From owner-freebsd-scsi@freebsd.org  Sat Dec 16 22:06:23 2017
Return-Path: <owner-freebsd-scsi@freebsd.org>
Delivered-To: freebsd-scsi@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 42601E9117A
 for <freebsd-scsi@mailman.ysv.freebsd.org>;
 Sat, 16 Dec 2017 22:06:23 +0000 (UTC)
 (envelope-from dan@langille.org)
Received: from clavin2.langille.org (clavin2.langille.org [199.233.228.197])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "clavin.langille.org",
 Issuer "BSD Cabal Headquarters" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 24CD276685
 for <freebsd-scsi@freebsd.org>; Sat, 16 Dec 2017 22:06:22 +0000 (UTC)
 (envelope-from dan@langille.org)
Received: from (clavin2.int.langille.org (clavin2.int.unixathome.org
 [10.4.7.7]) (Authenticated sender: hidden) with ESMTPSA id 928DE1F741 
 for <freebsd-scsi@freebsd.org>; Sat, 16 Dec 2017 22:06:15 +0000 (UTC)
From: Dan Langille <dan@langille.org>
Content-Type: text/plain;
	charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Subject: ch(4) FreeBSD 11.1 jails
Message-Id: <19FE523D-3A29-4EC1-BD11-71F2A9A84456@langille.org>
Date: Sat, 16 Dec 2017 17:05:50 -0500
To: freebsd-scsi@freebsd.org
X-Mailer: Apple Mail (2.3445.5.20)
X-BeenThere: freebsd-scsi@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SCSI subsystem <freebsd-scsi.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-scsi>,
 <mailto:freebsd-scsi-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-scsi/>
List-Post: <mailto:freebsd-scsi@freebsd.org>
List-Help: <mailto:freebsd-scsi-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-scsi>,
 <mailto:freebsd-scsi-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Dec 2017 22:06:23 -0000

I'm trying to access a tape library from within a FreeBSD 11 jail.

I've added this to the host system:

[devfsrules_jail_unhide_tapes=3D5]
add path sa0    unhide
add path pass0  unhide
add path pass7  unhide mode 0600
add path ch0    unhide
add path nsa0   unhide

add path sa1    unhide
add path pass8  unhide
add path pass9  unhide mode 0600
add path ch1    unhide
add path nsa1   unhide


[devfsrules_jail_bacula=3D6]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path zfs unhide
add include $devfsrules_jail_unhide_tapes



The jail can see the devices, and query the tape drive, but not the =
changer:

$ sudo mtx -f /dev/pass7 status
cannot open SCSI device '/dev/pass7' - Operation not permitted

The same command in the jail host succeeds.

Is there something more special I'm missing about FreeBSD 11.1? This =
worked for me under 10.3.

Thank you.


--=20
Dan Langille - BSDCan / PGCon
dan@langille.org