Date: Mon, 19 Dec 2016 18:57:39 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: Alexander Leidinger <Alexander@leidinger.net> Cc: SK <fbstable@cps-intl.org>, freebsd-jail <freebsd-jail@freebsd.org> Subject: Re: ZFS and Jail :: nullfs mount :: nothing visible from host :: solved [partial] Message-ID: <58581F93.1090800@quip.cz> In-Reply-To: <20161219175606.Horde.9yvb3ehmcZfxqv01KTg4XGw@webmail.leidinger.net> References: <aa078173-e9f1-3f09-41d4-6613014b1119@cps-intl.org> <584986D0.3040109@quip.cz> <2b6346f8-ed02-0e6d-bd89-106098e7eb2d@cps-intl.org> <58499446.3050403@quip.cz> <eed9efad-9bac-9d36-b75e-c41f9ea72a8b@cps-intl.org> <5849C5BF.7020005@quip.cz> <fb56ab21-026b-408d-f712-ed7479e1f269@cps-intl.org> <584A9179.9060508@quip.cz> <b53fba06-bb7d-06d8-34a4-4677805fb175@cps-intl.org> <584A9D89.4040003@quip.cz> <3851c5d9-7646-b670-357e-ae937fcc7e8f@cps-intl.org> <584AB345.4080307@quip.cz> <33473585-3cb9-10d3-acf9-0a917c5a0079@cps-intl.org> <20161216141540.Horde.zfu3fokeVx7FuFkk7_s-nbW@webmail.leidinger.net> <d606c9ee-f5f6-55c5-0c99-01fd47a4a378@cps-intl.org> <20161217195949.Horde.PTQ3AH5YpaT79dVSxM5UvNr@webmail.leidinger.net> <58567F0F.4010404@quip.cz> <20161219175606.Horde.9yvb3ehmcZfxqv01KTg4XGw@webmail.leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Alexander Leidinger wrote on 2016/12/19 17:56: > > Quoting Miroslav Lachman <000.fbsd@quip.cz> (from Sun, 18 Dec 2016 > 13:20:31 +0100): >> Alexander Leidinger wrote on 2016/12/17 19:59: >>> Quoting SK <fbstable@cps-intl.org> (from Fri, 16 Dec 2016 14:02:20 >>> Correct. >>> >>> You need the data in the root of the jail to boot, if you then attribute >>> this dataset to the jail, it will vanish until "zfs mount -a" is run (rc >>> script inside the jail). As it will vanish during the boot of the jail >>> (if added automatically), the rc script to mount all datasets can not be >>> found. >> >> [...] >> >>>> I think what you are trying to tell here is, unless and until that >>>> "vanished" dataset is put to use (mounted) from inside the jail, it >>>> will remain vanished/unusable from the host itself; however, once that >>>> dataset is put to use, the host system should be able to "see" and >>>> maybe even work on that dataset. Could you please confirm if I >>>> understood you correctly? >>> >>> Correct. >>> >>> A sub-dataset which is not needed to boot, or a dataset not within the >>> subtree of the jail (and not needed to boot) can be used. >> >> Thank you for this information! If it is somewhere in the docs it is >> well hidden to me :) > > I don't expect it to be in the docs. I try to come up with something for > the man page for zfs (for the "attach to jail" part), but anyone shall > feel free to beat me with this. > > Anyone with an idea where in the jail man page we should add something > too (I only had a look at the zfs man page when this issue came up)? It would be nice to have this mentioned in zfs(8) man page (that user in jail cannot manage jail's root dataset but can manage some sub-dataset not required to boot the jail) And there can be some useful example in jail(8) man page in EXAMPLES. There is section "Jails and File Systems" and there can be new section "Manage ZFS from within jail" with basic notes about required jail params, zfs set jailed property and example "hierarchy". (and warning about gotchas with jailed=0 on jail's root directory) Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?58581F93.1090800>