Date: Fri, 30 Mar 2018 20:22:14 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 226931] Deprecating jail(2) and related sysctls Message-ID: <bug-226931-13-LY1cYeR2BA@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-226931-13@https.bugs.freebsd.org/bugzilla/> References: <bug-226931-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D226931 --- Comment #9 from Bryan Drewery <bdrewery@FreeBSD.org> --- (In reply to Jamie Gritton from comment #8) > (In reply to Bryan Drewery from comment #7) > True, when you're jailed the current jail isn't JID 0. It is in fact an > unknown jid, which is a difficult thing to specify. JID 0, as much as it > exists, is the base system i.e. the "where I am now" view when you are not > jailed, which is reasonably similar to asking for the "where I am now" vi= ew > when you are jailed. But that's a separate issue. >=20 > > IMHO removing them (and not even setting read-only for a release or two) > > violates POLA and may break a lot of other scripts. >=20 > Which is the reason it was suggested to put it inside BURN_BRIDGES, which > would affect very few systems. It would make sense to reduce it to > read-only first and then remove it entirely later, but there seems to be = one > good switch (BURN_BRIDGES) making it difficult to have an option somewhere > between where we are now and where I want to go. >=20 > Another option is to change where I want to go, and just make read-only t= he > end goal. I don't consider this the optimal end result, but it may be the > POLA alternative. Thanks for keeping an open mind at least. >=20 > Nonetheless, I am hoping to see an exp-run with the sysctls removed > entirely, so I can gauge just how widespread their use is. Yup, though I suspect not much will care about them at build time. It may be something we need to grep for. --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-226931-13-LY1cYeR2BA>