Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools

changeset 239:23f37702a502

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Creating datasets for base and skeleton
author Franz Glasner <fzglas.hg@dom66.de>
date Fri, 09 Sep 2022 21:48:29 +0200
parents 9b0d83703a28
children 04fde1941966
files sbin/ftjail
diffstat 1 files changed, 23 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/sbin/ftjail	Fri Sep 09 21:46:34 2022 +0200
+++ b/sbin/ftjail	Fri Sep 09 21:48:29 2022 +0200
@@ -122,7 +122,7 @@
 command_datasets_tmpl_skel() {
     local _p_base _name _dry_run
 
-    local _ds_skel _child
+    local _ds_skel _child _child_zfsopts
 
     _p_skel="${1-}"
     _name="${2-}"
@@ -160,10 +160,29 @@
     #            We typically want to use binary packages.
     #            And if we use ports they are not in usr/ports typically.
     #
-    # XXX FIXME: What about /home
+    #zfs create -u -o canmount=off "${_ds_skel}/usr/ports"
+    #
+    # XXX FIXME: What about home
     #
-    for _child in etc usr/local tmp var root ; do
-        zfs create -u -o canmount=noauto "${_ds_skel}/${_child}"
+    for _child in etc home root tmp usr/local var ; do
+        case "${_child}" in
+            "tmp"|"var/tmp")
+                _child_zfsopts="-o sync=disabled -o setuid=off"
+                ;;
+            "home")
+                _child_zfsopts="-o setuid=off"
+                ;;
+            "usr/ports/distfiles")
+                _child_zfsopts="-o exec=off -o setuid=off -o compression=off -o primarycache=metadata"
+                ;;
+            "var/mail")
+                _child_zfsopts="-o atime=on -o exec=off -o setuid=off"
+                ;;
+            *)
+                _child_zfsopts=""
+                ;;
+        esac
+        zfs create -u -o canmount=noauto ${_child_zfsopts} "${_ds_skel}/${_child}"
     done
 }