From nobody Wed Feb 09 13:56:04 2022 X-Original-To: hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 45EE819A71F6 for ; Wed, 9 Feb 2022 13:56:46 +0000 (UTC) (envelope-from grembo@freebsd.org) Received: from mail.evolve.de (mail.evolve.de [213.239.217.29]) (using TLSv1.3 with cipher TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA512 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail.evolve.de", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jv1dT2ScTz4mDx; Wed, 9 Feb 2022 13:56:45 +0000 (UTC) (envelope-from grembo@freebsd.org) Received: by mail.evolve.de (OpenSMTPD) with ESMTP id e666bedc; Wed, 9 Feb 2022 13:56:42 +0000 (UTC) Received: by mail.evolve.de (OpenSMTPD) with ESMTPSA id 02ec8a2a (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO); Wed, 9 Feb 2022 13:56:33 +0000 (UTC) Date: Wed, 9 Feb 2022 14:56:04 +0100 From: Michael Gmelin To: Steffen Nurpmeso Cc: Michael Gmelin , Alexander Leidinger , hackers@freebsd.org Subject: Re: Behavior of /dev/pts in a jail? Message-ID: <20220209145604.3698c387.grembo@freebsd.org> In-Reply-To: <20220209133709.NBhO-%steffen@sdaoden.eu> References: <20220209113737.Horde.8QntfZV4xEkYdmHjXMgCpHN@webmail.leidinger.net> <77267259-0758-4C04-867D-77A896D133E4@freebsd.org> <20220209132213.Horde.hjhX_GoM3qNT-7ucnNXd-ae@webmail.leidinger.net> <20220209142152.13373548.grembo@freebsd.org> <20220209133709.NBhO-%steffen@sdaoden.eu> X-Face: $wrgCtfdVw_H9WAY?S&9+/F"!41z'L$uo*WzT8miX?kZ~W~Lr5W7v?j0Sde\mwB&/ypo^}> +a'4xMc^^KroE~+v^&^#[B">soBo1y6(TW6#UZiC]o>C6`ej+i Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAJFBMVEWJBwe5BQDl LASZU0/LTEWEfHbyj0Txi32+sKrp1Mv944X8/fm1rS+cAAAACXBIWXMAAAsTAAAL EwEAmpwYAAAAB3RJTUUH3wESCxwC7OBhbgAAACFpVFh0Q29tbWVudAAAAAAAQ3Jl YXRlZCB3aXRoIFRoZSBHSU1QbbCXAAAAAghJREFUOMu11DFvEzEUAGCfEhBVFzuq AKkLd0O6VrIQsLXVSZXoWE5N1K3DobBBA9fQpRWc8OkWouaIjedWKiyREOKs+3PY fvalCNjgLVHeF7/3bMtBzV8C/VsQ8tecEgCcDgrzjekwKZ7TwsJZd/ywEKwwP+ZM 8P3drTsAwWn2mpWuDDuYiK1bFs6De0KUUFw0tWxm+D4AIhuuvZqtyWYeO7jQ4Aea 7jUqI+ixhQoHex4WshEvSXdood7stlv4oSuFOC4tqGcr0NjEqXgV4mMJO38nld4+ xKNxRDon7khyKVqY7YR4d+Cg0OMrkWXZOM7YDkEfKiilCn1qYv4mighZiynuHHOA Wq9QJq+BIES7lMFUtcikMnkDGHUoncA+uHgrP0ctIEqfwLHzeSo+eUA66AqzwN6n 2ZHJhw6Qh/PoyC/QENyEyC/AyNjq74Bs+3UH0xYwzDUC4B97HgLocg1QLYgDDO1v f3UX9Y307Ew4AHh67YAFFsxEpkXwpXY3eIgMhAAE3R19L919nNnuD2wlPcDE3UeT L2ytEICQib9BXgS2fU8PrD82ToYO1OEmMSnYTjSqSv9wdC0tPYC+rQRQD9ESnldF CyqfmiYW+tlALt8gH2xrMdC/youbjzPXEun+/ReXsMCDyve3dZc09fn2Oas8oXGc Jj6/fOeK5UmSMPmf/jL+GD8BEj0k/Fn6IO4AAAAASUVORK5CYII= List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4Jv1dT2ScTz4mDx X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=softfail (mx1.freebsd.org: 213.239.217.29 is neither permitted nor denied by domain of grembo@freebsd.org) smtp.mailfrom=grembo@freebsd.org X-Spamd-Result: default: False [-0.87 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; FREEFALL_USER(0.00)[grembo]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-0.999]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-0.81)[-0.805]; R_SPF_SOFTFAIL(0.00)[~all]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.97)[-0.965]; MID_CONTAINS_FROM(1.00)[]; MLMMJ_DEST(0.00)[hackers]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:213.239.192.0/18, country:DE]; SUBJECT_ENDS_QUESTION(1.00)[]; RCVD_TLS_ALL(0.00)[] X-ThisMailContainsUnwantedMimeParts: N On Wed, 09 Feb 2022 14:37:09 +0100 Steffen Nurpmeso wrote: > Michael Gmelin wrote in > <20220209142152.13373548.grembo@freebsd.org>: > |On Wed, 09 Feb 2022 13:22:13 +0100 > |Alexander Leidinger wrote: > |> Quoting Michael Gmelin (from Wed, 9 Feb 2022 > |> 12:56:49 +0100): > |> > |>> I was able to reproduce the issue locally. > |>> > |>> The problem is caused by jexec inheriting the pty from the jail > |>> host. > |>> > |>> If you use a pty that was created inside of the jail, > |>> gpg-agent/pinentry works as expected. > |>> > |>> This can be accomplished, e.g., by running tmux inside of the > jail: |>> > |>> jexec gpgtest > |>> pkg install tmux > |>> tmux > |>> gpg --gen-key > ... > |Maybe someone with more insights to how jails work internally could > |give their input here. > | > |In the meantime, tmux is probably the most lightweight way of > working |around this in your specific use-case, without having to run > sshd. > > dtach. It is much more lightweight. I use it on the server to > hold a containerized irssi-proxy instance to which i can connect > to via VPN (from a of window of my local tmux). > I track it for years now (it is stable for many years) after > having been pointed to it by a good Japanese Spirit that sometimes > crosses here and there .. and it just works. That's another option I wasn't aware of, thanks. If it's for the occasional interactive session, you can also use the script(1) command that comes with base (which also makes use of openpty(3)), so no need to install any packages: $ script /dev/null gpg --gen-key Cheers Michael -- Michael Gmelin