jail on ZFS - "Unable to mount devfs"

snowcrash+freebsd schneecrash+freebsd at gmail.com
Tue Jan 8 07:08:05 PST 2008 

hi patrick,

> If I remember correctly there was no password file for in the jail. I
> think you have to rerun a certain command. Of course I do not remember the
> command :( The command should create the master password database.

using the ServiceJail model, after populating the jail skeleton and
running mergemaster, the two commands i run are,

 /usr/bin/cap_mkdb /j/jSKEL/etc/login.conf
 /usr/sbin/pwd_mkdb -d /j/jSKEL/etc -p /j/j/etc/master.passwd

which should take care of that.

> Also you have to run within in the jail newaliases to create the aliases
> file, do a touch /etc/fstab to stop complaints about unable to read
> mountpoints.

hm.  i did not do that this time around.  i'd built my jail-world with
*both* NO_MAILWRAPPER=true & NO_SENDMAIL=true, so i mayhave caused
myself a problem.

rather than cp'ing bins, tobe safe, i'll just rebuild world ... and
see in a bit if that helps.

thanks.

> Furthermore I am not sure that you can run a jail on a zfs file system.
> The setup I have is that I run my jails on ufs and have a zfs filesystem
> available within the jail.

??

if that's true, then that renders the rest moot -- and i have a problem.

atm, i have

cat /etc/fstab
  /dev/mirror/gm0s1a /bootdir    ufs     rw        1 1
  /dev/mirror/gm0s1b none        swap    sw        0 0
  /dev/acd0          /cdrom      cd9660  ro,noauto 0 0
  /j/jMROOT          /j/jTEST    nullfs  ro        0 0
  /j/s/jTEST         /j/jTEST/s  nullfs  rw        0 0

zfs list
  NAME      USED  AVAIL  REFER  MOUNTPOINT
  z        5.23G   213G   250M  /z
  z/data     20K   213G    20K  /data
  z/home   28.5K   213G  28.5K  /home
  z/j        23K   213G    23K  /j
  z/tmp     406K   213G   406K  /tmp
  z/usr    4.88G   213G  4.88G  /usr
  z/var     105M   213G   105M  /var

where z/j is a zfs mount.

i *can* access the jail, and do just about 'all' i need to in the jail
(builds, exec, etc).

but do *not* yet know if, by running the jail on zfs space whehter
i've compromised anything.

do you have a reference for your comment?  or, perhaps, someone else
can comment, as well?

thanks!

More information about the freebsd-questions mailing list