From owner-freebsd-jail@FreeBSD.ORG Sat Sep 27 12:07:05 2014 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4E76F225; Sat, 27 Sep 2014 12:07:05 +0000 (UTC) Received: from erg.verweg.com (erg.verweg.com [IPv6:2a02:898:96::5e8e:f508]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "erg.verweg.com", Issuer "Verweg Dot Com CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id BD52F6AB; Sat, 27 Sep 2014 12:07:04 +0000 (UTC) Received: from neon.fritz.box (helium.xs4all.nl [83.163.52.241]) (authenticated bits=0) by erg.verweg.com (8.14.9/8.14.9) with ESMTP id s8RC6n5K035171 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Sat, 27 Sep 2014 12:06:52 GMT (envelope-from ruben@verweg.com) X-Authentication-Warning: erg.verweg.com: Host helium.xs4all.nl [83.163.52.241] claimed to be neon.fritz.box Content-Type: multipart/signed; boundary="Apple-Mail=_51722CA5-87C0-401D-87C5-C2B614B2A7A1"; protocol="application/pgp-signature"; micalg=pgp-sha1 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: fdescfs patch for working hierarchical jails From: Ruben van Staveren In-Reply-To: <5425BE60.5020900@gritton.org> Date: Sat, 27 Sep 2014 14:06:49 +0200 Message-Id: <0CF6D1D0-0721-4395-8290-C92C91FEA45C@verweg.com> References: <0B3648E9-21DC-4691-A6A9-26DE2C40947B@verweg.com> <5425BE60.5020900@gritton.org> To: James Gritton X-Mailer: Apple Mail (2.1878.6) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.4.3 (erg.verweg.com [94.142.245.8]); Sat, 27 Sep 2014 12:07:01 +0000 (UTC) Cc: freebsd-jail@freebsd.org, "freebsd-stable@FreeBSD.org Stable" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Sep 2014 12:07:05 -0000 --Apple-Mail=_51722CA5-87C0-401D-87C5-C2B614B2A7A1 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 Hi James, others, On 26 Sep 2014, at 21:28, James Gritton wrote: > On 9/25/2014 3:40 AM, Ruben van Staveren wrote: >> Hi, >>=20 >> Could a committer have a look at = https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D192951 ? >>=20 >> This enables fdescfs in hierarchical jails, would be nice to have = this for 10.1 >>=20 >> Thanks! >>=20 >> Best Regards, >> Ruben van Staveren >=20 > This would have to go into current first, and then MFC. Considering > 10.1 is getting close to release, I suspect it wouldn't be allowed in. I agree, probably better to do it that way indeed. > Also, I'm not sure I'd want to implement this in quite the proposed > way: it might suffice (from a security viewpoint) to use the existing > allow.mount.devfs for mounting fdescfs. Wouldn=92t that be misleading? It would be better to mop up the various = pseudofses under the monicker allow.mount.pseudofs. >=20 > - Jamie - Ruben --Apple-Mail=_51722CA5-87C0-401D-87C5-C2B614B2A7A1 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iEYEARECAAYFAlQmqFkACgkQZ88+mcQxRw1prgCZAa8lliQyS3sCHuTRU9W8FZqE Ui8AnjCuMGPzDcrDRf/a1NmhMlhcqxgY =J99b -----END PGP SIGNATURE----- --Apple-Mail=_51722CA5-87C0-401D-87C5-C2B614B2A7A1--