NULLFS/NFS mounts inside FreeBSD 8.0 jail for tinderbox

cbowlby · #1 April 13th, 2010, 22:42

Hi Guys,

I currently use nullfs to mount my ports folders inside some jails that I have running, but one of the things I'd like to do is create a completely "jailed" tinderbox server, where all elements of the tinderbox are in it's own jail.

As such I have a choice of trying NFS mounts (which wont work), and nullfs based mounts, which also wont work as far as I know. As I am running FreeBSD 8.0, is there anything that I can do to use one or the other?

**SirDice** · #2 April 14th, 2010, 07:45

Quote:

Originally Posted by cbowlby

As such I have a choice of trying NFS mounts (which wont work), and nullfs based mounts, which also wont work as far as I know.

Nullfs works fine:

Code:

dice@molly:~>mount
/dev/ad0s1a on / (ufs, local)
devfs on /dev (devfs, local, multilabel)
/dev/gvinum/temp on /tmp (ufs, local)
/dev/ad0s1d on /var (ufs, local, soft-updates)
/dev/ad0s1e on /usr (ufs, local, soft-updates)
/dev/ad0s2g on /usr/home (ufs, local, soft-updates)
/dev/ad0s1f on /usr/src (ufs, NFS exported, local, soft-updates)
/dev/ad0s1g on /usr/obj (ufs, NFS exported, local, soft-updates)
/dev/ad0s1h on /usr/ports (ufs, NFS exported, local, soft-updates)
/dev/ad0s2d on /jail/j1 (ufs, local)
/dev/ad0s2e on /jail/j2 (ufs, local)
/dev/gvinum/raid5 on /storage (ufs, NFS exported, local)
/storage/MediaTomb/Movies on /jail/j1/exports/Movies (nullfs, local, read-only)
/storage/FreeBSD on /jail/j1/exports/Freebsd (nullfs, local, read-only)
/storage/MediaTomb/Software on /jail/j1/exports/Software (nullfs, local, read-only)
devfs on /jail/j1/dev (devfs, local, multilabel)
/tmp/build on /jail/j2/tmp/build (nullfs, local)
/usr/ports on /jail/j2/usr/ports (nullfs, local)
/storage/FreeBSD/distfiles on /jail/j2/usr/ports/distfiles (nullfs, local)
/usr/src on /jail/j2/usr/src (nullfs, local)
/usr/obj on /jail/j2/usr/obj (nullfs, local)
devfs on /jail/j2/dev (devfs, local, multilabel)
/storage/FreeBSD/packages_20100217 on /jail/j2/usr/ports/packages (nullfs, local)

Just make sure they are mounted on the host side, not from inside a jail. You can use seperate fstabs for them.

Code:

dice@molly:~>cat /etc/fstab.build 
/tmp/build	/jail/j2/tmp/build	nullfs	rw	0	0
/usr/ports      /jail/j2/usr/ports      nullfs  rw      0       0
/storage/FreeBSD/distfiles	/jail/j2/usr/ports/distfiles	nullfs	rw	0	0
/usr/src        /jail/j2/usr/src        nullfs  rw      0       0
/usr/obj        /jail/j2/usr/obj        nullfs  rw      0       0

cbowlby · #3 April 14th, 2010, 13:13

Yes, I know that mounting nullfs file systems works, as I use those already. However, the way tinderbox mounts a nullfs or NFS mounted partition is from inside the jail, through the following steps:

1. tinderbox extracts the "distribution" it is going to build a port on.
2. tinderbox configures and starts (it's a chroot build platform that acts "similar" to a jail, but is not actually a jail).
3. it mounts the ports tree through either a nullfs or nfs partition, depending on what has been specified.
4. builds the port(s).
5. unmounts the partitions and closes down after it's either completed or failed.

Because of step 3, I don't think I can "mount" those partitions in advance from sections external to the jail. Tinderbox wants to do the mounting after extracting and configuring the build "jail" (again, they use the term jail, but it's not a true jail).

So the hierarchical picture looks like:

Code:

host
|- jail 1
|- jail 2
|- ...
|- tinderbox jail
    |--- build jail 1
    |--- build jail 2
    |--- etc.

Thus far, everything up to the point of mounting the ports tree works with out issue.

**SirDice** · #4 April 14th, 2010, 13:33

Ah. I see. I don't actually use tinderbox. I do all the building by hand.

cbowlby · #5 April 14th, 2010, 14:22

I have been as well, but wanted to play around with tinderbox to see how it worked and if it could speed up some of my turnarounds.

**SirDice** · #6 April 14th, 2010, 14:51

I'm assuming it's just one big script that automates a lot of steps. Perhaps you can modify the code slightly to not mount the ports tree and make sure it's mounted beforehand?

cbowlby · #7 April 14th, 2010, 19:47

No, it's a bit more then a build script, it's much more then that, here's the readme if your curious:

http://tinderbox.marcuscom.com/README.html

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
mfs (tmp) inside a jail?	mamalos	General	7	March 17th, 2010 22:22
DNS inside jail	gpatrick	Web & Network Services	0	November 1st, 2009 04:43
jail nullfs question	wonslung	General	7	June 18th, 2009 17:45
ezjail and zfs from inside the jail	wonslung	General	9	June 2nd, 2009 00:05
syslog-ng inside jail	myha	Installing & Upgrading	1	December 23rd, 2008 13:28