Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 27 Apr 2009 20:59:11 +0000 (UTC)
From:      "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
To:        Miroslav Lachman <000.fbsd@quip.cz>
Cc:        freebsd-jail@freebsd.org
Subject:   Re: changing cpuset of jail from inside of jail - is it feature?
Message-ID:  <20090427205719.T15361@maildrop.int.zabbadoz.net>
In-Reply-To: <49F0F81F.8050503@quip.cz>
References:  <49EE4B6B.5020005@quip.cz> <20090422094447.A15361@maildrop.int.zabbadoz.net> <49EEF5DB.4030408@quip.cz> <20090423141908.T15361@maildrop.int.zabbadoz.net> <49F0F81F.8050503@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, 24 Apr 2009, Miroslav Lachman wrote:

> Bjoern A. Zeeb wrote:
>
> [...]
>
>> Ok, I am not sure what is going wrong here; well I know but I don't
>> know if it's intended in cpuset.  Trying to talk to the right people
>> but they seen to be AWOL atm.
>> 
>> 
>> If you are brave, you could try:
>> 
>> http://people.freebsd.org/~bz/20090423-01-cpuset-jails.diff
>> 
>> I haven't even compiled it yet. It may work, it may not work, it may
>> make your machine panicing, ... just to warn you.
>> 
>> it should still allow you to create further sets within a jail but you
>> should not be able to change the "root set" of the jail from inside
>> the jail anymore (in case it works;)
>
> I did just a quick test. (OK, not so quick, because compilation inside Qemu 
> on my old PC takes 2 hours ;])
> It compiles without problems and did what I expect:
>
...
> I have no real multicore machine to test it more deeply. (can't test it on 
> production servers and spare machine is blocked by another task)
>
> Will this fix be included in 7.2-RELEASE or is it too late to commit this 
> fix?

FreeBSD 7/7.2 just got a BUGS entry for the man pages.  The patch will
not make it;  it's still waiting review for HEAD and possibly
discussion if a super user inside a jail would still be allowed to
further restrict the cpuset (but not extend it).

/bz

-- 
Bjoern A. Zeeb                      The greatest risk is not taking one.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090427205719.T15361>