mounting fdescfs in a nested/hierarchical jail?
James Gritton
jamie at gritton.org
Thu Aug 21 02:55:04 UTC 2014
On 8/18/2014 6:26 AM, Ruben van Staveren wrote:
> Hi list,
>
> I have a FreeBSD 10 zfs based ezjail setup. In one of the jails I am using ezjail again to set up a nested jail. My goal is to eventually have my jails use these nested jails as containers for certain services.
>
> However, I am not able to mount a nested fdescfs. When I leave out fdesc, the nested jail starts up just fine.
>
> There is no allow.mount.fdescfs. Do we need one?
>
> Cheers,
> Ruben
That's probably the answer. It seems a little inelegant to have this
proliferation of pesudo-fs type allowances, but it's the direction we've
gone.
In the meantime, you could pre-mount the child jails' fdescfs when the
parent jails are created. That's pretty messy, especially considering
it means you have to first pre-mount their devfs as well. But it's
likely all the permissions will allow.
- Jamie
More information about the freebsd-stable
mailing list