conf/179828: [PATCH] rc.d/syslogd link socket to /dev/log fails in jails

John Marshall john.marshall at riverwillow.com.au
Sat Jun 22 02:10:02 UTC 2013 

>Number:         179828
>Category:       conf
>Synopsis:       [PATCH] rc.d/syslogd link socket to /dev/log fails in jails
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jun 22 02:10:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     John Marshall
>Release:        FreeBSD 9.1-RELEASE-p4 i386
>Organization:
Riverwillow Pty Ltd
>Environment:
System: FreeBSD rwpc15 9.1-RELEASE-p4 FreeBSD 9.1-RELEASE-p4 #0 r251961: Wed Jun 19 18:10:39 AEST 2013 root at rwpc15:/usr/obj/build/src/sys/RWPC15 i386


	
>Description:

syslogd startup in a jail always displays the following messages:

  ln: /dev/log: Operation not permitted
  Starting syslogd.

The final paragraph of syslogd(8) states:

  "The log socket was moved from /dev to ease the use of a read-only
   root file system.  This may confuse some old binaries so that a
   symbolic link might be used for a transitional period."

The suggested symbolic link is created by etc/rc.d/syslogd at startup if
there is no /dev/log link already in place.  Creation of the symbolic
link is not possible in a jail.  ln(1) emits the failure message when
link creation is attempted within a jail.

>How-To-Repeat:

 - Create a jail(8)
 - /etc/rc.d/syslogd start (from within the jail)

>Fix:

The attached patch to etc/rc.d/syslogd tests to make sure that we are
*not* in a jail prior to attempting creation of the /dev/log link to the
syslogd log socket.

BUT...

Given that creation of this link was intended to be for a TRANSITIONAL
period, and that it has existed for ever (well, ever since importing the
rc.d scripts (r78344) from NetBSD in 2001) perhaps it might be time to
retire this link creation altogether or, at least, make it optional via
rc.conf (syslogd_link_devlog="NO")?


Index: etc/rc.d/syslogd
===================================================================
--- etc/rc.d/syslogd	(revision 251961)
+++ etc/rc.d/syslogd	(working copy)
@@ -25,9 +25,9 @@
 {
 	local _l _ldir
 
-	#	Transitional symlink for old binaries
+	#	Transitional symlink for old binaries (not possible in jails)
 	#
-	if [ ! -L /dev/log ]; then
+	if [ ! -L /dev/log -a `$SYSCTL_N security.jail.jailed` -eq 0 ]; then
 		ln -sf /var/run/log /dev/log
 	fi
 	rm -f /var/run/log
--- syslogd.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list