On 20/08/2013 12:50, Karl Pielorz wrote:
--On 20 August 2013 08:27 +0100 Arthur Chance <free...@qeng-ho.org> wrote:
In the source the exec.fib parameter is given as an integer, so the
quotes probably shouldn't be there, but I'm not sure whether it matters.
I tried it just as 'exec.fib = 1;' originally, and it makes no
difference :(
There's definitely a setfib call in the source that's done if exec.fib
exists. All I can think of right now is that you try firing up the jail
using the -v verbose flag. This should show everything the jail command
does as the jail is created.
Ok, I tried that and got:
"
root# jail -v -c jail
jail: run command: /sbin/mount -t devfs -oruleset=4 . /usr2/jails/jail/dev
jail: jail_set(JAIL_CREATE) persist name=jail devfs_ruleset=4 jid=100
path=/usr2/jails/jail host.hostname=jail.somedomain.com
ip4.addr=192.186.0.20 allow.raw_sockets
jail: created
jail: run command in jail: /bin/sh /etc/rc
Setting hostname: jail.somedomain.com
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib
32-bit compatibility ldconfig path: /usr/lib32
Creating and/or trimming log files.
ln: /dev/log: Operation not permitted
Starting syslogd.
Clearing /tmp (X related).
Updating motd:.
Starting cron.
Tue Aug 20 11:39:20 UTC 2013
jail: jail_set(JAIL_UPDATE) jid=100 nopersist
"
Certainly more detail, but no mention of fib's :( - I tried it both
with, and without quotes around the FIB value. You can also see I have
raw sockets available for debugging.
I can't test this directly, as I'm running a generic kernel so only have
one fib. However, if I add the invalid (under GENERIC) "exec.fib = 1;"
to my jail.conf and try launching the jail with -v I get (slightly cut)
testjail: run command: /sbin/mount -t devfs -oruleset=4 .
/jails/jail/testjail/root/dev
testjail: jail_set(JAIL_CREATE) persist name=testjail enforce_statfs=2
ip6=disable path=/jails/jail/testjail/root
host.hostname=testjail.home.qeng-ho.org allow.set_hostname=false
ip4.addr=172.16.4.2 securelevel=1
testjail: created
testjail: run command in jail: /bin/sh /etc/rc
jail: testjail: setfib: Invalid argument
jail: testjail: /bin/sh /etc/rc: failed
testjail: removed
so it certainly has tried the setfib and knows it has failed.
And that's just made me think of something else - I have a horrible
feeling that jexec will attach to the jail using whatever fib it's
running under, i.e. the fib from the host environment. Do you have (or
can you enable) ssh running in the jail? If so, log into the jail that
way, and see what
sysctl net.my_fibnum
shows then, because you'll be running under the environment created by
/etc/rc.
--
In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a
new race of servants. Called Uruk-Oh-Hai in the Black Speech, they
were cruel and delighted in torturing spelling and grammar.
_Lord of the Rings 2.0, the Web Edition_
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
