Re: ZFS in a jail

From: Gelsema, P \(Patrick\) <"Gelsema,>
Date: Mon, 3 Dec 2007 13:53:38 +0100 (CET)
On Mon, December 3, 2007 12:54, Oliver Brandmueller wrote:
> Hi,
>
> On Sun, Dec 02, 2007 at 09:49:38PM +0100, Gelsema, P (Patrick) wrote:
>> batman# zfs create public/jail/public
>> internal error: failed to initialize ZFS library
>>
>> In /var/log/messages on the host I get the following:
>> Dec  2 21:47:01 hulk kernel: WARNING pid 36752 (zfs): ioctl
>> sign-extension
>> ioctl ffffffffcef85a2b
>>
>> I do have the 2 sysctl settings set.
>>
>> Even running zfs gives me a problem within the jail.
>>
>> Some help would be much appreciated.
>
> Did you add the zfs device to be available for your jails in
> devfs.rules? In the ruleset applying for the jails you need to add:
>
> add path zfs unhide

hulk is the host, batman is the jail.

hulk# cat /etc/rc.conf | grep devfs
jail_batman_devfs_enable="YES"
devfs_system_ruleset="zfsenable"

hulk# cat /etc/devfs.rules
[zfsenable=10]
add path 'zfs' unhide

hulk# zpool create public raidz ad4 ad6 ad8
hulk# zfs create public/jail
hulk# zfs set jailed=on public/jail
hulk# zfs set jailed=on public/jail
hulk# zfs jail 4 public/jail

hulk# sysctl security | grep jail
security.jail.jailed: 0
security.jail.mount_allowed: 1
security.jail.chflags_allowed: 0
security.jail.allow_raw_sockets: 0
security.jail.enforce_statfs: 0
security.jail.sysvipc_allowed: 0
security.jail.socket_unixiproute_only: 1
security.jail.set_hostname_allowed: 0

hulk# tail -n 1 /var/log/messages
Dec  3 13:45:16 hulk kernel: WARNING pid 1971 (zfs): ioctl sign-extension
ioctl ffffffffcef85a2b

batman# zfs create public/jail/public
internal error: failed to initialize ZFS library

I am still getting the same error in the jail.

rgds,

Thanks Patrick




>
> Then it should work like a charme.
>
> - Oliver
>
> --
> | Oliver Brandmueller | Offenbacher Str. 1  | Germany       D-14197 Berlin
> |
> | Fon +49-172-3130856 | Fax +49-172-3145027 | WWW:   http://the.addict.de/
> |
> |               Ich bin das Internet. Sowahr ich Gott helfe.
> |
> | Eine gewerbliche Nutzung aller enthaltenen Adressen ist nicht gestattet!
> |
> _______________________________________________
> freebsd-stable_at_freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe_at_freebsd.org"
>
Received on Mon Dec 03 2007 - 11:53:53 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:23 UTC