# NULLFS/NFS mounts inside FreeBSD 8.0 jail for tinderbox



## cbowlby (Apr 13, 2010)

Hi Guys, 

I currently use nullfs to mount my ports folders inside some jails that I have running, but one of the things I'd like to do is create a completely "jailed" tinderbox server, where all elements of the tinderbox are in it's own jail.

As such I have a choice of trying NFS mounts (which wont work), and nullfs based mounts, which also wont work as far as I know. As I am running FreeBSD 8.0, is there anything that I can do to use one or the other?


----------



## SirDice (Apr 14, 2010)

cbowlby said:
			
		

> As such I have a choice of trying NFS mounts (which wont work), and nullfs based mounts, which also wont work as far as I know.


Nullfs works fine:


```
dice@molly:~>mount
/dev/ad0s1a on / (ufs, local)
devfs on /dev (devfs, local, multilabel)
/dev/gvinum/temp on /tmp (ufs, local)
/dev/ad0s1d on /var (ufs, local, soft-updates)
/dev/ad0s1e on /usr (ufs, local, soft-updates)
/dev/ad0s2g on /usr/home (ufs, local, soft-updates)
/dev/ad0s1f on /usr/src (ufs, NFS exported, local, soft-updates)
/dev/ad0s1g on /usr/obj (ufs, NFS exported, local, soft-updates)
/dev/ad0s1h on /usr/ports (ufs, NFS exported, local, soft-updates)
/dev/ad0s2d on /jail/j1 (ufs, local)
/dev/ad0s2e on /jail/j2 (ufs, local)
/dev/gvinum/raid5 on /storage (ufs, NFS exported, local)
/storage/MediaTomb/Movies on /jail/j1/exports/Movies (nullfs, local, read-only)
/storage/FreeBSD on /jail/j1/exports/Freebsd (nullfs, local, read-only)
/storage/MediaTomb/Software on /jail/j1/exports/Software (nullfs, local, read-only)
devfs on /jail/j1/dev (devfs, local, multilabel)
/tmp/build on /jail/j2/tmp/build (nullfs, local)
/usr/ports on /jail/j2/usr/ports (nullfs, local)
/storage/FreeBSD/distfiles on /jail/j2/usr/ports/distfiles (nullfs, local)
/usr/src on /jail/j2/usr/src (nullfs, local)
/usr/obj on /jail/j2/usr/obj (nullfs, local)
devfs on /jail/j2/dev (devfs, local, multilabel)
/storage/FreeBSD/packages_20100217 on /jail/j2/usr/ports/packages (nullfs, local)
```

Just make sure they are mounted on the host side, not from inside a jail. You can use seperate fstabs for them.


```
dice@molly:~>cat /etc/fstab.build 
/tmp/build	/jail/j2/tmp/build	nullfs	rw	0	0
/usr/ports      /jail/j2/usr/ports      nullfs  rw      0       0
/storage/FreeBSD/distfiles	/jail/j2/usr/ports/distfiles	nullfs	rw	0	0
/usr/src        /jail/j2/usr/src        nullfs  rw      0       0
/usr/obj        /jail/j2/usr/obj        nullfs  rw      0       0
```


----------



## cbowlby (Apr 14, 2010)

Yes, I know that mounting nullfs file systems works, as I use those already. However, the way tinderbox mounts a nullfs or NFS mounted partition is from inside the jail, through the following steps:

1. tinderbox extracts the "distribution" it is going to build a port on.
2. tinderbox configures and starts (it's a chroot build platform that acts "similar" to a jail, but is not actually a jail).
3. it mounts the ports tree through either a nullfs or nfs partition, depending on what has been specified.
4. builds the port(s).
5. unmounts the partitions and closes down after it's either completed or failed.

Because of step 3, I don't think I can "mount" those partitions in advance from sections external to the jail. Tinderbox wants to do the mounting after extracting and configuring the build "jail" (again, they use the term jail, but it's not a true jail).

So the hierarchical picture looks like:


```
host
|- jail 1
|- jail 2
|- ...
|- tinderbox jail
    |--- build jail 1
    |--- build jail 2
    |--- etc.
```

Thus far, everything up to the point of mounting the ports tree works with out issue.


----------



## SirDice (Apr 14, 2010)

Ah. I see. I don't actually use tinderbox. I do all the building by hand.


----------



## cbowlby (Apr 14, 2010)

I have been as well, but wanted to play around with tinderbox to see how it worked and if it could speed up some of my turnarounds.


----------



## SirDice (Apr 14, 2010)

I'm assuming it's just one big script that automates a lot of steps. Perhaps you can modify the code slightly to not mount the ports tree and make sure it's mounted beforehand?


----------



## cbowlby (Apr 14, 2010)

No, it's a bit more then a build script, it's much more then that, here's the readme if your curious:

http://tinderbox.marcuscom.com/README.html


----------

