From owner-freebsd-jail@FreeBSD.ORG Sat Jun 13 07:29:52 2015 Return-Path: Delivered-To: freebsd-jail@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 998EC2A6 for ; Sat, 13 Jun 2015 07:29:52 +0000 (UTC) (envelope-from kikuchan@uranus.dti.ne.jp) Received: from vsmtp07.dti.ne.jp (vsmtp07.dti.ne.jp [202.216.231.142]) by mx1.freebsd.org (Postfix) with ESMTP id 36E8C6AE for ; Sat, 13 Jun 2015 07:29:51 +0000 (UTC) (envelope-from kikuchan@uranus.dti.ne.jp) Received: from mail.dream.jp (webmail01.ga.dti.ne.jp [202.216.229.152]) by vsmtp07.dti.ne.jp (3.11v) with ESMTP AUTH id t5D7TfaR028347; Sat, 13 Jun 2015 16:29:42 +0900 (JST) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-2022-jp Content-Transfer-Encoding: 7bit Date: Sat, 13 Jun 2015 16:29:41 +0900 From: To: Marcus Reid Cc: , Subject: Re: zfs in a jail In-Reply-To: <20150613035921.GA22078@blazingdot.com> References: <20150613035921.GA22078@blazingdot.com> Message-ID: X-Sender: kikuchan@uranus.dti.ne.jp User-Agent: DTI MyMail/0.3-trunk X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Jun 2015 07:29:52 -0000 Hi, I'm doing the exec.postcreate like thing with the following way, just FYI. in /etc/jail.conf ---- exec.start="" exec.poststart="/jail/poststart.sh ${name}" ---- in /jail/poststart.sh ---- jid=`/usr/sbin/jls -j $1 jid` name="$1" # Do whatever you want to initialize the jail from host, here # Run the command in the jail /usr/sbin/jexec "${name}" /bin/sh /etc/rc ---- I hope this may help you. Regards, Kikuchan On Fri, 12 Jun 2015 23:59:21 -0400, Marcus Reid wrote: > Hi, > > I'm doing zfs from within a jail, and there is one thing that's giving > me some trouble. > > First, the bits that get zfs working from inside a jail: > > /etc/jail.conf: > allow.mount; > allow.mount.zfs; > enforce_statfs = 1; > > /etc/sysctl.conf: > security.jail.mount_allowed=1 > security.jail.mount_zfs_allowed=1 > security.jail.enforce_statfs=1 > > zfs set jailed=on zroot/jails/git/git > > Finally, to get the dataset visible inside the jail, this is required > when the jail is running: > > zfs jail git zroot/jails/git/git > > So, in jail.conf, I do a: > > exec.poststart = "zfs jail git zroot/jails/git/git" > > Problem: zfs is not visible in jail after a reboot. This problem is > understood but I don't know the solution. > > exec.poststart is run after exec.start (the thing that runs /etc/rc in > the jail), so the zfs datasets are not yet visible when /etc/rc.d/zfs > runs in the jail. So, I have to log into the jail and do a 'zfs mount > -a' after everything comes up. Not ideal. If there were a > exec.postcreate directive in jail.conf that ran a command on the host > after jail creation but before /etc/rc starts, then I could run 'zfs > jail' before the jails init scripts are run. > > Am I going about that in the wrong way? jail.conf seems like the right > place for it, because you want your storage working after a 'jail -rc > git', right? > > Thanks, > > Marcus > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"