Brandon Fosdick wrote:
Robert Watson wrote:
> (1) Modifying the name space exclusion assumption for jails, so that the
file system name spaces overlap. One way to do this is with nullfs.
nullfs looks interesting. I was thinking about sharing files between jails
using NFS, but it looks like nullfs would do the trick with better performance.
Although the bugs section of the man page for mount_nullfs is rather scary.
Does anyone have any experience with it? Does it actually work?
If the point here is to make /tmp/mysql.sock show up in another jail's file
space, can I use a symlink instead? Can a jailed process see the target of the
symlink?
Symlinks are just a path mapping mechanism performed by the kernel at
lookup time, that is, before the actual access. In a jail only those
parts of a filesystem are visible that are at or below the jail's root
directory. The same goes for normal chroots. So if the symlink points
to a location outside this scope you cannot access the object.
Hardlinks would work, but only if the jails concerned live in the same
filesystem. Though they can of course be confined in separate,
non-overlapping parts of that filesystem.
Uwe
--
Uwe Doering | EscapeBox - Managed On-Demand UNIX Servers
[EMAIL PROTECTED] | http://www.escapebox.net
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
