Date: Wed, 24 Nov 2021 16:58:45 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: eaab06d53dfa - stable/13 - devfs.rules: Correctly unhide pf in vnet jails Message-ID: <202111241658.1AOGwjkp059571@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=eaab06d53dfa7fbf926a2c19aa00a6804b5e6349 commit eaab06d53dfa7fbf926a2c19aa00a6804b5e6349 Author: Zhenlei Huang <zlei.huang@gmail.com> AuthorDate: 2021-11-03 11:46:48 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2021-11-24 16:45:51 +0000 devfs.rules: Correctly unhide pf in vnet jails Revision 9e9be081d8 introduced a new devfs rule devfsrules_jail_vnet. It includes rule devfsrules_jail which include other rules. Unfortunately devfs could not recursively parse the action include and thus devfsrules_jail_vnet will expose all nodes. PR: 255660 Reviewed by: kp Obtained from: Gijs Peskens <gijs@peskens.net> MFC after: 3 weeks Differential Revision: https://reviews.freebsd.org/D32814 (cherry picked from commit 7acd322ebe2072b1d73b1d19c14ab12a300ba8e8) --- sbin/devfs/devfs.rules | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sbin/devfs/devfs.rules b/sbin/devfs/devfs.rules index 01d8e5194c17..9543e20947d9 100644 --- a/sbin/devfs/devfs.rules +++ b/sbin/devfs/devfs.rules @@ -88,5 +88,8 @@ add path fuse unhide add path zfs unhide [devfsrules_jail_vnet=5] +add include $devfsrules_hide_all +add include $devfsrules_unhide_basic +add include $devfsrules_unhide_login add include $devfsrules_jail add path pf unhide
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202111241658.1AOGwjkp059571>