Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 22 Sep 2008 09:49:24 -0400 (EDT)
From:      Randy Schultz <schulra@earlham.edu>
To:        freebsd-jail@freebsd.org
Subject:   request for (security) comments on this setup
Message-ID:  <Pine.BSF.4.64.0809220809440.16549@tdream.lly.earlham.edu>
next in thread | raw e-mail | index | archive | help 
Heya,

I'm mounting some iSCSI storage in a jail.  It's mounting in the jail via
fstab.<jailname>.  When the jail is up and I'm logged into the jail I can cd
to the mount point, r/w etc., everything seems to work.  What's weird tho' is,
while a df on the parent shows the partion mounted as expected, a df inside
the jail shows the local disk but not the iSCSI mount.

This is fbsd 7.1-prerelease, the jail's name is spectro.

On the parent:
Root Dude ? df -h|egrep data
/dev/da0s1d                  1.3T    2.9G    1.2T     0% /usr/local/jails/spectro/data

Root Dude ? cat /etc/fstab.spectro
/usr/local/jails/basejail /usr/local/jails/spectro/basejail nullfs ro 0 0
/dev/da0s1d               /usr/local/jails/spectro/data             ufs rw              1       1


in the jail:
Dude ? df -h
Filesystem            Size    Used   Avail Capacity  Mounted on
/dev/mirror/gm0s1e    178G     43G    121G    26%    /

Root Dude ? dmesg|egrep da0
da0 at iscsi0 bus 0 target 0 lun 0
da0: <SUN SOLARIS 1> Fixed Direct Ac
Root Dude ? cd /data
Root Dude ? ls -l
total 5830386
drwxrwxr-x  2 root  operator         512 Sep 19 17:52 .snap
-rw-r-----  1 root  wheel     5967380480 Sep 22 09:44 all.5
Root Dude ? touch test
Root Dude ? ls -l
total 5836930
drwxrwxr-x  2 root  operator         512 Sep 19 17:52 .snap
-rw-r-----  1 root  wheel     5974065152 Sep 22 09:45 all.5
-rw-r--r--  1 root  wheel              0 Sep 22 09:44 test
Root Dude ? iostat 1
tty             ad4              ad6              da0             cpu
tin tout  KB/t tps  MB/s   KB/t tps  MB/s   KB/t tps  MB/s  us ni sy in id
0    5 33.42   4  0.12  33.43   4  0.12  62.62   2  0.11   0  0  0 0 100
0  232 64.00   6  0.37  64.00   4  0.25  58.95  19  1.09   0  0 0  0 100
0   78 60.57  14  0.83  61.00  16  0.95  53.09  22  1.14   0 0  0  0 100
^C


So, my first question is what am I missing, the second is does mounting things
this way into a jail pose any sort of risk for escaping the jail?

--
  Randy    (schulra@earlham.edu)      765.983.1283         <*>

Love with your heart, think with your head;  not the other way around.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.64.0809220809440.16549>