files for jailed process's
Daniel Golle
daniel at makrotopia.org
Tue Jul 30 08:29:26 PDT 2024
On Tue, Jul 30, 2024 at 03:40:25PM +0200, e9hack wrote:
> Hi,
>
> if a process is started via procd in a jail and uses some files, changes to those files outside the jail are not reflected inside the jail. For E.g. dnsmasq runs in a jail. The configuration is changed, that only the host file does change. Sending SIGHUP to dnsmasq results in reloading of the unmodified host file.
>
> Is it possible to change this behaviour?
What you are observing is typically caused by the file being replaced
rather than edited. In that case, the mount-bind on the old file will
remain, and you will not be able to access the new (replacement) file
inside the jail. This is due to the nature of mount --bind which
attaches itself to a specific inode on the filesystem rather than to
a filename.
There are two ways to work around this problem:
1. Actually edit instead of replace the file.
2. procd_add_jail_mount_ro a folder instead of a file. In that way, the
replaced file will also show up.
As in most cases only strategy 2 is truely a good option we have already
moved resolv.conf.auto into a folder of its own. If the same problem
also occurs for other dnsmasq config files, we shall introduce a folder
for all of them and add that using procd_add_jail_mount_ro to make it
accessible inside the jail instead of calling procd_add_jail_mount_ro for
individual files.
More information about the openwrt-devel
mailing list