[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

attach zfs to jails



Hi,

just real quick because I needed it. A patch to rc.d/ezjail.sh to attach
a ZFS to a running jail on jail startup. Patch is against CVS version
but might work on release too.  You need to add
jail_<ezjailname>_zfs="tank/foobar tank/barfoo" to your jailconfig in
etc/ezjail. Can be a list of filesystems, space seperated.

I'm sure it needs refinement.

Of couse you still need the usual zfs+jail stuff like
security.jail.mount_allowed=1 and security.jail.enforce_statfs=0 as well
as "add path zfs unhide" in the devfs.rules for the jail.

greetings,
philipp


--- ezjail.sh	8 Jan 2008 03:34:49 -0000	1.46
+++ ezjail.sh	20 Nov 2009 10:38:37 -0000
@@ -60,6 +60,8 @@
     . "${ezjail_prefix}/etc/ezjail/${ezjail}"
 
     eval ezjail_rootdir=\"\$jail_${ezjail}_rootdir\"
+    eval ezjail_hostname=\"\$jail_${ezjail}_hostname\"
+    eval ezjail_zfs=\"\$jail_${ezjail}_zfs\"
     eval ezjail_image=\"\$jail_${ezjail}_image\"
     eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\"
     eval ezjail_attachparams=\"\$jail_${ezjail}_attachparams\"
@@ -88,6 +90,12 @@
   # Pass control to jail script which does the actual work
   [ "${ezjail_pass}" ] && sh /etc/rc.d/jail one${action%crypto} ${ezjail_pass}
 
+  jid=`jls |grep -v JID |grep "${ezjail_hostname}" |awk '{print $1}'`
+  for zfs in ${ezjail_zfs}; do
+    echo "Attaching zfs ${zfs}"
+    /sbin/zfs jail ${jid} ${zfs}
+  done
+
   # Can only detach after unmounting (from fstab.JAILNAME in /etc/rc.d/jail)
   attach_detach_post
 }