Memory Disk In A Jail

dinsdale

dinsdale

Hello,
I've got an older 32 core AMD supermicro server I picked up from a local computer store for 600 bucks. They had Windows Home Edition installed on it! Tee hee. Anyway, I'm configuring for mutlipurpose use with jails and I've given a friend a jail to build for arm. He likes to use memdisk to create the package - his blog is here: http://blog.uditagarwal.in. When trying to create a memdisk we get the following error:

root@rtemsbuild:/home/russellh # uname -a
FreeBSD rtemsbuild 11.1-RELEASE FreeBSD 11.1-RELEASE #0: Sat Jun 2 22:49:42 PDT 2018 russellh@sylvester:/usr/obj/usr/src/sys/GENERIC amd64
root@rtemsbuild:/home/russellh # mdconfig -f bbb.img -u md0
mdconfig: open(/dev/mdctl): No such file or directory

Which makes sense because there is nothing in /dev:
root@rtemsbuild:/home/russellh # ls /dev
fd null random stdin urandom zfs
log pts stderr stdout zero

So I drilled in on jail(8)() and devfs(5) (). I *think* I've put together the following:

iocell
iocell set enforce_statfs=1 rtemsbuild
iocell set allow_mount=1 rtemsbuild
iocell set allow_mount_devfs=1 rtemsbuild

Oh, ya: I'm using iocell because I liked the old iocage just fine. Anyway, once that's configured I add a rule for devfs:

devfs -m /iocell/jails/15bba306-7383-11e8-b92c-00259070d370/root/dev rule add path mdctl mode 666

I've restarted the jail as well but I'm still not seeing mdctl. Can anyone point out what I've missed? Do I need to mount mdctl into my jail?

Update: "Computer says no" (to mkdir for mount):
root@sylvester:/home/russellh # mkdir /iocell/jails/15bba306-7383-11e8-b92c-00259070d370/root/dev/mdctl
mkdir: /iocell/jails/15bba306-7383-11e8-b92c-00259070d370/root/dev/mdctl: Operation not supported

Any advice would be grand. I'm aware that it's a "security risk" but I'm not concerned about that. If an alternative can be suggested that would be as practical and fast as a memdisk I'd be willing to entertain an alternative.
Cheers,
dinsdale
 
Hi,
From what I know you can "unhide" the device so that it is visible inside the jail. But you need to create the character device outside the jail I think, else you need to unhide /dev/mdctl aswell.
/etc/devfs.rules
Code: 
[devfsrules_jail=5]
add path 'md*' unhide
add path 'md*' mode 0777

And then you need to restart devd and add something in /etc/rc.conf to activate those rules I guess. See /etc/defaults/rc.conf .

--HPS
 
dinsdale said:
Hello,
I've got an older 32 core AMD supermicro server I picked up from a local computer store for 600 bucks. They had Windows Home Edition installed on it! Tee hee. Anyway, I'm configuring for mutlipurpose use with jails and I've given a friend a jail to build for arm. He likes to use memdisk to create the package - his blog is here: http://blog.uditagarwal.in. When trying to create a memdisk we get the following error:

root@rtemsbuild:/home/russellh # uname -a
FreeBSD rtemsbuild 11.1-RELEASE FreeBSD 11.1-RELEASE #0: Sat Jun 2 22:49:42 PDT 2018 russellh@sylvester:/usr/obj/usr/src/sys/GENERIC amd64
root@rtemsbuild:/home/russellh # mdconfig -f bbb.img -u md0
mdconfig: open(/dev/mdctl): No such file or directory

...

Cheers,
dinsdale
Click to expand...
Aside from needing to setup specific policies for your jail(8)'s to permit creating memory disks (md(4)). You've used the md(4) command incorrectly; You actually wanted to use:
Code: 
mdconfig -f bbb.img -u 0
note that I didn't preface the (md)disk number with md, as you did. :)

HTH

--Chris
 
You must log in or register to reply here.
Back
Top