[Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up)

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277210

--- Comment #6 from johannes.kunde@gmail.com ---
(In reply to Jamie Gritton from comment #5)

> While it does make sense to root from the jail's root under exec.clean, it unfortunately clashes with a decade of current practice.

I get the idea. I believe it runs contrary to what most people expect to be the
outcome, which would be a behavior consistent with the host system. A service
running inside a jail with a user other than root most likely doesn't want to
start at /root.

> It seems reasonable that if a user is specified (even directly like -U root), then it would still chdir to its home, but in the absence of a user, starting in "/" would in fact be the most expected outcome.

That sounds reasonable.

I think one of the main problems is also the lack of information when the
problem occurs unexpectedly in the wild. All I got printed out from an external
library, which caused the issue in my case, was this line:

> Feb 12 20:20:39 myjail myservice[9364]: 2024/02/12 20:20:39 stat .: permission denied

Starting from there, it's almost impossible to have a clue what's going on.
I don't know if there is any good chance to generate helpful output at runtime,
but some hints in the manpage would help as well.

-- 
You are receiving this mail because:
You are the assignee for the bug.