On Thu, Dec 1, 2022 at 1:29 AM Alexander Leidinger <alexan...@leidinger.net> wrote:
> > Quoting Alan Somers <asom...@freebsd.org> (from Tue, 29 Nov 2022 > 17:28:10 -0700): > > > On Tue, Nov 29, 2022 at 5:21 PM Rick Macklem <rick.mack...@gmail.com> > wrote: > > >> So, what do others think of enforcing the requirement that each jail > >> have its own file systems for this? > > > > I think that's a totally reasonable requirement. Especially so for > > ZFS users, who already create a filesystem per jail for other reasons. > > While I agree that it is a reasonable requirement, just a note that we > can not assume that every existing jail resides on its own file > system. The base system jail infrastructure doesn't check this, and > the ezjail port doesn't either. The iocage port does it. > > Is there a way to detect this inside a jail and error out in nfsd/mountd? I think the check (...->pr_root->v_vflag & VV_ROOT) is sufficient. At least it is working for current testing. rick > > Bye, > Alexander. > > -- > http://www.Leidinger.net alexan...@leidinger.net: PGP 0x8F31830F9F2772BF > http://www.FreeBSD.org netch...@freebsd.org : PGP 0x8F31830F9F2772BF >