Nullfs Allows Jailbreaking
Jason C. Wells
jcw at speakeasy.net
Thu Dec 23 02:56:18 UTC 2010
Here is my file system scheme for a newly created jail as viewed from
the host:
/usr/jail/template on /usr/jail/f1 (nullfs, local, read-only)
/usr/jail/f1-fs/etc on /usr/jail/f1/etc (nullfs, local)
/usr/jail/f1-fs/tmp on /usr/jail/f1/tmp (nullfs, local)
/usr/jail/f1-fs/var on /usr/jail/f1/var (nullfs, local)
/usr/jail/f1-fs/usr-local on /usr/jail/f1/usr/local (nullfs, local)
As viewed from the jail:
/usr/jail/template on / (nullfs, local, read-only)
I like the idea of using a template for multiple jails that I plan to
use later. I like the ide of mounting the template read only. I had to
splice in the other nullfs filesystems so that things that need to be
read-write can be.
But it seems kinda funky. Inside the jail it looks like EVERYTHING is
read-only and you have no way of knowing that /tmp is actually
read-write. There seems to be a violation of the segregation going on here.
What pitfalls can you see in a file system scheme like this for my
jails? Is the above behavior by design or did I find a flaw?
Thanks,
Jason
More information about the freebsd-questions
mailing list