From owner-freebsd-jail@FreeBSD.ORG Tue Jun 21 01:36:06 2011 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8CB141065675 for ; Tue, 21 Jun 2011 01:36:06 +0000 (UTC) (envelope-from lars@oddbit.com) Received: from mail-iw0-f182.google.com (mail-iw0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id 5AC4E8FC13 for ; Tue, 21 Jun 2011 01:36:06 +0000 (UTC) Received: by iwr19 with SMTP id 19so4841281iwr.13 for ; Mon, 20 Jun 2011 18:36:06 -0700 (PDT) Received: by 10.231.29.132 with SMTP id q4mr5612266ibc.169.1308618586310; Mon, 20 Jun 2011 18:09:46 -0700 (PDT) Received: from mail-iw0-f182.google.com (mail-iw0-f182.google.com [209.85.214.182]) by mx.google.com with ESMTPS id p15sm3507667ibh.63.2011.06.20.18.09.44 (version=SSLv3 cipher=OTHER); Mon, 20 Jun 2011 18:09:44 -0700 (PDT) Received: by iwr19 with SMTP id 19so4823349iwr.13 for ; Mon, 20 Jun 2011 18:09:44 -0700 (PDT) MIME-Version: 1.0 Received: by 10.42.162.194 with SMTP id z2mr4415193icx.79.1308618584364; Mon, 20 Jun 2011 18:09:44 -0700 (PDT) Received: by 10.231.39.137 with HTTP; Mon, 20 Jun 2011 18:09:44 -0700 (PDT) In-Reply-To: <4DFC7B0C.6040205@freenas.org> References: <4DFC7B0C.6040205@freenas.org> Date: Mon, 20 Jun 2011 21:09:44 -0400 Message-ID: From: Lars Kellogg-Stedman To: Christian Degen Content-Type: text/plain; charset=UTF-8 Cc: freebsd-jail@freebsd.org Subject: Re: Exposing a hierarchy of ZFS datasets inside multiple jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jun 2011 01:36:06 -0000 Christian, Thank you for your answer. I've read through your email a few times, and I think that there is a problem with your suggestion. Please let me know if I've misunderstood something. If I create a ZFS dataset: zfs create tank/nullfs And then mount this somewhere else via nullfs: mount_nullfs /tank/nullfs /mnt/nfs_home And then create a new ZFS dataset below tank/nullfs: zfs create tank/nullfs/user1 And then create some files in that dataset: $ touch /tank/nullfs/user1/file1 $ touch /tank/nullfs/user1/file2 $ find /tank/nullfs/user1 /tank/nullfs/user1 /tank/nullfs/user1/file1 /tank/nullfs/user1/file2 The only thing I will find in /mnt/nfs_home is an empty directory named "user1": $ find /mnt/nfs_home /mnt/nfs_home/ /mnt/nfs_home/user1 The nullfs mount of /tank/nullfs to /mnt/nfs_home only exposes files and directories contained in the "nullfs" dataset, but not in any subordinate datasets. This is exactly my original problem (otherwise I would simply have nullfs mounted /home inside my jails). > teufelchen# zfs create tank/nullfs/dataset1 > teufelchen# touch /mnt/tank/nfs_home/dataset1/newfile > teufelchen# jexec 14 ls /mnt/nfs_home/dataset1/ > newfile > > Is this what you are trying todo? I think that there may be a problem with your example here. When you run: teufelchen# touch /mnt/tank/nfs_home/dataset1/newfile ...I don't think you're creating the file where you think you are. Take a look at /mnt/tank/nullfs/dataset1; I suspect you won't find it there. What you've accomplished is to use the "nfs_home" dataset exclusively, ignoring any subordinate datasets. That is, you're treating it like you do this: zfs create tank/nullfs mkdir /mnt/tank/nullfs/dataset1 Rather than: zfs create tank/nullfs zfs create tank/nullfs/dataset1 The difference is crucial to this problem. Cheers, -- Lars