1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

NULLFS/NFS mounts inside FreeBSD 8.0 jail for tinderbox

Discussion in 'General' started by cbowlby, Apr 13, 2010.

  1. cbowlby

    cbowlby New Member

    Messages:
    8
    Thanks Received:
    0
    Hi Guys,

    I currently use nullfs to mount my ports folders inside some jails that I have running, but one of the things I'd like to do is create a completely "jailed" tinderbox server, where all elements of the tinderbox are in it's own jail.

    As such I have a choice of trying NFS mounts (which wont work), and nullfs based mounts, which also wont work as far as I know. As I am running FreeBSD 8.0, is there anything that I can do to use one or the other?
     
  2. SirDice

    SirDice Moderator Staff Member Moderator

    Messages:
    17,515
    Thanks Received:
    2,351
    Nullfs works fine:

    Code:
    dice@molly:~>mount
    /dev/ad0s1a on / (ufs, local)
    devfs on /dev (devfs, local, multilabel)
    /dev/gvinum/temp on /tmp (ufs, local)
    /dev/ad0s1d on /var (ufs, local, soft-updates)
    /dev/ad0s1e on /usr (ufs, local, soft-updates)
    /dev/ad0s2g on /usr/home (ufs, local, soft-updates)
    /dev/ad0s1f on /usr/src (ufs, NFS exported, local, soft-updates)
    /dev/ad0s1g on /usr/obj (ufs, NFS exported, local, soft-updates)
    /dev/ad0s1h on /usr/ports (ufs, NFS exported, local, soft-updates)
    /dev/ad0s2d on /jail/j1 (ufs, local)
    /dev/ad0s2e on /jail/j2 (ufs, local)
    /dev/gvinum/raid5 on /storage (ufs, NFS exported, local)
    /storage/MediaTomb/Movies on /jail/j1/exports/Movies (nullfs, local, read-only)
    /storage/FreeBSD on /jail/j1/exports/Freebsd (nullfs, local, read-only)
    /storage/MediaTomb/Software on /jail/j1/exports/Software (nullfs, local, read-only)
    devfs on /jail/j1/dev (devfs, local, multilabel)
    /tmp/build on /jail/j2/tmp/build (nullfs, local)
    /usr/ports on /jail/j2/usr/ports (nullfs, local)
    /storage/FreeBSD/distfiles on /jail/j2/usr/ports/distfiles (nullfs, local)
    /usr/src on /jail/j2/usr/src (nullfs, local)
    /usr/obj on /jail/j2/usr/obj (nullfs, local)
    devfs on /jail/j2/dev (devfs, local, multilabel)
    /storage/FreeBSD/packages_20100217 on /jail/j2/usr/ports/packages (nullfs, local)
    


    Just make sure they are mounted on the host side, not from inside a jail. You can use seperate fstabs for them.

    Code:
    dice@molly:~>cat /etc/fstab.build 
    /tmp/build	/jail/j2/tmp/build	nullfs	rw	0	0
    /usr/ports      /jail/j2/usr/ports      nullfs  rw      0       0
    /storage/FreeBSD/distfiles	/jail/j2/usr/ports/distfiles	nullfs	rw	0	0
    /usr/src        /jail/j2/usr/src        nullfs  rw      0       0
    /usr/obj        /jail/j2/usr/obj        nullfs  rw      0       0
    
     
  3. cbowlby

    cbowlby New Member

    Messages:
    8
    Thanks Received:
    0
    Yes, I know that mounting nullfs file systems works, as I use those already. However, the way tinderbox mounts a nullfs or NFS mounted partition is from inside the jail, through the following steps:

    1. tinderbox extracts the "distribution" it is going to build a port on.
    2. tinderbox configures and starts (it's a chroot build platform that acts "similar" to a jail, but is not actually a jail).
    3. it mounts the ports tree through either a nullfs or nfs partition, depending on what has been specified.
    4. builds the port(s).
    5. unmounts the partitions and closes down after it's either completed or failed.

    Because of step 3, I don't think I can "mount" those partitions in advance from sections external to the jail. Tinderbox wants to do the mounting after extracting and configuring the build "jail" (again, they use the term jail, but it's not a true jail).

    So the hierarchical picture looks like:

    Code:
    host
    |- jail 1
    |- jail 2
    |- ...
    |- tinderbox jail
        |--- build jail 1
        |--- build jail 2
        |--- etc.


    Thus far, everything up to the point of mounting the ports tree works with out issue.
     
  4. SirDice

    SirDice Moderator Staff Member Moderator

    Messages:
    17,515
    Thanks Received:
    2,351
    Ah. I see. I don't actually use tinderbox. I do all the building by hand.
     
  5. cbowlby

    cbowlby New Member

    Messages:
    8
    Thanks Received:
    0
    I have been as well, but wanted to play around with tinderbox to see how it worked and if it could speed up some of my turnarounds.
     
  6. SirDice

    SirDice Moderator Staff Member Moderator

    Messages:
    17,515
    Thanks Received:
    2,351
    I'm assuming it's just one big script that automates a lot of steps. Perhaps you can modify the code slightly to not mount the ports tree and make sure it's mounted beforehand?
     
  7. cbowlby

    cbowlby New Member

    Messages:
    8
    Thanks Received:
    0