date:20160706

[Bug 209112] /usr/sbin/jail jails fail to launch with possible race when jails mount common dir with nullfs

2016-07-06 Thread bugzilla-noreply

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=209112

d...@araxis.com changed:

   What|Removed |Added

 CC||d...@araxis.com

--- Comment #4 from d...@araxis.com ---
I am also seeing this issue with FreeBSD 10.3-Release-p4 – I have six jails,
and only two or three start on boot (two fail due to a dependency on another
jail that fails to start). I encounter no problems when starting the jails
post-boot.

I added logging to /etc/rc.d/jail in a similar manner to the original poster,
and see this output:


mount_nullfs: /jails/pgsql/data: mount_nullfs: /jails/hg/data: Operation not
supported by device
Operation not supported by device
jail: pgsql: /sbin/mount -t nullfs -o rw /data/pgsql /jails/pgsql/data: failed
jail: hg: /sbin/mount -t nullfs -o rw /data/hg /jails/hg/data: failed
jail: support: skipped
jail: logic: skipped
www-bhs-0: created
backup-bhs-0: created

...


Here is my jail.conf:


# START BLOCK: Araxis jail defaults -- DO NOT EDIT
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;
mount.fdescfs;
allow.noset_hostname;
host = new;

# temporarily allow during development/testing
allow.raw_sockets;
# END BLOCK: Araxis jail defaults
# START BLOCK: Araxis jail settings for jail www-bhs-0.araxis.net -- DO NOT
EDIT
www-bhs-0 {
  mount.fstab = "/jails/.fstabs/www-bhs-0";
  path = "/jails/www-bhs-0";
  host.hostname = www-bhs-0.araxis.net;
  ip4.addr = "lo1|10.11.11.2/32";
  ip6.addr = "ix0|2607:5300:60:9b9c::2/64";
}
# END BLOCK: Araxis jail settings for jail www-bhs-0.araxis.net
# START BLOCK: Araxis jail settings for jail backup-bhs-0.araxis.net -- DO NOT
EDIT
backup-bhs-0 {
  mount.fstab = "/jails/.fstabs/backup-bhs-0";
  path = "/jails/backup-bhs-0";
  host.hostname = backup-bhs-0.araxis.net;
  ip4.addr = "lo2|10.12.12.8/32";
  enforce_statfs = 1;
  allow.mount;
  allow.mount.zfs;
  exec.poststart = "/sbin/zfs set jailed=on zroot/bkup && /sbin/zfs jail
${name} zroot/bkup && jexec ${name} /sbin/zfs mount -a";
  exec.prestop = "/sbin/zfs unjail ${name} zroot/bkup && /sbin/zfs set
jailed=off zroot/bkup";
}
# END BLOCK: Araxis jail settings for jail backup-bhs-0.araxis.net
# START BLOCK: Araxis jail settings for jail pgsql.araxis.net -- DO NOT EDIT
pgsql {
  mount.fstab = "/jails/.fstabs/pgsql";
  path = "/jails/pgsql";
  host.hostname = pgsql.araxis.net;
  ip4.addr = "lo2|10.12.12.4/32";
  allow.sysvipc;
}
# END BLOCK: Araxis jail settings for jail pgsql.araxis.net
# START BLOCK: Araxis jail settings for jail support.araxis.net -- DO NOT EDIT
support {
  mount.fstab = "/jails/.fstabs/support";
  path = "/jails/support";
  host.hostname = support.araxis.net;
  ip4.addr = "lo2|10.12.12.5/32";
  depend = pgsql;
}
# END BLOCK: Araxis jail settings for jail support.araxis.net
# START BLOCK: Araxis jail settings for jail logic.araxis.com -- DO NOT EDIT
logic {
  mount.fstab = "/jails/.fstabs/logic";
  path = "/jails/logic";
  host.hostname = logic.araxis.com;
  ip4.addr = "lo2|10.12.12.6/32";
  depend = pgsql;
}
# END BLOCK: Araxis jail settings for jail logic.araxis.com
# START BLOCK: Araxis jail settings for jail hg.araxis.net -- DO NOT EDIT
hg {
  mount.fstab = "/jails/.fstabs/hg";
  path = "/jails/hg";
  host.hostname = hg.araxis.net;
  ip4.addr = "lo2|10.12.12.3/32";
}
# END BLOCK: Araxis jail settings for jail hg.araxis.net


The various fstab files are nearly identical. Here’s the one
(/jails/.fstabs/pgsql) for the pgsql jail, which always fails to start on boot:


# DeviceMountpointFStypeOptions   DumpPass#
/data/pgsql   /jails/pgsql/datanullfsrw0   0


-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"

[Bug 209112] /usr/sbin/jail jails fail to launch with possible race when jails mount common dir with nullfs

2016-07-06 Thread bugzilla-noreply

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=209112

--- Comment #5 from d...@araxis.com ---
I should also like to add my voice to those requesting logging of boot-time
jail startup problems. The lack of any diagnostics cost me several hours of
time in tracking down this problem.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"

[Bug 209112] /usr/sbin/jail jails fail to launch with possible race when jails mount common dir with nullfs

2016-07-06 Thread bugzilla-noreply

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=209112

--- Comment #6 from d...@araxis.com ---
I have what seems (on first try, at least) to be a viable alternative
workaround that is (somewhat) less icky than adding artificial dependencies
between jails. Simply add the following two lines to /etc/rc.conf (or
/etc/rc.conf.d/jail):

jail_parallel_start="NO"
jail_list="list of all jails to start"

Specifying the jail_list explicitly means that the jail_parallel_start setting
can take effect, since the default _ALL case in jail_start() (which ignores
jail_parallel_start) is then bypassed.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"

Effective rule sets in a jail?

2016-07-06 Thread Grzegorz Junka


I have the following in my jail.conf:

devfs_ruleset = 4;

vpn1 {
  ip4.addr = 10.70.5.254;
  ip4.addr += "tun0|10.70.5.1 10.70.5.254 mtu 1500 netmask 
255.255.255.255";

  interface = lagg0;
  devfs_ruleset = 5;
}

I expect that in the jail both rules 4 and 5 are active. How can I check 
that?


Grzegorz

___
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"

Re: Effective rule sets in a jail?

2016-07-06 Thread Ultima

Not so. The top variable, devfs_ruleset = 4 is being set as the default for
all jails. The devfs_ruleset = 5 inside the brackets is changing the
default value.

How to check what ruleset is mounted? That is a great question. I'm not
sure of an easy way to check other than verifying the /dev directory inside
the jail.

Ultima
___
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"

[Bug 209112] /usr/sbin/jail jails fail to launch with possible race when jails mount common dir with nullfs

[Bug 209112] /usr/sbin/jail jails fail to launch with possible race when jails mount common dir with nullfs

[Bug 209112] /usr/sbin/jail jails fail to launch with possible race when jails mount common dir with nullfs

Effective rule sets in a jail?

Re: Effective rule sets in a jail?

5 matches

Site Navigation

Mail list logo

Footer information