git: 7acd322ebe20 - main - devfs.rules: Correctly unhide pf in vnet jails
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 03 Nov 2021 12:50:30 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=7acd322ebe2072b1d73b1d19c14ab12a300ba8e8
commit 7acd322ebe2072b1d73b1d19c14ab12a300ba8e8
Author: Zhenlei Huang <zlei.huang@gmail.com>
AuthorDate: 2021-11-03 11:46:48 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2021-11-03 11:50:13 +0000
devfs.rules: Correctly unhide pf in vnet jails
Revision 9e9be081d8 introduced a new devfs rule devfsrules_jail_vnet. It
includes rule devfsrules_jail which include other rules. Unfortunately
devfs could not recursively parse the action include and thus
devfsrules_jail_vnet will expose all nodes.
PR: 255660
Reviewed by: kp
Obtained from: Gijs Peskens <gijs@peskens.net>
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D32814
---
sbin/devfs/devfs.rules | 3 +++
1 file changed, 3 insertions(+)
diff --git a/sbin/devfs/devfs.rules b/sbin/devfs/devfs.rules
index 01d8e5194c17..9543e20947d9 100644
--- a/sbin/devfs/devfs.rules
+++ b/sbin/devfs/devfs.rules
@@ -88,5 +88,8 @@ add path fuse unhide
add path zfs unhide
[devfsrules_jail_vnet=5]
+add include $devfsrules_hide_all
+add include $devfsrules_unhide_basic
+add include $devfsrules_unhide_login
add include $devfsrules_jail
add path pf unhide