ZFS and Jail :: nullfs mount :: nothing visible from host :: solved [partial]

Miroslav Lachman 000.fbsd at quip.cz
Mon Dec 19 17:57:50 UTC 2016 

Alexander Leidinger wrote on 2016/12/19 17:56:
>
> Quoting Miroslav Lachman <000.fbsd at quip.cz> (from Sun, 18 Dec 2016
> 13:20:31 +0100):
>> Alexander Leidinger wrote on 2016/12/17 19:59:
>>> Quoting SK <fbstable at cps-intl.org> (from Fri, 16 Dec 2016 14:02:20

>>> Correct.
>>>
>>> You need the data in the root of the jail to boot, if you then attribute
>>> this dataset to the jail, it will vanish until "zfs mount -a" is run (rc
>>> script inside the jail). As it will vanish during the boot of the jail
>>> (if added automatically), the rc script to mount all datasets can not be
>>> found.
>>
>> [...]
>>
>>>> I think what you are trying to tell here is, unless and until that
>>>> "vanished" dataset is put to use (mounted) from inside the jail, it
>>>> will remain vanished/unusable from the host itself; however, once that
>>>> dataset is put to use, the host system should be able to "see" and
>>>> maybe even work on that dataset. Could you please confirm if I
>>>> understood you correctly?
>>>
>>> Correct.
>>>
>>> A sub-dataset which is not needed to boot, or a dataset not within the
>>> subtree of the jail (and not needed to boot) can be used.
>>
>> Thank you for this information! If it is somewhere in the docs it is
>> well hidden to me :)
>
> I don't expect it to be in the docs. I try to come up with something for
> the man page for zfs (for the "attach to jail" part), but anyone shall
> feel free to beat me with this.
>
> Anyone with an idea where in the jail man page we should add something
> too (I only had a look at the zfs man page when this issue came up)?

It would be nice to have this mentioned in zfs(8) man page (that user in 
jail cannot manage jail's root dataset but can manage some sub-dataset 
not required to boot the jail)

And there can be some useful example in jail(8) man page in EXAMPLES. 
There is section "Jails and File Systems" and there can be new section 
"Manage ZFS from within jail" with basic notes about required jail 
params, zfs set jailed property and example "hierarchy". (and warning 
about gotchas with jailed=0 on jail's root directory)

Miroslav Lachman

More information about the freebsd-jail mailing list