After implementing a suggestion from pjd_at_, a new version of the patch is attached, now using a more universal solution - vn_fullpath_global() in the mount part. Dňa 28. 7. 2011 16:59, Martin Matuska wrote / napísal(a): > Please review my attached patch. > > The patch fixes f_mntonname with mount/unmount inside a jail with allow.mount enabled. > Filesystems mountable in a jail require the VFCF_JAIL flag (currently only ZFS). > > With this patch, mount and unmount works both with enforce_statfs = 0 and enforce_statfs = 1. > I suggest disabling mount/unmount for jails with enforce_statfs = 2, as this is contradictory and does not play well with or without this patch. > > I have successfully tested this patch with ZFS, nullfs and tmpfs. > > To enable nullfs for a jail, you have to modify tmpfs/tmpfs_vfsops.c and recompile the tmpfs module: > -VFS_SET(tmpfs_vfsops, tmpfs, 0); > +VFS_SET(tmpfs_vfsops, tmpfs, VFCF_JAIL); > > To enable tmpfs for a jail, you have to modify nullfs/null_vfsops.c and recompile the nullfs module: > -VFS_SET(null_vfsops, nullfs, VFCF_LOOPBACK); > +VFS_SET(null_vfsops, nullfs, VFCF_LOOPBACK | VFCF_JAIL); > > The filesystems can be successfully mounted/unmounted inside a jail and also unmounted from the parent host without problems. > > The mount inside jail, a jail needs allow.mount=1 and enforce.statfs=0 or enforce.statfs=1, for more information see jail(8) > I assume other filesystem not dealing with devices may work correctly with this patch, too (e.g. nfs). > > With jailed nullfs we can run tinderbox in a jail ;) > > Please review, comment and/or test my attached patch. > > Cheers, > mm -- Martin Matuska FreeBSD committer http://blog.vx.sk
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:16 UTC