From owner-freebsd-questions@FreeBSD.ORG Mon May 5 04:25:43 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 288A937B401 for ; Mon, 5 May 2003 04:25:43 -0700 (PDT) Received: from ei.bzerk.org (ei.xs4all.nl [213.84.67.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 98F4043FAF for ; Mon, 5 May 2003 04:25:41 -0700 (PDT) (envelope-from fbsd-q@bzerk.org) Received: from ei.bzerk.org (BOFH@localhost [127.0.0.1]) by ei.bzerk.org (8.12.9/8.12.9) with ESMTP id h45BPRP1017315 for ; Mon, 5 May 2003 13:25:27 +0200 (CEST) (envelope-from stable@ei.bzerk.org) Received: (from stable@localhost) by ei.bzerk.org (8.12.9/8.12.9/Submit) id h45BPRiT017314 for freebsd-questions@freebsd.org; Mon, 5 May 2003 13:25:27 +0200 (CEST) Date: Mon, 5 May 2003 13:25:27 +0200 From: Ruben de Groot To: freebsd-questions@freebsd.org Message-ID: <20030505112527.GA17037@ei.bzerk.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Subject: (un)hiding devices with devfs(8) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 11:25:43 -0000 Hi, While playing with devfs in a 5.0 jailed environment I noticed I could read the disk devices (dd if=/dev/ad0s1c ...) To hide any unneeded devices in the jail I created the following ruleset: caliban# devfs rule -s 1 show 100 hide 200 path pty* unhide 300 path null unhide 400 path zero unhide 500 path random unhide 600 path urandom unhide 700 path stdin unhide 800 path stdout unhide 900 path stderr unhide Unfortunately, the last 3 are only symlinks to /dev/fd/0, /dev/fd/1 and /dev/fd/2. So now I must unhide these /dev/fd/* devices. I tried 1000 path fd* unhide and some other things, but that didn't work. Any clues? Ruben