Date: Wed, 22 Dec 2010 18:56:17 -0800 From: "Jason C. Wells" <jcw@speakeasy.net> To: freebsd general questions <freebsd-questions@freebsd.org> Subject: Nullfs Allows Jailbreaking Message-ID: <4D12BA51.2010602@speakeasy.net>
next in thread | raw e-mail | index | archive | help
Here is my file system scheme for a newly created jail as viewed from the host: /usr/jail/template on /usr/jail/f1 (nullfs, local, read-only) /usr/jail/f1-fs/etc on /usr/jail/f1/etc (nullfs, local) /usr/jail/f1-fs/tmp on /usr/jail/f1/tmp (nullfs, local) /usr/jail/f1-fs/var on /usr/jail/f1/var (nullfs, local) /usr/jail/f1-fs/usr-local on /usr/jail/f1/usr/local (nullfs, local) As viewed from the jail: /usr/jail/template on / (nullfs, local, read-only) I like the idea of using a template for multiple jails that I plan to use later. I like the ide of mounting the template read only. I had to splice in the other nullfs filesystems so that things that need to be read-write can be. But it seems kinda funky. Inside the jail it looks like EVERYTHING is read-only and you have no way of knowing that /tmp is actually read-write. There seems to be a violation of the segregation going on here. What pitfalls can you see in a file system scheme like this for my jails? Is the above behavior by design or did I find a flaw? Thanks, Jason
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D12BA51.2010602>