[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

mount nullfs



Hi,

I want to be able to do nullfs mounts inside a jail.

I have:

grep jail /etc/sysctl.conf

security.jail.mount_nullfs_allowed=1
security.jail.enforce_statfs=1 jail.mount_allowed=1


cat /usr/local/etc/ezjail/app1_bla_test
# To specify the start up order of your ezjails, use these lines to 
# create a Jail dependency tree. See rcorder(8) for more details. #
# PROVIDE: standard_ezjail
# REQUIRE: 
# BEFORE: 
#

export jail_app1_bla_test_hostname="app1-bla-test"
export jail_app1_bla_test_ip="192.168.86.195,127.0.0.3"
export jail_app1_bla_test_rootdir="/usr/jails/app1-bla-test"
export jail_app1_bla_test_exec_start="/bin/sh /etc/rc"
export jail_app1_bla_test_exec_stop=""
export jail_app1_bla_test_mount_enable="YES"
export jail_app1_bla_test_devfs_enable="YES"
export jail_app1_bla_test_devfs_ruleset="devfsrules_jail"
export jail_app1_bla_test_procfs_enable="YES"
export jail_app1_bla_test_fdescfs_enable="YES"
export jail_app1_bla_test_image=""
export jail_app1_bla_test_imagetype="zfs"
export jail_app1_bla_test_attachparams=""
export jail_app1_bla_test_attachblocking=""
export jail_app1_bla_test_forceblocking=""
export jail_app1_bla_test_zfs_datasets=""
export jail_app1_bla_test_cpuset=""
export jail_app1_bla_test_fib=""
export jail_app1_bla_test_parameters="enforce_statfs=1 mount_allowed=1
mount_nullfs_allowed=1" 
(one line)


But I still can't mount a nullfs inside a jail.

I tried
"enforce_statfs=1 allow.mount=1 allow.mount.nullfs=1" 

for the parameters, but it does not work.
It does not set the allow.mount.nullfs value to 1.

What does work, though is:

jail -m jid=14 allow.mount.nullfs=1

But I want it setup in the config-file.

This is something that came with 9.1 - does it need a change in ezjail?