devd in jail

Wed Aug 9 19:14:23 UTC 2017

On Wed, Aug 9, 2017 at 12:47 PM, Giulio Ferro <auryn at zirakzigil.org> wrote:
> Hello all,
>
> Setup :  11.1-STABLE FreeBSD 11.1-STABLE #0 r321925M amd64
>
>
> I'm trying to create a fully virtualized desktop enviroment in a jail by
> means of installing there
> a xrdp-devel server + Xorg installation (xorg + xorgrdp).
>
> Everything seems to work until the moment when the X server actually tries
> to come up (after I choose session=xorg, username + password)
> In the X logs in the jail, in fact, I have this error:
>
> ...
> [  9768.824] (EE) config/devd: fail to connect to devd
> [  9768.824] [config] failed to initialise devd
>
>
> I've checked on the host machine, and I don't have that error as everything
> works fine there...
>
> In my jail, I've setup the devfs like this (/etc/jail.conf in the host):
>
> ---
> exec.start="/bin/sh /etc/rc";
> exec.stop="/bin/sh /etc/rc.shutdown";
> exec.clean;
> mount.devfs;
> devfs_ruleset=1;
>
> path="/usr/home/jail/$name";
>
> myjail {
>         host.hostname="myjail.me.com";
>         vnet;
>         vnet.interface = epair0b, epair1b;
>         persist;
> }
> ---
>
>
> and in the /etc/devfs.conf everythink is commented out.
>
> In the /dev directory in the jail, I get both the devctl and devctl2
> devices.
>
> As the devd demon is not running in the jail, I've tried adding
> devd_enable="YES"
>
> in the rc.conf (jail), but when I try to start it, I get:
>
> # /etc/rc.d/devd start
> Starting devd.
> devd: Can't open devctl device /dev/devctl: Device busy
> /etc/rc.d/devd: WARNING: failed to start devd
>
>
> Do you know if I'm doing something wrong, or there's a proper way to have
> devd running in the jail?
>
> I've thought that maybe I should use the devtcl2 device, as the devctl is
> used by the host,
> but I don't know how to specify that to devd...
>
> Thanks in advance for your help.
>
> Giulio

Unfortunately, you're not going to be able to run devd(8) in the jail.
/dev/devctl can be opened by only one reader at a time, and that
reader is always devd(8).  /dev/devctl2 is actually a completely
different device with a totally different interface.  Apologies for
the confusing names.  But you may not need to run a totally separate
instance of devd.  The X server is probably trying to open either
/var/run/devd.pipe or /var/run/devd.seqpacket.pipe.  ktrace would tell
you which.  If you can bridge those sockets into the jail, then X
would probably run.

-Alan