Boost C++ Libraries: Ticket #4694: Jailed FreeBSD needs BOOST_INTERPROCESS_FILESYSTEM_BASED_POSIX_SHARED_MEMORY https://svn.boost.org/trac10/ticket/4694 <p> Note that one of the FreeBSD test platforms is failing many interprocess tests (both trunk and release), while the other passes. The one failing is in a <a class="ext-link" href="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails.html"><span class="icon">​</span>Jailed</a> environment (the other one isn't), and all failures seem to involve "access denied" (EPERM). </p> <p> Jails deliberately impose <a class="ext-link" href="http://www.freebsd.org/doc/en_US.ISO8859-1/books/arch-handbook/jail-restrictions.html"><span class="icon">​</span>some restrictions on shared memory</a>. </p> <p> If I modify BOOST_INTERPROCESS_FILESYSTEM_BASED_POSIX_SHARED_MEMORY (defined in interprocess/detail/workaround.hpp, lines 102) to be defined under <span class="underline">FreeBSD</span> &lt;= 8, I'm able to change a test from failing to passing. </p> <p> I'm not sure there's a way to tell if we're in a jail during compile. And even if we could, there would be a binary compatibility issue moving an executable built in a non-jailed environment to a jailed one. </p> <p> Is there a benefit to having this flag set one way or the other? </p> en-us Boost C++ Libraries /htdocs/site/boost.png https://svn.boost.org/trac10/ticket/4694 Trac 1.4.3 Jim Bell <jim@…> Wed, 29 Sep 2010 14:23:51 GMT <link>https://svn.boost.org/trac10/ticket/4694#comment:1 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4694#comment:1</guid> <description> <p> That's "Permission denied" (e.g., <a href="http://www.boost.org/development/tests/trunk/developer/output/FBSD-64%20jc-bell-com-boost-bin-v2-libs-interprocess-example-doc_managed_raw_allocation-test-gcc-4-2-1-debug-threading-multi.html">here</a>). </p> </description> <category>Ticket</category> </item> <item> <author>Jim Bell <jim@…></author> <pubDate>Wed, 29 Sep 2010 14:30:08 GMT</pubDate> <title/> <link>https://svn.boost.org/trac10/ticket/4694#comment:2 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4694#comment:2</guid> <description> <p> sysctl shows: </p> <pre class="wiki">security.jail.sysvipc_allowed: 0 </pre> </description> <category>Ticket</category> </item> <item> <dc:creator>Ion Gaztañaga</dc:creator> <pubDate>Sat, 09 Oct 2010 12:05:02 GMT</pubDate> <title/> <link>https://svn.boost.org/trac10/ticket/4694#comment:3 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4694#comment:3</guid> <description> <p> BOOST_INTERPROCESS_FILESYSTEM_BASED_POSIX_SHARED_MEMORY changes the way shared memory name is created from a user defined name. If true, the name is based on a temporary file. I don't know why this file-based name works and the classic one (/shm_name) fails. </p> <p> If we want to maintain binary interface, we will need to check for the jailed environment in runtime and change shm name behaviour in runtime. </p> <p> I'd need a bit of help to know how a process can check if it's working in a jailed environment using freebsd C api. Maybe sysctl (2)? </p> </description> <category>Ticket</category> </item> <item> <dc:creator>Ion Gaztañaga</dc:creator> <pubDate>Sat, 09 Oct 2010 16:51:42 GMT</pubDate> <title/> <link>https://svn.boost.org/trac10/ticket/4694#comment:4 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4694#comment:4</guid> <description> <p> I've updated trunk code so that FreeBSD &gt;= 7 will check at runtime "security.jail.jailed = 1" to use filesystem based posix shared memory. I'll need help to check if that workaround works or if it needs some changes. </p> </description> <category>Ticket</category> </item> <item> <author>Jim Bell <jim@…></author> <pubDate>Tue, 12 Oct 2010 13:42:14 GMT</pubDate> <title/> <link>https://svn.boost.org/trac10/ticket/4694#comment:5 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4694#comment:5</guid> <description> <p> I ran both jailed and non-jailed regression tests last night and your fix works for both, as you can see. Note that the jailed test (FBSD-64) now passes ALL interprocess tests. Excellent! </p> <p> Curious that the non-jailed trunk test (FBSD-32) fails a single interprocess test (managed_shared_memory_test), with exactly the same symptom as the jailed test failures (throwing boost::interprocess::interprocess_exception: 'Permission denied'). I don't recall if that was happening before. Either way, it seems like a separate ticket. </p> </description> <category>Ticket</category> </item> <item> <dc:creator>anonymous</dc:creator> <pubDate>Tue, 12 Oct 2010 16:12:36 GMT</pubDate> <title/> <link>https://svn.boost.org/trac10/ticket/4694#comment:6 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4694#comment:6</guid> <description> <p> That failure is related to a FreeBSD bug with copy on write mapping of share memory. See: </p> <p> <a class="ext-link" href="http://www.freebsd.org/cgi/query-pr.cgi?pr=150260"><span class="icon">​</span>http://www.freebsd.org/cgi/query-pr.cgi?pr=150260</a> </p> </description> <category>Ticket</category> </item> <item> <dc:creator>Ion Gaztañaga</dc:creator> <pubDate>Tue, 12 Oct 2010 18:21:20 GMT</pubDate> <title>status changed; resolution set https://svn.boost.org/trac10/ticket/4694#comment:7 https://svn.boost.org/trac10/ticket/4694#comment:7 <ul> <li><strong>status</strong> <span class="trac-field-old">new</span> → <span class="trac-field-new">closed</span> </li> <li><strong>resolution</strong> → <span class="trac-field-new">fixed</span> </li> </ul> <p> Fixed in trunka and release branches </p> Ticket