tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: /dev/clockctl, O_CLOEXEC and forking



Alexander Nasonov wrote:
> I didn't set nodev specifically for /var/chroot, my /var is mounted with
> nodev,noexec. It worked for me with no problem until I tried to chroot
> ntpd. It didn't fail to start but it clearly didn't work. It's even
> more subtle for named. If it tries to open /dev/{random,urandom}
> chroot but fails to report a failure, it can be a potentially
> serious problem.
> 
> It'd be nice if those daemons (or their rc.d scripts) reported nodev
> failures clearly and loudly.

I spoke too soon. My named doesn't run in chroot. I tried running
it in chroot and it failed. I don't see any error message in syslog,
though.

-- 
Alex


Home | Main Index | Thread Index | Old Index