creating new zpool under jail?
Kurt Lidl
lidl at pix.net
Thu Apr 23 17:39:05 UTC 2015
Greetings -
I've run into a problem that I haven't been able to figure out how to
work around, and after looking through some of the kernel code, I'm not
sure it is currently possible to do what I want.
I have a script that creates a 2GB file, and then creates a
fresh zpool using that file as the backing store. That works perfectly
on a regular machine. I can create the zpool and some filesystems, and
when I'm done, use 'zfs send' to serialize the contents of the
filesystems into a static set of files.
Here's the commands from that script:
mkdir zfs
truncate -s +2g zfs.file
zpool create -o cachefile=none -m `pwd`/zfs system `pwd`/zfs.file
When run on a jailed instance, the 'zpool create' fails like this:
zpool create -o cachefile=none -m `pwd`/zfs system `pwd`/zfs.file
cannot create 'system': 'mountpoint' cannot be set while dataset 'zoned'
property is set
So, changing it slightly to work around the "zoned" issue:
zpool create -o cachefile=none -O jailed=on \
-m `pwd`/zfs system `pwd`/zfs.file
cannot create 'system': permission denied
Using ktrace/kdump on the command under the jail, it fails with:
4832 zpool SCTL "sysctl.name2oid"
4832 zpool RET __sysctl 0
4832 zpool CALL
__sysctl(0x7fffffffb700,0x3,0x7fffffffb7a4,0x7fffffffb7a8,0,0)
4832 zpool SCTL "security.jail.jailed"
4832 zpool RET __sysctl 0
4832 zpool CALL
__sysctl(0x7fffffffb8e0,0x2,0x7fffffffb920,0x7fffffffb918,0x801473dfd,0x15)
4832 zpool SCTL "sysctl.name2oid"
4832 zpool RET __sysctl 0
4832 zpool CALL
__sysctl(0x7fffffffb920,0x4,0x7fffffffb9cc,0x7fffffffb9d0,0,0)
4832 zpool SCTL "vfs.zfs.version.ioctl"
4832 zpool RET __sysctl 0
4832 zpool CALL ioctl(0x3,0xc0185a00,0x7fffffffb950)
4832 zpool RET ioctl -1 errno 1 Operation not permitted
I would think that creating a file-backed zpool under a jail ought to
be allowed.
Any suggestions/solutions welcomed! Thanks for reading.
-Kurt
More information about the freebsd-fs
mailing list