[PC-BSD Testing] Ports Console, continued

Ian Robinson fitchkendall at gmail.com
Sun Jan 3 07:55:40 PST 2010

In a discussion between Ian Robinson & Brodey Dover about accessing the
 system hard disk and other disks from within ports console,
Brodey Dover replied:

>I'm actually confused that you can get the system disk's /home since the
>script seems to mount a null device for /home! I can see what would need
>to be done to get what you want but I also see why certain things were
>done to setup the jail that way.
>Ian you could edit the /PCBSD/portjail/portjail.sh script yourself and
>have your drives mounted that way. I can see some opinions on how or
>whether mounting all/any disk drives (other than boot) would be wanted
>in the shell. I am of the opinion that it should be done because I can
>see some usages in the IT world.

First, thanks for the suggestion about editing the portjail script.  In the
meantime, I sought instant gratification and broke the rules when I
installed the Kaffeine port using the traditional method in a regular
terminal.  The good news is nothing broken that I know of.

Following up on your excellent suggestion to modify the script, I looked it
over.  I saw the /home directory is mounted in the script at this line:
mount_nullfs /usr/home ${PJDIR}/usr/home

and, upon closing the port console, is unmounted with this line:
 umount ${PJDIR}/usr/home

Accordingly, one would have to insert lines into the shell script to mount
and unmount the drive directories at the target mountpoints.

Another workaround might be working in the regular system to set new
mountpoints under the users /home directory and then mount the drives on the
new mountpoints.

I'm guessing that the main reason Kris gave the jail access to the home
directory is because one needs access to read and write data from the
program that you are running in the ports console as well as read/write
access by other programs that are not run through the ports console.  But if
one needed to protect the data being accessed from corruption, the owner
could set permissions to read access  only or could copy the data into the
jail leaving the original otherwise inaccessible.

Anyway, Brodey, you have come up with an excellent suggestion.

Ian Robinson
Salem, Ohio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pcbsd.org/pipermail/testing/attachments/20100103/503aa7ab/attachment.html>

More information about the Testing mailing list