Am 30.07.2024 um 17:29 schrieb Daniel Golle:
On Tue, Jul 30, 2024 at 03:40:25PM +0200, e9hack wrote:
Hi,
if a process is started via procd in a jail and uses some files, changes to
those files outside the jail are not reflected inside the jail. For E.g.
dnsmasq runs in a jail. The configuration is changed, that only the host file
does change. Sending SIGHUP to dnsmasq results in reloading of the unmodified
host file.
Is it possible to change this behaviour?
What you are observing is typically caused by the file being replaced
rather than edited. In that case, the mount-bind on the old file will
remain, and you will not be able to access the new (replacement) file
inside the jail. This is due to the nature of mount --bind which
attaches itself to a specific inode on the filesystem rather than to
a filename.
There are two ways to work around this problem:
1. Actually edit instead of replace the file.
2. procd_add_jail_mount_ro a folder instead of a file. In that way, the
replaced file will also show up.
dnsmasq.init replaces the host file but mounts usually the folder of the
host file. I've two instances of dnsmasq running, which needs different
host files. I set the option 'ignore_hosts_dir=1' for both instances.
As in most cases only strategy 2 is truely a good option we have already
moved resolv.conf.auto into a folder of its own. If the same problem
also occurs for other dnsmasq config files, we shall introduce a folder
for all of them and add that using procd_add_jail_mount_ro to make it
accessible inside the jail instead of calling procd_add_jail_mount_ro for
individual files.
I think for the host file is this necessary and maybe for all files, which
dnsmasq can reload at SIGHUP.
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
