# HG changeset patch # User Franz Glasner # Date 1660641088 -7200 # Node ID 9b23832722dd7f28a2320ec3ec5b829efe7b7bae # Parent 6782ac823f86b8429a1e1a193cfe794e946bce80 Make /usr/home a separate dataset in a jail. This makes it more analogous to the standard layout of boot environments. diff -r 6782ac823f86 -r 9b23832722dd sbin/fjail --- a/sbin/fjail Tue Aug 16 08:34:34 2022 +0200 +++ b/sbin/fjail Tue Aug 16 11:11:28 2022 +0200 @@ -175,6 +175,7 @@ zfs create ${_zfsopts} -o atime=off "${_ds}" zfs create ${_zfsopts} -o sync=disabled -o setuid=off "${_ds}/tmp" zfs create ${_zfsopts} "${_ds}/usr" + zfs create ${_zfsopts} -o setuid=off "${_ds}/usr/home" zfs create ${_zfsopts} "${_ds}/usr/local" zfs create ${_zfsopts} "${_ds}/var" zfs create ${_zfsopts} -o exec=off -o setuid=off "${_ds}/var/audit"