Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 14 Jul 2000 17:08:25 -0500
From:      Dan Nelson <dnelson@emsphone.com>
To:        Julian Elischer <julian@elischer.org>
Cc:        Warner Losh <imp@village.org>, Adrian Chadd <adrian@FreeBSD.ORG>, freebsd-arch@FreeBSD.ORG
Subject:   Re: SysctlFS
Message-ID:  <20000714170824.A21158@dan.emsphone.com>
In-Reply-To: <Pine.BSF.4.10.10007141457550.59294-100000@InterJet.elischer.org>; from "Julian Elischer" on Fri Jul 14 15:00:36 GMT 2000
References:  <200007142145.PAA39245@harmony.village.org> <Pine.BSF.4.10.10007141457550.59294-100000@InterJet.elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
In the last episode (Jul 14), Julian Elischer said:
> On Fri, 14 Jul 2000, Warner Losh wrote:
> > In message <20000714124805.F17372@ywing.creative.net.au> Adrian Chadd writes:
> >: As I said in my previous email, persistence isn't the primary
> >: problem in my eyes. There are many ways people can handle it. What
> >: I see as being an interesting problem is handling devfs across
> >: multiple process/group namespaces (jail/chroot) without cluttering
> >: up your mount table.
> > 
> > Yes.  Another issue is the new hot plug devices.  It is highly
> > desirable to allow arbitrary commands to run when they come and go.
> 
> I have some solutions for both problems..
> At least for the devfs in jail problems..
> 
> in particular a variant on a symbolic link which is interpretted as a
> symlink into /dev this would allow many /devs to exist without many
> mounted filesystems in each jail

Would it be possible to have a symbolic link type that breaks out of a
jail?  So you would have a "/myjail/dev ->> /dev" link in the jail that
ends up referring to the real /dev.  This would also fix the /proc
problem.  You wouldn't want to link /myjail/usr/lib to /usr/lib,
though, because the jailed root would be able to modify the binaries,
but /dev and /proc seem safe.

-- 
	Dan Nelson
	dnelson@emsphone.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000714170824.A21158>