Date: Mon, 19 Dec 2016 21:10:23 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: Alexander Leidinger <Alexander@leidinger.net> Cc: SK <fbstable@cps-intl.org>, freebsd-jail <freebsd-jail@freebsd.org> Subject: Re: ZFS and Jail :: nullfs mount :: nothing visible from host :: solved [partial] Message-ID: <58583EAF.4010200@quip.cz> In-Reply-To: <20161219205403.Horde._y7Eg7n2B4m-RQoKCZSNFmV@webmail.leidinger.net> References: <aa078173-e9f1-3f09-41d4-6613014b1119@cps-intl.org> <584986D0.3040109@quip.cz> <2b6346f8-ed02-0e6d-bd89-106098e7eb2d@cps-intl.org> <58499446.3050403@quip.cz> <eed9efad-9bac-9d36-b75e-c41f9ea72a8b@cps-intl.org> <5849C5BF.7020005@quip.cz> <fb56ab21-026b-408d-f712-ed7479e1f269@cps-intl.org> <584A9179.9060508@quip.cz> <b53fba06-bb7d-06d8-34a4-4677805fb175@cps-intl.org> <584A9D89.4040003@quip.cz> <3851c5d9-7646-b670-357e-ae937fcc7e8f@cps-intl.org> <584AB345.4080307@quip.cz> <33473585-3cb9-10d3-acf9-0a917c5a0079@cps-intl.org> <20161216141540.Horde.zfu3fokeVx7FuFkk7_s-nbW@webmail.leidinger.net> <d606c9ee-f5f6-55c5-0c99-01fd47a4a378@cps-intl.org> <20161217195949.Horde.PTQ3AH5YpaT79dVSxM5UvNr@webmail.leidinger.net> <58567F0F.4010404@quip.cz> <20161219175606.Horde.9yvb3ehmcZfxqv01KTg4XGw@webmail.leidinger.net> <58581F93.1090800@quip.cz> <20161219205403.Horde._y7Eg7n2B4m-RQoKCZSNFmV@webmail.leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Alexander Leidinger wrote on 2016/12/19 20:54: > Quoting Miroslav Lachman <000.fbsd@quip.cz> (from Mon, 19 Dec 2016 > 18:57:39 +0100): > >> Alexander Leidinger wrote on 2016/12/19 17:56: >>> >>> Quoting Miroslav Lachman <000.fbsd@quip.cz> (from Sun, 18 Dec 2016 >>> 13:20:31 +0100): >>> I don't expect it to be in the docs. I try to come up with something for >>> the man page for zfs (for the "attach to jail" part), but anyone shall >>> feel free to beat me with this. >>> >>> Anyone with an idea where in the jail man page we should add something >>> too (I only had a look at the zfs man page when this issue came up)? >> >> It would be nice to have this mentioned in zfs(8) man page (that user >> in jail cannot manage jail's root dataset but can manage some >> sub-dataset not required to boot the jail) > > What about this? Better wording welcome. > ---snip--- > Index: zfs.8 > =================================================================== > --- zfs.8 (Revision 298108) > +++ zfs.8 (Arbeitskopie) > @@ -450,8 +450,11 @@ > dataset can be attached to a jail by using the > .Qq Nm Cm jail > subcommand. You cannot attach a dataset to one jail and the children > of the > -same dataset to another jails. To allow management of the dataset from > within > -a jail, the > +same dataset to another jails. You can also not attach the root file > system > +of the jail or any dataset which needs to be mounted before the zfs rc > script > +is run inside the jail, as it would be attached unmounted until it is > +mounted from the rc script inside the jail. To allow management of the > +dataset from within a jail, the > .Sy jailed > property has to be set and the jail needs access to the > .Pa /dev/zfs > ---snip--- > >> And there can be some useful example in jail(8) man page in EXAMPLES. >> There is section "Jails and File Systems" and there can be new section >> "Manage ZFS from within jail" with basic notes about required jail >> params, zfs set jailed property and example "hierarchy". (and warning >> about gotchas with jailed=0 on jail's root directory) > > Are you willing to come up with some text-only version/draft/outline for > this one? I am not good at English but I will try something. Thank you! Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?58583EAF.4010200>