Setting devfs rules inside jail

Fri Dec 4 17:07:28 UTC 2009

Hi,

I'm trying to setup CUPS (in a jail) using an old parallel port printer on 
my server machine.

I used ezjail to create a jail and the installed CUPS within it.  I've got 
everything up and running, but i've had to work around some issues.

Initially, the CUPS administration website didn't list the printer on the 
Add Printer screen.  I discovered that this because the /dev/lpt0 and 
/dev/lpt0.ctl devices weren't showing up in the jail.

I therefore (on the host system), created a /etc/devfs.rules file...

------------------------------------------------------------
[devfsrules_jail_pearl=5]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'lpt*' unhide
add path 'lpt*' mode 0660 group cups
------------------------------------------------------------

I updated the devfs ruleset entry in /usr/local/etc/ezjail/pearl_domain.tld, 
and rebooted.

This successfully made the /dev/lpt0 and /dev/lpt0.ctl devices visible in 
the jail and assigned them the correct permissions.

Unfortunately, I was seeing an error message on-screen when the system was 
booted (when the jails were being started)...

------------------------------------------------------------
devfs rule: error converting to integer: cups
------------------------------------------------------------

After a moment, I realised what had happened - I installed CUPS in a jail, 
not on the host system.  Naturally the CUPS group does not exist on the host 
so when the system tried to translate the group name to a UID, it couldn't 
do so.

I modified the last line of the hosts /dev/devfs.rules line to as follows 
(basically removing the 'group cups')...

------------------------------------------------------------
add path 'lpt*' mode 0660
------------------------------------------------------------

At this point, I thought what I needed to do is setup a /etc/devfs.rules 
file in the jail - setting the group ownership in the jail where the CUPS 
group exists.

I created a /etc/devfs.rules file *in* the jail...

------------------------------------------------------------
[localrules=5]
add path 'lpt*' group cups
------------------------------------------------------------

I also added the following entry in my jail's /etc/rc.conf file...

------------------------------------------------------------
devfs_system_ruleset="localrules"
------------------------------------------------------------

Unfortunately, the group assignment statement never seems to get executed.

I've gotten around this by just creating a quick script which explicitly 
sets the group ownership, and having the script be executed on boot via 
/etc/crontab.

I'm not understanding why the devfs rules aren't being applied in the jail 
however.  Can anyone help?

If its relevant, i'm using FreeBSD 7.2 (FreeBSD xxx.xxx.xxx 7.2-RELEASE-p4 
FreeBSD 7.2-RELEASE-p4 #0: Tue Dec  1 19:05:36 GMT 2009 
user at xxx.xxx.xxx:/usr/obj/usr/src/sys/xxx  i386).

Regards,

Jazz