# Mount linprocfs in jail



## noobster (Aug 3, 2009)

What is the easiest/best way to mount linprocfs in a jail? I tried searching the web, but there were surprisingly few results. Thanks.


----------



## SirDice (Aug 3, 2009)

You could try putting the entry in /etc/fstab.jailname and set *jail_jailname_fstab="YES"* in /etc/rc.conf.

Not sure if this will work for linprocfs though.


----------



## noobster (Aug 3, 2009)

Thanks for the prompt response. I tried, but it doesn't show up when I run mount.


----------



## noobster (Aug 3, 2009)

I also tried mounting it manually from the host system, but again it doesn't show up in mount.


----------



## SirDice (Aug 3, 2009)

It will get mounted when you /etc/rc.d/jail start.

And it won't show up in mount on the jail too 
Only the 'root' file system will show up. Doesn't mean it's not there though.


----------



## SirDice (Aug 3, 2009)

Oh wait.. It's *jail_jailname_mount_enable="YES"*


----------



## noobster (Aug 3, 2009)

Thanks again. So I did the following. I created /etc/fstab.jailname and inserted 'linproc /compat/linux/proc linprocfs rw 0 0'. I made sure that directory exists in the jail. In /etc/rc.conf I added jail_jailname_mount_enable="YES" and then I restarted the jail. Now, how can I check if it really works if it doesn't show up in mount?


----------



## SirDice (Aug 4, 2009)

noobster said:
			
		

> Now, how can I check if it really works if it doesn't show up in mount?


If the jail is running it should show up in the host's mount. Just not the jail's.

You can also set the sysctl security.jail.enforce_statfs see jail(8) about this.


----------



## noobster (Aug 4, 2009)

It works now! I did have to change 'linproc /compat/linux/proc linprocfs rw 0 0' to 'linproc /path-to-jail/usr/compat/linux/proc linprocfs rw 0 0', because it's relative to the host and not the jail. Thanks for your help.


----------



## SirDice (Aug 4, 2009)

The added bonus of using /etc/fstab.jailname is that those filesystems will get mounted/unmounted when the jail itself starts/stops. 

I use it to mount (using nullfs) a couple of directories from my /storage into a jail running apache.


----------



## noobster (Aug 4, 2009)

Yes, I figured that .


----------



## bryn1u (Jul 24, 2014)

Hey, 
I have similar problem but with FreeBSD 10 - STABLE. There is other situation becuse everything is added to jail.conf. I was reading man about jail, there are two entries:


> *mount*   A filesystem to mount before creating the jail (and to unmount
> after removing it), given as a single fstab(5) line.
> 
> *mount.fstab*
> ...


Whereis any example how to mount linproc /compat/linux/proc linprocfs rw 0 0 in jail.conf ?


----------



## SirDice (Jul 24, 2014)

This works: 

```
build {
        host.hostname = "j-build.dicelan.home";
        ip4.addr = a.a.a.a;
        ip6.addr = b:b:b:b::b;
        interface = em0;

        path = /jails/j-build-amd64/;
        mount.fstab = /etc/fstab.$name;
        mount.devfs = 1;
        enforce_statfs = 1;
}
```
You then create /etc/fstab.build (the jail's name is build):

```
dice@molly:~ % cat /etc/fstab.build
/usr/src                /jails/j-build-amd64/usr/src                    nullfs  ro      0       0
/usr/ports              /jails/j-build-amd64/usr/ports                  nullfs  rw      0       0
/usr/ports/distfiles    /jails/j-build-amd64/usr/ports/distfiles        nullfs  rw      0       0
/usr/ports/packages     /jails/j-build-amd64/usr/ports/packages         nullfs  rw      0       0
```
I've used nullfs(5) a lot but you can mount any kind of filesystem this way.


----------



## bryn1u (Jul 24, 2014)

Hey,

Thank you for your replay. I have a one questione more. I want to run all programs in jail which they need a linprocfs(5). So if I mount linprocfs(5) from host to jail should be works fine?


----------



## SirDice (Jul 24, 2014)

bryn1u said:
			
		

> So if I mount linprocfs(5) from host to jail should be works fine ?


Yes, but you do have to mount it on /compat/linux/proc of the jail, so the directory will probably be something like /jails/myjail/compat/linux/proc. It won't work if it's only mounted on the host, it has to be accessible from the jail. Remember, the whole idea behind a jail is to "shield" applications from the host. A jail can only access filesystems that have been mounted inside the jail's filesystem.


----------



## bryn1u (Jul 24, 2014)

I have an error, and *I* don't know why.
My /etc/jail.conf

```
Oksymoron {
        path = /jails/Oksymoron;
        mount.devfs;
        #allow.mount;
        #mount;
        host.hostname = Oksymoron.edu.pl;
        ip4.addr = 91.121.239.228;
        interface = em0;
        securelevel = 3;
        exec.start = "/bin/sh /etc/rc";
        exec.stop = "/bin/sh /etc/rc.shutdown";
}
Linux {
        path = /jails/Linux;
        mount.devfs;
        enforce_statfs = 1;
        mount.fstab = /etc/fstab.Linux
        #allow.mount;
        #mount;
        host.hostname = BSD.edu.pl;
        ip4.addr = 188.165.139.63;
        interface = em0;
        securelevel = 3;
        exec.start = "/bin/sh /etc/rc";
        exec.stop = "/bin/sh /etc/rc.shutdown";
}
```
My /etc/fstab.Linux

```
linproc /jails/Linux/compat/linux/proc linprocfs rw 0 0
```
When *I* start *I* get this error:

```
Starting jails:jail: /etc/jail.conf line 21: host.hostname: syntax error.
```

When *I* comment out (mount.fstab = /etc/fstab.Linux) everything works fine_!_ 
Where is the problem_?_


----------



## SirDice (Jul 24, 2014)

Put quotes around the hostnames.

```
host.hostname = "Oksymoron.edu.pl";
```


----------

