[Bug 181794] jexec(8) runs commands in Jails without taking into account of the Jail's FIB
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Jun 19 09:23:26 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=181794
--- Comment #5 from Marie Helene Kvello-Aune <marieheleneka at gmail.com> ---
I propose we rather make jail(8) store the default FIB in the prison struct
(alongside where the jails VNET and start-up parameters are stored), and have
jexec(8) use this information to execute commands using the expected FIB.
This will likely break the following command:
# setfib 3 jexec some_jail_with_default_fib_2 ping 10.0.3.1
as jexec would now blindly set the FIB to 2 and not the expected 3, as there
doesn't seem to be any way to tell if it was called using inherited FIB or
explicitly set FIB.
Therefore, my proposed fix will break current behavior, but will make jexec(8)
behave as intuitively expected.
Furthermore, the new behavior would be in line with my understanding of how
calling cpuset(1) before executing a command in a jail which has a configured
cpu mask would work: It'd pretty much ignore the preceding cpuset(1) call.
(Please do correct me if I'm wrong.)
I've already begun working on a patch implementing the above. Will submit a
review once it's in a workable state, and update this bug.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-jail
mailing list