On Tue, Oct 10, 2017 at 09:10:37PM +0000, Oleg Ginzburg wrote: > I think I found something, but I do not understand why this is only > observed in jail and with commit change this. > The problem about which the Goran wrote can be fixed with: > > # diff -ruN dhclient.c-orig dhclient.c > --- dhclient.c-orig 2017-10-10 23:51:52.451361000 +0000 > +++ dhclient.c 2017-10-10 23:54:55.803404000 +0000 > @@ -479,6 +479,7 @@ > > fork_privchld(pipe_fd, pipe_fd); > > + pidfile_close(pidfile); > close(ifi->ufdesc); > ifi->ufdesc = -1; > close(ifi->wfdesc); > > > > > From pidfile(3) man page: > > The pidfile_close() function closes a pidfile. It should be used after > daemon fork()s to start a child process. > > > chroot(2) in dhclient return NOPERM (via global errno). it seems to be > related to open descriptor outside the chroot. > > I'm not sure if this fd leak (due to pidfile_remove at the end of > dhclient), nevertheless closing pid fd in my jail/FreeBSD12 before chroot > solve dhclient issue.
I can confirm Oleg's patch works for me. Weird one, for sure!
Description: PGP signature