Vim misbehaving within Jail

E

eaosfu

I was experimenting with setting up and running jails. Here's the jail.conf that I'm running.

Code: 
iwm0-debug {
        path = /home/bsd/Jails/iwm0-debug;
        mount.devfs;
        host.hostname = iwm0-debug;
        # from the host need to run:
        # ifconfig wlan0 add 10.0.0.5 broadcast 10.0.0.255 netmask 0xffffff00
        ip4.addr = 10.0.0.5;
        interface = wlan0;
        allow.raw_sockets = true;
        exec.start = "/bin/sh /etc/rc";
        exec.stop = "/bin/sh /etc/rc.shutdown";
}

Side note: Was planning on using this jail to try and fix an issue I'm having on my thinkpad t450 (https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230801). But I clearly have quite a bit of learning to do arnoud FreeBSD generally.

So far the main issue I'm encountering is that when I try to open a file with vim it seems to hang. If I hit Ctrl-C then I get the default vim buffer. I then need to enter the command:
Code: 
:e <file-name>' before the file is loaded into the buffer.

Not sure what's causing this behavior (or how to debug) and it doesn't happen outside of the jail environment. I created a separate user (jail logs me in as root) to see if it might be some sort permissions issue but the problem persists even when running as a regular (i.e. not root) user.
 
Output from truss will help a lot too. If you don't have security.bsd.unprivileged_proc_debug set to 0 you could do this as a user. Otherwise you can use root in jail to do so.
In jail trace the vi command:

# truss -o /tmp/vi.out vi /tmp/test

And share the trace file /tmp/vi.out.
 
Thanks everyone for the suggestions/help, really appreciate it.

I somehow managed to get around this issue, but don't understand what the issue was to begin with.

It had been a while since I had booted up FreeBSD and when I entered the jail I didn't run the following command from the host:

Code: 
ifconfig wlan0 add 10.0.0.5 broadcast 10.0.0.255 netmask 0xffffff00

If I run this command, then opening a file within the jail is instantaneous. I haven't had a chance to look at this in any depth yet (will have more time over the weekend) but uploading the truss output here in case someone else is able to have a look.

Another thing I noticed was that if I just wait long enough the file content does eventually appear in the buffer.
Yet another thing I noticed is that if I run vim then from a different shell do
Code: 
killall vim

The buffer then shows the content of the file.

In terms of entering the jail:

Code: 
$> sudo jexec iwm0-debug

I've also attached to content from running
Code: 
truss -o ~/truss-vim-hang.txt vim <filename>

Note that the truss output only shows the command while its hug, I did not let it sit until the buffer is populated.
 

Attachments

Just a friendly tip, don't use the killall(1) command, it's a very bad habit. Use pkill(1) instead. The reason is that on System V systems (like Solaris for example) the killall command kills ALL processes, not just the process you supplied as the argument, effectively shutting down the machine. The sysadmin will be very, very unfriendly if you do ever do this. (and yes, I speak from experience)

killall - Wikipedia

en.wikipedia.org en.wikipedia.org
 
The last entries are:
Code: 
connect(3,{ AF_INET 127.0.0.1:1 },16)         = 0 (0x0)
getsockname(3,{ AF_INET 10.0.0.5:55920 },0x7fffffffdb3c) = 0 (0x0)
close(3)                     = 0 (0x0)
socket(PF_INET,SOCK_STREAM|SOCK_CLOEXEC,IPPROTO_TCP) = 3 (0x3)
setsockopt(3,IPPROTO_TCP,TCP_NODELAY,0x7fffffffddb4,4) = 0 (0x0)
setsockopt(3,SOL_SOCKET,SO_KEEPALIVE,0x7fffffffddb4,4)

So it seems vim was trying to connect on its IP address.

When it comes to jail itself you should start the jail with rc.d script, i.e /etc/rc.d/jail. Most likely IP address designated for this jail was not yet up on NIC when you attempted to enter the jail. You can make system do it for you after reboot (/etc/rc.conf) or If you just want to test it you can start it manually after reboot by:

# /etc/rc.d/jail onestart iwm0-debug

I'm assuming you didn't paste the whole /etc/jail.conf because some global parameters are missing there.

And yeah, killall is a juicy command on, e.g. HP-UX. Few people learned the hard way what it does. :)
 
Yes, the ip for the jail was not configured on the host. Didn't know vim needed this.

_martin the config I posted is all there is, what global parameters am I missing?

I continued to experiment a bit and found that I could add the following parameter to the jail config:

exec.prestart = "ifconfig wlan0 add 10.0.0.5 broadcast 10.0.0.255 netmask 0xffffff00"

After adding this when I start the jail I can ping www.google.com (couldn't access network from within the jail before), and the issue with vim is also fixed.

What has me confused now is that if I remove the option from the config and reboot the machine, and then reenter the jail I can still ping the url and the issue with vim is no longer present either. So not sure how I ended up having this issue in the first place, especially considering I have rebooted the system a number of times and was always experiencing the same issue.
 
Maybe it's some sort of vim's extension or alike. But that's just a guess.

Search the forums here too -- there are handful of good howto how to setup a jail properly. I did create one ( Thread 30063/ ) few years ago too. It changed a bit since then, but many steps are still valid. I also updated it few times.
I'd expect at least path to be defined in the config. As an idea my /etc/jail.conf starts as:

Code: 
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;

mount.fstab           = "/etc/jail/fstab.${name}";
mount.devfs;
mount.fdescfs;
mount.procfs;

devfs_ruleset         = "4";

path = "/local/jails/$name";
 
You must log in or register to reply here.
Back
Top