[Bug 181794] jexec(8) runs commands in Jails without taking into account of the Jail's FIB

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Bug 181794] jexec(8) runs commands in Jails without taking into account of the Jail's FIB

bugzilla-noreply
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=181794

--- Comment #5 from Marie Helene Kvello-Aune <[hidden email]> ---
I propose we rather make jail(8) store the default FIB in the prison struct
(alongside where the jails VNET and start-up parameters are stored), and have
jexec(8) use this information to execute commands using the expected FIB.

This will likely break the following command:
# setfib 3 jexec some_jail_with_default_fib_2 ping 10.0.3.1
as jexec would now blindly set the FIB to 2 and not the expected 3, as there
doesn't seem to be any way to tell if it was called using inherited FIB or
explicitly set FIB.

Therefore, my proposed fix will break current behavior, but will make jexec(8)
behave as intuitively expected.
Furthermore, the new behavior would be in line with my understanding of how
calling cpuset(1) before executing a command in a jail which has a configured
cpu mask would work: It'd pretty much ignore the preceding cpuset(1) call.
(Please do correct me if I'm wrong.)

I've already begun working on a patch implementing the above. Will submit a
review once it's in a workable state, and update this bug.

--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[hidden email]"