kern/89528: [jail] impossible to kill a jail
Ed Schouten
ed at fxq.nl
Thu Jan 4 20:49:54 UTC 2007
* Ed Schouten <ed at fxq.nl> wrote:
> As long as pty's have been allocated that have been created by threads
> in a jail, the prison structure has more references, causing the zombie
> jails to exist.
We could change the make_dev_credv() routine to crcopy() everything
except the prison when we're creating a node in a jail. The following
patch fixes the zombie jail bug on my machine:
--- src/sys/kern/kern_conf.c Fri Oct 20 09:59:50 2006
+++ src/sys/kern/kern_conf.c Thu Jan 4 21:36:44 2007
@@ -42,6 +42,7 @@
#include <sys/ctype.h>
#include <sys/tty.h>
#include <sys/ucred.h>
+#include <sys/jail.h>
#include <machine/stdarg.h>
#include <fs/devfs/devfs_int.h>
@@ -563,7 +564,15 @@
dev->si_flags |= SI_NAMED;
if (cr != NULL)
- dev->si_cred = crhold(cr);
+ if (cr->cr_prison == NULL) {
+ dev->si_cred = crhold(cr);
+ } else {
+ /* Don't let the node depend on a prison */
+ dev->si_cred = crget();
+ crcopy(dev->si_cred, cr);
+ prison_free(dev->si_cred->cr_prison);
+ dev->si_cred->cr_prison = NULL;
+ }
else
dev->si_cred = NULL;
dev->si_uid = uid;
Could other people experiencing this problem as well give this patch a
try? Thanks a lot!
Yours,
--
Ed Schouten <ed at fxq.nl>
WWW: http://g-rave.nl/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20070104/b519d626/attachment-0001.pgp
More information about the freebsd-hackers
mailing list