From owner-freebsd-jail@FreeBSD.ORG Wed Jun 25 15:34:12 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 795981065671 for ; Wed, 25 Jun 2008 15:34:12 +0000 (UTC) (envelope-from alexander@leidinger.net) Received: from redbull.bpaserver.net (redbullneu.bpaserver.net [213.198.78.217]) by mx1.freebsd.org (Postfix) with ESMTP id 210F38FC1D for ; Wed, 25 Jun 2008 15:34:11 +0000 (UTC) (envelope-from alexander@leidinger.net) Received: from outgoing.leidinger.net (p54A54EEB.dip.t-dialin.net [84.165.78.235]) by redbull.bpaserver.net (Postfix) with ESMTP id 32C152E16C; Wed, 25 Jun 2008 17:34:05 +0200 (CEST) Received: from webmail.leidinger.net (webmail.leidinger.net [192.168.1.102]) by outgoing.leidinger.net (Postfix) with ESMTP id 5B1A412FAD8; Wed, 25 Jun 2008 17:34:02 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=Leidinger.net; s=outgoing-alex; t=1214408042; bh=NpQsE49B+qo/RHKLNBpmMDyvkq0rD6l17 NDP/JCs5Zw=; h=Message-ID:Date:From:To:Cc:Subject:References: In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=cNzRy8sOcuhc25h70rcGjnciKy6mOFVp5n7EzdkGzAJsRnmRV/iAEuTk0/Vk+sH3v dxD12HaCwO9c4bZhgIG/KU5r5KDDoJTvqic6y3ZZTPTxZuUj1rzJJrXWWw3YgRg9NGD o3bqodM6IR8Q8nF2qDdBAmZmyZ2SzcicOuA+IC94ox7eMTeXkOKWJNtWQ7vyrahpPkT dumDQC1RT6uQJvi9i3J1+vANP8mllxUU+TKM0swxy2okhCOIjkkAwgXduPUMsn0ohpm YFoHsCB+UWSbRfpF4sZulKmACeWYmz0gLk+d3jeK/cJXdQMJXD+aP3f4qHXTugW8PSi 7AdgwBwcg== Received: (from www@localhost) by webmail.leidinger.net (8.14.2/8.13.8/Submit) id m5PFY1Ew030922; Wed, 25 Jun 2008 17:34:01 +0200 (CEST) (envelope-from Alexander@Leidinger.net) Received: from pslux.cec.eu.int (pslux.cec.eu.int [158.169.9.14]) by webmail.leidinger.net (Horde Framework) with HTTP; Wed, 25 Jun 2008 17:34:01 +0200 Message-ID: <20080625173401.116369ceeiewif40@webmail.leidinger.net> X-Priority: 3 (Normal) Date: Wed, 25 Jun 2008 17:34:01 +0200 From: Alexander Leidinger To: Boris Samorodov References: <62852722@bb.ipt.ru> In-Reply-To: <62852722@bb.ipt.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Internet Messaging Program (IMP) H3 (4.2-RC2) / FreeBSD-8.0 X-BPAnet-MailScanner-Information: Please contact the ISP for more information X-BPAnet-MailScanner: Found to be clean X-BPAnet-MailScanner-SpamCheck: not spam, ORDB-RBL, SpamAssassin (not cached, score=-13.196, required 6, BAYES_00 -15.00, DKIM_SIGNED 0.00, DKIM_VERIFIED -0.00, MIME_QP_LONG_LINE 1.40, RDNS_DYNAMIC 0.10, TW_EV 0.08, TW_OC 0.08, TW_SV 0.08, TW_ZF 0.08) X-BPAnet-MailScanner-From: alexander@leidinger.net X-Spam-Status: No Cc: freebsd-jail@FreeBSD.org Subject: Re: is nfs mount inside jail possible? X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2008 15:34:12 -0000 Quoting Boris Samorodov (from Wed, 25 Jun 2008 17:53:49 +0400)= : > # lsvfs > Filesystem Refs Flags > -------------------------------- ----- --------------- > nfs4 0 network > zfs 6 jail > ntfs 0 > ufs 4 > nfs 0 network > msdosfs 0 > procfs 4 synthetic > cd9660 0 read-only > devfs 5 synthetic > nullfs 7 loopback > fdescfs 4 synthetic > ----- > > ... nfs seems not to be jail friendly. Here is the question at > subject. Thanks! Correct. If you are not afraid to patch the system: zfs has the JAIL =20 flag set, you just need to do the same with nfs. To do this edit src/sys/nfsclient/nfs_vfsopts.c, search VFS_SET and =20 change it to VFS_SET(nfs_vfsops, nfs, VFCF_NETWORK|VFCF_JAIL); I suggest to not do this with tmpfs if you do shared hosting (you =20 don't want that strangers eat up all your physical RAM). Bye, Alexander. --=20 Peers's Law: The solution to a problem changes the nature of the problem. http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID =3D B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID =3D 72077137