From owner-freebsd-stable@FreeBSD.ORG  Wed Apr 25 12:39:54 2007
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 74F5816A403
	for <freebsd-stable@freebsd.org>; Wed, 25 Apr 2007 12:39:54 +0000 (UTC)
	(envelope-from freebsdlists@bsdunix.ch)
Received: from conversation.bsdunix.ch (ns1.bsdunix.ch [82.220.1.90])
	by mx1.freebsd.org (Postfix) with ESMTP id 3A62713C48A
	for <freebsd-stable@freebsd.org>; Wed, 25 Apr 2007 12:39:54 +0000 (UTC)
	(envelope-from freebsdlists@bsdunix.ch)
Received: from localhost (localhost.bsdunix.ch [127.0.0.1])
	by conversation.bsdunix.ch (Postfix) with ESMTP id EC9D45D42
	for <freebsd-stable@freebsd.org>; Wed, 25 Apr 2007 14:22:29 +0200 (CEST)
X-Virus-Scanned: by amavisd-new at mail.bsdunix.ch
Received: from conversation.bsdunix.ch ([127.0.0.1])
	by localhost (conversation.bsdunix.ch [127.0.0.1]) (amavisd-new,
	port 10024)
	with LMTP id 6gvkY2cFHZpQ for <freebsd-stable@freebsd.org>;
	Wed, 25 Apr 2007 14:21:59 +0200 (CEST)
Received: from [212.101.1.83] (bert.mlan.solnet.ch [212.101.1.83])
	(using SSLv3 with cipher RC4-MD5 (128/128 bits))
	(No client certificate requested)
	by conversation.bsdunix.ch (Postfix) with ESMTP id 158CC5D3B
	for <freebsd-stable@freebsd.org>; Wed, 25 Apr 2007 14:21:59 +0200 (CEST)
From: Thomas <freebsdlists@bsdunix.ch>
To: freebsd-stable@freebsd.org
Content-Type: text/plain
Date: Wed, 25 Apr 2007 14:21:58 +0200
Message-Id: <1177503718.2974.17.camel@bert.mlan.solnet.ch>
Mime-Version: 1.0
X-Mailer: Evolution 2.10.1 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: 7bit
Subject: mount_nullfs in jail, set times error on symlinked files
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Apr 2007 12:39:54 -0000

Hi

I jailed my ftp server. Rsync processes inside my jail syncing remote
files. I receive a lot of errors like:

rsync: failed to set times on
"/usr/local/data/ftp/mirror/x.org/pub/X11R7.0/doc/html/XF86VidModeGetPermissions.3.html": Operation not permitted (1)

All set times error are triggered by symlinked files:
/usr/local/data/ftp/mirror/x.org/pub/X11R7.0/doc/html/XF86VidModeGetPermissions.3.html -> XF86VidMode.3.html

Is this a jail limitation?


About my system:
6.2-STABLE #8: Mon Apr 23 15:17:16 UTC 2007 (I386)

kern.securelevel is set to -1 in the host and jail system.
 
My host system mounts /backup/jail_ftp/ftp
to /jail/ftp_server/usr/local/data/ftp which is inside my jail.

mount shows:
/backup/jail_ftp/ftp on /jail/ftp_server/usr/local/data/ftp (nullfs,
local)

/backup/jail_ftp/ftp has chmod 777

my host rc.conf looks like:
jail_ftp_devfs_enable="YES" 
jail_ftp_devfs_ruleset="devfsrules_jail" #rulset 4 applied
jail_ftp_mount_enable="YES"

fstab.ftp:
/usr/ports  /jail/ftp_server/usr/ports nullfs rw 1 1
/backup/jail_ftp/ftp  /jail/ftp_server/usr/local/data/ftp nullfs 1 1

sysctl.conf:
security.jail.set_hostname_allowed: 1
security.jail.socket_unixiproute_only: 1
security.jail.sysvipc_allowed: 1
security.jail.enforce_statfs: 1
security.jail.allow_raw_sockets: 1
security.jail.chflags_allowed: 1
security.jail.jailed_sockets_first: 1
kern.securelevel: -1

Cheers,
Tom Vogt