Date: Sun, 29 Jan 2012 14:25:13 +0100 From: Jilles Tjoelker <jilles@stack.nl> To: Garrett Cooper <yanegomi@gmail.com> Cc: freebsd-rc@freebsd.org, simon <simon@nitro.dk>, Brooks Davis <brooks@freebsd.org> Subject: Re: Bumping a pet bug Message-ID: <20120129132513.GA97754@stack.nl> In-Reply-To: <CAGH67wRHCwrnx408T4BERsqfDKGc8MgkSqJmcRCKPk0nGxdHHw@mail.gmail.com> References: <4F14F4FF.902@erdgeist.org> <20120120230300.GE87357@lor.one-eyed-alien.net> <cf3505af4577b689ea951e21ef51bcb5@nitro.dk> <20120121233757.GB31224@deviant.kiev.zoral.com.ua> <d56e9dd1453df77df868fa3cbb33a0ff@nitro.dk> <alpine.BSF.2.00.1201221439570.96980@erdgeist.org> <CAGH67wRHCwrnx408T4BERsqfDKGc8MgkSqJmcRCKPk0nGxdHHw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jan 22, 2012 at 12:46:10PM -0800, Garrett Cooper wrote: > On Sun, Jan 22, 2012 at 5:46 AM, Dirk Engling <erdgeist@erdgeist.org> wrote: > > Here is the output I get from not running the jail script as root: > > Starting jails:mount_nullfs: Operation not permitted > > devfs rule: ioctl DEVFSIO_RGETNEXT: Operation not permitted > > mount: dev : Operation not permitted > > /etc/rc.d/jail: WARNING: devfs_domount(): Unable to mount devfs on > > /usr/jails/foo.com/dev > > /etc/rc.d/jail: WARNING: devfs_mount_jail: devfs was not mounted on > > /usr/jails/foo.com/dev > > ln: log: Permission denied > > mount: /usr/jails/foo.com/dev/fd: No such file or directory > > mount: proc : Operation not permitted > > cannot start jail "foo_com": > Probably a simple case of lack of set -e in the script with > appropriate error catching logic. The jailme and portsjail [*] scripts > had similar issues. You cannot use 'set -e' in rc.d scripts as it must be off both while sourcing /etc/rc.subr and while calling any function defined by it. Violating this may lead to unexpected exits of scripts. I think 'set -e' is not a "handle all my errors for me" panacea. If the script is any more complicated than just a sequence of commands, 'set -e' will very likely not do what you want. For example, if a compound command or function call is "tested", -e is ignored during all of it. The exact meaning of 'set -e' has changed several times, yet these problems have not been solved. I don't think it can be "fixed", so the least bad thing is to follow POSIX so the wrongness is at least consistent. (Unfortunately, there are still people trying to "fix" -e in POSIX in 2012.) Instead of -e, use explicit error checks such as with || or &&. -- Jilles Tjoelker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120129132513.GA97754>