From owner-freebsd-current@FreeBSD.ORG Wed Feb 3 17:14:18 2010 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 374421065692 for ; Wed, 3 Feb 2010 17:14:18 +0000 (UTC) (envelope-from glz@hidden-powers.com) Received: from mail.hidden-powers.com (mail.hidden-powers.com [213.242.135.162]) by mx1.freebsd.org (Postfix) with ESMTP id D9CB88FC1A for ; Wed, 3 Feb 2010 17:14:17 +0000 (UTC) Received: from mail.hidden-powers.com (localhost [127.0.0.1]) by dkim.hidden-powers.com (Postfix) with ESMTP id C7F1D6E5AB for ; Wed, 3 Feb 2010 17:58:33 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=hidden-powers.com; h=date :from:to:subject:message-id:mime-version:content-type: content-transfer-encoding; s=selector1; bh=D6xrIMsYbi4PEdhJaQ0ia Trwtrs=; b=B0ul1YeFhZvl8O8Fvmb/P9xk55mv1KSeX6U5ggC4KndmSxgPrwIG8 JIN31RtEPl8cOdXjkXwUsytbewfeeZq0XIwrYkP0k29RaF+5xY+N5ceTB4IvLi/f jYdqi6p7alyKO63t63vOMkSaTbQZ7unkT4rGlXY/tYbwTsrlBbokdY= Received: from [10.255.253.2] (unknown [10.255.253.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.hidden-powers.com (Postfix) with ESMTPSA id BAE336E5AA for ; Wed, 3 Feb 2010 17:58:33 +0100 (CET) Date: Wed, 03 Feb 2010 17:58:33 +0100 From: Goran Lowkrantz To: current@freebsd.org Message-ID: <0217C80176ED4ABCC821312F@[10.255.253.2]> X-Mailer: Mulberry/4.0.8 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Cc: Subject: Q: Building release in jail? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Feb 2010 17:14:18 -0000 Hi, Tried this over on questions but no takers. So I try it here: I am trying to get a working release build environment in a jail but it fails because the release script needs to mount devfs in the chrooted build environment and the md devices used to build the images. I have set the following syscontrols vfs.usermount=1 security.jail.mount_allowed=1 security.jail.chflags_allowed=1 but still can't mount inside the jail. I tried with delegating the chroot filesystem to the jail using zfs jail and can mount it within the jail (but not umount it???) but still can't mount the md devices on this jaild filesystem. My filesystem setup is with the jail root at /usr/jails/release/ where the startup scripts put a restricted devfs on /usr/jails/release/dev. I put my CVS copy at /home/ncvs (/usr/jails/release/usr/home/ncvs) and the chroot target at /home/release/8/dev (/usr/jails/release/usr/home/release/8). I managed to mount a devfs on /usr/jails/release/usr/home/release/8/dev from outside the jail after the release make had started as a workaround but whatever I did, mounting md-devices on /mnt (/usr/home/release/8/mnt) (/usr/jails/release/usr/home/release/8/mnt) always failed. Is it possible to build a release in a jail? What am I missing? /glz --- Never attribute to malice what can adequately be explained by incompetence.