From owner-freebsd-stable@FreeBSD.ORG Fri Aug 9 11:07:25 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id F088DDD4; Fri, 9 Aug 2013 11:07:25 +0000 (UTC) (envelope-from gkontos.mail@gmail.com) Received: from mail-pd0-x22a.google.com (mail-pd0-x22a.google.com [IPv6:2607:f8b0:400e:c02::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C0D3D20D0; Fri, 9 Aug 2013 11:07:25 +0000 (UTC) Received: by mail-pd0-f170.google.com with SMTP id x10so420064pdj.29 for ; Fri, 09 Aug 2013 04:07:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=VZuYbM1fe2YFByBog524ajrRLSrvP0xkDz4O0esvQHE=; b=XEEbNpb6OxpybQjrb89v/9w5mUlaOhXLZ/pflw8/3cObjf5slPE07Md5B+3IB4ExuX +BvgCBbT2qA8G2+ELbPibAzQ1dwbG0QPiY8xnh3FsStB6GmTQw7SII59ZdwM1Q4stfgY JfX/t6pomDOsxccKjxE5avuKQauZ6G32sd9tXgnPuU83h+5aA5wmkubWTIFXPIjy3ZvA igAbSgL7mqzaTM8XrQ7g/FaWbm/aa7DLI0aJUWD1/ttgH7EaAjo4a8ZkwgZhUZ8ssaLQ Y3U8IHb6/z+xLLvXdu8d7KC6xHjS25L9xijByIvO0xu1LEPU8CWhYDI4YPC0v8h8BYDp VF6Q== MIME-Version: 1.0 X-Received: by 10.68.189.195 with SMTP id gk3mr10482686pbc.193.1376046445156; Fri, 09 Aug 2013 04:07:25 -0700 (PDT) Received: by 10.68.211.106 with HTTP; Fri, 9 Aug 2013 04:07:25 -0700 (PDT) In-Reply-To: References: <1375963160.29686.7487435.7323F707@webmail.messagingengine.com> Date: Fri, 9 Aug 2013 14:07:25 +0300 Message-ID: Subject: Re: ZFS in jails 9.2-RC1 permission denied From: George Kontostanos To: =?ISO-8859-1?Q?Trond_Endrest=F8l?= Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Aug 2013 11:07:26 -0000 On Fri, Aug 9, 2013 at 1:57 PM, Trond Endrest=F8l < Trond.Endrestol@fagskolen.gjovik.no> wrote: > On Fri, 9 Aug 2013 13:35+0300, George Kontostanos wrote: > > > On Fri, Aug 9, 2013 at 8:55 AM, Trond Endrest=F8l < > > Trond.Endrestol@fagskolen.gjovik.no> wrote: > > > > > On Thu, 8 Aug 2013 19:04+0300, George Kontostanos wrote: > > > > > > > On Thu, Aug 8, 2013 at 2:59 PM, Mark Felder > wrote: > > > > > > > > > On Thu, Aug 8, 2013, at 6:53, George Kontostanos wrote: > > > > > > > > > > > > Anybody? > > > > > > > > > > > > > > > > Can you provide your jail configuration? I think 9.2 introduces > the new > > > > > /etc/jail.conf functionality and perhaps it somehow it broke the > way > > > you > > > > > were doing it previously? If so, the old method is supposed to be > work > > > > > as well... > > > > > > > > jail_enable=3D"YES" > > > > jail_list=3D"jail1" > > > > jail_jail1_rootdir=3D"/tank/jails/jail1" > > > > jail_jail1_hostname=3D"jail1" > > > > jail_jail1_interface=3D"em0" > > > > jail_jail1_ip=3D"172.16.154.32" > > > > jail_jail1_devfs_enable=3D"YES" > > > > > > During my experimentation yesterday, I had to add: > > > > > > jail_jail1_parameters=3D"enforce_statfs=3D1 allow.mount=3D1 > allow.mount.zfs=3D1" > > > > > > I wish there was a way of executing a command in the host environment > > > _after_ the jail is created, but _before_ exec.start is run from > > > within the jail environment, exec.prestart is run in the host > > > environment before the jail is created and is of no use for attaching > > > a ZFS dataset to a particular jail with the zfs jail command. > > > > > > Until this issue is resolved, I see no other way than manually > > > attaching a ZFS dataset to a jail, and manually running the mount > > > command from within the jail environment. > > > > Excellent, this worked like a charm! > > > > Does this means that the sysctl parameters are not honored or they have > to > > be also passed in the jail parameters? > > I guess so. Setting the sysctls in /etc/sysctl.conf doesn't seem to > propagate to the jail environments at all in 9.2-BETA2. > > > Thanks! > > You're welcome, and thanks for pushing me to explore jails and ZFS > even further. ;-) > > Maybe the jail people should erect exec.afterprestart, enabling us to > attach ZFS datasets to our jails prior to launching the jails. > > -- > +-------------------------------+------------------------------------+ > | Vennlig hilsen, | Best regards, | > | Trond Endrest=F8l, | Trond Endrest=F8l, = | > | IT-ansvarlig, | System administrator, | > | Fagskolen Innlandet, | Gj=F8vik Technical College, Norway, | > | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, | > | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. | > +-------------------------------+------------------------------------+ > I think that the process of attaching a dataset or a pool to a jail has to be done after the JID has been created. The way I attach them is from the host system: #zfs jail pool/dataset Best --=20 George Kontostanos --- http://www.aisecure.net