[Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up)

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 09 Jul 2024 21:29:19 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277210

Siva Mahadevan <me@svmhdvn.name> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |me@svmhdvn.name

--- Comment #10 from Siva Mahadevan <me@svmhdvn.name> ---
I'm running into the same issue while trying to run the www/py-gunicorn rc
service. It took me a while to debug this issue due to the fact that the error
would only pop up once in a while.

Since the behaviour of the working directory being $HOME is not documented
anywhere, I think it should be fine to remove JUST the chdir block here
https://github.com/freebsd/freebsd-src/blob/5f75cd390a67cbec06993c4c66f784f0f777c854/usr.sbin/jail/command.c#L791-L795.

I agree with the suggestion of running exec.clean jail commands rooted at '/'.

-- 
You are receiving this mail because:
You are the assignee for the bug.