Bug 245616 - ports-mgmt/jailaudit: Fix VNET jails (and IP-less jails in general)
Summary: ports-mgmt/jailaudit: Fix VNET jails (and IP-less jails in general)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Michael Gmelin
Depends on:
Reported: 2020-04-14 07:39 UTC by Michael Gmelin
Modified: 2020-06-02 11:10 UTC (History)
1 user (show)

See Also:

Patch jailaudit to support VNET jails (1.52 KB, text/plain)
2020-04-14 07:39 UTC, Michael Gmelin
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Gmelin freebsd_committer 2020-04-14 07:39:29 UTC
Created attachment 213385 [details]
Patch jailaudit to support VNET jails

jailaudit depends on parsing the output of jls based on positional parameters.

Unfortunately this falls apart with VNET jails, as they don't have an IP address perceivable by the host system.

This patch fixes this by changing the invocation of jls so that required parameters are passed explicitly to the command (jid, host.hostname, path).

I checked the man pages of jls(8), in theory this should work at least all the way back to 8.4-RELEASE (assuming the name of params in the kernel didn't change).
Comment 1 commit-hook freebsd_committer 2020-05-04 14:17:54 UTC
A commit references this bug:

Author: grembo
Date: Mon May  4 14:17:28 UTC 2020
New revision: 533926
URL: https://svnweb.freebsd.org/changeset/ports/533926

  Fix VNET jails (and IP-less jails in general)

  PR:		245616
  Approved by:	maintainer timeout

Comment 2 cryx-freebsd 2020-06-02 10:07:55 UTC
Thanks for the patch, but I as the maintainer never got assigned the ticket and then the patch was approved by "maintainer timeout"?!
Comment 3 Michael Gmelin freebsd_committer 2020-06-02 10:59:03 UTC
(In reply to cryx-freebsd from comment #2)

Sorry, that was my mistake.

I used the wrong category (I somewhat *always* think, jailaudit lives in security and not in ports-mgmt).

I'm correcting this now, apologies for calling a maintainer timeout when you had no chance of reacting.