From owner-freebsd-doc Mon Feb 10 2: 0:32 2003 Delivered-To: freebsd-doc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0141037B405 for ; Mon, 10 Feb 2003 02:00:29 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id BF12643FA3 for ; Mon, 10 Feb 2003 02:00:25 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id h1AA0PNS061540 for ; Mon, 10 Feb 2003 02:00:25 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id h1AA0PGt061539; Mon, 10 Feb 2003 02:00:25 -0800 (PST) Date: Mon, 10 Feb 2003 02:00:25 -0800 (PST) Message-Id: <200302101000.h1AA0PGt061539@freefall.freebsd.org> To: freebsd-doc@FreeBSD.org Cc: From: Grzegorz Czaplinski Subject: Re: docs/48095: Manual page for jail(8) does not mention mounting devfs under jail. Reply-To: Grzegorz Czaplinski Sender: owner-freebsd-doc@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR docs/48095; it has been noted by GNATS. From: Grzegorz Czaplinski To: bug-followup@FreeBSD.org Cc: Subject: Re: docs/48095: Manual page for jail(8) does not mention mounting devfs under jail. Date: Mon, 10 Feb 2003 10:53:12 +0100 --FCuugMFkClbJLl1L Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Looks like I did not send it to bug-followup@FreeBSD.org. Sorry. Grzegorz -- Grzegorz Czaplinski "The Power to Serve, Right for the Power Users!" - http://www.FreeBSD.org/ Fingerprint: EB77 E19D CFA2 5736 810F 847C A70F A275 2489 469F --FCuugMFkClbJLl1L Content-Type: message/rfc822 Content-Disposition: inline Date: Sun, 9 Feb 2003 23:09:22 +0100 From: Grzegorz Czaplinski To: Giorgos Keramidas Subject: Re: docs/48095: Manual page for jail(8) does not mention mounting devfs under jail. Message-ID: <20030209220922.GD35509@prioris.mini.pw.edu.pl> References: <20030208200830.C85C17CF1A@prioris.mini.pw.edu.pl> <20030209175539.GB30623@gothmog.gr> <20030209212743.GA35509@prioris.mini.pw.edu.pl> <20030209213626.GC51880@gothmog.gr> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="2Z2K0IlrPCVsbNpk" Content-Disposition: inline In-Reply-To: <20030209213626.GC51880@gothmog.gr> User-Agent: Mutt/1.4i X-PGP: http://prioris.mini.pw.edu.pl/~gregory/pgp.txt --2Z2K0IlrPCVsbNpk Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Feb 09, 2003 at 11:36:26PM +0200, Giorgos Keramidas wrote: > > > # Jailed processes that need devices should have some sort of access > > > # to /dev nodes when they are inside the jail, imho. It is then up to > > > # the administrator to choose how to implement this. Either by > > > # mounting devfs under the /jail/dev directory or by manually calling > > > # MAKEDEV or mknod to create only those devices that are absolutely > > > # necessary. > > > > I would put it that way: > > # Jailed processes that need devices should have some sort of access > > # to /dev nodes when they are inside the jail. Making device nodes with > > # MAKEDEV or mknod is not sufficient. To let devfs(5) allocate device > > # nodes in your jail transparently do: > > mount -t devfs devfs /jail/dev >=20 > Hmm, odd. Isn't mknod sufficient? I have problems building world > right now in my current machine at home, so I can't test this by > creating a new jail, but how/why did mknod within the jail fail to > work for you? >=20 > - Giorgos I can create device nodes with mknod, no problem. Look: tahoe# ls -l /jails/jail/dev/ttyp* [/jails/jail/dev 10:53PM] crw-rw-rw- 1 root wheel 5, 0 Feb 9 22:08 /jails/jail/dev/ttyp0 crw-rw-rw- 1 root wheel 5, 1 Feb 9 22:08 /jails/jail/dev/ttyp1 crw-rw-rw- 1 root wheel 5, 2 Feb 9 22:07 /jails/jail/dev/ttyp2 crw-rw-rw- 1 root wheel 5, 3 Feb 9 22:55 /jails/jail/dev/ttyp3 crw-rw-rw- 1 root wheel 5, 4 Feb 9 22:07 /jails/jail/dev/ttyp4 crw-rw-rw- 1 root wheel 5, 5 Feb 9 22:07 /jails/jail/dev/ttyp5 crw-rw-rw- 1 root wheel 5, 6 Feb 9 22:07 /jails/jail/dev/ttyp6 crw-rw-rw- 1 root wheel 5, 7 Feb 9 22:07 /jails/jail/dev/ttyp7 crw-rw-rw- 1 root wheel 5, 8 Feb 9 22:07 /jails/jail/dev/ttyp8 crw-rw-rw- 1 root wheel 5, 9 Feb 9 22:07 /jails/jail/dev/ttyp9 devfs is not mounted under /jails/jail/dev/ When I try to log into the jail for the third time the session hangs: gregory 991 0.0 0.7 2392 1932 p2 S+J 10:57PM 0:00.07 ssh=20 192.168.0.5 root 992 0.0 0.9 5372 2360 ?? SJ 10:57PM 0:00.02 sshd:=20 gregory [priv] (sshd) gregory 995 0.0 0.9 5372 2404 ?? SJ 10:57PM 0:00.01 sshd: gregory@notty (sshd) After mounting devfs everything works correctly. That might be a problem at my side though. Cheers, Grzegorz=20 -- Grzegorz Czaplinski "The Power to Serve, Right for the Power Users!" - http://www.FreeBSD.org/ Fingerprint: EB77 E19D CFA2 5736 810F 847C A70F A275 2489 469F --2Z2K0IlrPCVsbNpk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj5G0YUACgkQpw+idSSJRp/p8ACfWRMh/8JDQTVBeG+nkAlLAwcU F7gAoL1ao+8FqjToruIUoQ1tOOhuvGtO =Qd6Z -----END PGP SIGNATURE----- --2Z2K0IlrPCVsbNpk-- --FCuugMFkClbJLl1L-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message