devd in jail

Giulio Ferro auryn at zirakzigil.org
Mon Sep 4 06:54:37 UTC 2017 

On 09/08/2017 21:14, Alan Somers wrote:
> On Wed, Aug 9, 2017 at 12:47 PM, Giulio Ferro <auryn at zirakzigil.org> wrote:
>> Hello all,
>>
>> Setup :  11.1-STABLE FreeBSD 11.1-STABLE #0 r321925M amd64
>>
>>
>> I'm trying to create a fully virtualized desktop enviroment in a jail by
>> means of installing there
>> a xrdp-devel server + Xorg installation (xorg + xorgrdp).
>>
>> Everything seems to work until the moment when the X server actually tries
>> to come up (after I choose session=xorg, username + password)
>> In the X logs in the jail, in fact, I have this error:
>>
>> ...
>> [  9768.824] (EE) config/devd: fail to connect to devd
>> [  9768.824] [config] failed to initialise devd
>>
>>
>> I've checked on the host machine, and I don't have that error as everything
>> works fine there...
>>
>> In my jail, I've setup the devfs like this (/etc/jail.conf in the host):
>>
>> ---
>> exec.start="/bin/sh /etc/rc";
>> exec.stop="/bin/sh /etc/rc.shutdown";
>> exec.clean;
>> mount.devfs;
>> devfs_ruleset=1;
>>
>> path="/usr/home/jail/$name";
>>
>> myjail {
>>          host.hostname="myjail.me.com";
>>          vnet;
>>          vnet.interface = epair0b, epair1b;
>>          persist;
>> }
>> ---
>>
>>
>> and in the /etc/devfs.conf everythink is commented out.
>>
>> In the /dev directory in the jail, I get both the devctl and devctl2
>> devices.
>>
>> As the devd demon is not running in the jail, I've tried adding
>> devd_enable="YES"
>>
>> in the rc.conf (jail), but when I try to start it, I get:
>>
>> # /etc/rc.d/devd start
>> Starting devd.
>> devd: Can't open devctl device /dev/devctl: Device busy
>> /etc/rc.d/devd: WARNING: failed to start devd
>>
>>
>> Do you know if I'm doing something wrong, or there's a proper way to have
>> devd running in the jail?
>>
>> I've thought that maybe I should use the devtcl2 device, as the devctl is
>> used by the host,
>> but I don't know how to specify that to devd...
>>
>> Thanks in advance for your help.
>>
>> Giulio
> Unfortunately, you're not going to be able to run devd(8) in the jail.
> /dev/devctl can be opened by only one reader at a time, and that
> reader is always devd(8).  /dev/devctl2 is actually a completely
> different device with a totally different interface.  Apologies for
> the confusing names.  But you may not need to run a totally separate
> instance of devd.  The X server is probably trying to open either
> /var/run/devd.pipe or /var/run/devd.seqpacket.pipe.  ktrace would tell
> you which.  If you can bridge those sockets into the jail, then X
> would probably run.
>
> -Alan
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"


Hi Alan,

sorry for the late feedback and thanks for your advice.

Unfortunately I haven't found a way to bridge (as you say) the relevant 
pipe files to the jail.


I've tried to mount_nullfs the host /var/run to the jail /var/run, but 
with tragic results, as the jail deletes

the /var/run content when it starts up.


Do you have some better way to do that? I ask because this may be more 
convenient venue compared  to apply the patches,

and more portable in case of updates, etc...


Thanks


Giulio

More information about the freebsd-hackers mailing list