在Linux Jail中使用XFS文件系统

在构建使用 Rocky-Container-base tgz 包部署Linux Jail Rocky 之后，我尝试将 FreeBSD使用Linux XFS文件系统用于 LFS分区(和FreeBSD一起Dualboot) ，目标是在FreeBSD的Jail容器中模拟一个Linux系统来构建 LFS(Linux from scratch) 。

Jail容器不是Linux虚拟机，实际上依然是FreeBSD系统，无法直接使用 XFS文件系统，需要通过 nullfs 来挂载Host主机已经通过FUSE挂载的XFS分区。所以修订 /etc/jail.conf.d/lrdev.conf ，进一步添加自动挂载和写在Nullfs的配置命令:

调整 /etc/jail.conf.d/lrdev.conf 增加Nullfs绑定 XFS fuse挂载目录

lrdev {
  # thin jail devfs_ruleset 5 和Linux Jail的4不同
  devfs_ruleset=4;

  # HOSTNAME/PATH - Snapshot
  path = "/zdata/jails/containers/${name}";

  # NETWORKS/INTERFACES
  $id = "253";
  $ip = "192.168.7.${id}/24";

  # MOUNT
  mount += "devfs     $path/compat/rocky/dev     devfs     rw  0 0";
  mount += "tmpfs     $path/compat/rocky/dev/shm tmpfs     rw,size=1g,mode=1777  0 0";
  mount += "fdescfs   $path/compat/rocky/dev/fd  fdescfs   rw,linrdlnk 0 0";
  mount += "linprocfs $path/compat/rocky/proc    linprocfs rw  0 0";
  mount += "linsysfs  $path/compat/rocky/sys     linsysfs  rw  0 0";
  mount += "/tmp      $path/compat/rocky/tmp     nullfs    rw  0 0";
  mount += "/home     $path/compat/rocky/home    nullfs    rw  0 0";

  # MOUNT XFS
  exec.poststart += "mount -t nullfs /lfs  $path/compat/rocky/xfs_lfs";
  exec.poststop  += "umount  $path/compat/rocky/xfs_lfs";

}

上述容器启动和停止时XFS目录挂载和卸载也可以改写成

而公共配置部分不需要调整，保留 /etc/jail.conf 不变:

混合多种jail的公共 /etc/jail.conf

# STARTUP/LOGGING
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.consolelog = "/var/log/jail_console_${name}.log";

# PERMISSIONS
allow.raw_sockets;
exec.clean;
mount.devfs;

allow.mount;
allow.mount.devfs;

enforce_statfs = 1;

# HOSTNAME
host.hostname = "${name}";

# NETWORK - VNET/VIMAGE
#ip4 = inherit;
interface = igc0bridge;
vnet;
vnet.interface = "${epair}b";
# common NETWORK config
$gateway = "192.168.7.221";
$bridge = "igc0bridge";
$epair = "epair${id}";

# ADD TO bridge INTERFACE
exec.prestart += "ifconfig ${epair} create up";
exec.prestart += "ifconfig ${epair}a up descr jail:${name}";
exec.prestart += "ifconfig ${bridge} addm ${epair}a up";
exec.start    += "ifconfig ${epair}b ${ip} up";
exec.start    += "route add default ${gateway}";
exec.poststop = "ifconfig ${bridge} deletem ${epair}a";
exec.poststop += "ifconfig ${epair}a destroy";

.include "/etc/jail.conf.d/*.conf";

在启动 lrdev 之前，需要确保Linux compact chroot 目录下存在 /zdata/jails/containers/${name}/compat/rocky/xfs_lfs 目录:

创建目录

# 按照 /etc/jail.conf.d/lrdev.conf 配置创建目录
name=lrdev
path="/zdata/jails/containers/${name}"
mount_dir="$path/compat/rocky/xfs_lfs"

mkdir $mount_dir

启动容器 lrdev :

启动 lrdev Linux Jail

service jail start lrdev

进入 lrdev 的Linux环境:

进入 lrdev 的Linux环境

jexec lrdev chroot /compat/rocky /bin/bash

此时在容器内部就可以访问Host主机挂载的 FreeBSD使用Linux XFS文件系统