Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 21 May 2012 21:23:17 +0100
From:      Chris Rees <crees@FreeBSD.org>
To:        Poul-Henning Kamp <phk@phk.freebsd.dk>
Cc:        freebsd-hackers@freebsd.org, freebsd-jail@freebsd.org, David Windsor <dwindsor@gmail.com>
Subject:   Re: PID/UID namespaces
Message-ID:  <CADLo83-5bsu3ArFUQ1WfD5Ad4ayLHYxO-MHwfW37Cd0e-bygeg@mail.gmail.com>
In-Reply-To: <39149.1337630268@critter.freebsd.dk>
References:  <CADLo838voV_Xi%2BA_WjD3H7E_d4Qi%2BOdJYnHPoim5BbZAWnXFyg@mail.gmail.com> <39149.1337630268@critter.freebsd.dk>

next in thread | previous in thread | raw e-mail | index | archive | help
On 21 May 2012 20:57, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
> In message <CADLo838voV_Xi+A_WjD3H7E_d4Qi+OdJYnHPoim5BbZAWnXFyg@mail.gmail.com>
> , Chris Rees writes:
>
>>It would certainly prevent many common problems when setting up jails;
>>UID collision is much more common than you'd think, given that the
>>default UIDs remain the same.
>
> Uhm... jails have separate UID/GID spaces.
>
> Filesystems mounted or visible in multiple jails act as shared UID/GID
> (sub-)spaces for those jails, but there is now way to avoid that, it's
> a direct consequence of the sharing of the filesystems.

Yes, beg pardon, my mistake-- that's what I was meaning to refer to.
I still have a patch in GNATS for the docs about that, but it's been
the subject of amazing controversy.

Chris



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADLo83-5bsu3ArFUQ1WfD5Ad4ayLHYxO-MHwfW37Cd0e-bygeg>