Should I use jail?
Phil Regnauld
regnauld at x0.dk
Tue Feb 18 04:30:46 UTC 2014
A.J. 'Fonz' van Werven (freebsd) writes:
>
> The problem with NIS (and by extension NFS) is rpcbind, which AFAIK cannot
> run in a jail.
I've never tried, and I see a number of older PRs about this.
> What do you know: what was intended as a smartass comment that I almost
> refrained from sending in the first place actually elicited a useful
> response. Thank you very much for the suggestion, I'll look into that.
:)
> The main question would be which /dev entry provides (write) access to the
> system clock, if that even goes through a /dev entry to begin with. A
> quick look through /usr/src/sys didn't turn up anything.
As pointed out, unless ntpd is sampling a PPS, you don't need a device.
But apart from running ntpd within chroot, I don't think it's possible
as adjtime won't allow jailed processes to set the clock (and there
is no override for that).
Ok, so the advice wasn't so useful after all - sorry!
Cheers,
Phil
More information about the freebsd-stable
mailing list