Date: Tue, 04 Sep 2012 00:50:18 -0500 From: Bryan Drewery <bryan@shatow.net> To: freebsd-jail@freebsd.org Subject: Re: 9.1-PRERELEASE - allow.mount - allow.mount.zfs - do not get passed to child Message-ID: <5045969A.3020201@shatow.net> In-Reply-To: <504595C6.9060807@shatow.net> References: <504594DF.4000105@shatow.net> <504595C6.9060807@shatow.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/4/2012 12:46 AM, Bryan Drewery wrote: > On 9/4/2012 12:42 AM, Bryan Drewery wrote: >> I am unable to get these to pass into jails via /etc/rc.d/jail + ezjail. >> >> I set them in the host: >> >> security.jail.mount_allowed=1 >> security.jail.mount_zfs_allowed=1 >> >> What is the proper way to get these set? >> >> > > I used `jail -m` to set these, but they don't seem to work: > > In host: > > # jail -m jid=3 allow.mount allow.mount.zfs > # sysctl vfs.usermount=1 > > In jail: > > # sysctl -a|grep mount > vfs.usermount: 1 > ... > security.jail.mount_zfs_allowed: 1 > security.jail.mount_allowed: 1 > > # zfs mount -a > cannot mount 'backup': Insufficient privileges > > This dataset is properly jailed=on and 'zfs jail' ran on it as well. Sorry for the noise.. # jail -m jid=3 enforce_statfs=1 Now it works. Yes, I read the jail(8) and zfs(8) manpages. My biggest problem was the params not being passed in at startup. Bryan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5045969A.3020201>