IPCS resource access within a down-level jail?

David Wolfskill david at catwhisker.org
Tue Oct 16 20:51:51 UTC 2012 

[Please include me in responses; I've set Reply-To as a hint.  Thanks!]

A colleague had been running a program that makes use of IPCS message
queues in a 7.x/i386 environment.

He was moved to a 32-bit 7.x-based jail instantiated on an 8.x/amd64
host.

Within that jail, "ipcs -a" now fails to come anywhere near close to
reporting what it does outside the jail.

I then performed an experiment: I created a 7.x/i386 jail on my
9.x/i386 laptop.  I verified that "ipcs -a" (outside the jail) shows
Stuff:

d134(9.1-P)[1] ipcs -a
Message Queues:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP                 CBYTES                 QNUM               QBYTES        LSPID        LRPID STIME    RTIME    CTIME   

Shared Memory:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP         NATTCH        SEGSZ         CPID         LPID ATIME    DTIME    CTIME   
m       393216            0 --rw------- david    david    david    david               2       393216         3671         3147  8:23:37 no-entry  8:23:37
m       851969            0 --rw------- david    david    david    david               2       262080         3861         3147  9:24:09 no-entry  9:24:09
m       458754            0 --rw------- david    david    david    david               2       384000         3861         3147  9:24:09 no-entry  9:24:09

Semaphores:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP          NSEMS OTIME    CTIME   

d134(9.1-P)[2] 


Inside the jail, using the 7.x version of ipcs, I get:

%ipcs -a
ipcs: sysctlbyname: kern.ipc.msqids: Cannot allocate memory
%

I then recompiled the 9.x versions of ipcs & ipcrm and linked them
statically; running that verion of ipcs, I see:

%~/bin/!!
~/bin/ipcs -a
Message Queues:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP                 CBYTES                 QNUM               QBYTES        LSPID        LRPID STIME    RTIME    CTIME   

Shared Memory:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP         NATTCH        SEGSZ         CPID         LPID ATIME    DTIME    CTIME   
m       393216            0 --rw------- david    david    david    david               2       393216         3671         3147 15:23:37 no-entry 15:23:37
m       655362            0 --rw------- david    david    david    david               2       262080         3861         3147 18:39:30 no-entry 18:39:30

Semaphores:
T           ID          KEY MODE        OWNER    GROUP    CREATOR  CGROUP          NSEMS OTIME    CTIME   

%

Is this (inability to access IPCS resources properly within a
"down-level" jail) expected behavior?

Is there a sane(?) way to provide IPCS resources inside a down-level
jail?

Thanks!

Peace,
david
-- 
David H. Wolfskill				david at catwhisker.org
Taliban: Evil men with guns afraid of truth from a 14-year old girl.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20121016/8ef4a807/attachment.sig>

More information about the freebsd-questions mailing list