is nfs mount inside jail possible?
Boris Samorodov
bsam at ipt.ru
Thu Jun 26 12:32:00 UTC 2008
On Wed, 25 Jun 2008 17:52:52 +0200 Alexander Leidinger wrote:
> Quoting Alexander Leidinger <Alexander at Leidinger.net> (from Wed, 25
> Jun 2008 17:34:01 +0200):
> > To do this edit src/sys/nfsclient/nfs_vfsopts.c, search VFS_SET and
> > change it to
> > VFS_SET(nfs_vfsops, nfs, VFCF_NETWORK|VFCF_JAIL);
> Oh: I haven't checked if this actually works. I don't know if all
> places DTRT then. Normally it should work, but you better test if it
> really puts the FS in the place where you want it, that you can
> mount/umount it, that "mount -v" shows the expected output on the host
> and in the jail, and so on.
> Similar things can be done for
> src/sys/fs/{cd9660|msdosfs|ntfs|nullfs|smbfs|udf|unionfs}. Those are
> the FS's which _should_ be safe, either because they work with
> untrusted data anyway, or because it's a loopback mount. But again, I
> haven't tested any of them (I have them patched locally, but even the
> initial testing is on my TODO list with a low priority).
I see. If my task won't change I'll check what I ca do. Thanks!
WBR
--
Boris Samorodov (bsam)
Research Engineer, http://www.ipt.ru Telephone & Internet SP
FreeBSD committer, http://www.FreeBSD.org The Power To Serve
More information about the freebsd-jail
mailing list