From owner-freebsd-stable@FreeBSD.ORG Thu Sep 15 08:47:48 2005 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3E6ED16A41F; Thu, 15 Sep 2005 08:47:48 +0000 (GMT) (envelope-from danger@rulez.sk) Received: from mail.rulez.sk (DaEmoN.RuLeZ.sK [84.16.32.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA50943D45; Thu, 15 Sep 2005 08:47:47 +0000 (GMT) (envelope-from danger@rulez.sk) Received: from localhost (localhost [127.0.0.1]) by mail.rulez.sk (Postfix) with ESMTP id 893901CC61; Thu, 15 Sep 2005 10:47:45 +0200 (CEST) Received: from danger.mcrn.sk (danger.mcrn.sk [84.16.37.254]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.rulez.sk (Postfix) with ESMTP id 95C661CC33; Thu, 15 Sep 2005 10:47:40 +0200 (CEST) Date: Thu, 15 Sep 2005 10:46:34 +0200 From: Daniel Gerzo X-Mailer: The Bat! (v3.5) UNREG / CD5BF9353B3B7091 X-Priority: 3 (Normal) Message-ID: <169892035.20050915104634@rulez.sk> To: Brandon Fosdick In-Reply-To: <4328E7E5.5050803@bfoz.net> References: <432753CF.6020001@bfoz.net> <4327CA3C.6050403@geminix.org> <20050914110102.W33820@fledge.watson.org> <4328E7E5.5050803@bfoz.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at mail.rulez.sk X-Spam-Status: No, score=-4.893 tagged_above=-999 required=5 tests=[ALL_TRUSTED=-3.3, AWL=1.006, BAYES_00=-2.599] X-Spam-Score: -4.893 X-Spam-Level: Cc: freebsd-stable@freebsd.org, Robert Watson , Lyndon Nerenberg Subject: Re[2]: Jail to jail network performance? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Daniel Gerzo List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2005 08:47:48 -0000 Hello Brandon, Thursday, September 15, 2005, 5:17:57 AM, you wrote: > Robert Watson wrote: >> (1) Modifying the name space exclusion assumption for jails, so that the >> file system name spaces overlap. One way to do this is with nullfs. > nullfs looks interesting. I was thinking about sharing files > between jails using NFS, but it looks like nullfs would do the trick > with better performance. Although the bugs section of the man page > for mount_nullfs is rather scary. Does anyone have any experience > with it? Does it actually work? btw unionfs is interesting as well, but the BUGS section is pretty the same :) > If the point here is to make /tmp/mysql.sock show up in another > jail's file space, can I use a symlink instead? Can a jailed process > see the target of the symlink? I read that using such a symlinks has security impacts. -- Best regards DanGer, ICQ: 261701668 | e-mail protecting at: http://www.2pu.net/ http://danger.rulez.sk | proxy list at: http://www.proxy-web.com/ | FreeBSD - The Power to Serve!