From owner-freebsd-current@FreeBSD.ORG  Tue Jul 29 10:08:42 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D842B37B401
	for <current@freebsd.org>; Tue, 29 Jul 2003 10:08:42 -0700 (PDT)
Received: from mail.liwing.de (mail.liwing.de [213.70.188.162])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1BA9F43FAF
	for <current@freebsd.org>; Tue, 29 Jul 2003 10:08:41 -0700 (PDT)
	(envelope-from rehsack@liwing.de)
Received: (qmail 75033 invoked from network); 29 Jul 2003 17:08:38 -0000
Received: from stingray.liwing.de (HELO liwing.de) ([213.70.188.164])
          (envelope-sender <rehsack@liwing.de>)
          by mail.liwing.de (qmail-ldap-1.03) with SMTP
          for <rwatson@freebsd.org>; 29 Jul 2003 17:08:38 -0000
Message-ID: <3F26AA16.5030007@liwing.de>
Date: Tue, 29 Jul 2003 19:08:38 +0200
From: Jens Rehsack <rehsack@liwing.de>
Organization: LiWing IT-Services
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
	rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
X-Accept-Language: de-de, de, en-us, en
MIME-Version: 1.0
To: Robert Watson <rwatson@freebsd.org>
References: <Pine.NEB.3.96L.1030729124628.75304H-100000@fledge.watson.org>
In-Reply-To: <Pine.NEB.3.96L.1030729124628.75304H-100000@fledge.watson.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
cc: Clement Laforet <sheepkiller@cultdeadsheep.org>
cc: FreeBSD-Current List <current@freebsd.org>
Subject: Re: [PATCH] jail NG schript patch for mounting devfs and procfs
	automatically
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jul 2003 17:08:43 -0000

On 29.07.2003 18:47, Robert Watson wrote:

> On Tue, 29 Jul 2003, Jens Rehsack wrote:
> 
>> I updated the rcng jail start script to mount devfs and procfs into the
>> jail if wanted. Adding entries to /etc/fstab didn't work properly,
>> because the jail filesystem wasn't mounted when the startup process
>> wants to mount it. 
>> 
>> Going this way allows us to control which jail could be used via ssh (or
>> another remote shell), too. 
>> 
>> Any comments gladly welcome. 
>> 
>> If it's useful for FreeBSD, I will write the rc.conf(5) update, too.
>> Please inform me to do this. 
> 
> Neat.

:-)

> Someone, and unfortunately I appear to have lost track of who, had some
> tweaks to the rcNG scripts to set up some reasonable devfs rules for a
> jail, and apply them to the devfs mounted in a jail.  Otherwise, you risk
> exposing "undesired" device nodes to the virtual environment.  I suspect a
> search of the -current archives will turn up who, but I think a necessary
> part of a solution here will be to make sure jails are set up with the
> right devfs contents. 

Sorry, overseen. Sct W. Hetzel was the submitter, but it never becomes
committed. If could be be so kind, please :-) (of course, not without
prove it first)

Jens