From owner-freebsd-jail@FreeBSD.ORG Sat Jun 27 10:40:58 2009 Return-Path: Delivered-To: jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 850AA1065675 for ; Sat, 27 Jun 2009 10:40:58 +0000 (UTC) (envelope-from alexander@leidinger.net) Received: from mail.ebusiness-leidinger.de (mail.ebusiness-leidinger.de [217.11.53.44]) by mx1.freebsd.org (Postfix) with ESMTP id 3E6818FC13 for ; Sat, 27 Jun 2009 10:40:58 +0000 (UTC) (envelope-from alexander@leidinger.net) Received: from outgoing.leidinger.net (pD954FA84.dip.t-dialin.net [217.84.250.132]) by mail.ebusiness-leidinger.de (Postfix) with ESMTPSA id 848B9844020 for ; Sat, 27 Jun 2009 12:25:27 +0200 (CEST) Received: from unknown (unknown [192.168.2.1]) by outgoing.leidinger.net (Postfix) with ESMTP id 019701BF221 for ; Sat, 27 Jun 2009 12:25:22 +0200 (CEST) Date: Sat, 27 Jun 2009 12:25:19 +0200 From: Alexander Leidinger To: jail@freebsd.org Message-ID: <20090627122519.00002b84@unknown> X-Mailer: Claws Mail 3.7.1 (GTK+ 2.10.13; i586-pc-mingw32msvc) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-EBL-MailScanner-Information: Please contact the ISP for more information X-EBL-MailScanner-ID: 848B9844020.51021 X-EBL-MailScanner: Found to be clean X-EBL-MailScanner-SpamCheck: not spam, spamhaus-ZEN, SpamAssassin (not cached, score=-0.84, required 6, autolearn=disabled, ALL_TRUSTED -1.44, J_CHICKENPOX_57 0.60) X-EBL-MailScanner-From: alexander@leidinger.net X-EBL-MailScanner-Watermark: 1246703127.97189@634IsbEYY9Jqj4QP/7FLEA X-EBL-Spam-Status: No Cc: Subject: Switching /etc/rc.d/jail to new syntax (+ new features) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Jun 2009 10:40:58 -0000 Hi, at http://www.leidinger.net/FreeBSD/current-patches/jail.diff I have a patch to switch the jail rc script to the new jail (8-current) syntax. This includes new config options for a jail (see etc/defaults/rc.conf after patching). The patch also contains my X-in-a-jail stuff (feel free to ignore this part, it's disabled by default). If you do not make any config change, you will be able to see all mounted filesystems of the entire machine. To get back to the previous behavior, you have to add a config option: jail_XXX_startparams="enforce_statfs=2" This config option can also take other jail parameters like allow.sysvipc and other ones described in the jail man-page (additional parameters need to be space separated). Feedback welcome. Bye, Alexander.