Trying to switch to 14-CURRENT for linuxulator netlink, now sudo hanging in sbwait in linux jail
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 09 Jan 2023 17:28:30 UTC
Hi all,
I was not sure if I should go with this to -current or -emulation,
I threw a coin and landed here :)
Tell me if I need to take this to -emulation.
I’m testing a few linux triplestore in a linux jail, and used 13.1
which worked fine most of the time.
Now one of the stores shows dropped connections with many clients,
and as I can see logs of netlink errors in the logs, I thought I’d
try -CURRENT.
I haven’t been on current for years, and have to say, beinstall.sh
is a very nice tool and a comfortable way to do this, especially
if one is on a remote server. With bectl activate -t this feels
quite safe. So, thanks to whoever did this!
Sadly, my linux jail (Ubuntu 16.04.7) now shows an irritating
behaviour, some programs seem to hang indefinitely waiting for
name resolution:
Inside the jail:
Working version with ping
root@bayerlinux:/home/mathiasp/triplestore-analysis/tmp# ping
google.de
WARNING: setsockopt(ICMP_FILTER): Protocol not available
PING google.de (172.217.16.131) 56(84) bytes of data.
Outside:
root@kap:/usr/home/mathiasp # tcpdump -ni bayerlinux_b
tcpdump: verbose output suppressed, use -v or -vv for full
protocol decode
listening on bayerlinux_b, link-type EN10MB (Ethernet), capture
size 262144 bytes
20:17:10.852625 IP 192.168.100.10.13809 > 192.168.100.1.53: 3191+
[1au] A? google.de. (38)
20:17:10.852668 IP 192.168.100.1.53 > 192.168.100.10.13809: 3191
1/0/1 A 172.217.16.131 (54)
Non-working with wget (same for curl and others)
Inside the jail:
root@bayerlinux:/home/mathiasp/triplestore-analysis/tmp# wget
http://google.de/
--2023-01-09 19:21:58-- http://google.de/
Resolving google.de (google.de)...
(waitet for max 5 minutes, no change)
Outside the jail:
root@kap:/usr/home/mathiasp # tcpdump -ni bayerlinux_b
tcpdump: verbose output suppressed, use -v or -vv for full
protocol decode
listening on bayerlinux_b, link-type EN10MB (Ethernet), capture
size 262144 bytes
20:17:02.738570 IP 192.168.100.10.60967 > 192.168.100.1.53: 30219+
A? google.de. (27)
20:17:02.738893 IP 192.168.100.1.53 > 192.168.100.10.60967: 30219
1/0/0 A 172.217.16.131 (43)
So, this tcpdump looks pretty much as if both got answers from
unbound.
Why is wget (and host, and curl, and sudo) not “getting” this
answer?
Any ideas where to look or questions about my setup welcome!
This is on a current from around 4p.m. CET:
FreeBSD kap.virtual-earth.de 14.0-CURRENT FreeBSD 14.0-CURRENT #0
main-n259979-9408f36627b7: Mon Jan 9 16:36:51 CET 2023
root@kap.virtual-earth.de:/usr/obj/usr/src/amd64.amd64/sys/GENERIC-NODEBUG
amd64
/etc/jail.conf looks like this:
$iface="igb0";
$j="/jail";
path="/jails/$name";
mount.devfs;
exec.clean;
exec.start="sh /etc/rc";
exec.stop="sh /etc/rc.shutdown";
exec.prestart="logger starting jail $name ...";
exec.poststart="logger jail $name has started";
exec.prestop="logger shutting down jail $name";
exec.poststop="logger jail $name has shut down";
# generic hostnames
host.hostname="$name.kap.local";
# vnet jails
vnet;
vnet.interface="${name}_j";
exec.prestart+="/usr/local/sbin/jailtobridge $name jailbridge0";
exec.poststop+="/sbin/ifconfig jailbridge0 deletem
${name}_b;/sbin/ifconfig ${name}_b destroy";
exec.consolelog="/var/log/jails/$name-console.log";
# virtual earth vnet jails
# linux jails
# needs FreeBSD ifconfig and route from /rescue to work!
bayerlinux {
mount.fstab="/jails/fstabs/bayerlinux";
allow.mount;
allow.raw_sockets;
allow.read_msgbuf;
allow.socket_af;
sysvmsg;
sysvsem;
sysvshm;
#mount.devfs;
exec.start = "/etc/init.d/rc 3";
exec.stop = "/etc/init.d/rc 0";
persist;
}
Thanks,
Mathias
--
Mathias Picker
Geschäftsführer
Mathias.Picker@virtual-earth.de
virtual earth Gesellschaft für Wissens re/prä sentation mbH
http://www.virtual-earth.de/ HRB126870
support@virtual-earth.de Westendstr. 142
089 / 1250 3943