Quoting "O. Hartmann" <ohartmann_at_walstatt.org> (from Tue, 27 Aug 2019 10:11:54 +0200): > We have a single ZFS pool (raidz), call it pool00 and this pool00 conatins a > ZFS dataset pool00/poudriere which we want to exclusively attach to a jail. > pool00/poudriere contains a complete clone of a former, now decomissioned > machine and is usable by the host bearing the jails. The jail, named > poudriere, > has these config parameters set in /etc/jail.conf as recommended: > > enforce_statfs= "0"; > > allow.raw_sockets= "1"; > > allow.mount= "1"; > allow.mount.zfs= "1"; > allow.mount.devfs= "1"; > allow.mount.fdescfs= "1"; > allow.mount.procfs= "1"; > allow.mount.nullfs= "1"; > allow.mount.fusefs= "1"; > > Here I find the first confusing observation. I can't interact with > the dataset > and its content within the jail. I've set the "jailed" property of > pool00/poudriere via "zfs set jailed=on pool00/poudriere" and I also have to > attach the jailed dataset manually via "zfs jail poudriere > pool00/poudriere" to > the (running) jail. But within the jail, listing ZFS's mountpoints reveal: > > NAME USED AVAIL REFER MOUNTPOINT > pool00 124G 8.62T 34.9K /pool00 > pool00/poudriere 34.9K 8.62T 34.9K /pool/poudriere > > but nothing below /pool/poudriere is visible to the jail. Being confused I Have you checked if it works if you add each dataset below the tree you want to manage (= "sub-dataset")? Do the sub-datasets list the jailed property as inherited from the parent (check on the host)? Bye, Alexander. -- http://www.Leidinger.net Alexander_at_Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild_at_FreeBSD.org : PGP 0x8F31830F9F2772BF
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:21 UTC