Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 05 Feb 2013 19:33:02 +0100
From:      =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= <lukasz@wasikowski.net>
To:        freebsd-fs@freebsd.org, freebsd-jail@freebsd.org
Subject:   zfs in jail - cannot mount: Insufficient privileges
Message-ID:  <5111505E.6030105@wasikowski.net>

next in thread | raw e-mail | index | archive | help
FreeBSD 9.1-STABLE r246099, zfs in jail, unprivileged user is unable to
mount dataset.

In jail:

# sysctl vfs.usermount security.jail.enforce_statfs
security.jail.mount_zfs_allowed security.jail.mount_allowed
security.jail.jailed
vfs.usermount: 1
security.jail.enforce_statfs: 0
security.jail.mount_zfs_allowed: 1
security.jail.mount_allowed: 1
security.jail.jailed: 1

# zfs allow jinx/jails/jtest/testset
---- Permissions on jinx/jails/jtest/testset -------------------------
Permission sets:
        @testperms
clone,create,destroy,mount,quota,readonly,receive,rollback,send,snapshot
Local+Descendent permissions:
        user testuser @testperms

# zfs get mountpoint jinx/jails/jtest/testset
NAME                      PROPERTY    VALUE       SOURCE
jinx/jails/jtest/testset  mountpoint  /testset    local

# getfacl /testset
# file: /testset
# owner: testuser
# group: testuser
            owner@:rwxp--aARWcCos:------:allow
            group@:r-x---a-R-c--s:------:allow
         everyone@:r-x---a-R-c--s:------:allow

# su - testuser

$ zfs create jinx/jails/jtest/testset/testdir
cannot mount 'jinx/jails/jtest/testset/testdir': Insufficient privileges
filesystem successfully created, but not mounted

Is it a bug or am I missing something? root can create dataset in this
jail without any problem:

# zfs create jinx/jails/jtest/testset/testdir2 && zfs list
jinx/jails/jtest/testset/testdir2
NAME                                USED  AVAIL  REFER  MOUNTPOINT
jinx/jails/jtest/testset/testdir2    31K  18.4G    31K  /testset/testdir2

On host user can create and mount dataset, problem appears only in jail.

-- 
best regards,
Lukasz Wasikowski



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5111505E.6030105>