On 2010-03-02 11:00:45, Dag-Erling Smørgrav wrote: > xorquew...@googlemail.com writes: > > Basically, I have a ton of jails and each jail mounts a shared 'tmp', > > That's not a good idea, there are too many opportunities for conflicts > (software that creates sockets and state directories with non-randomized > names in /tmp) and might even allow a compromised jail to compromise the > others.
Don't panic. It's actually mounted at /shared_tmp as an explicit means for jails to communicate via the filesystem. In other words, it's known to be unsafe. I use it to sandbox programs to some extent (download a pdf on the host into /shared_tmp and open it in a pdf reader in a jail that has no network or other filesystem access). The jails also aren't externally accessible. > zfs set mountpoint=/jail/8.0-amd64-mk4 storage/jails/8.0/x86_64/mk4 > > Children of storage/jails/8.0/x86_64/mk4 will inherit this property, so > they will automatically appear where you expect; alternatively, you can > set the mountpoint property for each individual fileset. I see. Is it possible to define multiple mountpoints (to emulate what nullfs provides)? xw _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
