From owner-freebsd-questions@FreeBSD.ORG Tue Feb 2 10:10:07 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4BAF7106568B for ; Tue, 2 Feb 2010 10:10:07 +0000 (UTC) (envelope-from hiyorin@gmail.com) Received: from mail-px0-f183.google.com (mail-px0-f183.google.com [209.85.216.183]) by mx1.freebsd.org (Postfix) with ESMTP id 1C4568FC19 for ; Tue, 2 Feb 2010 10:10:07 +0000 (UTC) Received: by pxi13 with SMTP id 13so3885443pxi.3 for ; Tue, 02 Feb 2010 02:10:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=rN8tKXJ+qWl5LOvSD0bM6EFwfrwTEoVEcJe7rgi6X8Q=; b=qBy/VLJMBjEs6hJLY4pymcYD87hgPqQrUN+geDqv0DEwga0Jok+udhGg8Am0jZsNwV B5qCeBcxiY3YUseLEHjsa0MfXcShwt4ObX26ZbNlkcYd72tllK/wymtmFSMpdylUw/cY HvSRe7rS1WZIMbKNBvYKKkugFCkxxvaReasPU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=ct9eOtDuLXczL1WoxZPcGOjTlY9k7Ae87wxPNqYko0/Jr8O0MsInRg7B9uOe4n76bF ZX9y1bwJPJLcIGYm7L6jrbaDjvFiPe9DX6bTrOgWfscPdlFPoZaT1A+tnUeYs6Rro+ny 7JFGPQygT4w5wJgfuQUr6SyUziXdAr31ro77M= Received: by 10.114.248.23 with SMTP id v23mr3874522wah.189.1265105406719; Tue, 02 Feb 2010 02:10:06 -0800 (PST) Received: from ?10.130.10.181? ([202.82.159.125]) by mx.google.com with ESMTPS id 20sm2686485pzk.1.2010.02.02.02.10.04 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 02 Feb 2010 02:10:05 -0800 (PST) Message-ID: <4B67F9F9.4030906@gmail.com> Date: Tue, 02 Feb 2010 18:10:01 +0800 From: "C. C. Tang" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20100111 Thunderbird/3.0.1 MIME-Version: 1.0 To: Jay Hall References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Jails and Hardware security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2010 10:10:07 -0000 I think you may write your only rule set for that jail in /etc/devfs.rules and specify it by using the line: jail_(jailname)_devfs_ruleset="(rule_name)" in /etc/rc.conf Or corresponding line in /usr/local/etc/ezjail/(jailname) if you are using ezjail. Regards, C.C. On 1/31/2010 6:27 AM, Jay Hall wrote: > Is it possible to limit what hardware a jail has access to? I am > wanting to limit access to the tape drive/autoloader in one jail, but > allow another to have access to it. > > Is this as simple as deleting the appropriate entries in /dev? > > Thanks, > > Jay > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org"