From owner-freebsd-questions@freebsd.org Tue Jun 26 17:17:32 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0D7281003902 for ; Tue, 26 Jun 2018 17:17:32 +0000 (UTC) (envelope-from freebsd@fongaboo.com) Received: from h4lix.wtfayla.net (helix.wtfayla.net [64.246.134.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AAB6A7A2A0 for ; Tue, 26 Jun 2018 17:17:31 +0000 (UTC) (envelope-from freebsd@fongaboo.com) Received: from localhost (localhost [127.0.0.1]) by h4lix.wtfayla.net (Postfix) with ESMTP id D3D5C7ACF37; Tue, 26 Jun 2018 13:17:23 -0400 (EDT) Received: from h4lix.wtfayla.net ([127.0.0.1]) by localhost (h4lix.wtfayla.net [127.0.0.1]) (maiad, port 10024) with ESMTP id 72726-07; Tue, 26 Jun 2018 13:17:22 -0400 (EDT) Received: from h4lix.wtfayla.net (h4lix.wtfayla.net [64.246.134.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by h4lix.wtfayla.net (Postfix) with ESMTPS id 6A2F87ACF34; Tue, 26 Jun 2018 13:17:22 -0400 (EDT) Date: Tue, 26 Jun 2018 13:17:21 -0400 (EDT) From: Fongaboo X-X-Sender: fongaboo@h4lix.wtfayla.net To: "James B. Byrne via freebsd-questions" cc: Erich Dollansky , byrnejb@harte-lyne.ca Subject: Re: FreeBSD-11.1 - symbolic links in jails In-Reply-To: <20180626115421.26159ff8.freebsd.ed.lists@sumeritec.com> Message-ID: References: <5c01d3596c548d3bac00e22ff2fcd2a5.squirrel@webmail.harte-lyne.ca> <20180626115421.26159ff8.freebsd.ed.lists@sumeritec.com> User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset=US-ASCII X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Jun 2018 17:17:32 -0000 I find nullfs to be the most rock-solid solution for stuff like this, because it transcends the relatively of jails, chroot, etc. It's like a wormhole for filesystems. But I believe you can only link two directories, not two files. But what if you did this: mkdir /usr/jails/mx32/host/etc mount_nullfs /etc /usr/jails/mx32/host/etc ln -s /usr/jails/mx32/host/etc/mail/aliases /usr/jails/mx32/etc/aliases I wonder if that would work? On Tue, 26 Jun 2018, Erich Dollansky wrote: > Hi, > > On Mon, 25 Jun 2018 12:59:06 -0400 > "James B. Byrne via freebsd-questions" > wrote: > >> I wish to confirm that this is intended behaviour; that a single >> symbolic link can have differing target files depending whether one is >> in a jail or not. >> >> > it is even a bit more confusing. When you access the same link from > outside the jail, it will target really the one in the root directory. > Symbolic links are always relative to the environment it is used in. > But they can cross mount points. > > If you want to make a link always pointing to the same thing, you will > have to use hard links. But you are not able to cross mount points then > and it opens the doors for software breaking out of the jail. > > Erich > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >