>Number: 181794
>Category: misc
>Synopsis: jexec runs commands in Jails without taking into account of
>the Jail's FIB
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Sep 04 06:10:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Karl Pielorz
>Release: 9.2-BETA2 amd64
>Organization:
>Environment:
FreeBSD somehost.somedomain.com 9.2-BETA2 FreeBSD 9.2-BETA2 #0 r253951M: Mon
Aug 12 09:39:57 BST 2013 [email protected]:/sys/amd64/compile/GENERIC
amd64
>Description:
When using jails, if you specify a FIB to be used in the jail (so it can have
it's own copy of the routing table) - running commands with 'jexec' ignores
this FIB - and launches the command specified using the system default FIB
(i.e. FIB 0).
This makes troubleshooting FIB issues very tricky unless you're aware of this
issue (think lots of lost hours! :)
>How-To-Repeat:
Setup the system to support FIBs (multiple routing tables) - and configure a
jail to use a specific FIB, i.e. using '/etc/jail.conf' - e.g.
jail {
[blah]
exec.fib = 1;
}
When you launch the jail with 'jail -c jail' it will be created, and it will
use the FIB specified.
If you then attach to the jail, e.g. using 'jexec 1 tcsh' - that process will
be launched with the default FIB (i.e. FIB 0) - and not the one that the jail
is using.
>Fix:
Either jexec documentation needs a warning that it will launch the process with
the default FIB - not the one for the jail, and that you should use 'setfib
jail-fib jexec 1 tcsh'.
Or, have jexec actually honour the FIB set in /etc/jail.conf - so that 'jexec 1
tcsh' will set the correct FIB before launching the tcsh in jail #1.
>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
