[PATCH] jail NG schript patch for mounting devfs and procfs automatically

Robert Watson rwatson at freebsd.org
Tue Jul 29 09:48:31 PDT 2003

On Tue, 29 Jul 2003, Jens Rehsack wrote:

> I updated the rcng jail start script to mount devfs and procfs into the
> jail if wanted. Adding entries to /etc/fstab didn't work properly,
> because the jail filesystem wasn't mounted when the startup process
> wants to mount it. 
> Going this way allows us to control which jail could be used via ssh (or
> another remote shell), too. 
> Any comments gladly welcome. 
> If it's useful for FreeBSD, I will write the rc.conf(5) update, too.
> Please inform me to do this. 


Someone, and unfortunately I appear to have lost track of who, had some
tweaks to the rcNG scripts to set up some reasonable devfs rules for a
jail, and apply them to the devfs mounted in a jail.  Otherwise, you risk
exposing "undesired" device nodes to the virtual environment.  I suspect a
search of the -current archives will turn up who, but I think a necessary
part of a solution here will be to make sure jails are set up with the
right devfs contents. 

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org      Network Associates Laboratories

More information about the freebsd-current mailing list