FreeBSD and the Hack88 – 88 characters for mount points

A good way to increase the security of a server is to separate the services, program and libraries in a own container. Today, the most would say “Docker, Docker, Docker”. Yeah, it’s a valid solution. U can use docker, virtualization like https://opennebula.org or the FreeBSD specific http://www.bhyve.org. FreeBSD offers simple way for that since nearly 20 years, JAILS. Please take a look to the wikipedia link https://en.wikipedia.org/wiki/FreeBSD_jail.

Okay, back to the origin topic. 88 characters for mount points and what it’s the relation to jails? I use http://iocage.readthedocs.io/en/latest/ for managing jails in my FreeBSD 11.1 system. U’ll get a directory structure like

/iocage/jails/shortnameOfJail/root/usr/home/myUser/www/blog.somenicedomain.com/html

Congratulation u have a directory with 83 characters, but what’s the problem?

  1. Let’s install in a new jail wordpress, separate this php code from the rest of the system.
  2. Install wordpress from the ports collection.
  3. DON’T copy the /usr/local/www/wordpress directory!
  4. Instead USE nullfs and union with nullfs to mount the wordpress files

U’re fstab for the jail looks like

/usr/home/someUser/www/blog.someNiceDomain.de /iocage/jails/www-wp/root/usr/local/www/blog.someNiceDomain.de nullfs rw 0 0

/iocage/jails/www-wp/root/usr/local/www/wordpress /iocage/jails/www-wp/root/usr/local/www/blog.someNiceDomain.de/wp nullfs ro 0 0

/usr/home/someUser/www/blog.someNiceDomain.de/wp-root /iocage/jails/www-wp/root/usr/local/www/blog.someNiceDomain.de/wp nullfs rw,union 0 0

/usr/home/someUser/www/blog.someNiceDomain.de/wp-content/plugins /iocage/jails/www-wp/root/usr/local/www/blog.someNiceDomain.de/wp/wp-content/plugins nullfs rw,union 0 0

/usr/home/someUser/www/blog.someNiceDomain.de/wp-content/uploads /iocage/jails/www-wp/root/usr/local/www/blog.someNiceDomain.de/wp/wp-content/uploads nullfs rw,union 0 0

/usr/home/someUser/www/blog.someNiceDomain.de/wp-content/themes /iocage/jails/www-wp/root/usr/local/www/blog.someNiceDomain.de/wp/wp-content/themes nullfs rw,union 0 0

Mount points with more than 88 character will cause an error. Really strange. Beliefe me in a jail environment it’s really easy to get mount points with more than 88 character. It’s like tetris that fits all in the existing 88 restriction. This behavior persists since FreeBSD 5 and will be solved around 16 years later in FreeBSD 12. Can anyone explain me why 88 characters? I live in a 2 high n world. 01011101 😉

Some useful links

http://iocage.readthedocs.io/en/latest/known-issues.html#character-mount-path-limitation

https://www.freebsd.org/cgi/man.cgi?query=statfs&sektion=2&manpath=freebsd-release-ports

statfs(2)

#define MFSNAMELEN	16	/*	length of type name including null */
#define MNAMELEN	88	/*	size of	on/from	name bufs */
#define STATFS_VERSION 0x20030518	/*	current	version	number */

struct statfs {
  ...
  char f_charspare[80]; /* spare string space */
  char f_fstypename[MFSNAMELEN]; /* filesystem type name */
  char f_mntfromname[MNAMELEN]; /* mounted filesystem */
  char f_mntonname[MNAMELEN]; /* directory on which mounted */
}
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *