From owner-freebsd-questions@FreeBSD.ORG Tue Feb 24 07:32:30 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6B35C106566C for ; Tue, 24 Feb 2009 07:32:30 +0000 (UTC) (envelope-from fbsd.questions@rachie.is-a-geek.net) Received: from mail.rachie.is-a-geek.net (rachie.is-a-geek.net [66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id 38F7A8FC19 for ; Tue, 24 Feb 2009 07:32:29 +0000 (UTC) (envelope-from fbsd.questions@rachie.is-a-geek.net) Received: from localhost (mail.lan.rachie.is-a-geek.net [192.168.2.101]) by mail.rachie.is-a-geek.net (Postfix) with ESMTP id 360ADAFC1FF; Mon, 23 Feb 2009 22:32:29 -0900 (AKST) From: Mel To: freebsd-questions@freebsd.org Date: Mon, 23 Feb 2009 22:32:28 -0900 User-Agent: KMail/1.9.10 References: <9F3E5C98058140F697CA8A46F31C6A4D@atlantis> <49A1EC64.3000703@datapipe.com> <8F3ADB585FA04899A147599EACBCBAE3@atlantis> In-Reply-To: <8F3ADB585FA04899A147599EACBCBAE3@atlantis> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200902232232.28985.fbsd.questions@rachie.is-a-geek.net> Cc: Subject: Re: Accessing /dev/lpt0 in a Jail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Feb 2009 07:32:31 -0000 On Monday 23 February 2009 12:32:39 Jasvinder S. Bahra wrote: > [root@pearl ~]# ls -al /dev/lpt* > crw------- 1 root wheel 0, 53 Feb 23 21:11 /dev/lpt0 > crw------- 1 root wheel 0, 54 Feb 23 21:11 /dev/lpt0.ctl > > I need the device nodes to have 0660 permissions and root:cups ownership. > I can easily make these changes using the chown and chmod tools, but the > changes do not survive a system reboot. Following some further research, I > understand I can make these changes occur automatically by adding some > entries in the jail's /etc/devfs.conf file... You should repeat this to yourself, about 10-20 times, daily, so you don't forget ;) devfs.conf is for devices available at boot time, but devfs.rules rule after Ergo, making changes to devfs.conf does nothing till the next boot. > I also tried creating a device ruleset in the jail (i.e. creating a > /etc/devfs.rules file in the jail)... > > [localrules=5] > add path 'lpt*' mode 0660 group cups > > ...and then applying that ruleset by adding the following to the jail's > /etc/rc.conf Prisoners don't get to decide which doors are opened. Thus, devfs_* is completely ignored inside prison walls. The host sets up the ${JAIL_ROOT}/dev. In the hosts /etc/devfs.rules, you can set: [devfsrules_jail_pearl=5] add include $devfsrules_hide_all add include $devfsrules_unhide_basic add include $devfsrules_unhide_login add path 'lpt*' mode 0660 group cups unhide Then add to /etc/rc.conf: jail_pearl_devfs_ruleset="devfsrules_jail_pearl" Inform with ezjail author how to make this ez ;) -- Mel Problem with today's modular software: they start with the modules and never get to the software part.