current state of the art / best practice for devfs in a jail ?
Josh Brooks
user at mail.econolodgetulsa.com
Thu Jul 3 04:00:44 PDT 2003
I have been researching the various of ways people add devfs to a jail to
give the jail certian /dev devices necessary to function ...
One strategy I saw was:
mount -t devfs devfs /home/jail/dev
( cd /home/jail/dev ; rm $devices_i_dont_want_in_my_jails )
mount -u -o nonewdev /home/jail/dev
However I do not know of a `nonewdev` option for mount - but does that
even matter, since `mknod` does not work inside of a jail ? Or does it in
5.x ?
--
Another strategy I saw was :
# mount -t devfs devfs /home/jail/dev
# cd /home/jail/dev
# rm -f *
# rm -W null zero tty console
# ls -l
crw------- 1 phk wheel 0, 0 2 Feb 01:09 console
drwxr-xr-x 2 root wheel 0 2 Feb 01:06 fd
crw-rw-rw- 1 root wheel 2, 2 3 Feb 21:25 null
crw-rw-rw- 1 root wheel 1, 0 3 Feb 17:27 tty
crw-rw-rw- 1 root wheel 2, 12 1 Jan 1970 zero
#
Does this even work ?
--
So I guess I am asking two questions:
1. in 5.x, is it still true that mknod will not work from within a jail (I
sure hope it is still true)
2. what is the current "best practices" strategy for mounting up a devfs
in a jail ?
thank!
More information about the freebsd-hackers
mailing list