DNS using Name Service Switch module and Casper
Vasily Postnicov
shamaz.mazum at gmail.com
Sun Jan 10 13:32:27 UTC 2021
This is as minimal as I can get. If I knew where to find, what to fix, I
would never waste my time seeking for help on mailing lists.
Just put FreeBSD in that damn bhyve and play with it, get your hands dirty,
you are the developer after all, not me! Your knowledge of FreeBSD is
supposedly much greater that mine.
For me acceptable solutions are:
1) Remove unsandboxed call to getaddrinfo() from ping.
2) Do not compile with that casper crap which gives false sense of security
or whatsoever.
I just wanted to help you find a bug where fork() hangs for no reason. So I
provided you with all I can get from this situation. Just 20 lines of code
to reproduce the bug. And you tell me this is not what you want. So what do
you want? A patch that fixes your problem?
Sorry for harsh words in your address. But in such situations I question
myself should I really report anything and ask anything in FreeBSD
community.
Btw, if you are still interested, I think I can provide you with the whole
bhyve image in which you can reproduce the bug. It contains modified
/etc/nsswitch.conf if you cannot change it yourself.
сб, 9 янв. 2021 г., 21:47 Konstantin Belousov <kostikbel at gmail.com>:
> On Sat, Jan 09, 2021 at 08:25:46PM +0300, Vasily Postnicov wrote:
> > Brilliant! It took me almost a day to dive into ZeroMQ to reassure
> > myself that there is nothing wrong with it. When I tried to write
> > minimal test programs which call fork after pthread_create() in all
> > combinations. When I realized that NSS stub module is what I need.
> >
> > Instructions:
> >
> > 1) Compile NSS stub module: cc -shared -fPIC -pthread -o
> > nss_zerodns.so.1 test.c (Note '.1' at the end).
> > 2) Copy nss_zerodns.so.1 to /usr/local/lib
> > 3) Apply the patch src_sbin_ping_main.c to ping source code. With this
> > patch ping will not quit too early when the initial call to
> > getaddrinfo() fails.
> > 4) Add stub module to /etc/nsswitch.conf: edit 'hosts' line to be
> > 'hosts: files dns zerodns'
> > 5) Ping non-existent host, like 'ping foo.bar'
> > 6) Ping will hang. The child process which it creates cannot be killed
> > even with killall -9 ping
>
> This is exactly what I do not want. Provide a standalone binary (or
> binaries) that can be just run and demonstrate the issue. Without
> editing nsswitch.conf or patching ping.
>
More information about the freebsd-net
mailing list