Re: current state of the art / best practice for devfs in a jail ?
From: Joshua Oreman (oremanj_at_webserver.get-linux.org)
Date: 07/03/03
- Previous message: Shunsuke Akiyama: "Re: USB, select/poll for ucom"
- In reply to: Josh Brooks: "current state of the art / best practice for devfs in a jail ?"
- Next in thread: Robert Watson: "Re: current state of the art / best practice for devfs in a jail ?"
- Reply: Robert Watson: "Re: current state of the art / best practice for devfs in a jail ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 3 Jul 2003 10:30:35 -0700 To: Josh Brooks <user@mail.econolodgetulsa.com>
On Thu, Jul 03, 2003 at 04:00:46AM -0700 or thereabouts, Josh Brooks wrote:
>
> I have been researching the various of ways people add devfs to a jail to
> give the jail certian /dev devices necessary to function ...
Well, all I did was test your research :-)
>
> One strategy I saw was:
>
> mount -t devfs devfs /home/jail/dev
Works (duh).
> ( cd /home/jail/dev ; rm $devices_i_dont_want_in_my_jails )
Works.
> mount -u -o nonewdev /home/jail/dev
Doesn't work (no `nonewdev' option).
>
> However I do not know of a `nonewdev` option for mount - but does that
> even matter, since `mknod` does not work inside of a jail ? Or does it in
> 5.x ?
AFAIK, `mknod' will not work in a jail. The only reason a nonewdev option
would be nice is that the kernel will put new devices in every devfs (I think),
so if you attach your FireWire hard drive, you'll have to remember to rm that
device in the jails :-)
>
> --
>
> Another strategy I saw was :
>
> # mount -t devfs devfs /home/jail/dev
Works (duh).
> # cd /home/jail/dev
Works (duh).
> # rm -f *
rm: fd: Is a directory
rm: net: Is a directory
> # rm -W null zero tty console
rm: null: No such file or directory
rm: zero: No such file or directory
rm: tty: File exists
rm: console: No such file or directory
> # ls -l
> crw------- 1 phk wheel 0, 0 2 Feb 01:09 console
> drwxr-xr-x 2 root wheel 0 2 Feb 01:06 fd
> crw-rw-rw- 1 root wheel 2, 2 3 Feb 21:25 null
> crw-rw-rw- 1 root wheel 1, 0 3 Feb 17:27 tty
> crw-rw-rw- 1 root wheel 2, 12 1 Jan 1970 zero
total 1
dr-xr-xr-x 2 root wheel 512 Jul 3 10:28 fd/
dr-xr-xr-x 2 root wheel 512 Jul 3 10:28 net/
# ls -l tty
crw------- 1 root wheel 12, 2 Jul 3 10:29 tty
Weird, ain't it?
> #
>
>
> Does this even work ?
Nope.
>
> --
>
> So I guess I am asking two questions:
>
> 1. in 5.x, is it still true that mknod will not work from within a jail (I
> sure hope it is still true)
I think so...
>
> 2. what is the current "best practices" strategy for mounting up a devfs
> in a jail ?
I'd say option A + constant checking w/ regards to new devices.
-- Josh
>
>
> thank!
>
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
- Previous message: Shunsuke Akiyama: "Re: USB, select/poll for ucom"
- In reply to: Josh Brooks: "current state of the art / best practice for devfs in a jail ?"
- Next in thread: Robert Watson: "Re: current state of the art / best practice for devfs in a jail ?"
- Reply: Robert Watson: "Re: current state of the art / best practice for devfs in a jail ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
