From owner-freebsd-current@FreeBSD.ORG Mon Mar 27 07:35:18 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1F6B016A401 for ; Mon, 27 Mar 2006 07:35:18 +0000 (UTC) (envelope-from rabe@p-i-n.com) Received: from aposerv.p-i-n.com (aposerv.p-i-n.com [145.253.185.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 817E743D66 for ; Mon, 27 Mar 2006 07:35:12 +0000 (GMT) (envelope-from rabe@p-i-n.com) Received: from p-i-n.com (inside.p-i-n.com [129.10.9.21]) by aposerv.p-i-n.com (8.12.11/8.12.11) with ESMTP id k2R7Z9Gs010676 for ; Mon, 27 Mar 2006 09:35:09 +0200 (CEST) (envelope-from rabe@p-i-n.com) Received: (from rabe@localhost) by p-i-n.com (8.11.6/8.11.6) id k2R7Z3p49738 for freebsd-current@freebsd.org; Mon, 27 Mar 2006 09:35:03 +0200 (CEST) (envelope-from rabe) Date: Mon, 27 Mar 2006 09:35:03 +0200 From: "Raphael H. Becker" To: freebsd-current@freebsd.org Message-ID: <20060327093503.G60206@p-i-n.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Organization: PHOENIX Pharmahandel AG & Co KG, Mannheim, Deutschland Subject: devfs ruleset 4 (jails) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Mar 2006 07:35:18 -0000 Hello *, I hope this is not a FAQ: what is wrong about # devfs -m /data/jails/pinserv3j01.p-i-n.com/dev/ ruleset 4 After this command there still is some critical stuff in the jail's /dev: # ls /data/jails/pinserv3j01.p-i-n.com/dev/ acpi fd ptyp2 ttyp7 amr0 fd0 ptyp3 ttyp8 amrd0 fido ptyp4 ttyp9 amrd0s1 geom.ctl ptyp5 ttyv0 amrd0s1a io ptyp6 ttyv1 amrd0s1b kbd0 ptyp7 ttyv2 amrd0s1c klog ptyp8 ttyv3 amrd0s1d kmem ptyp9 ttyv4 amrd0s1e lpt0 random ttyv5 amrd0s1f lpt0.ctl stderr ttyv6 apm mdctl stdin ttyv7 ata mem stdout ttyv8 atkbd0 net sysmouse ttyv9 bpsm0 net1 ttyd0 ttyva cd0 net2 ttyd0.init ttyvb console net3 ttyd0.lock ttyvc consolectl network ttyd1 ttyvd ctty nfs4 ttyd1.init ttyve cuad0 nfslock ttyd1.lock ttyvf cuad0.init null ttyp0 urandom cuad0.lock pass0 ttyp1 usb cuad1 pci ttyp2 usb0 cuad1.init ppi0 ttyp3 xpt0 cuad1.lock psm0 ttyp4 zero devctl ptyp0 ttyp5 devstat ptyp1 ttyp6 In /etc/defaults/devfs.rules # Devices usually found in a jail. # [devfsrules_jail=4] add include $devfsrules_hide_all add include $devfsrules_unhide_basic add include $devfsrules_unhide_login I'd expect not to see at least any amr* and cua* devices in this /dev Even the following isn't working: # devfs -m /data/jails/pinserv3j01.p-i-n.com/dev/ rule applyset # uname -srm FreeBSD 6.1-PRERELEASE i386 ... with sources from last friday. BTW: I use jailctl-0.71 from the ports to manage my jails. Maybe there's something broken? Any idea? With best regards Raphael Becker