Date: Sun, 26 Feb 2012 00:04:05 +0100 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: Martin Matuska <mm@FreeBSD.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r232059 - in head: sys/fs/devfs sys/fs/nullfs sys/kern sys/sys usr.sbin/jail Message-ID: <20120225230404.GJ1344@garage.freebsd.pl> In-Reply-To: <201202231851.q1NIpOxH018329@svn.freebsd.org> References: <201202231851.q1NIpOxH018329@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--iRjOs3ViPWHdlw/I Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 23, 2012 at 06:51:24PM +0000, Martin Matuska wrote: > Author: mm > Date: Thu Feb 23 18:51:24 2012 > New Revision: 232059 > URL: http://svn.freebsd.org/changeset/base/232059 >=20 > Log: > To improve control over the use of mount(8) inside a jail(8), introduce > a new jail parameter node with the following parameters: > =20 > allow.mount.devfs: > allow mounting the devfs filesystem inside a jail > =20 > allow.mount.nullfs: > allow mounting the nullfs filesystem inside a jail > =20 > Both parameters are disabled by default (equals the behavior before > devfs and nullfs in jails). Administrators have to explicitly allow > mounting devfs and nullfs for each jail. The value "-1" of the > devfs_ruleset parameter is removed in favor of the new allow setting. > =20 > Reviewed by: jamie > Suggested by: pjd > MFC after: 2 weeks Thanks. Could you also add such an option for ZFS? It would also be nice to document the fact that when file system is using VFCF_JAIL flag, it should be added to allow.mount. Not sure where would be the best place to document that, though. VFS_INIT(9) would be best, but eventhough it is referenced by VFS(9), it doesn't exist... --=20 Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://tupytaj.pl --iRjOs3ViPWHdlw/I Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAk9JaOQACgkQForvXbEpPzTP/wCfSuKjdcWKmlDweEa4sJuydyhJ gd4AoISvLixPtudOZgZr/CydmAZ+ZndZ =JGSN -----END PGP SIGNATURE----- --iRjOs3ViPWHdlw/I--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120225230404.GJ1344>