[CFR] [PATCH] jail mount/unmount patch
Kostik Belousov
kostikbel at gmail.com
Thu Jul 28 17:41:50 UTC 2011
On Thu, Jul 28, 2011 at 07:38:11PM +0200, Pawel Jakub Dawidek wrote:
> On Thu, Jul 28, 2011 at 08:25:39PM +0300, Kostik Belousov wrote:
> > On Thu, Jul 28, 2011 at 06:07:52PM +0200, Pawel Jakub Dawidek wrote:
> > > In you patch you depend on fact that full path to mount directory is
> > > passed to the nmount(2) system call. This doesn't have to be true.
> > > I changed mount(8) to call realpath(3) in mount directory, but I see no
> > > reason someone calling nmount(2) directly with "./foo" mount dir.
> > >
> > > I think the proper way is to build full path from within the kernel
> > > using vn_fullpath_global().
> >
> > It indeed may work if the supplied vnode is a directory, since it
> > will fall back to the dotdot lookup loop if the namecache is purged.
>
> Exactly. Mount directory by definition is always a directory, so it
> should be reliable.
It is so on FreeBSD, but is not true for a random Unix in existence.
E.g., Solaris does allow to mount over the file, and it is useful.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/zfs-devel/attachments/20110728/961ec50f/attachment.pgp
More information about the zfs-devel
mailing list