DragonFly bugs List (threaded) for 2006-01
Re: nullfs mount ignores readonly flag
David Beck <dbeck@xxxxxxxxxxxxx> wrote:
> The idea was to use nullfs for jail filesystems, so I don't need to
> duplicate files as many times as jails I have.
> This had two advantages to my opinion:
> - the jail would share system executables on a readonly filesystem,
> so system upgardes would be easier.
> - also I thought that this would increase the level of security in
> If not nullfs would you recommend NFS in a similar setup? Do you see an
> other solution that works better?
Personally, I use NFS loopback union mounts (read-only) for
the very same thing (i.e. multiple jails). Note that, by
saying "union mounts" I mean the -o union flag of the mount
command, *not* UNIONFS which I'd rather avoid. The -o union
flag serves a similar purpose and is rock stable. It's a
bit less flexible than UNIONFS because it merges only the
contents of the root directory of the file system mounted,
but that's usually sufficient (with the help of a few sym-
The performance of loopback NFS is very good. I was afraid
that the NFS overhead would kill the machine, but it turned
out not to be an issue.
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.