From owner-freebsd-arch Sun Sep 3 16:18:42 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id A801737B422 for ; Sun, 3 Sep 2000 16:18:40 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id TAA74920; Sun, 3 Sep 2000 19:18:21 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Sun, 3 Sep 2000 19:18:21 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Don Lewis Cc: freebsd-arch@FreeBSD.org Subject: Re: Request for review: restructuring of per-uid resource limits In-Reply-To: <200009031550.IAA19487@salsa.gv.tsc.tdk.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Just a comment, haven't had a chance to review your e-mail yet -- per-uid resources currently function poorly in combination with jail(). A bit more uniquifying information may need to be used to determine the resource/accounting pool than uid in some FreeBSD environments. A patch was submitted a while back to do this, but it wasn't ever integrated due to lack of time from phk and myself. Probably the appropriate way to handle this is to add some sort of abstraction for determining the correct resource pool, allowing future partioning/namespace schemes to be implemented easily. I.e., struct resourcepool *res; res = getresourcepool(p); if (res == NULL) return; /* no resource limitations */ Possibly, a cred argument to the getresourcepool() function, if we feel that resources will likely be handled on the basis of credentials rather than processes. Given the future directions for MAC and so on, that might make a lot of sense also. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message