Date: Wed, 20 Jan 2016 08:27:07 +0000 From: Matthew Seaman <matthew@FreeBSD.org> To: freebsd-questions@freebsd.org Subject: Re: resolver not working in a chroot Message-ID: <569F44DB.4080406@FreeBSD.org> In-Reply-To: <569eeb77.GFz8dwXgj3CL44SN%perryh@pluto.rain.com> References: <569e05b6.2RStkLc7SZIg/dVM%perryh@pluto.rain.com> <569E12B2.5090302@freebsd.org> <569eeb77.GFz8dwXgj3CL44SN%perryh@pluto.rain.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On 20/01/2016 02:05, Perry Hutchison wrote: > Matthew Seaman <matthew@freebsd.org> wrote: >> On 01/19/16 09:45, Perry Hutchison wrote: >>> The resolver is not working in a chroot (to the 10.2 memstick image, >>> with its /tmp, /var/run, and /var/tmp made writable by mounting tmpfs >>> on them): >>> # chroot -u 0 -g 0 -G 105,0,5,20,25 /mnt ping pkg.FreeBSD.org >>> ping: cannot resolve pkg.FreeBSD.org: Host name lookup failure >>> but it works when not in a chroot: >>> # ping pkg.FreeBSD.org >>> PING pkg.FreeBSD.org (96.47.72.71): 56 data bytes >>> 64 bytes from 96.47.72.71: icmp_seq=0 ttl=51 time=97.329 ms >>> ... >>> What would cause this? >> >> You've mounted the 10.2 memstick image on /mnt? > > Yes. > >> Do you have a devfs mounted inside the chroot? Try running: >> >> # mount -t devfs devfs /mnt/dev >> >> and then try your chroot'ed command again. Interesting to see >> if that helps. > > The mount command worked -- there's now a devfs in the chroot > environment -- but it didn't help. I still get the same error. > I also tried running "mount -t devfs devfs /dev" in the chroot > (after unmounting /mnt/dev), and that didn't help either. > > There must be some difference in the lookup mechanisms between > the resolver and host(1), since host(1) works in the chroot. Yes. host(1) uses only the DNS, whereas the general resolver functions can use all sorts of resolution mechanisms -- see nsswitch.conf(5). In order to track down exactly what the problem is I'd be running that ping command under truss(1) to try and spot what the failure is. That's not guaranteed to work, nor is it generally completely obvious from the truss output what the trouble may be. My guess though is that something is read-only which the system expects to be read-write. Cheers, Matthew [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 iQJ8BAEBCgBmBQJWn0TbXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkATjVsP/jSqih4q+pSe4p8UsE962vyF 4/eKRuVU37i3JuFb3eSBSX4I+1C4A5KBJc8zr7xcOZf8xLZ2kWP78ByGe09Pr4k/ C8Fh5gPJVy8/Hex3xx2fkRisBxyPQHzNdYgv1qzDr4GD212byoZOc8FGalheK9Fv 7y1qrSSMQ9WtYIDYXtlunR0OT81DFI6Z4hD6CvrHa2XzaIwst6WZ9LUaB98Y+96E Gmn9pEvK7Pbormcr29MMcpc+zMSoRhmXTXmyqUCgSRP+oKKqd/3TvtcLvxM8j+at UIJsiD8IdcCOZcRXvrETwMYIzaUFJ4wD7adUmeQf5Ht3gElLOzjfIs88WDTLuDvI hNYwFKuVEmBG76RWOEC0S0u1j9RlN+gp5rf14d+JHoFfAnoA1eQmxOu1Rm9g6N6c wQF0tQpq9znbLJSKKrO4wOGIuRX9M3FHs5sYk8LruOOJZIjPSzErZuHPHu9Hykw7 gaFlPopGZX+688w2mf2cmqYwy6dl3ij4laTfa6xpW2mTIj6cq/Jzo3w4Xz0HwFUf Pq8D5vpHV10TJMYB7HcbXZNw3KeWkuvIJSzmJP2f1uFjfparkpEWQQaaWZDJDOfO 4YyQwAXGLqV8n8qkfcWpQMCbqEgUs5AfhFRDSR5itjUhue5MfW6JuWk9RumtmUz/ /jREtzm/gyeDNmCaMIHS =t3wf -----END PGP SIGNATURE-----help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?569F44DB.4080406>