Date: Tue, 21 Aug 2012 17:27:28 +0200 From: "Len Conrad " <lconrad@Go2France.com> To: <freebsd-questions@freebsd.org> Subject: Problem with r-o access in jail Message-ID: <201208211727.AA529531400@mail.Go2France.com>
next in thread | raw e-mail | index | archive | help
Want a nullfs filesystem to be read-only for tech people to search-only maillog files. host machine's files: /var/log/mx1/maillog* files the maillog files are all 644 and r bit is set all along the path using ezjail jail root is /var/jails jail name is fixit mkdir -p /var/jails/fixit/mx1 fixit/mx1 dir has 644 and r bit is set all along the path mount_nullfs -o ro /var/log/mx1 /var/jails/fixit/mx1 "ezjail-admin console fixit" as fixit jail root user I add a user fixit:fixit ssh logon to fixit jail's ip as user fixit ll /mx1 gives nothing but: ls: maillog.45.bz2: Permission denied ls: maillog.46.bz2: Permission denied ls: maillog.47.bz2: Permission denied ls: maillog.48.bz2: Permission denied ls: maillog.49.bz2: Permission denied ls: maillog.5.bz2: Permission denied ls: maillog.50.bz2: Permission denied ls: maillog.51.bz2: Permission denied ezjail-admin console fixit ...shows the /mx1/maillog* files all to be 644 If move the jail fixit user from group fixit to group wheel, user fixit has access to /mx1/maillog* files. suggestions? thanks, Len
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201208211727.AA529531400>