04:19:37 -0700 (PDT) Received: by 10.114.201.1 with SMTP id y1mr2795452waf.1185535176830; Fri, 27 Jul 2007 04:19:36 -0700 (PDT) Received: from mx2.freebsd.org (mx2.freebsd.org [69.147.83.53]) by mx.google.com with ESMTP id v32si2847527wah.2007.07.27.04.19.35; Fri, 27 Jul 2007 04:19:36 -0700 (PDT) Received-SPF: pass (google.com: domain of owner-freebsd-security@freebsd.org designates 69.147.83.53 as permitted sender) Received: from hub.freebsd.org (hub.freebsd.org [IPv6:2001:4f8:fff6::36]) by mx2.freebsd.org (Postfix) with ESMTP id D5E695D933; Fri, 27 Jul 2007 11:17:08 +0000 (UTC) (envelope-from owner-freebsd-security@freebsd.org) Received: from hub.freebsd.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 8A2A816A527; Fri, 27 Jul 2007 11:17:08 +0000 (UTC) (envelope-from owner-freebsd-security@freebsd.org) Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3FAC916A420; Fri, 27 Jul 2007 07:28:54 +0000 (UTC) (envelope-from freebsd-stable@auscert.org.au) Received: from titania.auscert.org.au (gw.auscert.org.au [203.5.112.28]) by mx1.freebsd.org (Postfix) with ESMTP id CD05F13C47E; Fri, 27 Jul 2007 07:28:53 +0000 (UTC) (envelope-from freebsd-stable@auscert.org.au) Received: from app.auscert.org.au (app [10.0.1.192]) by titania.auscert.org.au (8.12.10/8.12.10) with ESMTP id l6R7Cg3Y095839; Fri, 27 Jul 2007 17:12:42 +1000 (EST) Received: from app.auscert.org.au (localhost.auscert.org.au [127.0.0.1]) by app.auscert.org.au (8.13.6/8.13.6) with ESMTP id l6R7CYs4064783; Fri, 27 Jul 2007 17:12:34 +1000 (EST) (envelope-from freebsd-stable@auscert.org.au) Message-Id: <200707270712.l6R7CYs4064783@app.auscert.org.au> To: freebsd-stable@freebsd.org In-Reply-To: Message from Philipp Wuensche of "Fri, 12 Jan 2007 04:40:59 +0100." <45A7034B.3070002@h3q.com> Date: Fri, 27 Jul 2007 17:12:34 +1000 X-Mailman-Approved-At: Fri, 27 Jul 2007 11:16:58 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Errors-To: owner-freebsd-security@freebsd.org X-Return-Path: owner-freebsd-security@freebsd.org X-Envelope-From: owner-freebsd-security@freebsd.org X-MDaemon-Deliver-To: freebsd-stable@freebsd.org X-Spam-Processed: plot.uz, Fri, 27 Jul 2007 16:20:51 +0500 From: Joel Hatton Cc: freebsd-security@freebsd.org, Mark Andrews , Philipp Wuensche Subject: Re: HEADS UP: Re: FreeBSD Security Advisory FreeBSD-SA-07:01.jail X-BeenThere: freebsd-stable@freebsd.org List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jul 2007 11:21:46 -0000 Hi, I'm dredging up an old issue here, but it appears to be unresolved in RELENG_5_5 at this time. After upgrading to 5.5-RELEASE-p14, I found that my jails wouldn't start anymore, and it comes down to this bit again. By way of explanation, I'll include the patch for what I changed. --- /tmp/jail Wed Feb 14 15:16:30 2007 +++ /etc/rc.d/jail Fri Jul 27 13:46:51 2007 @@ -218,7 +218,7 @@ { local _device _mountpt _rest - while read _device _mountpt _rest; do + cat ${jail_fstab} | while read _device _mountpt _rest; do case ":${_device}" in :#* | :) continue In short, the jail_mount_fstab function is not given the fstab file on which the local variables depend. My patch may not be the most robust but for me today it is expedient. Sorry if this has been discussed already, but I was surprised that this hadn't been fixed yet. It certainly would have caused some anxious moments if I'd upgraded a prod server with multiple jails before I realised! cheers, joel On Fri, 12 Jan 2007 04:40:59 +0100, Philipp Wuensche wrote: >Mark Andrews wrote: >>> I'm not sure I understand that quite correct, where is this problem >>> appearing? >>> >>> Other things: >>> >>> tail is used in line 230: tail -r ${_fstab} | while read _device >>> _mountpt _rest; do >>> >>> If the per-jail fstab is larger than 10 lines, which is the default of >>> tail to show, the remaining mountpoints will not be unmounted? >> >> The default for the -r option is to display all of the input. > >Ah, didn't know that. Thanks for correcting me there. > >greetings, >philipp _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"