Re: docs/142341: jail(8): Jail escape when cwd is moved from the host system
Old Synopsis: [jail] Jail escape when cwd is moved from the host system New Synopsis: jail(8): Jail escape when cwd is moved from the host system State-Changed-From-To: open->analyzed State-Changed-By: linimon State-Changed-When: Tue Jan 5 20:52:25 UTC 2010 State-Changed-Why: Apparently this is the expected behavior and just needs to be documented. Responsible-Changed-From-To: freebsd-jail->freebsd-doc Responsible-Changed-By: linimon Responsible-Changed-When: Tue Jan 5 20:52:25 UTC 2010 Responsible-Changed-Why: http://www.freebsd.org/cgi/query-pr.cgi?pr=142341 ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: kern/142341: [jail] Jail escape when cwd is moved from the host system
The following reply was made to PR kern/142341; it has been noted by GNATS. From: "Bjoern A. Zeeb" To: bug-follo...@freebsd.org, ve...@kajtaz.net Cc: Subject: Re: kern/142341: [jail] Jail escape when cwd is moved from the host system Date: Tue, 5 Jan 2010 19:36:36 + (UTC) Hi, this is the expected behaviour but is probably not explicitly documented. Patches to update the man page are welcome. -- Bjoern A. Zeeb It will not break if you know what you are doing. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: kern/142341: [jail] Jail escape when cwd is moved from the host system
Old Synopsis: Jail escape when cwd is moved from the host system New Synopsis: [jail] Jail escape when cwd is moved from the host system Responsible-Changed-From-To: freebsd-bugs->freebsd-jail Responsible-Changed-By: linimon Responsible-Changed-When: Tue Jan 5 16:44:47 UTC 2010 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=142341 ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: starting jails in the background & dependencies
On 1/5/10 5:35 AM, Remko Lodder wrote: My first reaction is to only allow to start in the background, but everything else needs to be serialized. i second that 'start in parallel', stop in serial, however, even with stop in serial, if I have 64 jails, even in a fast, quad/quad core system, I find that I stop jails prior to reboot/shutdown. even at that, for some reason, mysql doesn't always stop. in reboot, it does take a LONG time for them to all come up. -- Michael Scheidell, CTO Phone: 561-999-5000, x 1259 > *| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best Anti-Spam Product 2008, Network Products Guide * King of Spam Filters, SC Magazine 2008 _ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.spammertrap.com _ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: starting jails in the background & dependencies
On Tue, January 5, 2010 11:24 am, Alexander Leidinger wrote: > On Mon, 07 Dec 2009 08:03:53 +0100 Alexander Leidinger > wrote: > >> Hi, >> >> now that jails are started in the background (which is good, to > > I just realized yesterday that it also stops in parallel (in the > background). This is bad. It may be the case that a jail is not fully > stopped via the rc scripts when the OS decides to kill the remaining > processes during a shutdown. > > My first reaction is to only allow to start in the background, but > everything else needs to be serialized. > > Any objections or better ideas out there? > > Bye, > Alexander. > I think the best way at this moment is to revert the change ( I can do that , or someone else, I dont mind ) and think of a better concept. Simon also mentioned that he didn't like the current way of doing things, so I kept it in, for possible suggestions. Reverting the change would mean that the old behaviour at least works and is with what people are used to. We can then further improve it where needed. Cheerio, Remko -- /"\ Best regards, | re...@freebsd.org \ / Remko Lodder | re...@efnet Xhttp://www.evilcoder.org/ | / \ ASCII Ribbon Campaign | Against HTML Mail and News ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: starting jails in the background & dependencies
Alexander Leidinger wrote: On Mon, 07 Dec 2009 08:03:53 +0100 Alexander Leidinger wrote: Hi, now that jails are started in the background (which is good, to I just realized yesterday that it also stops in parallel (in the background). This is bad. It may be the case that a jail is not fully stopped via the rc scripts when the OS decides to kill the remaining processes during a shutdown. My first reaction is to only allow to start in the background, but everything else needs to be serialized. Any objections or better ideas out there? Maybe stopping can be done in parallel, but rc script should wait (in loop) until all jails are stopped or some configurable timeout (for example 60 seconds). Miroslav Lachman ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: starting jails in the background & dependencies
On Mon, 07 Dec 2009 08:03:53 +0100 Alexander Leidinger wrote: > Hi, > > now that jails are started in the background (which is good, to I just realized yesterday that it also stops in parallel (in the background). This is bad. It may be the case that a jail is not fully stopped via the rc scripts when the OS decides to kill the remaining processes during a shutdown. My first reaction is to only allow to start in the background, but everything else needs to be serialized. Any objections or better ideas out there? Bye, Alexander. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
