In my /etc/jail.conf.d/jailname.conf file, I've set to a custom ruleset by: "devfs_ruleset=100" which allows vmm, pci and mdconfig (I think "mem" - I guess) to be visible inside the jail. I confirmed that they are visible inside the jail.
Then, I changed to "devfs_ruleset=1" (which does not allow anything) in the same /etc/jail.conf.d/jailname.conf file. I reloaded the devfs_ruleset by "service devfs restart" and "service jail restart jailname" and "service jail restart". I got back into the jail and those vmm, pci and mdconfig are still visible inside the jail. It seems that changing the devfs_ruleset to "1" and restarting has no effect at all. (However, by corrupting "devfs_ruleset=1" to "diiiievfs_ruleset=1" does indeed give an error when restarting the jail, so it means the "jailname.conf" file in indeed read and processsed. Changing it back to the correct spelling of "devfs_ruleset=1" can restart the jail successfully, but the changes is still not effective.)
After that, I rebooted the system (with the "devfs_ruleset=1" set as it is) and indeed the changes were effective. I confirmed by going into the jail and to run "mdconfig -l" and "pciconf ..." (and it shows an error - which is correct).
So, I wonder what I need to do reload the changes (to devfs_ruleset, and modifying any rules in "/etc/devfs.rules") without rebooting the system? What am I missing?
Then, I changed to "devfs_ruleset=1" (which does not allow anything) in the same /etc/jail.conf.d/jailname.conf file. I reloaded the devfs_ruleset by "service devfs restart" and "service jail restart jailname" and "service jail restart". I got back into the jail and those vmm, pci and mdconfig are still visible inside the jail. It seems that changing the devfs_ruleset to "1" and restarting has no effect at all. (However, by corrupting "devfs_ruleset=1" to "diiiievfs_ruleset=1" does indeed give an error when restarting the jail, so it means the "jailname.conf" file in indeed read and processsed. Changing it back to the correct spelling of "devfs_ruleset=1" can restart the jail successfully, but the changes is still not effective.)
After that, I rebooted the system (with the "devfs_ruleset=1" set as it is) and indeed the changes were effective. I confirmed by going into the jail and to run "mdconfig -l" and "pciconf ..." (and it shows an error - which is correct).
So, I wonder what I need to do reload the changes (to devfs_ruleset, and modifying any rules in "/etc/devfs.rules") without rebooting the system? What am I missing?
Last edited:
