misc/187079: devfs_load_rulesets has to be enabled for mount.devfs to behave like expected

Robert Schulze Wed, 26 Feb 2014 01:51:12 -0800

>Number:         187079
>Category:       misc
>Synopsis:       devfs_load_rulesets has to be enabled for mount.devfs to 
>behave like expected
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Feb 26 09:50:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator:     Robert Schulze
>Release:        10.0-RELEASE
>Organization:
>Environment:
FreeBSD hostname 10.0-RELEASE FreeBSD 10.0-RELEASE #0 r262478: Tue Feb 25 
13:25:37 CET 2014     root@hostname:/usr/obj/usr/src/sys/JWEB  amd64


>Description:
When mounting devfs into jails via mount.devfs in /etc/jail.conf, it is 
expected to be assigned the ruleset #4 by default, so that only basic device 
nodes are accessible inside the jail. However, without explicitly setting 
devfs_load_rulesets="YES" in /etc/rc.conf, the jail's devfs doesn't get 
restricted, it will contain all device nodes instead.

>How-To-Repeat:

>Fix:
Either make devfs_load_rulesets="YES" the default in /etc/defaults/rc.conf or 
clearly state that this has to be set explicitly in the manpage of jail(8).


>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

misc/187079: devfs_load_rulesets has to be enabled for mount.devfs to behave like expected

Reply via email to