# Mounting ZFS Filesystem in Jail "Insufficient privileges"



## FormA (Apr 6, 2014)

Hello fellow FreeBSD users.

I am running in circles here because I can't solve the following problem:

I have a FreeBSD host running with several services, each in an individual jail. DNS and DHCP are already running, no problems here. Then I started to install a fileserver as a new jail... and here the drama starts.....

I have 3 ZFS Filesystems on the host which I am trying to mount in the fileserver jail:
storage1/data1
storage1/private
storage2/data2

As told in several blogs posts and howtos I added to the hosts /etc/sysctl.conf the following lines:

```
echo security.jail.mount_allowed=1
echo security.jail.enforce_statfs=0
```

Then I activated the jailed mode for one of the filesystems: 

```
zfs set jailed=on /storage1/data1
```

Finally I added this filesystem to my fileservers jail:

```
zfs jail 3 /storage1/data1
```

When I use `zfs list` inside the fileserver jail I can see the filesystem:

```
NAME          USED  AVAIL  REFER  MOUNTPOINT
storage1         573G  1.23T   144K  /mnt/stor1
storage1/data1   573G  1.23T   573G  /mnt/stor1/data1
```

NOW THE PROBLEM:

When I am trying to mount it I get a 

```
cannot mount 'storage1/data1': Insufficient privileges
```

I worked all the way through this forum but I could find anything that helped me. I also checked out several blog posts but the biggest part of them were ~5 years old and don't working any more.... I simply do not know which kind of privileges are missing.

These are the blog posts I checked out:

http://www.nlrs.fr/2013/08/29/freebsd-zfs-nas-jail/
http://blogs.freebsdish.org/pjd/2007/03/18/zfs-and-freebsd-jails/comment-page-8/
http://www.chruetertee.ch/blog/archive/2008/01/13/zfs-in-einer-freebsd-jail-verwenden.html

It would be very kind if anybody please give me a hint how to solve this problem.

Thank you

Regards

David


----------



## FormA (Apr 20, 2014)

*Re: Mounting ZFS Filesystem in Jail "Insufficient privileges*

Hi again,

I solved the problem by timeconsuming try-and-error. Here is the solution for mounting a zfs filesystem in a jail:

```
jail -m jid=1 allow.mount=1 allow.mount.zfs=1 enforce_statfs=1
zfs set jailed=on storage1/data1
zfs jail 1 storage1/data1
jexec 1 zfs mount storage1/data1
```

(Some of these commands may be redundant with the commands in my first post)

This thread my be closed.

Thanks

D


----------



## SirDice (Apr 21, 2014)

*Re: Mounting ZFS Filesystem in Jail "Insufficient privileges*

In order to allow this you must set vfs.usermount on the host. You can then set a filesystem to jailed and assign it a jail. Use the jail's name instead of the JID.


----------

