From tataz@tataz.chchile.org  Fri Sep 22 15:33:31 2006
Return-Path: <tataz@tataz.chchile.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 909DB16A40F;
	Fri, 22 Sep 2006 15:33:31 +0000 (UTC)
	(envelope-from tataz@tataz.chchile.org)
Received: from smtp4-g19.free.fr (smtp4-g19.free.fr [212.27.42.30])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0795643D6A;
	Fri, 22 Sep 2006 15:33:31 +0000 (GMT)
	(envelope-from tataz@tataz.chchile.org)
Received: from tatooine.tataz.chchile.org (tataz.chchile.org [82.233.239.98])
	by smtp4-g19.free.fr (Postfix) with ESMTP id 5842454B65;
	Fri, 22 Sep 2006 17:33:30 +0200 (CEST)
Received: from obiwan.tataz.chchile.org (unknown [192.168.1.25])
	by tatooine.tataz.chchile.org (Postfix) with ESMTP id 03A7F9B4C1;
	Fri, 22 Sep 2006 15:33:36 +0000 (UTC)
Received: by obiwan.tataz.chchile.org (Postfix, from userid 1000)
	id E397E408C; Fri, 22 Sep 2006 17:33:35 +0200 (CEST)
Message-Id: <20060922153335.E397E408C@obiwan.tataz.chchile.org>
Date: Fri, 22 Sep 2006 17:33:35 +0200 (CEST)
From: Jeremie Le Hen <jeremie@le-hen.org>
Reply-To: Jeremie Le Hen <jeremie@le-hen.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc: jeremie@le-hen.org, dougb@FreeBSD.org
Subject: [patch] named_chroot_autoupdate doesn't work in a jail
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         103489
>Category:       conf
>Synopsis:       [rc.d] [named] [jail] [patch] named_chroot_autoupdate doesn't work in a jail
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bz
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Sep 22 15:40:16 GMT 2006
>Closed-Date:    Tue Nov 17 21:29:39 UTC 2009
>Last-Modified:  Tue Nov 17 21:29:39 UTC 2009
>Originator:     Jeremie Le Hen
>Release:        FreeBSD 6.1-STABLE i386
>Organization:
>Environment:
System: FreeBSD obiwan 6.1-STABLE FreeBSD 6.1-STABLE #8: Sun Jun 25 18:27:14 CEST 2006 root@obiwan:/usr/obj/usr/src/sys/OBIWAN i386
>Description:
rc.d/named's chroot_autoupdate() unconditionnaly tries to mount devfs.
This is obviously not possible inside a jail.  Though already jailed,
one might want to run a chrooted named(8) inside a jail, in order to
hinder a possible bug exploitation.
This patch test the security.jail.jailed sysctl before performing the
devfs stuff.

Note this patch doesn't yet allow the user to run a chrooted named(8)
inside a jail; it must come along with PR conf/103486.
>How-To-Repeat:
Straightforward, see description.
>Fix:
Index: named
===================================================================
RCS file: /home/ncvs/src/etc/rc.d/named,v
retrieving revision 1.26
diff -u -p -u -p -r1.26 named
--- named	20 Apr 2006 12:30:12 -0000	1.26
+++ named	22 Sep 2006 15:23:45 -0000
@@ -59,10 +59,12 @@ chroot_autoupdate()
 
 	# Mount a devfs in the chroot directory if needed
 	#
-	umount ${named_chrootdir}/dev 2>/dev/null
-	devfs_domount ${named_chrootdir}/dev devfsrules_hide_all
-	devfs -m ${named_chrootdir}/dev rule apply path null unhide
-	devfs -m ${named_chrootdir}/dev rule apply path random unhide
+	if [ `sysctl -n security.jail.jailed` = 0 ]; then
+		umount ${named_chrootdir}/dev 2>/dev/null
+		devfs_domount ${named_chrootdir}/dev devfsrules_hide_all
+		devfs -m ${named_chrootdir}/dev rule apply path null unhide
+		devfs -m ${named_chrootdir}/dev rule apply path random unhide
+	fi
 
 	# Copy local timezone information if it is not up to date.
 	#
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-rc 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Fri Sep 22 18:09:28 UTC 2006 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=103489 
State-Changed-From-To: open->feedback 
State-Changed-By: bz 
State-Changed-When: Sat Jan 10 16:57:49 UTC 2009 
State-Changed-Why:  
An updated patch was presented to the submitter. 


Responsible-Changed-From-To: freebsd-rc->bz 
Responsible-Changed-By: bz 
Responsible-Changed-When: Sat Jan 10 16:57:49 UTC 2009 
Responsible-Changed-Why:  
I'll track it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=103489 

From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
To: bug-followup@FreeBSD.org, jeremie@le-hen.org
Cc:  
Subject: Re: conf/103489: [rc.d] [named] [jail] [patch] named_chroot_autoupdate
 doesn't work in a jail
Date: Sat, 10 Jan 2009 17:00:33 +0000 (UTC)

   This message is in MIME format.  The first part should be readable text,
   while the remaining parts are likely unreadable without MIME-aware tools.
 
 --0-6637068-1231606833=:45399
 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
 
 Hi,
 
 does the attached patch work for you?  If so let me know and I'll
 commit.
 
 You can also temporary fetch it from
 http://people.freebsd.org/~bz/20090110-01-etc-rcd-named-pr103489.diff
 
 /bz
 
 -- 
 Bjoern A. Zeeb                      The greatest risk is not taking one.
 --0-6637068-1231606833=:45399
 Content-Type: TEXT/PLAIN; charset=US-ASCII; name=20090110-01-etc-rcd-named-pr103489.diff
 Content-Transfer-Encoding: BASE64
 Content-ID: <20090110170033.F45399@maildrop.int.zabbadoz.net>
 Content-Description: 20090110-01-etc-rcd-named-pr103489.diff
 Content-Disposition: attachment; filename=20090110-01-etc-rcd-named-pr103489.diff
 
 SW5kZXg6IGV0Yy9yYy5kL25hbWVkDQo9PT09PT09PT09PT09PT09PT09PT09
 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
 DQotLS0gZXRjL3JjLmQvbmFtZWQJKHJldmlzaW9uIDE4NzAyNCkNCisrKyBl
 dGMvcmMuZC9uYW1lZAkod29ya2luZyBjb3B5KQ0KQEAgLTYxLDEwICs2MSwx
 NCBAQA0KIA0KIAkjIE1vdW50IGEgZGV2ZnMgaW4gdGhlIGNocm9vdCBkaXJl
 Y3RvcnkgaWYgbmVlZGVkDQogCSMNCi0JdW1vdW50ICR7bmFtZWRfY2hyb290
 ZGlyfS9kZXYgMj4vZGV2L251bGwNCi0JZGV2ZnNfZG9tb3VudCAke25hbWVk
 X2Nocm9vdGRpcn0vZGV2IGRldmZzcnVsZXNfaGlkZV9hbGwNCi0JZGV2ZnMg
 LW0gJHtuYW1lZF9jaHJvb3RkaXJ9L2RldiBydWxlIGFwcGx5IHBhdGggbnVs
 bCB1bmhpZGUNCi0JZGV2ZnMgLW0gJHtuYW1lZF9jaHJvb3RkaXJ9L2RldiBy
 dWxlIGFwcGx5IHBhdGggcmFuZG9tIHVuaGlkZQ0KKwlpZiBbIGAke1NZU0NU
 TF9OfSBzZWN1cml0eS5qYWlsLmphaWxlZGAgLWVxIDAgXTsgdGhlbg0KKwkJ
 dW1vdW50ICR7bmFtZWRfY2hyb290ZGlyfS9kZXYgMj4vZGV2L251bGwNCisJ
 CWRldmZzX2RvbW91bnQgJHtuYW1lZF9jaHJvb3RkaXJ9L2RldiBkZXZmc3J1
 bGVzX2hpZGVfYWxsDQorCQlkZXZmcyAtbSAke25hbWVkX2Nocm9vdGRpcn0v
 ZGV2IHJ1bGUgYXBwbHkgcGF0aCBudWxsIHVuaGlkZQ0KKwkJZGV2ZnMgLW0g
 JHtuYW1lZF9jaHJvb3RkaXJ9L2RldiBydWxlIGFwcGx5IHBhdGggcmFuZG9t
 IHVuaGlkZQ0KKwllbHNlDQorCQl3YXJuICJuYW1lZCBjaHJvb3Q6IGRldmZz
 IG5vdCBtb3VudGFibGUgZnJvbSBpbnNpZGUgdGhlIGphaWwhIg0KKwlmaQ0K
 IA0KIAkjIENvcHkgYW5kL29yIHVwZGF0ZSBrZXkgZmlsZXMgdG8gdGhlIGNo
 cm9vdCAvZXRjIA0KIAkjDQpAQCAtMTEzLDcgKzExNywxMiBAQA0KIG5hbWVk
 X3Bvc3RzdG9wKCkNCiB7DQogCWlmIFsgLW4gIiR7bmFtZWRfY2hyb290ZGly
 fSIgLWEgLWMgJHtuYW1lZF9jaHJvb3RkaXJ9L2Rldi9udWxsIF07IHRoZW4N
 Ci0JCXVtb3VudCAke25hbWVkX2Nocm9vdGRpcn0vZGV2IDI+L2Rldi9udWxs
 IHx8IHRydWUNCisJCWlmIFsgYCR7U1lTQ1RMX059IHNlY3VyaXR5LmphaWwu
 amFpbGVkYCAtZXEgMCBdOyB0aGVuDQorCQkJdW1vdW50ICR7bmFtZWRfY2hy
 b290ZGlyfS9kZXYgMj4vZGV2L251bGwgfHwgdHJ1ZQ0KKwkJZWxzZQ0KKwkJ
 CXdhcm4gIm5hbWVkIGNocm9vdDogIiBcDQorCQkJICAgICJjYW5ub3QgdW5t
 b3VudCBkZXZmcyBmcm9tIGluc2lkZSBqYWlsISINCisJCWZpDQogCWZpDQog
 fQ0KIA0K
 
 --0-6637068-1231606833=:45399--

From: Jeremie Le Hen <jeremie@le-hen.org>
To: "Bjoern A. Zeeb" <bz@FreeBSD.org>
Cc: bug-followup@FreeBSD.org, jeremie@le-hen.org
Subject: Re: conf/103489: [rc.d] [named] [jail] [patch]
	named_chroot_autoupdate doesn't work in a jail
Date: Sat, 10 Jan 2009 18:44:33 +0100

 On Sat, Jan 10, 2009 at 05:00:33PM +0000, Bjoern A. Zeeb wrote:
 > Hi,
 > 
 > does the attached patch work for you?  If so let me know and I'll
 > commit.
 
 Yes, works for me.  Thanks.
 
 -- 
 Jeremie Le Hen
 < jeremie at le-hen dot org >< ttz at chchile dot org >

From: Doug Barton <dougb@FreeBSD.org>
To: bug-followup@freebsd.org
Cc:  
Subject: Re: conf/103489: [rc.d] [named] [patch] named_chroot_autoupdate	doesn't
 work in a jail
Date: Sat, 10 Jan 2009 11:55:37 -0800

 Please keep me in the loop on this one. I am hesitant to approve a
 change like this since it is not at all clear to me what the
 originator is trying to accomplish.
 
 chroot'ing named requires that devfs be mounted in the chroot
 filesystem. From the text in conf/103486 the originator seems to be
 under the impression that the devfs mount in /var/named/dev is somehow
 related to the devfs mount in /dev, which is not the case.
 
 If the problem is that you cannot run devfs_domount inside a jail then
 you cannot chroot named inside the jail. If there is some other
 problem then it needs to be more clearly spelled out.
 
 
 Doug
 
 -- 
 
     This .signature sanitized for your protection
 

From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
To: Doug Barton <dougb@FreeBSD.org>
Cc: bug-followup@freebsd.org
Subject: Re: conf/103489: [rc.d] [named] [patch] named_chroot_autoupdate
 doesn't work in a jail
Date: Sat, 10 Jan 2009 20:37:51 +0000 (UTC)

 On Sat, 10 Jan 2009, Doug Barton wrote:
 
 Hi Doug,
 
 > The following reply was made to PR conf/103489; it has been noted by GNATS.
 >
 > From: Doug Barton <dougb@FreeBSD.org>
 > To: bug-followup@freebsd.org
 > Cc:
 > Subject: Re: conf/103489: [rc.d] [named] [patch] named_chroot_autoupdate	doesn't
 > work in a jail
 > Date: Sat, 10 Jan 2009 11:55:37 -0800
 >
 > Please keep me in the loop on this one. I am hesitant to approve a
 > change like this since it is not at all clear to me what the
 > originator is trying to accomplish.
 ...
 > If the problem is that you cannot run devfs_domount inside a jail then
 > you cannot chroot named inside the jail. If there is some other
 > problem then it needs to be more clearly spelled out.
 
 The problem is that you cannot mount or umount (anything) inside a
 jail (zfs services left aside).
 
 So trying to start named chrooted gives an error for devfs.
 
 But all that doesn't mean that one cannot provide the devfs to the
 people inside the jail by other means. There are alternate ways we
 provide, like a jail.fstab entry for example.
 
 So you can allow people to run a named chrooted inside a jail (given
 someone provides the devfs). This is especially interesting if you
 provide jails to customers who want to run more than just named there
 and still try to isolate things.
 
 The other PR can be closed as the submitter said himself. It moved the
 fstab vs. devfs vs. .. mounting for the jail around which doesn't
 change anything at all. So please ignore that part.
 
 Up to now, starting named chrooted gives you errors; we can argue on the
 "warn"s I added but I'd prefer those rather than devfs errors. We
 could well improve things and, in the jail case, only warn when
 ${named_chrootdir}/dev/null is not there and just be silent on
 umounting.
 
 I am open to suggestsions if/on how to change the patch or if you want
 to handle it, grab it.
 
 /bz
 
 -- 
 Bjoern A. Zeeb                      The greatest risk is not taking one.

From: Doug Barton <dougb@FreeBSD.org>
To: "Bjoern A. Zeeb" <bz@FreeBSD.org>
Cc: bug-followup@freebsd.org
Subject: Re: conf/103489: [rc.d] [named] [patch] named_chroot_autoupdate doesn't
 work in a jail
Date: Sat, 10 Jan 2009 13:14:04 -0800

 Ok, thanks for the explanation. Off the top of my head I think
 something like this starting at line 64:
 
 if not in jail
 	do what is there now
 else
 	if jail/chroot/dev/null AND jail/chroot/dev/random exist
 	   AND are valid devices
 		print something useful (INFO?)
 	else
 		error out with a message indicating what's wrong
 	fi
 fi
 
 Then in named_poststop() I think your version of the patch that's in
 the PR already looks good.
 
 FYI, the reason I chose to do the unmount/mount routine for the common
 case is that dev/null and dev/random both have to be there, and they
 both have to be valid, functional, right perms, etc. in order for
 named to function properly. What I don't want to have happen is for a
 lot of new problem reports to be generated from users trying to run
 chrooted in a jail when it looks like it should work but doesn't.
 
 
 Doug
 
 -- 
 
     This .signature sanitized for your protection
 

From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
To: Doug Barton <dougb@FreeBSD.org>
Cc: bug-followup@freebsd.org
Subject: Re: conf/103489: [rc.d] [named] [patch] named_chroot_autoupdate
 doesn't work in a jail
Date: Sat, 10 Jan 2009 22:34:27 +0000 (UTC)

   This message is in MIME format.  The first part should be readable text,
   while the remaining parts are likely unreadable without MIME-aware tools.
 
 --0-320613764-1231626867=:45399
 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
 
 On Sat, 10 Jan 2009, Doug Barton wrote:
 
 Hi,
 
 > Ok, thanks for the explanation. Off the top of my head I think
 > something like this starting at line 64:
 >
 > if not in jail
 > 	do what is there now
 > else
 > 	if jail/chroot/dev/null AND jail/chroot/dev/random exist
 > 	   AND are valid devices
 > 		print something useful (INFO?)
 > 	else
 > 		error out with a message indicating what's wrong
 > 	fi
 > fi
 >
 > Then in named_poststop() I think your version of the patch that's in
 > the PR already looks good.
 
 What about the attached patch?
 
 Also updated:
 http://people.freebsd.org/~bz/20090110-01-etc-rcd-named-pr103489.diff
 
 
 > FYI, the reason I chose to do the unmount/mount routine for the common
 > case is that dev/null and dev/random both have to be there, and they
 > both have to be valid, functional, right perms, etc. in order for
 > named to function properly. What I don't want to have happen is for a
 > lot of new problem reports to be generated from users trying to run
 > chrooted in a jail when it looks like it should work but doesn't.
 
 Understood. This is not to encourage people to run chrooted nameds
 inside of jails. It's only trying to be more userfriendly in case
 people try or know how to do it.
 
 /bz
 
 -- 
 Bjoern A. Zeeb                      The greatest risk is not taking one.
 --0-320613764-1231626867=:45399
 Content-Type: TEXT/PLAIN; charset=US-ASCII; name=20090110-01-etc-rcd-named-pr103489.diff
 Content-Transfer-Encoding: BASE64
 Content-ID: <20090110223427.Q45399@maildrop.int.zabbadoz.net>
 Content-Description: 20090110-01-etc-rcd-named-pr103489.diff
 Content-Disposition: attachment; filename=20090110-01-etc-rcd-named-pr103489.diff
 
 SW5kZXg6IGV0Yy9yYy5kL25hbWVkDQo9PT09PT09PT09PT09PT09PT09PT09
 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
 DQotLS0gZXRjL3JjLmQvbmFtZWQJKHJldmlzaW9uIDE4NzAyNCkNCisrKyBl
 dGMvcmMuZC9uYW1lZAkod29ya2luZyBjb3B5KQ0KQEAgLTYxLDEwICs2MSwy
 MyBAQA0KIA0KIAkjIE1vdW50IGEgZGV2ZnMgaW4gdGhlIGNocm9vdCBkaXJl
 Y3RvcnkgaWYgbmVlZGVkDQogCSMNCi0JdW1vdW50ICR7bmFtZWRfY2hyb290
 ZGlyfS9kZXYgMj4vZGV2L251bGwNCi0JZGV2ZnNfZG9tb3VudCAke25hbWVk
 X2Nocm9vdGRpcn0vZGV2IGRldmZzcnVsZXNfaGlkZV9hbGwNCi0JZGV2ZnMg
 LW0gJHtuYW1lZF9jaHJvb3RkaXJ9L2RldiBydWxlIGFwcGx5IHBhdGggbnVs
 bCB1bmhpZGUNCi0JZGV2ZnMgLW0gJHtuYW1lZF9jaHJvb3RkaXJ9L2RldiBy
 dWxlIGFwcGx5IHBhdGggcmFuZG9tIHVuaGlkZQ0KKwlpZiBbIGAke1NZU0NU
 TF9OfSBzZWN1cml0eS5qYWlsLmphaWxlZGAgLWVxIDAgXTsgdGhlbg0KKwkJ
 dW1vdW50ICR7bmFtZWRfY2hyb290ZGlyfS9kZXYgMj4vZGV2L251bGwNCisJ
 CWRldmZzX2RvbW91bnQgJHtuYW1lZF9jaHJvb3RkaXJ9L2RldiBkZXZmc3J1
 bGVzX2hpZGVfYWxsDQorCQlkZXZmcyAtbSAke25hbWVkX2Nocm9vdGRpcn0v
 ZGV2IHJ1bGUgYXBwbHkgcGF0aCBudWxsIHVuaGlkZQ0KKwkJZGV2ZnMgLW0g
 JHtuYW1lZF9jaHJvb3RkaXJ9L2RldiBydWxlIGFwcGx5IHBhdGggcmFuZG9t
 IHVuaGlkZQ0KKwllbHNlDQorCQlpZiBbIC1jICR7bmFtZWRfY2hyb290ZGly
 fS9kZXYvbnVsbCAtYSBcDQorCQkgICAgLWMgJHtuYW1lZF9jaHJvb3RkaXJ9
 L2Rldi9yYW5kb20gXTsgdGhlbg0KKwkJCWluZm8gIm5hbWVkIGNocm9vdDog
 dXNpbmcgcHJlLW1vdW50ZWQgZGV2ZnMuIg0KKwkJZWxzZQ0KKwkJCWVyciAx
 ICJuYW1lZCBjaHJvb3Q6IGRldmZzIGNhbm5vdCBiZSBtb3VudGVkIGZyb20i
 IFwNCisJCQkgICAgIndpdGhpbiBhIGphaWwuIFRodXMgYSBjaHJvb3RlZCBu
 YW1lZCBjYW5ub3QiIFwNCisJCQkgICAgImJlIHJ1biBmcm9tIHdpdGhpbiBh
 IGphaWwuIiBcDQorCQkJICAgICJUbyBydW4gbmFtZWQgd2l0aG91dCBjaHJv
 b3RpbmcgaXQsIHNldCIgXA0KKwkJCSAgICAibmFtZWRfY2hyb290ZGlyPVwi
 XCIgaW4gL2V0Yy9yYy5jb25mLiINCisJCWZpDQorCWZpDQogDQogCSMgQ29w
 eSBhbmQvb3IgdXBkYXRlIGtleSBmaWxlcyB0byB0aGUgY2hyb290IC9ldGMg
 DQogCSMNCkBAIC0xMTMsNyArMTI2LDEyIEBADQogbmFtZWRfcG9zdHN0b3Ao
 KQ0KIHsNCiAJaWYgWyAtbiAiJHtuYW1lZF9jaHJvb3RkaXJ9IiAtYSAtYyAk
 e25hbWVkX2Nocm9vdGRpcn0vZGV2L251bGwgXTsgdGhlbg0KLQkJdW1vdW50
 ICR7bmFtZWRfY2hyb290ZGlyfS9kZXYgMj4vZGV2L251bGwgfHwgdHJ1ZQ0K
 KwkJaWYgWyBgJHtTWVNDVExfTn0gc2VjdXJpdHkuamFpbC5qYWlsZWRgIC1l
 cSAwIF07IHRoZW4NCisJCQl1bW91bnQgJHtuYW1lZF9jaHJvb3RkaXJ9L2Rl
 diAyPi9kZXYvbnVsbCB8fCB0cnVlDQorCQllbHNlDQorCQkJd2FybiAibmFt
 ZWQgY2hyb290OiIgXA0KKwkJCSAgICAiY2Fubm90IHVubW91bnQgZGV2ZnMg
 ZnJvbSBpbnNpZGUgamFpbCEiDQorCQlmaQ0KIAlmaQ0KIH0NCiANCg==
 
 --0-320613764-1231626867=:45399--
State-Changed-From-To: feedback->patched 
State-Changed-By: bz 
State-Changed-When: Sat Feb 7 16:37:47 UTC 2009 
State-Changed-Why:  
Patch was comitted to HEAD with r188293. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=103489 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: conf/103489: commit references a PR
Date: Sat,  7 Feb 2009 16:37:15 +0000 (UTC)

 Author: bz
 Date: Sat Feb  7 16:37:02 2009
 New Revision: 188293
 URL: http://svn.freebsd.org/changeset/base/188293
 
 Log:
   Named normally cannot be started chrooted inside a jail. Thus treat
   the jail case specifically. In case we find a proper pre-seeded
   devfs in the chroot path (mounted from the base system) permit
   starting chrooted else give proper warn/error messages.
   
   PR:		conf/103489
   Reviewed by:	dougb
   MFC after:	5 days
 
 Modified:
   head/etc/rc.d/named
 
 Modified: head/etc/rc.d/named
 ==============================================================================
 --- head/etc/rc.d/named	Sat Feb  7 15:51:32 2009	(r188292)
 +++ head/etc/rc.d/named	Sat Feb  7 16:37:02 2009	(r188293)
 @@ -61,10 +61,23 @@ chroot_autoupdate()
  
  	# Mount a devfs in the chroot directory if needed
  	#
 -	umount ${named_chrootdir}/dev 2>/dev/null
 -	devfs_domount ${named_chrootdir}/dev devfsrules_hide_all
 -	devfs -m ${named_chrootdir}/dev rule apply path null unhide
 -	devfs -m ${named_chrootdir}/dev rule apply path random unhide
 +	if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
 +		umount ${named_chrootdir}/dev 2>/dev/null
 +		devfs_domount ${named_chrootdir}/dev devfsrules_hide_all
 +		devfs -m ${named_chrootdir}/dev rule apply path null unhide
 +		devfs -m ${named_chrootdir}/dev rule apply path random unhide
 +	else
 +		if [ -c ${named_chrootdir}/dev/null -a \
 +		    -c ${named_chrootdir}/dev/random ]; then
 +			info "named chroot: using pre-mounted devfs."
 +		else
 +			err 1 "named chroot: devfs cannot be mounted from" \
 +			    "within a jail. Thus a chrooted named cannot" \
 +			    "be run from within a jail." \
 +			    "To run named without chrooting it, set" \
 +			    "named_chrootdir=\"\" in /etc/rc.conf."
 +		fi
 +	fi
  
  	# Copy and/or update key files to the chroot /etc 
  	#
 @@ -113,7 +126,12 @@ named_stop()
  named_poststop()
  {
  	if [ -n "${named_chrootdir}" -a -c ${named_chrootdir}/dev/null ]; then
 -		umount ${named_chrootdir}/dev 2>/dev/null || true
 +		if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
 +			umount ${named_chrootdir}/dev 2>/dev/null || true
 +		else
 +			warn "named chroot:" \
 +			    "cannot unmount devfs from inside jail!"
 +		fi
  	fi
  }
  
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: bz 
State-Changed-When: Tue Nov 17 21:28:43 UTC 2009 
State-Changed-Why:  
This was MFCed to stable/7 in r190363 by dougb. 
Thanks a lot for the report and testing. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=103489 
>Unformatted:
