Date: Wed, 5 Feb 2020 06:02:27 -0600 From: CyberLeo Kitsana <cyberleo@cyberleo.net> To: freebsd-questions@freebsd.org Subject: Re: jail and dedicated zfs dataset Message-ID: <807cecca-8941-4560-0397-5791c93e6fbf@cyberleo.net> In-Reply-To: <20200204214404.GB36588@foucry.net> References: <20200204214404.GB36588@foucry.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/4/20 3:44 PM, Jacques Foucry wrote: > Hi folks, > > I'm trying to create a jail (for the mail) with a dedicated zfs dataset. > > On the host, the dataset in tank/root/mails wiht /var/mail as mountpoint. > jailed property in on <snip> > My /etc/jail.conf¹ definition for the dataset is: > > exec.poststart = "/sbin/zfs jail mail tank/root/mails"; > exec.poststart += "zfs mount -a"; > exec.stop = "/sbin/zfs unjail mail tank/root/mails"; > persist=true; > mount.fstab="/etc/fstab.${name}"; <snip> > And mounting by hand failed: > # zfs mount -a > cannot mount 'tank/root/mails': Insufficient privileges You will need to set 'allow.mount' and 'allow.mount.zfs' in jail.conf for the jail in question. Also, exec.poststart runs in the context of the host, not the jail, so running zfs mount -a there may not have the effect you expect. -- Fuzzy love, -CyberLeo <CyberLeo@CyberLeo.Net> Technical Administrator CyberLeo.Net Webhosting http://www.CyberLeo.Net Element9 Communications http://www.Element9.net Furry Peace! - http://www.fur.com/peace/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?807cecca-8941-4560-0397-5791c93e6fbf>