nullfs [was: Need urgent help regarding security]
Chad Leigh -- Shire.Net LLC
chad at shire.net
Thu Nov 17 18:36:38 GMT 2005
On Nov 17, 2005, at 7:36 AM, Mark Bucciarelli wrote:
> On Wed, Nov 16, 2005 at 10:16:16PM -0700, Chad Leigh -- Shire.Net LLC
> wrote:
>
>> I then create one or more jails that use nullfs to READ ONLY mount
>> specific parts of the master hierarchy into the jail.
>
> This is very interesting to me, as I are currently working on a jail
> design and nullfs has a number of question marks next to it, mainly
> due
> to the scary man page warning. Here are a few of the questions:
>
> How did you decide it was trustworthy?
I did a few tests and read some archived posts from others using it.
I was previously using a localhost nfs mount but wanted to eliminate
nfs from the mix due to another issue I was having.
>
> Does it result in lower RAM usage? (The program that is run, for
> example, Apache, comes from the same spot on the disk across all
> jails.)
Don't know. Never did any tests.
>
> Is it currently maintained? The man page includes a maintainer
> solicitation.
Don't know. However, archived posts lead me to believe that bugs
have been fixed etc recently and the man page may be out of date.
>
> Have you had any problems in production?
Not that I know of. Seems to be running fine with over 40 jails on
the machine. Most are READ ONLY but I do have one jail with a RW /
usr so it can install ports etc. I have a /usr/public I install
ports into for all jails to use.
>
> Have you used it for long?
>
A few months. Previously I was happily doing the same thing with the
localhost nfs mount.
best
Chad
> m
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-
> unsubscribe at freebsd.org"
---
Chad Leigh -- Shire.Net LLC
Your Web App and Email hosting provider
chad at shire.net
More information about the freebsd-questions
mailing list