Date: Sat, 9 Jan 2021 11:45:58 -0500 From: Mark Johnston <markj@freebsd.org> To: Vasily Postnicov <shamaz.mazum@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: DNS using Name Service Switch module and Casper Message-ID: <X/ndxoPtkWs%2BOPij@raichu> In-Reply-To: <CADnZ6Bm49RBuku%2BrN2cH75p89ByARXxP5BKAH89g2TrQars5VA@mail.gmail.com> References: <CADnZ6Bke=9%2B_pMc6rkbheNUWS-H6_X14%2Bf%2BWz5cfUCD=BTwk=g@mail.gmail.com> <X/R7Ahz8sz5v%2BoFa@raichu> <CADnZ6BmUJxVZx155j8opJKNsHJBE5mWz9D=MBE0Y_xu-kgOBfQ@mail.gmail.com> <X/h%2BJRmXmrOfmXBM@raichu> <CADnZ6Bm96bjJN5gcpCWiNKbNou3XvxZmCD2-YbX34%2B00L=UdPw@mail.gmail.com> <CADnZ6B=nFt-a-0CX=sCDnEM_CjnDQmiotyZ9L6q6jTZ0qJ-FVQ@mail.gmail.com> <CADnZ6Bm49RBuku%2BrN2cH75p89ByARXxP5BKAH89g2TrQars5VA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jan 09, 2021 at 04:16:49PM +0300, Vasily Postnicov wrote: > Turns out, if you do not specify either -4 or -6 to ping, unsandboxed > getaddrinfo() will be called in /usr/src/sbin/ping/main.c, line 139. > (what's the point in sandboxing then, lol?) This somehow affects > sandboxing. Indeed, that seems to be an issue with the recent merge of ping and ping6. I guess the initial call to getaddrinfo() causes nsswitch.conf to be parsed and your module is loaded before we fork(). The module is linked with libthr but obviously ping itself is not. I'm sure this kind of configuration worked at some point, there might have been a regression. If you can provide a stub NSS module that links libthr and demonstrates the issue, it would be useful. > Look at the screenshot, it explains where fork() gets stuck. > https://photos.app.goo.gl/T1B3Fo1hg6z7r3vZ6 And there are no other threads in the process?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?X/ndxoPtkWs%2BOPij>