devd in jail
Alexander Leidinger
Alexander at leidinger.net
Tue Sep 5 13:15:55 UTC 2017
Quoting Giulio Ferro <auryn at zirakzigil.org> (from Mon, 4 Sep 2017
08:51:10 +0200):
> On 10/08/2017 22:54, Alexander Leidinger wrote:
>>
>> Quoting Alan Somers <asomers at freebsd.org> (from Wed, 9 Aug 2017
>>> Unfortunately, you're not going to be able to run devd(8) in the jail.
>>> /dev/devctl can be opened by only one reader at a time, and that
>>> reader is always devd(8). /dev/devctl2 is actually a completely
>>> different device with a totally different interface. Apologies for
>>> the confusing names. But you may not need to run a totally separate
>>> instance of devd. The X server is probably trying to open either
>>> /var/run/devd.pipe or /var/run/devd.seqpacket.pipe. ktrace would tell
>>> you which. If you can bridge those sockets into the jail, then X
>>> would probably run.
>>
>> Apart from using an explicit config of devices instead of HAL /
>> devd, if this is a X server connecting to a graphics card (instead
>> of just a remote accessible framebuffer), the X-in-a-jail patches
>> are needed, as the X server needs access to /dev/(k)mem and /dev/io
>> (and /dev/drm).
>>
>
> Hi Alexander,
>
> as I said, I don't actually need to connect to any device, as this
> Xorg server in the jail only uses xrdp as backend.
In this case you don't need my patches at all... I hope (my
understanding is that the X server needs this kind of access to access
hardware). And to answer your question in another mail, yes, the diff
is for current, not for 11.x.
It's been a while since I looked last at the devd/hald <-> X11
interaction, but back then it was only needed to auto-detect
mouse/keyboard/..., so I wonder why xrdp needs it. Anyway, have a look
to configure the config with static devices instead of devd/hald (see
https://forums.freebsd.org/threads/7956/).
Bye,
Alexander.
--
http://www.Leidinger.net Alexander at Leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org netchild at FreeBSD.org : PGP 0x8F31830F9F2772BF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Digitale PGP-Signatur
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20170905/eaadd27b/attachment.sig>
More information about the freebsd-hackers
mailing list