fdescfs patch for working hierarchical jails
Ruben van Staveren
ruben at verweg.com
Sat Sep 27 12:07:05 UTC 2014
Hi James, others,
On 26 Sep 2014, at 21:28, James Gritton <jamie at gritton.org> wrote:
> On 9/25/2014 3:40 AM, Ruben van Staveren wrote:
>> Hi,
>>
>> Could a committer have a look at https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192951 ?
>>
>> This enables fdescfs in hierarchical jails, would be nice to have this for 10.1
>>
>> Thanks!
>>
>> Best Regards,
>> Ruben van Staveren
>
> This would have to go into current first, and then MFC. Considering
> 10.1 is getting close to release, I suspect it wouldn't be allowed in.
I agree, probably better to do it that way indeed.
> Also, I'm not sure I'd want to implement this in quite the proposed
> way: it might suffice (from a security viewpoint) to use the existing
> allow.mount.devfs for mounting fdescfs.
Wouldn’t that be misleading? It would be better to mop up the various pseudofses under the monicker allow.mount.pseudofs.
>
> - Jamie
- Ruben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20140927/2a7d3eb5/attachment.sig>
More information about the freebsd-stable
mailing list