From owner-freebsd-jail@FreeBSD.ORG  Sat May  9 09:57:47 2009
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: jail@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BA0641065672;
	Sat,  9 May 2009 09:57:47 +0000 (UTC)
	(envelope-from 000.fbsd@quip.cz)
Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4])
	by mx1.freebsd.org (Postfix) with ESMTP id 787BF8FC14;
	Sat,  9 May 2009 09:57:47 +0000 (UTC)
	(envelope-from 000.fbsd@quip.cz)
Received: from localhost (localhost.codelab.cz [127.0.0.1])
	by elsa.codelab.cz (Postfix) with ESMTP id 9FBE119E044;
	Sat,  9 May 2009 11:38:46 +0200 (CEST)
Received: from [192.168.1.2] (r5bb235.net.upc.cz [86.49.61.235])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by elsa.codelab.cz (Postfix) with ESMTPSA id 760C419E043;
	Sat,  9 May 2009 11:38:44 +0200 (CEST)
Message-ID: <4A054F24.5030206@quip.cz>
Date: Sat, 09 May 2009 11:38:44 +0200
From: Miroslav Lachman <000.fbsd@quip.cz>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
	rv:1.7.12) Gecko/20050915
X-Accept-Language: cz, cs, en, en-us
MIME-Version: 1.0
To: Jamie Gritton <jamie@FreeBSD.org>
References: <4A051DE3.30705@FreeBSD.org>
In-Reply-To: <4A051DE3.30705@FreeBSD.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Cc: virtualization@FreeBSD.org, jail@FreeBSD.org
Subject: Re: Hierarchical jails
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 09 May 2009 09:57:48 -0000

Jamie Gritton wrote:

> Here's the first round of hierarchical jails under the new framework.
> 
> Instead of creds having either a prison or a NULL pointer, they all have
> a prison pointer with the default being the global "prison0" that
> contains information about the real environment.  Jailed root may (if
> granted permission) create prisons that would be under its place in the
> hierarchy, but may not alter (or even see) prisons at its level or
> above.
> 
> The JID space is flat, i.e. every prison in the system has a unique ID.
> The prison name space is hierarchical, with jails having dot-separated
> component names.

[...]

I am glad that you are working on this feature!
I added info + links to this patches on wiki http://wiki.freebsd.org/Jails

I hope I will have some free time to test it soon.

Miroslav Lachman