[CFT] capsicum patches for rtsol(8) and rtsold(8)

Wed Oct 24 19:56:32 UTC 2018

On Mon, Oct 22, 2018 at 11:57:44AM +0000, Bjoern A. Zeeb wrote:
> On 16 Oct 2018, at 20:04, Mark Johnston wrote:
> 
> > On Tue, Oct 16, 2018 at 06:29:49PM +0000, Bjoern A. Zeeb wrote:
> >> On 16 Oct 2018, at 16:53, Mark Johnston wrote:
> >>
> >>> On Tue, Oct 16, 2018 at 04:06:43PM +0000, Bjoern A. Zeeb wrote:
> >>>> On 15 Oct 2018, at 19:42, Mark Johnston wrote:
> >>>>
> >>>>> https://people.freebsd.org/~markj/patches/rtsold_capsicum.diff
> >>>>
> >>>> (0) the git rename doesn’t really work when applying the diff 
> >>>> with
> >>>> FreeBSD’s patch so the mv has to be done manually
> >>>>
> >>>> (1) the rtsol Makefile also needs cap_syslog and util to link to
> >>>> otherwise rtsold.c has unresolved symbols
> >>>>
> >>>> (2) rtsol seem to have worked when manually invoked;
> >>>> /etc/resolv.conf
> >>>> was created (I had rm’ed it) and the 3 nameserver lines
> >>>> re-appeared;
> >>>> sorry can’t test the search string here
> >>>>
> >>>> (3) rtsold crashes:
> >>>
> >>> Thanks.  I made some last-minute changes and forgot to retest, of
> >>> course. :(
> >>>
> >>> I uploaded a new patch which should fix all of these issues - could
> >>> you
> >>> give it a try?
> >>
> >> With the old and new patch:
> >>
> >> root at i386-a3-carp:/usr/src/sbin/rtsol # rtsol vtnet0
> >> failed to run script: Invalid argument
> >>
> >> Hadn’t noticed that before.
> >
> > That's a cosmetic bug.  I uploaded a new patch which should fix it.
> 
> Same URL?  I’d try to test that tomorrow then.

Yes, I just uploaded a new version of the patch to
https://people.freebsd.org/~markj/patches/rtsold_capsicum.diff and would
appreciate any further testing that you can do.

> >> Also on a running system:
> >>
> >> root at i386-a3-carp:/ # rm /etc/resolv.conf
> >> root at i386-a3-carp:/ # cat /etc/resolv.conf
> >> cat: /etc/resolv.conf: No such file or directory
> >> root at i386-a3-carp:/ # sh /etc/rc.d/rtsold restart
> >> Stopping rtsold.
> >> Waiting for PIDS: 1047.
> >> Starting rtsold.
> >> root at i386-a3-carp:/ # cat /etc/resolv.conf
> >> cat: /etc/resolv.conf: No such file or directory
> >
> > resolvconf -a will only update /etc/resolv.conf if the info in
> > /var/run/resolvconf/interfaces/vtnet0 has changed, I believe.  Try
> > deleting that file too, and then try running rtsol.
> 
> When I deleted /etc/resolv.conf and then rtsol manually it had 
> re-appeared.  Unclear to me what was in /var/run; I just wanted to point 
> out the difference in behaviour;  maybe you are right;  I’ll go and 
> check if deleting in /var/run/ as well makes a difference.

I don't observe that behaviour with either the stock or patched
rtsol(8): for resolvconf(8) to update /etc/resolv.conf (or re-generate
it), something under /var/run/resolvconf/interfaces needs to have
changed.  So, in my case, deleting /etc/resolv.conf *and*
/var/run/resolvconf/interfaces/re0:slaac will cause resolv.conf to be
regenerated once rtsold(8) decides to re-run resolvconf(8), but
deleting resolv.conf on its own will not.