Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 17 Jul 2000 12:00:55 -0700
From:      Julian Elischer <julian@elischer.org>
To:        Warner Losh <imp@village.org>
Cc:        Kelly Yancey <kbyanc@posi.net>, Robert Watson <rwatson@FreeBSD.ORG>, Dan Nelson <dnelson@emsphone.com>, Adrian Chadd <adrian@FreeBSD.ORG>, freebsd-arch@FreeBSD.ORG
Subject:   Re: SysctlFS
Message-ID:  <397357E7.794BDF32@elischer.org>
References:  <Pine.BSF.4.21.0007160046160.9967-100000@gateway.posi.net> <200007160752.BAA52125@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Warner Losh wrote:
> 
> In message <Pine.BSF.4.21.0007160046160.9967-100000@gateway.posi.net> Kelly Yancey writes:
> :   I didn't mean when you mounted the jail, but rather when you mounted the
> : filesystem in question (i.e. /dev or /proc). The mount flag would be used to
> : indicate that is mount is to transcend jails. In other words, when building a
> : list of the current mount points inside a jail, mount with this flag would
> : always be included. It is arguably a hack, but I don't see why it wouldn't
> : work.
> 
> You certainly don't want to do that for /dev in jails.  The whole
> point of jails is that you can give them access to a small subset of
> devices that are "safe".
>

My suggestion is not that you allow symlinks to jump out of a jail
for devices, but rather, the major and minor numbers presently used
to connect the inode to the device be replaced by an ascii
string (stored in the cdev inode in the same way a symlink is 
currently stored in the block pointer space) that connects to 
the appropriatly named node in.

1/ a devfs tree,
or 
2/ the phk device vnode stuff,
either of which can map an name to a driver/minor# combination.

It's not a symlink, it's just a 60 byte major number.

You use the device canonical name as a limking mechanism
in thesame way we currently use the major number.
You still have a devfs on /devfs, because you still want new 
devices to show up somewhere, but you have the auxhiliary
access mechanism of making individual nodes in the filesystem
and having them access the arbitrarily named devices.
(then major numbers can go away completely and all devices can be
dynamic)



-- 
      __--_|\  Julian Elischer
     /       \ julian@elischer.org
    (   OZ    ) World tour 2000
     ;_.---._/  presently in:  Budapest
            v


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397357E7.794BDF32>