Closed sjorge closed 2 years ago
hadfl
commented
2 years ago It works on several systems (different OmniOS releases) I just tried.
Can you run it in debug mode: __ZADMDEBUG=1 zadm brands
What OmniOS release are you running it and what zadm version?
sjorge
commented
2 years ago root@jupiter:~# zadm version
zadm 0.13.1And add with __ZADMDEBUG=1 it shows up fine.
root@jupiter:~# __ZADMDEBUG=1 zadm brands
[2022-08-05 20:28:37.22277] [11232] [debug] Setting effective privileges to 'basic,file_dac_read,file_dac_write,!file_link_any,!net_access,!proc_info,!proc_session'.
[2022-08-05 20:28:37.22299] [11232] [debug] Global config found at '/etc/opt/ooce/zadm/zadm.conf'. Validating...
[2022-08-05 20:28:37.22539] [11232] [debug] /usr/bin/zonename
BRAND STATUS
[2022-08-05 20:28:37.24722] [11232] [debug] /usr/bin/pkg list -aHv system/zones/brand/*
bhyve installed
illumos installed
ipkg installed
kvm available
lipkg installed
lx installed
pkgsrc installed
sparse installedI'm so confused as ran it just before without ZADMDEBUG and it was still missing, and now after runnig it with ZADMDEBUG once it shows without it too.
Computers smh
iarwain-forn
commented
2 years ago I was just taking a look at issues and happened to see this one. I also ran into this behavior just a few hours ago. zadm brands gave an empty table even after running multiple times. When I installed brand/illumos and re-ran zadm brands I was then seeing the full list of all my installed brands. A bit odd but this was also the first time I noticed this.
moetiker
commented
2 years ago I get some privileges errors running zadm as root:
__ZADMDEBUG=1 zadm brands
[2022-10-31 08:39:03.81925] [27700] [debug] Setting effective privileges to 'basic,file_dac_read,file_dac_write,!file_link_any,!net_access,!proc_info,!proc_session'.
[2022-10-31 08:39:03.82021] [27700] [debug] /usr/bin/zonename
BRAND STATUS
[2022-10-31 08:39:03.85013] [27700] [debug] /usr/bin/pkg list -aHv system/zones/brand/*
pkg[27736]: missing privilege "net_access" (euid = 0, syscall = 230) needed at secpolicy_basic_net_access+0x36
pkg[27736]: missing privilege "net_access" (euid = 0, syscall = 5) needed at secpolicy_basic_net_access+0x36
pkg[27736]: missing privilege "net_access" (euid = 0, syscall = 230) needed at secpolicy_basic_net_access+0x36
pkg[27736]: missing privilege "net_access" (euid = 0, syscall = 230) needed at secpolicy_basic_net_access+0x36
...
...running the command in the root shell
# /usr/bin/pkg list -aHv system/zones/brand/*
pkg://omnios/system/zones/brand/bhyve@0.5.11-151042.0:20220426T184628Z i--
pkg://omnios/system/zones/brand/illumos@0.5.11-151042.0:20220426T184629Z ---
pkg://omnios/system/zones/brand/ipkg@0.5.11-151042.0:20220426T184630Z i--
pkg://omnios/system/zones/brand/kvm@0.5.11-151042.0:20220426T184631Z i--
pkg://omnios/system/zones/brand/lipkg@0.5.11-151042.0:20220426T184632Z i--
pkg://omnios/system/zones/brand/lx@0.5.11-151042.0:20220810T104431Z i--
pkg://omnios/system/zones/brand/lx/platform@0.5.11-151042.0:20220426T184632Z i--
pkg://omnios/system/zones/brand/pkgsrc@0.5.11-151042.0:20220426T184633Z i--
pkg://omnios/system/zones/brand/s10@0.5.11-151042.0:20220426T180509Z ---
pkg://omnios/system/zones/brand/sn1@0.5.11-151042.0:20220426T180509Z ---
pkg://omnios/system/zones/brand/sparse@0.5.11-151042.0:20220426T184634Z i--the !net_access is probably the problem ...
my %PSETS = (
default => 'basic,!file_link_any,!net_access,!proc_info,!proc_session',
empty => 'basic,!file_link_any,!file_read,!file_write,!net_access,!proc_exec,'
. '!proc_fork,!proc_info,!proc_secflags,!proc_session',
);
I am expecting output here, I am running a few zones of different brands so there are some install.