Created attachment 146188 [details] patch that introduces allow.mount.fdescfs FreeBSD has hierarchical jail support since r192895. However, not being able to mount all required filesystems makes it somewhat less useful as some software (bash, java) requires fdescfs being mounted on /dev/fd This patch introduces the jail parameter allow.mount.fdescfs. Tested on r268794 Possible caveat is that PR_ALLOW_ALL went from 0x0fff to 0xffff and only space for three more options to pr_allow. The flags field still remains a word and should imho not introduce a ABI change.
I do not indend to commit this. But a small note from reading the patch, the changed value of PR_ALLOW_ALL is wrong, it shall be 0x1fff.
Created attachment 147927 [details] patch that introduces allow.mount.fdescfs Patch adjusted with feedback from kib@ Still using allow.mount.fdescfs instead of proposed allow.mount.devfs as the current pattern is that each pseudofs has its own flag. It would be better to introduce an allow.mount.pseudofs for that, but this is not the place nor time patch can be applied to -current, followed by a MFC to stable/10
A commit references this bug: Author: jamie Date: Wed Jan 28 21:08:11 UTC 2015 New revision: 277855 URL: https://svnweb.freebsd.org/changeset/base/277855 Log: Add allow.mount.fdescfs jail flag. PR: 192951 Submitted by: ruben@verweg.com MFC after: 3 days Changes: head/sys/fs/fdescfs/fdesc_vfsops.c head/sys/kern/kern_jail.c head/sys/sys/jail.h head/usr.sbin/jail/jail.8
A commit references this bug: Author: jamie Date: Sat Jan 31 17:35:55 UTC 2015 New revision: 277985 URL: https://svnweb.freebsd.org/changeset/base/277985 Log: MFC r277855: Add allow.mount.fdescfs jail flag. PR: 192951 Submitted by: ruben@verweg.com Changes: _U stable/10/ stable/10/sys/fs/fdescfs/fdesc_vfsops.c stable/10/sys/kern/kern_jail.c stable/10/sys/sys/jail.h stable/10/usr.sbin/jail/jail.8