ZFS and Jail :: nullfs mount :: nothing visible from host :: solved [partial]

Miroslav Lachman 000.fbsd at quip.cz
Mon Dec 19 20:10:32 UTC 2016 

Alexander Leidinger wrote on 2016/12/19 20:54:
> Quoting Miroslav Lachman <000.fbsd at quip.cz> (from Mon, 19 Dec 2016
> 18:57:39 +0100):
>
>> Alexander Leidinger wrote on 2016/12/19 17:56:
>>>
>>> Quoting Miroslav Lachman <000.fbsd at quip.cz> (from Sun, 18 Dec 2016
>>> 13:20:31 +0100):

>>> I don't expect it to be in the docs. I try to come up with something for
>>> the man page for zfs (for the "attach to jail" part), but anyone shall
>>> feel free to beat me with this.
>>>
>>> Anyone with an idea where in the jail man page we should add something
>>> too (I only had a look at the zfs man page when this issue came up)?
>>
>> It would be nice to have this mentioned in zfs(8) man page (that user
>> in jail cannot manage jail's root dataset but can manage some
>> sub-dataset not required to boot the jail)
>
> What about this? Better wording welcome.
> ---snip---
> Index: zfs.8
> ===================================================================
> --- zfs.8       (Revision 298108)
> +++ zfs.8       (Arbeitskopie)
> @@ -450,8 +450,11 @@
>   dataset can be attached to a jail by using the
>   .Qq Nm Cm jail
>   subcommand. You cannot attach a dataset to one jail and the children
> of the
> -same dataset to another jails. To allow management of the dataset from
> within
> -a jail, the
> +same dataset to another jails. You can also not attach the root file
> system
> +of the jail or any dataset which needs to be mounted before the zfs rc
> script
> +is run inside the jail, as it would be attached unmounted until it is
> +mounted from the rc script inside the jail. To allow management of the
> +dataset from within a jail, the
>   .Sy jailed
>   property has to be set and the jail needs access to the
>   .Pa /dev/zfs
> ---snip---
>
>> And there can be some useful example in jail(8) man page in EXAMPLES.
>> There is section "Jails and File Systems" and there can be new section
>> "Manage ZFS from within jail" with basic notes about required jail
>> params, zfs set jailed property and example "hierarchy". (and warning
>> about gotchas with jailed=0 on jail's root directory)
>
> Are you willing to come up with some text-only version/draft/outline for
> this one?

I am not good at English but I will try something.

Thank you!

Miroslav Lachman

More information about the freebsd-jail mailing list