# HG changeset patch
# User Franz Glasner <fzglas.hg@dom66.de>
# Date 1669842785 -3600
# Node ID 4a17b1f4c37827e50f2c909e89cc5ff134691ea8
# Parent  8dbd11726ee59ad60c9a25dd6a3da14e147f8cb9
Require a mounted and working devfs within the jail when configuring a jail.

Otherwise the "sysrc" command could sometimes create a /dev/null regular file
within the jail.

diff -r 8dbd11726ee5 -r 4a17b1f4c378 docs/man/man8/fjail-configure.rst
--- a/docs/man/man8/fjail-configure.rst	Wed Nov 30 21:59:13 2022 +0100
+++ b/docs/man/man8/fjail-configure.rst	Wed Nov 30 22:13:05 2022 +0100
@@ -55,7 +55,8 @@
 Implementation Notes
 --------------------
 
-A working dev filesystem is typically needed to work properly.
+A populated and working dev filesystem within the jail is needed to
+work properly. This is checked for.
 
 
 See Also
diff -r 8dbd11726ee5 -r 4a17b1f4c378 sbin/fjail
--- a/sbin/fjail	Wed Nov 30 21:59:13 2022 +0100
+++ b/sbin/fjail	Wed Nov 30 22:13:05 2022 +0100
@@ -396,13 +396,18 @@
         return 1
     fi
 
-    if [ "${_opt_devfs}" = "yes" ]; then
-        if [ ! -c "${_mp}/dev/null" ]; then
+    if [ -c "${_mp}/dev/null" ]; then
+        if [ "${_opt_devfs}" = "yes" ]; then
+            echo "WARNING: devfs is already mounted - mounting skipped"
+        fi
+    else
+        if [ "${_opt_devfs}" = "yes" ]; then
             echo "Mounting devfs"
             mount -t devfs devfs "${_mp}/dev"
             _umount_devfs="yes"
         else
-            echo "devfs is already mounted"
+            echo "ERROR: a working devfs is needed at \`{_mp}/dev' (use \`-d')" >&2
+            return 1
         fi
     fi