How do I make devices usable from a jail?
luked at pobox.com
Thu Aug 19 10:32:55 PDT 2004
I'm running CURRENT. I've set up a jail. As part of setting it up, I ran
"mount_devfs devfs /path/to/jail/dev". This appeared to mount all of my
devices in the jail at the proper location.
When I start the jail, the jail's /dev looks correct. It looks
identitical to the host system's /dev as far as I can tell. The devices
are all owned by root, and the permissions on most of them are crw-------.
However, the jail cannot seem to use some of these devices.
For example, when I run sysinstall inside the jail and attempt to install
packages from the CD, it reports that it does not have permission. More
importantly, sshd can't access /dev/random.
crw-r----- 1 root operator 4, 12 Aug 19 09:08 /dev/acd0
crw-rw-rw- 1 root wheel 250, 0 Aug 19 02:08 /dev/random
lrwxr-xr-x 1 root wheel 6 Aug 19 16:40 /dev/urandom -> random
I can't understand why sshd and sysinstall can't use these devices.
The documentation suggests that devfs may have something to do with this,
but running "devfs rule showsets" from outside the jail yields nothing.
Running it from inside the jail gives an "operation not permitted" error.
I suppose I have no "rules". Is this the problem? Is the default behavior
for allowing access to devices from jails more restrictive than when not
More information about the freebsd-questions