Date: Wed, 1 Sep 2004 13:13:21 -0500 From: Scot Hetzel <swhetzel@gmail.com> To: Rob MacGregor <freebsd.macgregor@blueyonder.co.uk> Cc: freebsd-current@freebsd.org Subject: Re: 5.3-BETA1, jails and devfs Message-ID: <790a9fff04090111132a67ac3e@mail.gmail.com> In-Reply-To: <200409011802.i81I2uAR024741@the-macgregors.org> References: <200409011802.i81I2uAR024741@the-macgregors.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 1 Sep 2004 19:02:56 +0100, Rob MacGregor <freebsd.macgregor@blueyonder.co.uk> wrote: > Probably a stupid question, however... > > I've got my first jail running under 5.3-BETA1 and am trying to lock down /dev, > as per the advice in the jail man page. All attempts fail however: > > # devfs ruleset 10 > devfs ruleset: ioctl DEVFSIO_SUSE: Operation not permitted > # devfs rule apply hide > devfs rule: ioctl DEVFSIO_RAPPLY: Operation not permitted > > I'm pretty sure I've missed something obvious in a man page, but having re-read > them a few dozen times I'm darned if I can work it out. Any help appreciated. > How are you applying the devfs rules (on the host, or inside the jail)? If you are applying them from inside the jail, I don't believe that is supported. You need to apply the rules before starting the jail. Scot
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?790a9fff04090111132a67ac3e>