Re: net-mgmt/net-snmp needs JAIL : off to get Memory usage
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 01 Jan 2024 20:30:28 UTC
On Mon, Jan 1, 2024, at 3:15 PM, Athanasios Douitsis wrote:
> Hey hello and happy new year Dan!
Happy New Year to you too.
> I think I must’ve requested an adjustment like a decade ago when I was
> trying to use net-snmp from inside a jail. A part of the host MIB
> module was using some syscall (don’t fully recall which - probably
> something with the memory) which wasn’t allowed from inside a jail.
Today, without the JAIL option enabled, in a jail we get:
kvm_openfiles: /dev/mem: No such file or directory
I'm happy the JAIL option exists. I'm also thinking we could also disable
diskio as well, when in the jails. That should be in the host.
This patch, while not ideal, is what I'm using at home for now.
I've BCC'd the maintainer on this reply.
> Kind regards,
> --
> Athanasios Douitsis
>
>
>> On 1 Jan 2024, at 16:18, Dan Langille <dan@langille.org> wrote:
>>
>> On Thu, Dec 28, 2023, at 1:24 PM, Dan Langille wrote:
>>>> On Thu, Dec 28, 2023, at 11:28 AM, Dan Langille wrote:
>>>> Hello,
>>>>
>>>> I've just solved a long-puzzling issue with net-mgmt/net-snmp which was
>>>> not reporting Memory Usage on my hosts.
>>>>
>>>> Tests show it is related to the JAIL build-time configuration option.
>>>>
>>>> JAIL=off: Options for running snmpd within a jail(8)
>>>>
>>>> If off, the default, Memory Usage is available via snmpd.
>>>>
>>>> If on, it is not.
>>>>
>>>> One might ask: why have it on if not running in a jail?
>>>>
>>>> Simplicity: I build my own packages. I could have one repo specifically
>>>> for hosts (i.e. non-jails), but until now, it's never been an issue.
>>>>
>>>> However, I want to point that that JAIL=off does not seem to affect
>>>> usage within a jail.
>>>>
>>>> It becomes clear what JAIL does when looking at the Makefile:
>>>>
>>>> if ${PORT_OPTIONS:MJAIL}
>>>> NET_SNMP_WITHOUT_MIB_MODULE_LIST+= host
>>>> NET_SNMP_WITHOUT_MIB_MODULE_LIST+= ucd-snmp/memory
>>>> CONFIGURE_ARGS+= --without-kmem-usage
>>>> endif
>>>>
>>>> Not it's clear. Don't report host-like objects when within a jail.
>>>>
>>>> It is time for some flavors on this port? I know I'd like one for my
>>>> use: one without the above and with.
>>>>
>>>> I'll see if I can mangle something up which works.
>>>
>>> This works for me.
>>>
>>> --
>>> Dan Langille
>>> dan@langille.org
>>> Attachments:
>>> * patch-net-snmp-jail-flavor
>>
>>
>> I forgot the mailing list strips attachments. Here is that patch, pasted in:
>>
>> [9:16 air01 dan ~/Downloads] % cat patch-net-snmp-jail-flavor
>> diff --git a/net-mgmt/net-snmp/Makefile b/net-mgmt/net-snmp/Makefile
>> index e5f60faefcbd..686c393991ea 100644
>> --- a/net-mgmt/net-snmp/Makefile
>> +++ b/net-mgmt/net-snmp/Makefile
>> @@ -18,6 +18,17 @@ LICENSE_FILE= ${WRKSRC}/COPYING
>> NOT_FOR_ARCHS= mips mips64
>> NOT_FOR_ARCHS_REASON= SSP is currently broken on MIPS
>>
>> +FLAVORS= default jail
>> +FLAVORS?= ${FLAVORS:[1]}
>> +
>> +.if ${FLAVOR:U} == jail
>> +NET_SNMP_WITHOUT_MIB_MODULE_LIST+= host
>> +NET_SNMP_WITHOUT_MIB_MODULE_LIST+= ucd-snmp/memory
>> +CONFIGURE_ARGS+= --without-kmem-usage
>> +.endif
>> +
>> +jail_PKGNAMESUFFIX= -jail
>> +
>> OPTIONS_DEFINE= IPV6 MFD_REWRITES PERL PERL_EMBEDDED PYTHON DUMMY TKMIB \
>> MYSQL AX_SOCKONLY UNPRIVILEGED SMUX DOCS JAIL AX_DISABLE_TRAP \
>> TLS NEWSYSLOG NOLIBPKG SCTP
>> [9:17 air01 dan ~/Downloads] %
>>
>> --
>> Dan Langille
>> dan@langille.org
>>
--
Dan Langille
dan@langille.org