nullfs in FreeBSD jail
Boris Samorodov
bsam at ipt.ru
Fri Jul 20 17:40:14 EDT 2007
On Fri, 20 Jul 2007 17:25:20 -0400 Joe Marcus Clarke wrote:
> On Sat, 2007-07-21 at 01:10 +0400, Boris Samorodov wrote:
> > I'm installing ports-mgmt/tinderbox at a FreeBSD jail. Distfiles
> > (/usr/ports/distfiles) from the host nullfs'ed into the jail. Now I
> > want tinderbox to use nullfs for distfiles (i.e. distfiles from the
> > FreeBSD jail nullfs to ${tc}/portstrees/...). But I get:
> > "mount_nullfs: Operation not permitted".
> Make sure you have the nullfs kernel module loaded before trying to do
> the mount in the jail. Jails can't kldload modules. Beyond that, I
> believe it will work.
Well, the main distfile from the host is nullfs'ing while host is
booting...
Thanks for the comment.
> > The host:
> > -----
> > % uname -a
> > FreeBSD and.ipt.ru 7.0-CURRENT FreeBSD 7.0-CURRENT #5: Fri Jul 20 18:48:45 MSD 2007 bsam at and.ipt.ru:/ms/usr/obj/usr/src/sys/GENERIC+ULE3.0 amd64
> > % sysctl security.jail
> > security.jail.jailed: 0
> > security.jail.mount_allowed: 1
> > security.jail.chflags_allowed: 1
> > security.jail.allow_raw_sockets: 0
> > security.jail.enforce_statfs: 2
> > security.jail.sysvipc_allowed: 1
> > security.jail.socket_unixiproute_only: 1
> > security.jail.set_hostname_allowed: 1
> > -----
WBR
--
Boris Samorodov (bsam)
Research Engineer, http://www.ipt.ru Telephone & Internet SP
FreeBSD committer, http://www.FreeBSD.org The Power To Serve
More information about the tinderbox-list
mailing list