Date: Thu, 3 Jul 2003 04:00:46 -0700 (PDT) From: Josh Brooks <user@mail.econolodgetulsa.com> To: freebsd-hackers@freebsd.org Subject: current state of the art / best practice for devfs in a jail ? Message-ID: <20030702220924.V57224-100000@mail.econolodgetulsa.com>
next in thread | raw e-mail | index | archive | help
I have been researching the various of ways people add devfs to a jail to give the jail certian /dev devices necessary to function ... One strategy I saw was: mount -t devfs devfs /home/jail/dev ( cd /home/jail/dev ; rm $devices_i_dont_want_in_my_jails ) mount -u -o nonewdev /home/jail/dev However I do not know of a `nonewdev` option for mount - but does that even matter, since `mknod` does not work inside of a jail ? Or does it in 5.x ? -- Another strategy I saw was : # mount -t devfs devfs /home/jail/dev # cd /home/jail/dev # rm -f * # rm -W null zero tty console # ls -l crw------- 1 phk wheel 0, 0 2 Feb 01:09 console drwxr-xr-x 2 root wheel 0 2 Feb 01:06 fd crw-rw-rw- 1 root wheel 2, 2 3 Feb 21:25 null crw-rw-rw- 1 root wheel 1, 0 3 Feb 17:27 tty crw-rw-rw- 1 root wheel 2, 12 1 Jan 1970 zero # Does this even work ? -- So I guess I am asking two questions: 1. in 5.x, is it still true that mknod will not work from within a jail (I sure hope it is still true) 2. what is the current "best practices" strategy for mounting up a devfs in a jail ? thank!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030702220924.V57224-100000>