Date: Tue, 29 Jul 2003 12:47:33 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: Jens Rehsack <rehsack@liwing.de> Cc: FreeBSD-Current List <current@freebsd.org> Subject: Re: [PATCH] jail NG schript patch for mounting devfs and procfs automatically Message-ID: <Pine.NEB.3.96L.1030729124628.75304H-100000@fledge.watson.org> In-Reply-To: <3F26A37A.7090402@liwing.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 29 Jul 2003, Jens Rehsack wrote: > I updated the rcng jail start script to mount devfs and procfs into the > jail if wanted. Adding entries to /etc/fstab didn't work properly, > because the jail filesystem wasn't mounted when the startup process > wants to mount it. > > Going this way allows us to control which jail could be used via ssh (or > another remote shell), too. > > Any comments gladly welcome. > > If it's useful for FreeBSD, I will write the rc.conf(5) update, too. > Please inform me to do this. Neat. Someone, and unfortunately I appear to have lost track of who, had some tweaks to the rcNG scripts to set up some reasonable devfs rules for a jail, and apply them to the devfs mounted in a jail. Otherwise, you risk exposing "undesired" device nodes to the virtual environment. I suspect a search of the -current archives will turn up who, but I think a necessary part of a solution here will be to make sure jails are set up with the right devfs contents. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1030729124628.75304H-100000>