Hi Simon,
Thanks very much for the patch :)
On Fri, 27 Jul 2007 11:07:29 +0200, Simon L. Nielsen wrote:
Your patch is very close to the correct/cleaner patch which is
attached. How exactly does it fail without your patch? Does it say
cannot open : No such file or directory and then no jails
Hi,
I'm dredging up an old issue here, but it appears to be unresolved in
RELENG_5_5 at this time. After upgrading to 5.5-RELEASE-p14, I found that
my jails wouldn't start anymore, and it comes down to this bit again. By
way of explanation, I'll include the patch for what I changed.
---
On 2007.07.27 17:12:34 +1000, Joel Hatton wrote:
I'm dredging up an old issue here, but it appears to be unresolved in
RELENG_5_5 at this time. After upgrading to 5.5-RELEASE-p14, I found that
my jails wouldn't start anymore, and it comes down to this bit again. By
way of explanation, I'll
On Sat, Jan 20, 2007 at 03:24:23PM +0100, Alexander Leidinger wrote:
Quoting Pawel Jakub Dawidek [EMAIL PROTECTED] (Sat, 20 Jan 2007 14:03:08
+0100):
I fully agree that console.log should be outside a jail. At least noone
proposed safe solution so far, which also means it's not an easy
Quoting Pawel Jakub Dawidek [EMAIL PROTECTED] (from Tue, 23 Jan 2007
12:34:44 +0100):
On Sat, Jan 20, 2007 at 03:24:23PM +0100, Alexander Leidinger wrote:
Quoting Pawel Jakub Dawidek [EMAIL PROTECTED] (Sat, 20 Jan 2007
14:03:08 +0100):
I fully agree that console.log should be outside a
On Tue, Jan 23, 2007 at 01:25:08PM +0100, Alexander Leidinger wrote:
Quoting Pawel Jakub Dawidek [EMAIL PROTECTED] (from Tue, 23 Jan 2007
12:34:44 +0100):
It looks like it may work, but I still find it a bit risky. If sh(1) can
reopen the file under some conditions or someone in the future
Hi Colin,
On Thu, Jan 11, 2007 at 04:51:02PM -0800, Colin Percival wrote:
Hello Everyone,
I usually let security advisories speak for themselves, but I want to call
special attention to this one: If you use jails, READ THE ADVISORY, in
particular the NOTE WELL part below; and if you have
On 2007.01.13 12:29:37 +0100, Pawel Jakub Dawidek wrote:
On Thu, Jan 11, 2007 at 04:51:02PM -0800, Colin Percival wrote:
Hello Everyone,
I usually let security advisories speak for themselves, but I want to call
special attention to this one: If you use jails, READ THE ADVISORY, in
On Sat, Jan 20, 2007 at 01:24:33PM +0100, Simon L. Nielsen wrote:
[...]
BTW. with regard to the console.log file I really don't think it
should be put back inside the jail unless it's possible to make the
generation of the file entirely inside the jail since it's just not
worth the
On 2007.01.20 14:03:08 +0100, Pawel Jakub Dawidek wrote:
On Sat, Jan 20, 2007 at 01:24:33PM +0100, Simon L. Nielsen wrote:
[...]
BTW. with regard to the console.log file I really don't think it
should be put back inside the jail unless it's possible to make the
generation of the file
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pawel Jakub Dawidek wrote:
When -J operates on a file inside a jail, it create the same security
hole as the one from security advisory, because it opens a file before
calling jail(2).
I fully agree that console.log should be outside a jail. At
Quoting Pawel Jakub Dawidek [EMAIL PROTECTED] (Sat, 20 Jan 2007 14:03:08
+0100):
I fully agree that console.log should be outside a jail. At least noone
proposed safe solution so far, which also means it's not an easy fix.
What's unsafe about my proposal? I did had a look at the code now, and
* Colin Percival [EMAIL PROTECTED] [12.01.2007 06:53]:
Hello Everyone,
I usually let security advisories speak for themselves, but I want to call
special attention to this one: If you use jails, READ THE ADVISORY, in
particular the NOTE WELL part below; and if you have problems after
On Thu, Jan 11, 2007 at 04:51:02PM -0800, Colin Percival wrote:
Hello Everyone,
I usually let security advisories speak for themselves, but I want to call
special attention to this one: If you use jails, READ THE ADVISORY, in
particular the NOTE WELL part below; and if you have problems
Hello Everyone,
I usually let security advisories speak for themselves, but I want to call
special attention to this one: If you use jails, READ THE ADVISORY, in
particular the NOTE WELL part below; and if you have problems after applying
the security patch, LET US KNOW -- we do everything we can
Colin Percival wrote:
Hello Everyone,
I usually let security advisories speak for themselves, but I want to call
special attention to this one: If you use jails, READ THE ADVISORY, in
particular the NOTE WELL part below; and if you have problems after applying
the security patch, LET US
Mark Andrews wrote:
I'm not sure I understand that quite correct, where is this problem
appearing?
Other things:
tail is used in line 230: tail -r ${_fstab} | while read _device
_mountpt _rest; do
If the per-jail fstab is larger than 10 lines, which is the default of
tail to show, the
I'm not sure I understand that quite correct, where is this problem
appearing?
Other things:
tail is used in line 230: tail -r ${_fstab} | while read _device
_mountpt _rest; do
If the per-jail fstab is larger than 10 lines, which is the default of
tail to show, the remaining
Philipp Wuensche wrote:
Colin Percival wrote:
In the end we opted to reduce functionality (the jail startup process is
no longer logged to /var/log/console.log inside the jail)
Thats a bummer, when Dirk showed me this problem the first time my ideas
for fixing this problem without losing
19 matches
Mail list logo