xref: /freebsd/sbin/devfs/devfs.rules (revision 924226fba12cc9a228c73b956e1b7fa24c60b055)
1#
2# The following are some default rules for devfs(5) mounts.
3# The format is very simple. Empty lines and lines beginning
4# with a hash '#' are ignored. If the hash mark occurs anywhere
5# other than the beginning of a line, it and any subsequent
6# characters will be ignored.  A line in between brackets '[]'
7# denotes the beginning of a ruleset. In the brackets should
8# be a name for the rule and its ruleset number. Any other lines
9# will be considered to be the 'action' part of a rule
10# passed to the devfs(8) command. These will be passed
11# "as-is" to the devfs(8) command with the exception that
12# any references to other rulesets will be expanded first. These
13# references must include a dollar sign '$' in front of the
14# name to be expanded properly.
15#
16# $FreeBSD$
17#
18
19# Very basic and secure ruleset: Hide everything.
20# Used as a basis for other rules.
21#
22[devfsrules_hide_all=1]
23add hide
24
25# Basic devices typically necessary.
26# Requires: devfsrules_hide_all
27#
28[devfsrules_unhide_basic=2]
29add path null unhide
30add path zero unhide
31add path crypto unhide
32add path random unhide
33add path urandom unhide
34
35# Devices typically needed to support logged-in users.
36# Requires: devfsrules_hide_all
37#
38[devfsrules_unhide_login=3]
39add path 'ptyp*' unhide
40add path 'ptyq*' unhide
41add path 'ptyr*' unhide
42add path 'ptys*' unhide
43add path 'ptyP*' unhide
44add path 'ptyQ*' unhide
45add path 'ptyR*' unhide
46add path 'ptyS*' unhide
47add path 'ptyl*' unhide
48add path 'ptym*' unhide
49add path 'ptyn*' unhide
50add path 'ptyo*' unhide
51add path 'ptyL*' unhide
52add path 'ptyM*' unhide
53add path 'ptyN*' unhide
54add path 'ptyO*' unhide
55add path 'ttyp*' unhide
56add path 'ttyq*' unhide
57add path 'ttyr*' unhide
58add path 'ttys*' unhide
59add path 'ttyP*' unhide
60add path 'ttyQ*' unhide
61add path 'ttyR*' unhide
62add path 'ttyS*' unhide
63add path 'ttyl*' unhide
64add path 'ttym*' unhide
65add path 'ttyn*' unhide
66add path 'ttyo*' unhide
67add path 'ttyL*' unhide
68add path 'ttyM*' unhide
69add path 'ttyN*' unhide
70add path 'ttyO*' unhide
71add path ptmx unhide
72add path pts unhide
73add path 'pts/*' unhide
74add path fd unhide
75add path 'fd/*' unhide
76add path stdin unhide
77add path stdout unhide
78add path stderr unhide
79
80# Devices usually found in a jail.
81#
82[devfsrules_jail=4]
83add include $devfsrules_hide_all
84add include $devfsrules_unhide_basic
85add include $devfsrules_unhide_login
86add path fuse unhide
87add path zfs unhide
88
89[devfsrules_jail_vnet=5]
90add include $devfsrules_hide_all
91add include $devfsrules_unhide_basic
92add include $devfsrules_unhide_login
93add include $devfsrules_jail
94add path pf unhide
95