Solved Looking for input on how a jail can access a subdirectory of my non-jail user account...

P

Ps23Rick

Hi all..

I'm looking to setup a photo sharing webpage for family and want it in a jail.. But I want the directory of images to be what is sitting in my ~rick/Photos directory (read-only would be best). I gather there's no good way for the quarantined jail to access my account outside the jail obviously for security reasons. I saw some references to nullfs and the jail's /etc/fstab but it doesn't seem to like it and isn't working regardless..

Is there some better way to do this aside from using some sort of daily cron job associated on my "rick" account to "push" the latest photos to the directory in the jail containing a copy of the photos?

Maybe there's some better methodology that is secure and that sort of thing..??

Thoughts?
 
An important property of a jail is not being able to access any file outside of its tree, so nullfs(5) is the solution to share a part of the filesystem tree between host and jail or between different jails on the same host. Therefore better explain how it doesn't work for you. It will certainly work when done right.
 
Just mount required directory as read-only from host to the jail using jail's fstab.
It is a simple and good way to access some directory from jail to host,

If you do not like it then try to use rsync to sync a copy of the directory.

Another idea - is to copy source directory as hardlinks inside a jail.
cp -al /home/photos /home/jails/share/home/photoshare
 
You must log in or register to reply here.
Back
Top