linprocfs and linux_base port upgrade
Mars G. Miro
marsgmiro at gmail.com
Tue Feb 21 19:01:59 PST 2006
On 2/22/06, Kris Kennaway <kris at obsecurity.org> wrote:
> On Wed, Feb 22, 2006 at 09:53:36AM +0800, Mars G. Miro wrote:
> > >>
> > >> Actually, this unmount ... remount situation is pretty evil. For
> > >> example, it prevents users from building linux_base in a jail. In
> > >> fact I'd like to switch to building packages in jails instead of
> > >> chroots on the package cluster, but this is the major reason I can't.
> >
> > I have been able to build linux_base in a jail, but I had to turn on a
> > few sysctl jail knobs on the main host (see more below)
> >
> > > Not to mention that the umount isn't always reliable for some reason:
> > > the linux_base-8 package build often fails with this:
> >
> > > ===> Checking if emulators/linux_base-8 already installed
> > > Un-mounting linprocfs...
> > > kern.fallback_elf_brand: -1 -> 3
> > > redhat-release-8.0-8.noarch.rpm
> > > glibc-common-2.3.2-4.80.8.i386.rpm
> > > glibc-2.3.2-4.80.8.i386.rpm
> > > setup-2.5.20-1.noarch.rpm
> > > filesystem-2.1.6-5.noarch.rpm
> > > unpacking of archive failed on file /proc: cpio: chown failed -
> Operation not
> > > supported
> >
> > I usually have, in /etc/sysctl.conf:
> > ...
> >
> > # for the Jails
> > security.jail.allow_raw_sockets=1
> > security.jail.sysvipc_allowed=1
> > security.jail.chflags_allowed=1
> > ...
> >
> > I think that last error you got has something todo w/ enabling the
> > chflags sysctl jail.
>
> No, it's because it tried and failed to umount linprocfs. Presumably
> you didnt have linprocfs mounted in your jail, but some packages
Well mounting/unmounting stuff inside the jail is a pain. I now recall
I had to mount linprocfs from the host to the jail, thus I was able to
build them. Hrm, perhaps its time for jail_<jailname>_linprocfs_enable
(as with devfs inside a jail) ...
Also some of the linux ports checks either fstab or mount for
linprocfs, I had to at least set security.jail.enforce_statfs=1.
> require this so I have to have it present always.
>
> Kris
>
>
cheers
mars
More information about the freebsd-emulation
mailing list