[PATCH] jail NG schript patch for mounting devfs and procfs
automatically
Robert Watson
rwatson at freebsd.org
Tue Jul 29 09:48:31 PDT 2003
On Tue, 29 Jul 2003, Jens Rehsack wrote:
> I updated the rcng jail start script to mount devfs and procfs into the
> jail if wanted. Adding entries to /etc/fstab didn't work properly,
> because the jail filesystem wasn't mounted when the startup process
> wants to mount it.
>
> Going this way allows us to control which jail could be used via ssh (or
> another remote shell), too.
>
> Any comments gladly welcome.
>
> If it's useful for FreeBSD, I will write the rc.conf(5) update, too.
> Please inform me to do this.
Neat.
Someone, and unfortunately I appear to have lost track of who, had some
tweaks to the rcNG scripts to set up some reasonable devfs rules for a
jail, and apply them to the devfs mounted in a jail. Otherwise, you risk
exposing "undesired" device nodes to the virtual environment. I suspect a
search of the -current archives will turn up who, but I think a necessary
part of a solution here will be to make sure jails are set up with the
right devfs contents.
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org Network Associates Laboratories
More information about the freebsd-current
mailing list