Nullfs Allows Jailbreaking

Adam Vande More amvandemore at
Thu Dec 23 03:08:05 UTC 2010

On Wed, Dec 22, 2010 at 8:56 PM, Jason C. Wells <jcw at> wrote:

> I like the idea of using a template for multiple jails that I plan to use
> later.  I like the ide of mounting the template read only.  I had to splice
> in the other nullfs filesystems so that things that need to be read-write
> can be.
> But it seems kinda funky.  Inside the jail it looks like EVERYTHING is
> read-only and you have no way of knowing that /tmp is actually read-write.
>  There seems to be a violation of the segregation going on here.
> What pitfalls can you see in a file system scheme like this for my jails?
>  Is the above behavior by design or did I find a flaw?

I think you're reinventing the wheel.  The sysutils/ezjail already handles
this gracefully in addition to many other features.   For reference ezjail
creates a layout like this:

/usr/jails/ on /usr/jails/ (ufs, local,
/usr/jails/basejail on /usr/jails/ (nullfs, local,
devfs on /usr/jails/ (devfs, local, multilabel)

>From inside the jail you see:

/usr/jails/ on / (ufs, local, soft-updates)

Adam Vande More

More information about the freebsd-questions mailing list