Date: Fri, 4 Mar 2005 01:13:43 +0100 From: Emanuel Strobl <emanuel.strobl@gmx.net> To: freebsd-questions@freebsd.org Cc: Chris Hodgins <chodgins@cis.strath.ac.uk> Subject: Re: Sharing directories with jails Message-ID: <200503040113.47609@harrymail> In-Reply-To: <2939.216.220.59.169.1109865872.squirrel@216.220.59.169> References: <4227164D.3050103@cis.strath.ac.uk> <2939.216.220.59.169.1109865872.squirrel@216.220.59.169>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart5936014.Zjae0QKPsK Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Am Donnerstag, 3. M=E4rz 2005 17:04 schrieb Ean Kingston: > > How dangerous is it to share the ports directory with jails on the > > system? I am using the jails to give other access to a freebsd system. > > You can assume they are untrusted (hence the jail ;)). > > > > Is it enough just to: > > ln -s /usr/ports /usr/jail/ajail/usr/ports > > That won't work. The jail does a chroot (along with other things) when it > starts up so the link inside the jail will wind up pointing to itself. > > The only way I've been able to figure out how to do something like that is > by running an NFS server outside the jail and then run an NFS client You can also use nullfs (man (8) mount_nullfs). It's slow and not certified= to=20 be bugfree but I never had any problems and especially for centralized port= s=20 very useful. =2DHarry --nextPart5936014.Zjae0QKPsK Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCJ6g7Bylq0S4AzzwRAsA+AJ9dw8/XTNr8ecMDRNHs0gCvEP5imQCfTFsG lvwDEJTxzD0gsyzD3YNdKT4= =rJID -----END PGP SIGNATURE----- --nextPart5936014.Zjae0QKPsK--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503040113.47609>