Differences between version 2 and previous revision of KnowledgeBase/FreeBSD/JailDS.
Other diffs: Previous Major Revision, Previous Author
| Newer page: | version 2 | Last edited on Sunday, 13 January 2013 1:36:38 | by CyberLeo | Revert |
| Older page: | version 1 | Last edited on Sunday, 13 January 2013 1:36:09 | by CyberLeo | Revert |
@@ -6,13 +6,13 @@
...
enforce_statfs = 1;
allow.mount;
allow.mount.zfs;
- exec.prestart = "/srv/jail/
${name
}/jailds ${name} testnas &";
+ exec.prestart = "${base
}/jailds ${name} testnas &";
}
</code>
-/srv/jail/testnas/
jailds:
+jailds:
<code brush="bash">
#!/bin/sh -e
jail_getid() {
version 2
This will delegate a dataset and its children to the given jail upon jail startup. The dataset will be unavailable to the host.
/etc/jail.conf:
testnas {
...
enforce_statfs = 1;
allow.mount;
allow.mount.zfs;
exec.prestart = "${base}/jailds ${name} testnas &";
}
jailds:
#!/bin/sh -e
jail_getid() {
[ "${1}" ] || return 1
jls -j "${1}" 2>/dev/null | grep -v '^[[:space:]]*JID' | while read jid ip host path
do
echo ${jid}
done
}
jail="${1}"
dataset="${2}"
[ "${jail}" -a "${dataset}" ] || {
echo "Usage: jailds <jailname> <dataset>" >&2
exit 1
}
jid=""
for try in $(jot 20 1)
do
jid=$(jail_getid "${jail}")
[ "${jid}" ] && break
sleep 0.25
done
[ "${jid}" ] || {
echo "jailds: jail ${jail} never appeared" >&2
exit 1
}
zfs set jailed=on "${dataset}"
zfs jail "${jid}" "${dataset}"
jexec "${jail}" zfs mount -a