1 # These entries should be ADDED to the end of /etc/fstab to
2 # properly set up the girocco chroot jail
4 # /etc/fstab: static file system information.
6 # <file system> <mount point> <type> <options> <dump> <pass>
8 # mount the git repositories in the jail
9 # Note that on FreeBSD a "bind" mount is accomplished by setting the type to
10 # nullfs and the options to rw as FreeBSD does not have a mount --bind option
11 /srv/git /home/repo/j/srv/git none bind 0 0
13 # mount the proc filesystem in the jail
14 # Note that there are two possiblities here, the first is a bind mount and
15 # the second is another proc mount.
16 # The bind mount will always mirror everything in /proc whereas a second
17 # proc mount has the potential of having a separate proc namespace.
18 # Note that some systems (e.g. FreeBSD) must omit the "nodev" option.
19 # Note that some systems (e.g. FreeBSD) will need to use "procfs" for the type.
20 # Note that some systems (e.g. FreeBSD) may need to add the "rw" option.
21 # Note that mounting procfs in a FreeBSD chroot is optional and normally omitted
22 #/proc /home/repo/j/proc none bind 0 0
23 proc /home/repo/j/proc proc nodev,noexec,nosuid 0 0
25 # mount the devfs filesystem in the jail
26 # Note that this is only necessary on systems where mknod does not work
27 # except on devfs mounts (e.g. FreeBSD)
28 # Note that on FreeBSD before starting the chroot, the following commands
29 # may be executed to reduce the number of exposed devices:
30 # devfs -m /home/repo/j/dev ruleset 4
31 # devfs -m /home/repo/j/dev rule applyset
32 #devfs /home/repo/j/dev devfs rw,noexec,nosuid 0 0