Tinderd Bug - Tinderd killing wrong processes

Joe Marcus Clarke marcus at marcuscom.com
Thu Mar 12 14:41:59 EDT 2009 

On Thu, 2009-03-12 at 12:15 -0500, Tom Judge wrote:
> Joe Marcus Clarke wrote:
> > <snip>
> >
> > What TB is trying to do is kill off processes that are holding a mount
> > point open.  In this case, the mount point
> > is /data/tinderbox/portstrees/mintel-6-2-mysql-5-0-51/ports.  Any
> > process which is using that directory is fair game.  I'm guessing you
> > started your jail from within that directory.
> >
> > As soon as the processes are dead, that directory gets unmounted, so
> > things would probably start to fail anyway.
> >
> > Joe
> >
> > <snip>
> I think the problem is that tinderd is being over zealous with the 
> killing of processes.  The sshd/cron/syslogd's are not in that 
> directory.  That directory is nullfs mounted off of:
> 
> /data/ports/mintel-6-2-mysql-5-0-51
> 
> The jails also have this file system mounted in them via nullfs, here is 
> are the relevent mount output lines:
> 
> 
> /data/ports/mintel-6-2-mysql-5-0-51 on 
> /data/tinderbox/portstrees/mintel-6-2-mysql-5-0-51/ports (nullfs, local, 
> read-only)
> nfs-server:/usr/home on /data/jails/mintel_6_2/usr/home (nfs)
> /data/mintelbsd/src/mintel_6_2 on /data/jails/mintel_6_2/usr/src 
> (nullfs, local, read-only)
> /data/mintelbsd/obj/6_2/amd64 on /data/jails/mintel_6_2/usr/obj (nullfs, 
> local)
> /data/ports/mintel-6-2-mysql-5-0-51 on /data/jails/mintel_6_2/usr/ports 
> (nullfs, local, read-only)
> /data/tinderbox/packages/6.2-MySQL-5.0.51 on 
> /data/jails/mintel_6_2/usr/ports/packages (nullfs, local, read-only)
> devfs on /data/jails/mintel_6_2/dev (devfs, local)
> fdescfs on /data/jails/mintel_6_2/dev/fd (fdescfs)
> 
> And the jail definition from rc.conf:
> 
> jail_mintel62_rootdir="/data/jails/mintel_6_2"
> jail_mintel62_hostname="mintel62-build"
> jail_mintel62_ip="127.1.0.1"
> jail_mintel62_devfs_enable="YES"
> jail_mintel62_fdescfs_enable="YES"
> jail_mintel62_procfs_enable="NO"
> jail_mintel62_mount_enable="YES"
> jail_mintel62_fstab="/etc/fstab.mintel_6_2"
> 
> %cat /etc/fstab.mintel_6_2
> nfs-server:/usr/home                    
> /data/jails/mintel_6_2/usr/home            nfs    rw    0    0   
> /data/mintelbsd/src/mintel_6_2                
> /data/jails/mintel_6_2/usr/src            nullfs    ro    0    0
> /data/mintelbsd/obj/6_2/amd64                
> /data/jails/mintel_6_2/usr/obj            nullfs    rw    0    0
> /data/ports/mintel-6-2-mysql-5-0-51             
> /data/jails/mintel_6_2/usr/ports         nullfs     ro     0    0
> /data/tinderbox/packages/6.2-MySQL-5.0.51         
> /data/jails/mintel_6_2/usr/ports/packages     nullfs     ro     0     0
> 
> 
> And the ports tree definition:
> 
> mysql>  select * from ports_trees where 
> ports_tree_name='mintel-6-2-mysql-5-0-51'\G
> *************************** 1. row ***************************
>          ports_tree_id: 1
>        ports_tree_name: mintel-6-2-mysql-5-0-51
> ports_tree_description:  FreeBSD 6.2 MySQL 5.0.51
>  ports_tree_last_built: 2009-02-12 16:59:41
>  ports_tree_update_cmd: USER
>  ports_tree_cvsweb_url: http://viewvc.mintel.co.uk/viewvc.cgi/mintelbsd/
> ports_tree_ports_mount: /data/ports/mintel-6-2-mysql-5-0-51

I don't think this is what you want.  If you set this column to NULL in
the database, I think this problem will go away.  Take a look at mine:

mysql> select * from ports_trees where ports_tree_name = 'MarcusCom'\G
*************************** 1. row ***************************
         ports_tree_id: 2
       ports_tree_name: MarcusCom
ports_tree_description:  MarcusCom ports tree
 ports_tree_last_built: 2009-03-12 13:14:30
 ports_tree_update_cmd: USER
 ports_tree_cvsweb_url: http://www.marcuscom.com:8080/cgi-bin/cvsweb.cgi/ports/
ports_tree_ports_mount: NULL
1 row in set (0.00 sec)

Joe


> 1 row in set (0.00 sec)
> 
> mysql>
> 
> 
> What process does tinderd use to work out if the tree is in use?  I 
> think it may be getting confused by nullfs.  Also I cant see any reason 
> that the master sshd process from this jail would ever enter the 
> /usr/ports inside the jail chroot.
> 
> Surely this is a bug in the process selection code?
> 
> Also do the does addPort and addBuildPortsQueueEntry mount the ports 
> file system?
> 
> Tom
> 
> 
> 
-- 
PGP Key : http://www.marcuscom.com/pgp.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part
URL: <http://marcuscom.com/pipermail/tinderbox-list/attachments/20090312/a3158a14/attachment.bin>

More information about the tinderbox-list mailing list