Date: Tue, 12 Sep 2023 17:19:55 +0000 From: bugzilla-noreply@freebsd.org To: virtualization@FreeBSD.org Subject: [Bug 273557] Regression preventing bhyve from running inside a jail without IP after f74147e26999838e03a522bf59ea33bef470d356) breaks support for jailing bhyve with IPv4 and IPv6 disabled. Patch included. Message-ID: <bug-273557-27103-T2aEj0vuuX@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-273557-27103@https.bugs.freebsd.org/bugzilla/> References: <bug-273557-27103@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D273557 --- Comment #10 from Bjoern A. Zeeb <bz@FreeBSD.org> --- (In reply to crest from comment #9) I wont' be at Euro. You can find some bhyve or networking or jails people = and see. I see talks on all thee subjects. The real question however (and I hinted at that when I asked) is why a privileged operation on a networking device is allowed in first place insid= e an IP-based (or a non-IP) jail. I assume for tun/tap the idea was that you n= eed the device node and that needs manual intervention already? Another thing I hinted before was netlink; one should check how ifconfig currently does and IFF_UP maybe in a new netlink world. That may possibly avoid the IP sockets proper. I believe you'll find the netlink expert at E= uro as well. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-273557-27103-T2aEj0vuuX>