Sharing directories with jails
Emanuel Strobl
emanuel.strobl at gmx.net
Thu Mar 3 16:13:54 PST 2005
Am Donnerstag, 3. März 2005 17:04 schrieb Ean Kingston:
> > How dangerous is it to share the ports directory with jails on the
> > system? I am using the jails to give other access to a freebsd system.
> > You can assume they are untrusted (hence the jail ;)).
> >
> > Is it enough just to:
> > ln -s /usr/ports /usr/jail/ajail/usr/ports
>
> That won't work. The jail does a chroot (along with other things) when it
> starts up so the link inside the jail will wind up pointing to itself.
>
> The only way I've been able to figure out how to do something like that is
> by running an NFS server outside the jail and then run an NFS client
You can also use nullfs (man (8) mount_nullfs). It's slow and not certified to
be bugfree but I never had any problems and especially for centralized ports
very useful.
-Harry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050304/56bde27c/attachment.bin
More information about the freebsd-questions
mailing list