From owner-svn-src-head@FreeBSD.ORG Sun Feb 26 16:30:40 2012 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 39A97106566B; Sun, 26 Feb 2012 16:30:40 +0000 (UTC) (envelope-from mm@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 269C58FC14; Sun, 26 Feb 2012 16:30:40 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q1QGUebZ073542; Sun, 26 Feb 2012 16:30:40 GMT (envelope-from mm@svn.freebsd.org) Received: (from mm@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q1QGUdIZ073536; Sun, 26 Feb 2012 16:30:39 GMT (envelope-from mm@svn.freebsd.org) Message-Id: <201202261630.q1QGUdIZ073536@svn.freebsd.org> From: Martin Matuska Date: Sun, 26 Feb 2012 16:30:39 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r232186 - in head: cddl/contrib/opensolaris/cmd/zfs sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/kern sys/sys usr.sbin/jail X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Feb 2012 16:30:40 -0000 Author: mm Date: Sun Feb 26 16:30:39 2012 New Revision: 232186 URL: http://svn.freebsd.org/changeset/base/232186 Log: Analogous to r232059, add a parameter for the ZFS file system: allow.mount.zfs: allow mounting the zfs filesystem inside a jail This way the permssions for mounting all current VFCF_JAIL filesystems inside a jail are controlled wia allow.mount.* jail parameters. Update sysctl descriptions. Update jail(8) and zfs(8) manpages. TODO: document the connection of allow.mount.* and VFCF_JAIL for kernel developers MFC after: 10 days Modified: head/cddl/contrib/opensolaris/cmd/zfs/zfs.8 head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c head/sys/kern/kern_jail.c head/sys/sys/jail.h head/usr.sbin/jail/jail.8 Modified: head/cddl/contrib/opensolaris/cmd/zfs/zfs.8 ============================================================================== --- head/cddl/contrib/opensolaris/cmd/zfs/zfs.8 Sun Feb 26 16:05:20 2012 (r232185) +++ head/cddl/contrib/opensolaris/cmd/zfs/zfs.8 Sun Feb 26 16:30:39 2012 (r232186) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 26, 2011 +.Dd February 26, 2012 .Dt ZFS 8 .Os .Sh NAME @@ -413,9 +413,15 @@ subcommand. You cannot attach a dataset same dataset to another jails. To allow management of the dataset from within a jail, the .Sy jailed -property has to be set. The +property has to be set and the jail needs access to the +.Pa /dev/zfs +device. The .Sy quota -property cannot be changed from within a jail. +property cannot be changed from within a jail. See +.Xr jail 8 +for information on how to allow mounting +.Tn ZFS +datasets from within a jail. .Pp .No A Tn ZFS dataset can be detached from a jail using the @@ -2715,13 +2721,12 @@ to the jail identified by JID From now on this file system tree can be managed from within a jail if the .Sy jailed property has been set. To use this functionality, the jail needs the -.Va enforce_statfs -parameter set to -.Sy 0 -and the .Va allow.mount -parameter set to -.Sy 1 . +and +.Va allow.mount.zfs +parameters set to 1 and the +.Va enforce_statfs +parameter set to a value lower than 2. .Pp See .Xr jail 8 Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c ============================================================================== --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c Sun Feb 26 16:05:20 2012 (r232185) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c Sun Feb 26 16:30:39 2012 (r232186) @@ -60,6 +60,7 @@ #include #include #include +#include #include "zfs_comutil.h" struct mtx zfs_debug_mtx; @@ -1533,6 +1534,9 @@ zfs_mount(vfs_t *vfsp) int error = 0; int canwrite; + if (!prison_allow(td->td_ucred, PR_ALLOW_MOUNT_ZFS)) + return (EPERM); + if (vfs_getopt(vfsp->mnt_optnew, "from", (void **)&osname, NULL)) return (EINVAL); Modified: head/sys/kern/kern_jail.c ============================================================================== --- head/sys/kern/kern_jail.c Sun Feb 26 16:05:20 2012 (r232185) +++ head/sys/kern/kern_jail.c Sun Feb 26 16:30:39 2012 (r232186) @@ -203,6 +203,7 @@ static char *pr_allow_names[] = { "allow.socket_af", "allow.mount.devfs", "allow.mount.nullfs", + "allow.mount.zfs", }; const size_t pr_allow_names_size = sizeof(pr_allow_names); @@ -216,6 +217,7 @@ static char *pr_allow_nonames[] = { "allow.nosocket_af", "allow.mount.nodevfs", "allow.mount.nonullfs", + "allow.mount.nozfs", }; const size_t pr_allow_nonames_size = sizeof(pr_allow_nonames); @@ -4199,11 +4201,15 @@ SYSCTL_PROC(_security_jail, OID_AUTO, mo SYSCTL_PROC(_security_jail, OID_AUTO, mount_devfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_DEVFS, sysctl_jail_default_allow, "I", - "Processes in jail can mount/unmount the devfs file system"); + "Processes in jail can mount the devfs file system"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_nullfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_NULLFS, sysctl_jail_default_allow, "I", - "Processes in jail can mount/unmount the nullfs file system"); + "Processes in jail can mount the nullfs file system"); +SYSCTL_PROC(_security_jail, OID_AUTO, mount_zfs_allowed, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, + NULL, PR_ALLOW_MOUNT_ZFS, sysctl_jail_default_allow, "I", + "Processes in jail can mount the zfs file system"); static int sysctl_jail_default_level(SYSCTL_HANDLER_ARGS) @@ -4347,9 +4353,11 @@ SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW, "B", "Jail may mount/unmount jail-friendly file systems in general"); SYSCTL_JAIL_PARAM(_allow_mount, devfs, CTLTYPE_INT | CTLFLAG_RW, - "B", "Jail may mount/unmount the devfs file system"); + "B", "Jail may mount the devfs file system"); SYSCTL_JAIL_PARAM(_allow_mount, nullfs, CTLTYPE_INT | CTLFLAG_RW, - "B", "Jail may mount/unmount the nullfs file system"); + "B", "Jail may mount the nullfs file system"); +SYSCTL_JAIL_PARAM(_allow_mount, zfs, CTLTYPE_INT | CTLFLAG_RW, + "B", "Jail may mount the zfs file system"); void prison_racct_foreach(void (*callback)(struct racct *racct, Modified: head/sys/sys/jail.h ============================================================================== --- head/sys/sys/jail.h Sun Feb 26 16:05:20 2012 (r232185) +++ head/sys/sys/jail.h Sun Feb 26 16:30:39 2012 (r232186) @@ -225,7 +225,8 @@ struct prison_racct { #define PR_ALLOW_SOCKET_AF 0x0040 #define PR_ALLOW_MOUNT_DEVFS 0x0080 #define PR_ALLOW_MOUNT_NULLFS 0x0100 -#define PR_ALLOW_ALL 0x01ff +#define PR_ALLOW_MOUNT_ZFS 0x0200 +#define PR_ALLOW_ALL 0x03ff /* * OSD methods Modified: head/usr.sbin/jail/jail.8 ============================================================================== --- head/usr.sbin/jail/jail.8 Sun Feb 26 16:05:20 2012 (r232185) +++ head/usr.sbin/jail/jail.8 Sun Feb 26 16:30:39 2012 (r232186) @@ -34,7 +34,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 23, 2012 +.Dd February 26, 2012 .Dt JAIL 8 .Os .Sh NAME @@ -427,6 +427,17 @@ This permission is effective only togeth and if .Va enforce_statfs is set to a value lower than 2. +.It Va allow.mount.zfs +privileged users inside the jail will be able to mount and unmount the +ZFS file system. +This permission is effective only together with +.Va allow.mount +and if +.Va enforce_statfs +is set to a value lower than 2. See +.Xr zfs 8 +for information on how to configure the ZFS filesystem to operate from +within a jail. .It Va allow.quotas The prison root may administer quotas on the jail's filesystem(s). This includes filesystems that the jail may share with other jails or