DragonFly BSD
DragonFly bugs List (threaded) for 2006-01
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: nullfs mount ignores readonly flag

From: David Beck <dbeck@xxxxxxxxxxxxx>
Date: Mon, 09 Jan 2006 16:28:05 +0100

OK. Thanks for the advise.

[I know this should go to another newsgroup...]

The idea was to use nullfs for jail filesystems, so I don't need to duplicate files as many times as jails I have.

This had two advantages to my opinion:
- the jail would share system executables on a readonly filesystem, so system upgardes would be easier.
- also I thought that this would increase the level of security in jails.

If not nullfs would you recommend NFS in a similar setup? Do you see an other solution that works better?

Thank you very much,


Simon 'corecode' Schubert wrote:

David Beck wrote:

Would that fix mean that the no-setuid, no-exec and other flags will work as well?

Regards, David.

Matthew Dillon wrote:

I expect there will be things that need working on. That's one of
them. Hmm. We will probably have to hold the namecache entry for
normal files and use the namecache's mount point to check for the
read-only filesystem status. No biggy (we already do this for directories to maintain the CD path), but it may take a few days to

Talking of nullfs: I'd strongly advise not to use it in its current state in production. There are many things that need to be resolved first. See my post on kernel@


[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]