Date: Tue, 22 Jan 2019 18:50:15 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: "Michael W. Lucas" <mwlucas@michaelwlucas.com>, Willem Jan Withagen <wjw@digiware.nl> Cc: jail@freebsd.org Subject: Re: delegating ZFS of jail's root directory Message-ID: <2ac2db6a-9fb8-36d7-2481-b6983da5bc04@quip.cz> In-Reply-To: <20190122162334.GA668@mail.michaelwlucas.com> References: <20190121164242.GB91955@mail.michaelwlucas.com> <946528bf-f9a9-724f-b4c0-1a734800d16d@digiware.nl> <20190122162334.GA668@mail.michaelwlucas.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael W. Lucas wrote on 2019/01/22 17:23: > On Tue, Jan 22, 2019 at 11:39:57AM +0100, Willem Jan Withagen wrote: >> On 21-1-2019 17:42, Michael W. Lucas wrote: >> Hi Michael, >> >> I think I asked that question a some time ago, to be able to run a >> ceph-setup script in a jail.... >> >> The basic answer was that the jail needs to have access to /dev/zfs in the >> jail to be effectively controlling zfs. But then I think you delegate the >> whole set of zfs capabilities to the jail. >> >> Which in my case was not a problem. But if you want to use a jail as >> separation of control, then this will be way too liberal. >> >> There is a set of configs for devfs in /etc. See `man -k devfs` >> But I've not used this in the end. > > <facepalm> That fixes the first problem, thank you. > > I still can't delegate the jail's root directory to the jail, > though. Once I set jailed=on to the jail's zroot, it's unmounted and > jail(8) can't find the jail's /dev to mount it. > > There seems to be a chicken-and-egg problem here that I have no idea > how to resolve. Any suggestions? What about to mount it with exec.prestart before the jail is created? (I didn't tried it) Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2ac2db6a-9fb8-36d7-2481-b6983da5bc04>