From owner-freebsd-stable@FreeBSD.ORG  Thu Aug  8 12:05:27 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 553B2F23
 for <freebsd-stable@freebsd.org>; Thu,  8 Aug 2013 12:05:27 +0000 (UTC)
 (envelope-from feld@FreeBSD.org)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com
 [66.111.4.26])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 287E72CB7
 for <freebsd-stable@freebsd.org>; Thu,  8 Aug 2013 12:05:26 +0000 (UTC)
Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43])
 by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 5E72B20AEF
 for <freebsd-stable@freebsd.org>; Thu,  8 Aug 2013 08:05:26 -0400 (EDT)
Received: from web3 ([10.202.2.213])
 by compute3.internal (MEProxy); Thu, 08 Aug 2013 08:05:26 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
 messagingengine.com; h=message-id:from:to:mime-version
 :content-transfer-encoding:content-type:in-reply-to:references
 :subject:date; s=smtpout; bh=qWib/sMQx5/oc+bajHgvsLln92s=; b=SqX
 8ovREcskavV1olP0tWYzkh9Sq69Dj8pUBJ2Fo8zHZmL5oFogQxfsaCCif0AlDRnZ
 au28AubDkI5ozZpgy1n+NuS9GROq7Nzyee3O/doTF2piBJTnMHs3OyrlYC1LsiZW
 Oe3+QpnEbmDHNChWfTmtLvkvMK2g6E6loTY1wyHc=
Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99)
 id 44860B022D3; Thu,  8 Aug 2013 08:05:26 -0400 (EDT)
Message-Id: <1375963526.32115.7488635.39B9BAB2@webmail.messagingengine.com>
X-Sasl-Enc: F/E4bY51pUDUhVcV7V2HnqvuVs9XAWsru48hBZwPX8NJ 1375963526
From: Mark Felder <feld@FreeBSD.org>
To: freebsd-stable@freebsd.org
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="ISO-8859-1"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-d9f253bf
In-Reply-To: <alpine.BSF.2.00.1308081356490.90799@mail.fig.ol.no>
References: <CA+dUSyqDY9CQUrTDGNT5xwGjRce=JvAJrJHATxAocvffbz=ewg@mail.gmail.com>
 <CA+dUSypajBopACJt4HiNOGGYb2RqSfvrL0iP3eA_j+Rd7hVi+A@mail.gmail.com>
 <alpine.BSF.2.00.1308081356490.90799@mail.fig.ol.no>
Subject: Re: ZFS in jails 9.2-RC1 permission denied
Date: Thu, 08 Aug 2013 07:05:26 -0500
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2013 12:05:27 -0000

On Thu, Aug 8, 2013, at 6:59, Trond Endrest=F8l wrote:
>=20
> I'm just guessing, but I doubt a jail would be able to create new ZFS=20
> filesystems outside its own structure, if at all able. A jail would=20
> however be allowed to (un)mount already existing filesystems within=20
> its own structure, i.e. Pool/test1.
>=20

When I first reviewed his post I clearly confused "mounting" with
"creating a new zfs filesystem". Is that even supposed to be permitted
in a jail? I almost feel a sysctl disabling that by default would be
nice... DoS by zfs filesystem creation/deletion, anyone?