Hello list, trying to setup a poudriere jail on recent CURRENT and have some severe trouble. We have a single ZFS pool (raidz), call it pool00 and this pool00 conatins a ZFS dataset pool00/poudriere which we want to exclusively attach to a jail. pool00/poudriere contains a complete clone of a former, now decomissioned machine and is usable by the host bearing the jails. The jail, named poudriere, has these config parameters set in /etc/jail.conf as recommended: enforce_statfs= "0"; allow.raw_sockets= "1"; allow.mount= "1"; allow.mount.zfs= "1"; allow.mount.devfs= "1"; allow.mount.fdescfs= "1"; allow.mount.procfs= "1"; allow.mount.nullfs= "1"; allow.mount.fusefs= "1"; Here I find the first confusing observation. I can't interact with the dataset and its content within the jail. I've set the "jailed" property of pool00/poudriere via "zfs set jailed=on pool00/poudriere" and I also have to attach the jailed dataset manually via "zfs jail poudriere pool00/poudriere" to the (running) jail. But within the jail, listing ZFS's mountpoints reveal: NAME USED AVAIL REFER MOUNTPOINT pool00 124G 8.62T 34.9K /pool00 pool00/poudriere 34.9K 8.62T 34.9K /pool/poudriere but nothing below /pool/poudriere is visible to the jail. Being confused I tried to check the appropriate security variables and found a set of sysctl OIDs, which seem to have no documentation entry, like security.jail.param.allow.mount.zfs: 0 and a counterpart security.jail.mount_zfs_allowed: 1 Checking the description of security.jail.mount_zfs_allowed tells me that this OID is deprecated: security.jail.mount_zfs_allowed: Jail may mount the zfs file system (deprecated) So, we tried to set param.allow.mount.zfs=1 via /etc/jail.conf for the propper jail, but this results in an error. I can't find anything in jail(8) about these new ".param." OIDs, so maybe my trouble is rooting in here. Is there a howto for the novices on howto setup a jail with ZFS capabilities needed for poudriere with ZFS? Thank you in advance, ohReceived on Tue Aug 27 2019 - 06:24:56 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:21 UTC