Date: Thu, 26 Jun 2003 17:35:13 +0400 (MSD) From: Dmitry Morozovsky <marck@rinet.ru> To: Robert Watson <rwatson@freebsd.org> Cc: hackers@freebsd.org Subject: Re: Mounting Message-ID: <20030626173142.B80636@woozle.rinet.ru> In-Reply-To: <Pine.NEB.3.96L.1030623114101.52424E-100000@fledge.watson.org> References: <Pine.NEB.3.96L.1030623114101.52424E-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 23 Jun 2003, Robert Watson wrote:
RW> > Can nodev also be added to all above + /usr?
RW>
RW> nodev prevents opening specfs character devices, but doesn't prevent
RW> opening fifos or UNIX domain sockets, so is generally fine for all file
RW> systems except /dev. The common exceptions I bump into are:
RW>
RW> (1) If you have per-user chroots, make sure wherever their custom /dev is
RW> isn't nodev.
Maybe my experience would be useful for the community:
I've successfully use mfs under 4.x for chroot/jailed environment, created via
JDEV=/ar/J/j224/dev
mount_mfs -s 256 -i 768 -o nosuid /dev/ad0s1b ${JDEV} > /dev/null 2>&1
cd ${JDEV}
sh /dev/MAKEDEV std pty0
rm mem kmem pci io klog console
ln -sf null mem
ln -sf null kmem
ln -sf null console
Sincerely,
D.Marck [DM5020, MCK-RIPE, DM3-RIPN]
------------------------------------------------------------------------
*** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru ***
------------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030626173142.B80636>