Date: Sun, 16 Jul 2000 04:48:16 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.ORG> To: Warner Losh <imp@village.org> Cc: Kelly Yancey <kbyanc@posi.net>, Julian Elischer <julian@elischer.org>, Dan Nelson <dnelson@emsphone.com>, Adrian Chadd <adrian@FreeBSD.ORG>, freebsd-arch@FreeBSD.ORG Subject: Re: SysctlFS Message-ID: <Pine.NEB.3.96L.1000716044526.27475A-100000@fledge.watson.org> In-Reply-To: <200007160752.BAA52125@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> You certainly don't want to do that for /dev in jails. The whole > point of jails is that you can give them access to a small subset of > devices that are "safe". So really, whenever I hear discussion of jail/chroot and synthetic system-centric file systems, my immediate responses are: 1) Accept the multiple-mounting, and just make sure that our mount mechanism is scalable (avoid those linear joints down mount lists, etc) 2) Avoid needing to have additional mounts on the jail (reduce dependence on procfs, do not introduce new dependence on procfs) Right now, you can almost completely run without procfs in jail(). Chris Costello even has a killall rewritten to use the pseudo-kvm/sysctl interface. Presumably some debugging dependencies remain. Right now we also certainly don't need a sysctlfs, which while possibly pretty and elegant, is certainly less scalable than just sysctl(). This leaves devfs, and if the mount system is scalable enough (currently isn't, I believe), I don't mind this. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1000716044526.27475A-100000>