Running webcamd(8) inside a Jail

I’m trying to run webcamd(8) inside a Jail. On the host, I have set vfs.usermount=1, loaded the cuse Kernel module, and added the following lines to /etc/devfs.rules:
Code:
[devfsrules_jail=4]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'cuse' unhide
add path 'ugen*' unhide
add path 'usb/*' unhide
add path 'video*' unhide
add path usb unhide
add path usbctl unhide
add path zfs unhide

Inside the Jail, usbconfig lists all attached USB devices and webcamd -d 0.6 states that the video devices for the webcam are created:
Code:
# webcamd -d 0.6
Attached to ugen0.6[0]
Creating /dev/video0
Creating /dev/video1
But there are no video* devices:
Code:
# ls -al /dev
total 11
dr-xr-xr-x  10 root  wheel      512 Jan 24 17:41 .
drwxr-xr-x  17 root  wheel       22 Jan 24 16:38 ..
crw-------   1 root  operator  0xf2 Jan 24 16:43 cuse
dr-xr-xr-x   2 root  wheel      512 Jan 24 17:41 fd
crw-rw-rw-   1 root  wheel     0x1a Jan 24 20:50 null
dr-xr-xr-x   2 root  wheel      512 Jan 24 17:41 pts
crw-r--r--   1 root  wheel      0x9 Aug 21 08:01 random
lrwxr-xr-x   1 root  wheel        4 Jan 24 17:41 stderr -> fd/2
lrwxr-xr-x   1 root  wheel        4 Jan 24 17:41 stdin -> fd/0
lrwxr-xr-x   1 root  wheel        4 Jan 24 17:41 stdout -> fd/1
lrwxr-xr-x   1 root  wheel        9 Jan 24 17:41 ugen0.1 -> usb/0.1.0
lrwxr-xr-x   1 root  wheel        9 Jan 24 17:41 ugen0.2 -> usb/0.2.0
lrwxr-xr-x   1 root  wheel        9 Jan 24 17:41 ugen0.3 -> usb/0.3.0
lrwxr-xr-x   1 root  wheel        9 Jan 24 17:41 ugen0.4 -> usb/0.4.0
lrwxr-xr-x   1 root  wheel        9 Jan 24 17:41 ugen0.5 -> usb/0.5.0
lrwxr-xr-x   1 root  wheel        9 Jan 24 17:41 ugen0.6 -> usb/0.6.0
lrwxr-xr-x   1 root  wheel        9 Jan 24 17:41 ugen1.1 -> usb/1.1.0
lrwxr-xr-x   1 root  wheel        9 Jan 24 17:41 ugen1.2 -> usb/1.2.0
lrwxr-xr-x   1 root  wheel        9 Jan 24 17:41 ugen2.1 -> usb/2.1.0
lrwxr-xr-x   1 root  wheel        9 Jan 24 17:41 ugen2.2 -> usb/2.2.0
lrwxr-xr-x   1 root  wheel        6 Jan 24 17:41 urandom -> random
dr-xr-xr-x   2 root  wheel      512 Jan 24 17:41 usb
crw-r--r--   1 root  operator  0x4c Aug 21 08:01 usbctl
crw-rw-rw-   1 root  wheel     0x1b Aug 21 10:01 zero
crw-rw-rw-   1 root  operator  0x49 Aug 21 08:01 zfs

Any hints on what went wrong?
 
I'm afraid webcamd won't work inside a jail.
The required privilege to create device nodes is denied for jailed processes.

If you're willing to manipulate the FreeBSD kernel source code, you can add PRIV_DRIVER to the list of allowed privileges in the function prison_priv_check in the file sys/kern/kern_jail.c, then rebuild your kernel and reboot. Then webcamd should work in a jail. Of course, you do that at your own risk.
 
Hi, just wondering how this worked out for you. I have a webcam that I want to use inside a jailed environment. Were you able to run webcamd on host and then at least pass the device to the jail?
That should work. However, note that DEVFS is usually mounted with restrictions inside jails, i.e. only some of the devices nodes are visible. This is a default setting, and it is configurable, so just make sure that DEVFS is configured to show the video device nodes for the webcam inside your jail.
 
Hi, just wondering how this worked out for you. I have a webcam that I want to use inside a jailed environment. Were you able to run webcamd on host and then at least pass the device to the jail?
I did not continue to use webcamd(8) in a jailed environment, but I remember that it worked without problems.
 
Yeah, I ended up getting it working, along with the microphone. I did a whole writeup on it, in case you might find it useful.

 
Back
Top