DragonFly BSD
DragonFly users List (threaded) for 2006-11
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

New NULLFS in HEAD


From: Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 17 Nov 2006 17:31:19 -0800 (PST)

    This just a head's up in case people missed the sequence of commits
    a few weeks ago, but NULLFS is now seriously enhanced in HEAD.  You can
    glue nullfs mounts together however you like now, without restriction.

    So, for example, you can do this:

    mount_null -o ro / /jail1
    mount_null -o ro /usr /jail1/usr
    mount_null /jaildata/jail1/etc /jail1/etc

    mount_null -o ro / /jail2
    mount_null -o ro /usr /jail2/usr
    mount_null /jaildata/jail2/etc /jail2/etc

    And so forth.  You can glue pieces of the filesystem together into
    whatever arrangement you want, use chroot or jail to push into it,
    and have no visibility outside of that arrangement.  And it's ultra
    memory efficient, too.  The namecache and vnode topology is shared
    with the base filesystems and do not eat any extra memory.

    With a small bit of work it would probably even be possible to 
    export these synthesized filesystems via NFS (albeit with all the
    security issues involved when not glueing together filesystem roots).
    If someone wants to getting NFS exports working properly on nullfs
    mounts would be a nice little project.

					-Matt
					Matthew Dillon 
					<dillon@xxxxxxxxxxxxx>



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]