(un)hiding devices with devfs(8)
Ruben de Groot
fbsd-q at bzerk.org
Mon May 5 04:25:43 PDT 2003
Hi,
While playing with devfs in a 5.0 jailed environment I noticed I could
read the disk devices (dd if=/dev/ad0s1c ...)
To hide any unneeded devices in the jail I created the following ruleset:
caliban# devfs rule -s 1 show
100 hide
200 path pty* unhide
300 path null unhide
400 path zero unhide
500 path random unhide
600 path urandom unhide
700 path stdin unhide
800 path stdout unhide
900 path stderr unhide
Unfortunately, the last 3 are only symlinks to /dev/fd/0, /dev/fd/1
and /dev/fd/2. So now I must unhide these /dev/fd/* devices. I tried
1000 path fd* unhide
and some other things, but that didn't work.
Any clues?
Ruben
More information about the freebsd-questions
mailing list