ZFS and Jail :: nullfs mount :: nothing visible from host :: solved [partial]
Alexander Leidinger
Alexander at leidinger.net
Mon Dec 19 16:56:42 UTC 2016
Quoting Miroslav Lachman <000.fbsd at quip.cz> (from Sun, 18 Dec 2016
13:20:31 +0100):
> Alexander Leidinger wrote on 2016/12/17 19:59:
>> Quoting SK <fbstable at cps-intl.org> (from Fri, 16 Dec 2016 14:02:20 +0000):
>
>>> If I understand you correctly, what you are suggesting is, the dataset
>>> used by the jail itself for its root/base cannot be "worked on" from
>>> within the jail, but if I define a different dataset (under the same
>>> branch below the jail dataset), and attribute it to the jail, then I
>>> can manipulate that "other" dataset. Could you please confirm if I
>>> understood it correctly?
>>
>> Correct.
>>
>> You need the data in the root of the jail to boot, if you then attribute
>> this dataset to the jail, it will vanish until "zfs mount -a" is run (rc
>> script inside the jail). As it will vanish during the boot of the jail
>> (if added automatically), the rc script to mount all datasets can not be
>> found.
>
> [...]
>
>>> I think what you are trying to tell here is, unless and until that
>>> "vanished" dataset is put to use (mounted) from inside the jail, it
>>> will remain vanished/unusable from the host itself; however, once that
>>> dataset is put to use, the host system should be able to "see" and
>>> maybe even work on that dataset. Could you please confirm if I
>>> understood you correctly?
>>
>> Correct.
>>
>> A sub-dataset which is not needed to boot, or a dataset not within the
>> subtree of the jail (and not needed to boot) can be used.
>
> Thank you for this information! If it is somewhere in the docs it is
> well hidden to me :)
I don't expect it to be in the docs. I try to come up with something
for the man page for zfs (for the "attach to jail" part), but anyone
shall feel free to beat me with this.
Anyone with an idea where in the jail man page we should add something
too (I only had a look at the zfs man page when this issue came up)?
Bye,
Alexander.
--
http://www.Leidinger.net Alexander at Leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org netchild at FreeBSD.org : PGP 0x8F31830F9F2772BF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 801 bytes
Desc: Digitale PGP-Signatur
URL: <http://lists.freebsd.org/pipermail/freebsd-jail/attachments/20161219/e53e88d4/attachment.sig>
More information about the freebsd-jail
mailing list