Date: Fri, 15 Feb 2013 17:27:33 +0100 From: Harald Schmalzbauer <h.schmalzbauer@omnilan.de> To: freebsd-stable@freebsd.org, freebsd-jail@freebsd.org Subject: new jail(8) ignoring devfs_ruleset? Message-ID: <511E61F5.1000805@omnilan.de>
next in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigA0A96BBCFE6E7906134D658A Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable Hello, like already posted, on 9.1-R, I highly appreciate the new jail(8) and jail.conf capabilities. Thanks for that extension! Accidentally I saw that "devfs_ruleset" seems to be ignored. If I list /dev/ I see all the hosts disk devices etc. I set "devfs_ruleset =3D 4;" and "enforce_statfs =3D 1;" in jail.conf. Inside the jail, sysctl security.jail.devfs_ruleset returnes "1". But like mentioned, I can access all devices... Thanks for any help, -Harry (not subscribed to freebsd-jail@) --------------enigA0A96BBCFE6E7906134D658A Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAlEeYf0ACgkQLDqVQ9VXb8hE4wCgvsxHV/2So2JRMsbARy8wp6M5 FMQAoMVB6EtJo/1rHTZryPN4as3LPObG =7PSm -----END PGP SIGNATURE----- --------------enigA0A96BBCFE6E7906134D658A--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?511E61F5.1000805>