Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 26 Feb 2012 00:04:05 +0100
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        Martin Matuska <mm@FreeBSD.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r232059 - in head: sys/fs/devfs sys/fs/nullfs sys/kern sys/sys usr.sbin/jail
Message-ID:  <20120225230404.GJ1344@garage.freebsd.pl>
In-Reply-To: <201202231851.q1NIpOxH018329@svn.freebsd.org>
References:  <201202231851.q1NIpOxH018329@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--iRjOs3ViPWHdlw/I
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Feb 23, 2012 at 06:51:24PM +0000, Martin Matuska wrote:
> Author: mm
> Date: Thu Feb 23 18:51:24 2012
> New Revision: 232059
> URL: http://svn.freebsd.org/changeset/base/232059
>=20
> Log:
>   To improve control over the use of mount(8) inside a jail(8), introduce
>   a new jail parameter node with the following parameters:
>  =20
>   allow.mount.devfs:
>   	allow mounting the devfs filesystem inside a jail
>  =20
>   allow.mount.nullfs:
>   	allow mounting the nullfs filesystem inside a jail
>  =20
>   Both parameters are disabled by default (equals the behavior before
>   devfs and nullfs in jails). Administrators have to explicitly allow
>   mounting devfs and nullfs for each jail. The value "-1" of the
>   devfs_ruleset parameter is removed in favor of the new allow setting.
>  =20
>   Reviewed by:	jamie
>   Suggested by:	pjd
>   MFC after:	2 weeks

Thanks. Could you also add such an option for ZFS? It would also be nice
to document the fact that when file system is using VFCF_JAIL flag, it
should be added to allow.mount. Not sure where would be the best place
to document that, though. VFS_INIT(9) would be best, but eventhough it
is referenced by VFS(9), it doesn't exist...

--=20
Pawel Jakub Dawidek                       http://www.wheelsystems.com
FreeBSD committer                         http://www.FreeBSD.org
Am I Evil? Yes, I Am!                     http://tupytaj.pl

--iRjOs3ViPWHdlw/I
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk9JaOQACgkQForvXbEpPzTP/wCfSuKjdcWKmlDweEa4sJuydyhJ
gd4AoISvLixPtudOZgZr/CydmAZ+ZndZ
=JGSN
-----END PGP SIGNATURE-----

--iRjOs3ViPWHdlw/I--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120225230404.GJ1344>