Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools

changeset 331:4a17b1f4c378

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Require a mounted and working devfs within the jail when configuring a jail. Otherwise the "sysrc" command could sometimes create a /dev/null regular file within the jail.
author Franz Glasner <fzglas.hg@dom66.de>
date Wed, 30 Nov 2022 22:13:05 +0100
parents 8dbd11726ee5
children cf331d11a393
files docs/man/man8/fjail-configure.rst sbin/fjail
diffstat 2 files changed, 10 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/docs/man/man8/fjail-configure.rst	Wed Nov 30 21:59:13 2022 +0100
+++ b/docs/man/man8/fjail-configure.rst	Wed Nov 30 22:13:05 2022 +0100
@@ -55,7 +55,8 @@
 Implementation Notes
 --------------------
 
-A working dev filesystem is typically needed to work properly.
+A populated and working dev filesystem within the jail is needed to
+work properly. This is checked for.
 
 
 See Also
--- a/sbin/fjail	Wed Nov 30 21:59:13 2022 +0100
+++ b/sbin/fjail	Wed Nov 30 22:13:05 2022 +0100
@@ -396,13 +396,18 @@
         return 1
     fi
 
-    if [ "${_opt_devfs}" = "yes" ]; then
-        if [ ! -c "${_mp}/dev/null" ]; then
+    if [ -c "${_mp}/dev/null" ]; then
+        if [ "${_opt_devfs}" = "yes" ]; then
+            echo "WARNING: devfs is already mounted - mounting skipped"
+        fi
+    else
+        if [ "${_opt_devfs}" = "yes" ]; then
             echo "Mounting devfs"
             mount -t devfs devfs "${_mp}/dev"
             _umount_devfs="yes"
         else
-            echo "devfs is already mounted"
+            echo "ERROR: a working devfs is needed at \`{_mp}/dev' (use \`-d')" >&2
+            return 1
         fi
     fi