From owner-freebsd-hackers@FreeBSD.ORG Sat Nov 24 11:37:12 2007 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6ED4016A417 for ; Sat, 24 Nov 2007 11:37:12 +0000 (UTC) (envelope-from g.v.tjongahung@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.191]) by mx1.freebsd.org (Postfix) with ESMTP id F38A013C46B for ; Sat, 24 Nov 2007 11:37:11 +0000 (UTC) (envelope-from g.v.tjongahung@gmail.com) Received: by nf-out-0910.google.com with SMTP id b2so86947nfb for ; Sat, 24 Nov 2007 03:37:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:to:content-type:content-transfer-encoding:mime-version:subject:date:x-mailer:from; bh=b+yWUvtZxgXqMAYINzwQ0lA4Ucbk8nR+pM02Un6aAFs=; b=E8Xwm0am9NcBLoWrgT+P/lThr0oq+Fv5Sg/Lw61aGoRDVYAxmAIMyNPxcaAv5wlz8vk++R5h2PHuxdCERoKsuxusorMkcnMOP0rNNIRve0ckM0HiBL9RriaCa7wBxuoG5TKvctwpslqNQB/7TrYqaf0XwnvIxmXBCjWxdOEXuDI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=received:message-id:to:content-type:content-transfer-encoding:mime-version:subject:date:x-mailer:from; b=M/bPmYCyZT9HCLyko/NJ6uLK7k5M4C642hGk3oHHPBreiWUkC4kR0UdlZwobVx9zdzziGG0Ivsq4WlBgEBr5KMMkfA9zzbu1Te7TuRp1oKzYilNZ8JGSz0qaS65Bgr7GVf3Jp4P3Qhn5ZH9sgNj5Ios2t9edMXQAyrqbrxb61Y4= Received: by 10.82.123.16 with SMTP id v16mr219336buc.1195902681352; Sat, 24 Nov 2007 03:11:21 -0800 (PST) Received: from ?172.20.25.177? ( [145.94.33.175]) by mx.google.com with ESMTPS id 31sm5801153nfu.2007.11.24.03.11.19 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 24 Nov 2007 03:11:20 -0800 (PST) Message-Id: <8AAADCFE-9D0D-4801-8684-5BD6A3070C2C@GMail.com> To: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Date: Sat, 24 Nov 2007 12:11:18 +0100 X-Mailer: Apple Mail (2.915) From: Gabor Tjong A Hung X-Mailman-Approved-At: Sat, 24 Nov 2007 12:23:25 +0000 Subject: Need for SysV IPC to be confined to jail instances X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Nov 2007 11:37:12 -0000 Dear all, I have come to understand that postgresql needs sys v ipc. I haven't tried to figure out why exactly, but I'm sure they have good reasons. As I came to understand, if you enable jail_sysvipc_allow in rc.conf I am defeating the purpose of a jail. So basically I if you want pgsql in a jail you're wanting something which is impossible on FreeBSD. I got a suggestion that it might be possible to have sys v ipc confined to a jail instance and perhaps let it work like a telephone number. Every jail gets localized IPC numbers, and systemwide they just become jailid + localized ipc number. I was wondering if this is at all possible and if so how I would go about submitting a PR for this. Kind Regards, Gabor