mounting fdescfs in a nested/hierarchical jail?
Ruben van Staveren
ruben at verweg.com
Thu Aug 21 18:05:09 UTC 2014
Hi Jamie, others,
On 21 Aug 2014, at 4:54, James Gritton <jamie at gritton.org> wrote:
> On 8/18/2014 6:26 AM, Ruben van Staveren wrote:
>> Hi list,
>>
>> I have a FreeBSD 10 zfs based ezjail setup. In one of the jails I am using ezjail again to set up a nested jail. My goal is to eventually have my jails use these nested jails as containers for certain services.
>>
>> However, I am not able to mount a nested fdescfs. When I leave out fdesc, the nested jail starts up just fine.
>>
>> There is no allow.mount.fdescfs. Do we need one?
>>
>> Cheers,
>> Ruben
>
> That's probably the answer. It seems a little inelegant to have this proliferation of pesudo-fs type allowances, but it's the direction we've gone.
Ok, I’ve written a little patch for that. Seems to work on r268794
http://pastebin.com/5t9zEzkV
I am not sure about the consequences of having this permission.
Best Regards,
Ruben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20140821/c95e24a9/attachment.sig>
More information about the freebsd-stable
mailing list