On 9/4/2012 12:50 AM, Bryan Drewery wrote: > On 9/4/2012 12:46 AM, Bryan Drewery wrote: >> On 9/4/2012 12:42 AM, Bryan Drewery wrote: >>> I am unable to get these to pass into jails via /etc/rc.d/jail + ezjail. >>> >>> I set them in the host: >>> >>> security.jail.mount_allowed=1 >>> security.jail.mount_zfs_allowed=1 >>> >>> What is the proper way to get these set? >>> >>> >> >> I used `jail -m` to set these, but they don't seem to work: >> >> In host: >> >> # jail -m jid=3 allow.mount allow.mount.zfs >> # sysctl vfs.usermount=1 >> >> In jail: >> >> # sysctl -a|grep mount >> vfs.usermount: 1 >> ... >> security.jail.mount_zfs_allowed: 1 >> security.jail.mount_allowed: 1 >> >> # zfs mount -a >> cannot mount 'backup': Insufficient privileges >> >> This dataset is properly jailed=on and 'zfs jail' ran on it as well. > > Sorry for the noise.. > > # jail -m jid=3 enforce_statfs=1 > > Now it works. > > Yes, I read the jail(8) and zfs(8) manpages. My biggest problem was the > params not being passed in at startup. > > Bryan >
Anyone else who runs into this, r239382 allows this to work using /etc/rc.d/jail with deprecated rc.conf/ezjail setups. You can specify jail_NAME_parameters=... with that patch. -- Regards, Bryan Drewery bdrewery@freenode/EFNet _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[email protected]"
