Re: jail file and directory permissions

看板FB_bugs作者時間16年前 (2010/04/16 10:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串7/8 (看更多)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Erich Jenkins, Fuujin Group Ltd wrote: > Erich Jenkins, Fuujin Group Ltd wrote: >> Greg Larkin wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> Erich Jenkins, Fuujin Group Ltd wrote: >>>> Kalle M=C3=B8ller wrote: >>>> <snip> >>>>> Could you please make a command list on what your doing and with >>>>> output.. like this ... >>>>> >>>>> --=20 >=20 > <snip> >=20 >> Since this was a buildworld copied via NFS from a build environment, >> it appears that something has gone terribly wrong during the build. >> I'm going to wipe this machine and do a completely fresh install of >> 7.0-REL, buildworld, and set up a jail to see if something did indeed >> break, or if this is an actual bug. >> >> Thank you very much to everyone who's responded to this issue. Your >> input has been instrumental in helping troubleshoot this. I'll post as >> soon as the build completes and I have a chance to test this tonight. >> >> Erich M. Jenkins >> Fuujin Group Limited >> >> "You should never, never doubt what no one is sure about." >> -- Gene Wilder >> _______________________________________________ >> freebsd-jail@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-jail >> To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org= " >=20 > All: >=20 > After a fresh buildworld on this box, I am no longer seeing this user > permissions issue, which leads me to believe something is very very > wrong with the way it was built on the build server for the cluster. If > anyone would like, I'll tar up the build environment and put it > somewhere it can be accessed, assuming someone has the time/inclination > to sift through it and see what happened. I spent a few hours this > morning going through it and can't find anything out of the ordinary, > but most of the inner working of jails is a "black box" to me. >=20 > Thank you for all the feedback. I'm setting up the new build environmen= t > for the cluster to fix this issue for deployed systems. >=20 > Erich M. Jenkins > Fuujin Group Limited >=20 > "You should never, never doubt what no one is sure about." > -- Gene Wilder Hi Erich, I'm glad to hear that you got everything sorted out! If it's possible to set up the previous environment in a virtual machine or some spare hardware and grant me an ssh login, I would be interested in doing more tests to see if I can figure out what's going on. Whether there's a bug in the jail subsystem or a hole in the provisioning process that allows the privilege escalation, it would certainly be good to find the root cause. Thank you, Greg - -- Greg Larkin http://www.FreeBSD.org/ - The Power To Serve http://www.sourcehosting.net/ - Ready. Set. Code. http://twitter.com/sourcehosting/ - Follow me, follow you -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFLx8M70sRouByUApARAnpwAJ0f2+XC2hwTSrkO/v8DUPXpchdHygCeMWc0 M4E6SOz8kPRJYdwTXOkF2lY=3D =3Dz7l7 -----END PGP SIGNATURE----- _______________________________________________ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"
更多 glarkin. 的文章
文章代碼(AID): #1BnyJU_R (FB_bugs)
討論串 (同標題文章)
完整討論串 (本文為第 7 之 8 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共8篇)
更多 glarkin. 的文章
文章代碼(AID): #1BnyJU_R (FB_bugs)