Date: Wed, 22 Feb 2006 11:01:57 +0800 From: "Mars G. Miro" <marsgmiro@gmail.com> To: "Kris Kennaway" <kris@obsecurity.org> Cc: freebsd-emulation@freebsd.org Subject: Re: linprocfs and linux_base port upgrade Message-ID: <28edec3c0602211901j63066e01te585c12a42057d1e@mail.gmail.com> In-Reply-To: <20060222015924.GA74781@xor.obsecurity.org> References: <28edec3c0602211753p7290e85q3fb23d799c0cf0fc@mail.gmail.com> <20060222015924.GA74781@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/22/06, Kris Kennaway <kris@obsecurity.org> wrote: > On Wed, Feb 22, 2006 at 09:53:36AM +0800, Mars G. Miro wrote: > > >> > > >> Actually, this unmount ... remount situation is pretty evil. For > > >> example, it prevents users from building linux_base in a jail. In > > >> fact I'd like to switch to building packages in jails instead of > > >> chroots on the package cluster, but this is the major reason I can't= . > > > > I have been able to build linux_base in a jail, but I had to turn on a > > few sysctl jail knobs on the main host (see more below) > > > > > Not to mention that the umount isn't always reliable for some reason: > > > the linux_base-8 package build often fails with this: > > > > > =3D=3D=3D> Checking if emulators/linux_base-8 already installed > > > Un-mounting linprocfs... > > > kern.fallback_elf_brand: -1 -> 3 > > > redhat-release-8.0-8.noarch.rpm > > > glibc-common-2.3.2-4.80.8.i386.rpm > > > glibc-2.3.2-4.80.8.i386.rpm > > > setup-2.5.20-1.noarch.rpm > > > filesystem-2.1.6-5.noarch.rpm > > > unpacking of archive failed on file /proc: cpio: chown failed - > Operation not > > > supported > > > > I usually have, in /etc/sysctl.conf: > > ... > > > > # for the Jails > > security.jail.allow_raw_sockets=3D1 > > security.jail.sysvipc_allowed=3D1 > > security.jail.chflags_allowed=3D1 > > ... > > > > I think that last error you got has something todo w/ enabling the > > chflags sysctl jail. > > No, it's because it tried and failed to umount linprocfs. Presumably > you didnt have linprocfs mounted in your jail, but some packages Well mounting/unmounting stuff inside the jail is a pain. I now recall I had to mount linprocfs from the host to the jail, thus I was able to build them. Hrm, perhaps its time for jail_<jailname>_linprocfs_enable (as with devfs inside a jail) ... Also some of the linux ports checks either fstab or mount for linprocfs, I had to at least set security.jail.enforce_statfs=3D1. > require this so I have to have it present always. > > Kris > > cheers mars
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?28edec3c0602211901j63066e01te585c12a42057d1e>