Summary: | Bug in parsing jail.conf | ||
---|---|---|---|
Product: | Base System | Reporter: | logik |
Component: | conf | Assignee: | Hiroki Sato <hrs> |
Status: | Closed FIXED | ||
Severity: | Affects Some People | CC: | erdgeist, hrs, jamie |
Priority: | --- | ||
Version: | 10.1-STABLE | ||
Hardware: | Any | ||
OS: | Any |
Description
logik
2015-01-06 20:47:37 UTC
The problem is probably on two places: following jail.conf, where no $name redefinition is, leads to errors too: Maybe two substitutions on one line is the problem here? [root@platys ~]# jail -c dhcp epair210a dhcp: created jail: dhcp: /sbin/ifconfig epair210b in192.168.6.210et up: failed dhcp: removed When I replace exec.start += "/sbin/ifconfig epair${ip}b inet $ip_addr up" ; with exec.start += "/sbin/ifconfig epair210b inet $ip_addr up" ; the problem disappear. But two variables on line is not the only problem, because adding (after correcting previous error) new line: $name='dhcp'; throw the error mentioned in my first post: [root@platys ~]# jail -c dhcp epair210a dhcp: created ifconfig: 'vnet' requires argument jail: dhcp: /sbin/ifconfig epair210b vnet: failed dhcp: removed jail.conf: * { exec.start = "/bin/bash /etc/rc"; exec.stop = "/bin/bash /etc/rc.shutdown"; exec.consolelog = "/var/log/jail/$name"; path = "/usr/jails/$name"; mount.fstab = "/etc/jail.fstab/$name"; host.hostname = "$name.dionyska.cz"; devfs_ruleset = "4"; mount.devfs; mount.fdescfs; $ip_addr = "192.168.6.${ip}" ; } dhcp { $ip = "210" ; $ip_route = "192.168.6.1" ; vnet; vnet.interface = "epair${ip}b"; exec.prestart = "ifconfig epair${ip}a destroy 2>/dev/null || true"; exec.prestart += "ifconfig epair$ip create up"; exec.prestart += "ifconfig bridge0 addm epair${ip}a"; exec.start = "/sbin/ifconfig lo0 127.0.0.1 up"; exec.start += "/sbin/ifconfig epair${ip}b inet $ip_addr up" ; exec.start += "/sbin/route add default $ip_route " ; exec.start += "/bin/sh /etc/rc"; exec.poststop = "ifconfig bridge0 delem epair${ip}"; exec.poststop = "ifconfig epair${ip}a destroy " ; persist; devfs_ruleset=5 ; allow.raw_sockets=1 ; allow.socket_af = 1; } Hiroki, would you mind investigating this? This looks like it could be related to my report and fix for bug #189139 from ages ago. A proposed patch to fix $name redefinition issue has been submitted as D3017 for review: https://reviews.freebsd.org/D3017 A commit references this bug: Author: hrs Date: Wed Jul 8 16:37:49 UTC 2015 New revision: 285279 URL: https://svnweb.freebsd.org/changeset/base/285279 Log: Implement PF_IMMUTABLE flag and apply it to "name" and "jid" in jail.conf parameters. This flag disallows redefinition of the parameter. "name" and/or "jid" are automatically defined in jail.conf by using the jail names at the front of jail parameter definitions. However, one could override them by using a variable with the same name like $name = "foo". This confused the parser and could end up with SIGSEGV. Note that this change also affects a case when all of parameters are defined in the command line arguments, not in jail.conf. Specifically, "jail -c name=j1 name=j2" no longer works. This should be harmless. PR: 196574 Reviewed by: jamie Differential Revision: https://reviews.freebsd.org/D3017 Changes: head/usr.sbin/jail/config.c head/usr.sbin/jail/jailp.h |