Skip to content

Commit

Permalink
devfs.rules: Correctly unhide pf in vnet jails
Browse files Browse the repository at this point in the history 
Revision 9e9be08 introduced a new devfs rule devfsrules_jail_vnet. It
includes rule devfsrules_jail which include other rules. Unfortunately
devfs could not recursively parse the action include and thus
devfsrules_jail_vnet will expose all nodes.

PR:		255660
Reviewed by:	kp
Obtained from:	Gijs Peskens <[email protected]>
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D32814
  • Loading branch information
@gmshake @kprovost
gmshake authored and kprovost committed Nov 3, 2021
1 parent 4a9e952 commit 7acd322
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions sbin/devfs/devfs.rules
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,5 +88,8 @@ add path fuse unhide
add path zfs unhide

[devfsrules_jail_vnet=5]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add include $devfsrules_jail
add path pf unhide

0 comments on commit 7acd322

Please sign in to comment.