[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Granting Permissions and Ownership to lpt* Device Nodes in Jail


I am running FreeBSD 6.4 - if I do a 'uname -a', I get the following...

FreeBSD watchtower.domain.org 6.4-RELEASE-p2 FreeBSD 6.4-RELEASE-p2 #0: Fri Jan 9 00:01:13 GMT 2009 root AT watchtower.domain DOT org:/usr/obj/usr/src/sys/WATCHTOWER i386

I am also running "ezjail-3.0".

Using ezjail, i've created a jail by the name of PEARL.

I needed /dev/lpt0 and /dev/lpt0.ctl visible inside the jail. So, on the host, I examined /etc/defaults/devfs.rules and determined the highest number entry (which turned out to be 4).

I then (again, on the host) created a file called /etc/devfs.rules. In this file, I placed the following...

========== FILE BEGINS ==========
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'lpt*' unhide
========== FILE ENDS ==========

I then modified /usr/local/etc/ezjail/pearl_domain_org, so that the devfs rules line pointed to the new rule entry...

========== SNIPPET BEGINS ==========
export jail_pearl_domain_org_devfs_ruleset="devfsrules_jail_pearl"
========== SNIPPET ENDS ==========

I rebooted the machine, and this successfully made the 'lpt0' and 'lpt0.ctl' device nodes visible in the jail.

========== COMMAND LINE BEGINS ==========
[root@pearl dev]# ls -al /dev/lpt*
total 0
crw-------  1 root  wheel    0,  53 Feb 25 19:22 lpt0
crw-------  1 root  wheel    0,  54 Feb 25 19:22 lpt0.ctl

========== COMMAND LINE ENDS ==========

It seems however that I need the 'lpt*' nodes to have both specific permissions (0660), and group ownership (root:cups).

While I easily make the changes using the 'chmod' and 'chown' tools, such changes dont survive a system reboot.

I understand I can specify the permissions and group ownership in the devfs.rules file by changing the relevant line to as follows...

add path 'lpt*' mode 0660 group cups unhide
========== HOST DEVFS.RULES SNIPPET ENDS ==========

Unfortunately, after I make this change and perform a system reboot, the 'lpt*' nodes do not appear in the jail at all.

Does anyone have any advice?