Allow mounting FUSE filesystems in jails

Reviewed by:	jamie
MFC after:	2 weeks
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16371
This commit is contained in:
asomers 2018-07-20 21:35:31 +00:00
parent 2b0104e050
commit 291db697fb
3 changed files with 11 additions and 2 deletions

View File

@ -84,4 +84,5 @@ add path stderr unhide
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path fuse unhide
add path zfs unhide

View File

@ -91,7 +91,7 @@ static struct vfsconf fuse_vfsconf = {
.vfc_name = "fusefs",
.vfc_vfsops = &fuse_vfsops,
.vfc_typenum = -1,
.vfc_flags = VFCF_SYNTHETIC
.vfc_flags = VFCF_JAIL | VFCF_SYNTHETIC
};
SYSCTL_INT(_vfs_fuse, OID_AUTO, kernelabi_major, CTLFLAG_RD,

View File

@ -25,7 +25,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd May 4, 2018
.Dd July 20, 2018
.Dt JAIL 8
.Os
.Sh NAME
@ -580,6 +580,14 @@ This permission is effective only together with
and only when
.Va enforce_statfs
is set to a value lower than 2.
.It Va allow.mount.fusefs
privileged users inside the jail will be able to mount and unmount
fuse-based file systems.
This permission is effective only together with
.Va allow.mount
and only when
.Va enforce_statfs
is set to a value lower than 2.
.It Va allow.mount.nullfs
privileged users inside the jail will be able to mount and unmount the
nullfs file system.