From owner-freebsd-hackers@FreeBSD.ORG Mon Jan 31 14:07:12 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 41A3916A4CE; Mon, 31 Jan 2005 14:07:12 +0000 (GMT) Received: from skutsje.san.webweaving.org (skutsje.san.webweaving.org [209.132.96.45]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1498043D1D; Mon, 31 Jan 2005 14:07:10 +0000 (GMT) (envelope-from dirkx@webweaving.org) Received: from skutsje.san.webweaving.org (skutsje.san.webweaving.org [209.132.96.45] (may be forged))j0VE2ILA092093 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 31 Jan 2005 06:02:18 -0800 (PST) (envelope-from dirkx@webweaving.org) Received: from localhost (dirkx@localhost)j0VE2IqA092090; Mon, 31 Jan 2005 06:02:18 -0800 (PST) (envelope-from dirkx@webweaving.org) X-Authentication-Warning: skutsje.san.webweaving.org: dirkx owned process doing -bs Date: Mon, 31 Jan 2005 06:02:18 -0800 (PST) From: Dirk-Willem van Gulik X-X-Sender: dirkx@skutsje.san.webweaving.org To: delphij@delphij.net In-Reply-To: <1107178792.613.22.camel@spirit> Message-ID: <20050131060111.B88523@skutsje.san.webweaving.org> References: <1107178792.613.22.camel@spirit> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Mailman-Approved-At: Tue, 01 Feb 2005 13:23:53 +0000 cc: freebsd-hackers@freebsd.org cc: mtm@freebsd.org Subject: Re: Idea about "skeleton jail" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Jan 2005 14:07:12 -0000 On Mon, 31 Jan 2005, Xin LI wrote: > What I am going to proposal is a concept that I call it "skeleton jail", > or "skeljail" for short. A skel jail is something that shares most base > system binaries/libraries with the host, through read-only mount_null's. Please post your scripts :-) We recently did the same: http://wleiden.webweaving.org:8080/svn/node-config/other/misc/jails/ And found it to be useful. Dw.