We need to use 'applyset' command for devfs, 'apply hide' is not enough,

because new devfs entries can show up later and one can access such entires from inside named chroot. In rc.d scripts we can use devfs_domount() function with devfsrules_hide_all policy and unhide 'null' and 'random' manually.
2005-05-23 12:25:33 +00:00 · 2005-05-23 12:25:33 +00:00 · 8f5aed3be4
commit 8f5aed3be4
parent 14bf9dc9bc
1 changed files with 2 additions and 6 deletions
--- a/etc/rc.d/named
+++ b/etc/rc.d/named
@ -58,12 +58,8 @@ chroot_autoupdate()

 	# Mount a devfs in the chroot directory if needed
 	#
-	if [ ! -c ${named_chrootdir}/dev/random -o \
-	    ! -c ${named_chrootdir}/dev/null ]; then
-		umount ${named_chrootdir}/dev 2>/dev/null
-		mount_devfs devfs ${named_chrootdir}/dev
-	fi
-	devfs -m ${named_chrootdir}/dev rule apply hide
+	umount ${named_chrootdir}/dev 2>/dev/null
+	devfs_domount ${named_chrootdir}/dev devfsrules_hide_all
 	devfs -m ${named_chrootdir}/dev rule apply path null unhide
 	devfs -m ${named_chrootdir}/dev rule apply path random unhide