On 09/12/2016 12:03, Miroslav Lachman wrote:
I am not sure, maybe it is not possible to hide them when you need to
manage zfs inside jail.
If you can live with not managing zfs inside but from the host, then
you can use enforce_statfs=2. Then you will see just a root dataset
inside jail.
enforce_statfs=0 ~ you will see all datasets and partitions from the host
enforce_statfs=1 ~ you will see all related to this jail (parents,
devfs etc)
enforce_statfs=2 ~ only root mount is visible
I will try enforce_statfs=2, maybe that will give me what I need. But
still, not sure what is happening with jailed=on
zfs set jailed=on gT/JailS/testJail << Did you set this property?
Now this is an interesting bit. I tried this, and as soon as I ran the
command, the dataset vanished :P
Not only that, I could not run jail any more. Given that gT/JailS is
mounted on /JailS and the path parameter in jail.conf is
/JailS/testJail, I am not surprised that the jail did not run (it
initially complained about not being able to mount /dev, as it cannot
find /JailS/testJail/dev)
As a workaround, I removed mount.devfs, mount.procfs (that complained
too), mount.fdesc (complained too), and then the jail ran
But now that I do not have devfs, I could not do anything with zfs -- I
could not even see them. So, manipulation from within the jail or
outside the jail was no longer possible.
Interesting. All documentation says jailed=on must be set.
Yes, I know. I checked everywhere and that seems to be the norm. But the
moment I do it, my jail no longer functions :P
"Everybody" say "use ezjail" because it was the first tool to
manipulate jails available for the masses. I tried it after I learned
all things about jails the hard way and then I realised ezjail is
doing strange things in some cases. I know it evolved, but I you need
to use some tool there are some better tools (in my opinion) which
were developed with ZFS features from the start.
You can try iocage or cbsd. They also can manage bhyve guests.
I did try iocage for bhyve some time back, honestly, I did not like it
(maybe because it tried to do things on my behalf without letting me
know what it was doing). I settled for vm-bhyve instead and am quite
happy about it. cbsd I have not tried, maybe I'll give that a shot.
Still, my desire for keeping it simple and raw is preventing me from
taking any of these routes. I would very much like NOT to run any
additional package on the host/base itself. I already have screen, mc
and wget -- that is an overkill in my own personal opinion.
Let us see how it goes. If I discover something, I will post it back.
Thanks again for your support and suggestions, they had been very very
helpful.
Best regards
SK
_______________________________________________
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
