Re: VNET jail and dhclient

From: Goran Mekić <meka_at_tilda.center>
Date: Wed, 11 Oct 2017 21:48:34 +0200
On Tue, Oct 10, 2017 at 09:10:37PM +0000, Oleg Ginzburg wrote:
> I think I found something, but I do not understand why this is only
> observed in jail and with commit change this.
> The problem about which the Goran wrote can be fixed with:
>
> # diff -ruN dhclient.c-orig dhclient.c
> --- dhclient.c-orig     2017-10-10 23:51:52.451361000 +0000
> +++ dhclient.c  2017-10-10 23:54:55.803404000 +0000
> _at__at_ -479,6 +479,7 _at__at_
>
>         fork_privchld(pipe_fd[0], pipe_fd[1]);
>
> +       pidfile_close(pidfile);
>         close(ifi->ufdesc);
>         ifi->ufdesc = -1;
>         close(ifi->wfdesc);
>
>
>
>
> From pidfile(3) man page:
>
>     The pidfile_close() function closes a pidfile.  It should be used after
>      daemon fork()s to start a child process.
>
>
> chroot(2) in dhclient return NOPERM (via global errno). it seems to be
> related to open descriptor outside the chroot.
>
> I'm not sure if this fd leak (due to pidfile_remove at the end of
> dhclient),  nevertheless closing pid fd in my jail/FreeBSD12 before chroot
> solve dhclient issue.

I can confirm Oleg's patch works for me. Weird one, for sure!

Received on Wed Oct 11 2017 - 17:48:45 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:13 UTC