Date: Mon, 21 May 2012 21:23:17 +0100 From: Chris Rees <crees@FreeBSD.org> To: Poul-Henning Kamp <phk@phk.freebsd.dk> Cc: freebsd-hackers@freebsd.org, freebsd-jail@freebsd.org, David Windsor <dwindsor@gmail.com> Subject: Re: PID/UID namespaces Message-ID: <CADLo83-5bsu3ArFUQ1WfD5Ad4ayLHYxO-MHwfW37Cd0e-bygeg@mail.gmail.com> In-Reply-To: <39149.1337630268@critter.freebsd.dk> References: <CADLo838voV_Xi%2BA_WjD3H7E_d4Qi%2BOdJYnHPoim5BbZAWnXFyg@mail.gmail.com> <39149.1337630268@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 21 May 2012 20:57, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > In message <CADLo838voV_Xi+A_WjD3H7E_d4Qi+OdJYnHPoim5BbZAWnXFyg@mail.gmail.com> > , Chris Rees writes: > >>It would certainly prevent many common problems when setting up jails; >>UID collision is much more common than you'd think, given that the >>default UIDs remain the same. > > Uhm... jails have separate UID/GID spaces. > > Filesystems mounted or visible in multiple jails act as shared UID/GID > (sub-)spaces for those jails, but there is now way to avoid that, it's > a direct consequence of the sharing of the filesystems. Yes, beg pardon, my mistake-- that's what I was meaning to refer to. I still have a patch in GNATS for the docs about that, but it's been the subject of amazing controversy. Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADLo83-5bsu3ArFUQ1WfD5Ad4ayLHYxO-MHwfW37Cd0e-bygeg>