From owner-freebsd-current@FreeBSD.ORG Mon Apr 3 19:40:55 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E05F116A422; Mon, 3 Apr 2006 19:40:55 +0000 (UTC) (envelope-from julian@elischer.org) Received: from a50.ironport.com (a50.ironport.com [63.251.108.112]) by mx1.FreeBSD.org (Postfix) with ESMTP id CE9B443D70; Mon, 3 Apr 2006 19:40:53 +0000 (GMT) (envelope-from julian@elischer.org) Received: from unknown (HELO [10.251.17.229]) ([10.251.17.229]) by a50.ironport.com with ESMTP; 03 Apr 2006 12:40:54 -0700 Message-ID: <44317A45.9000504@elischer.org> Date: Mon, 03 Apr 2006 12:40:53 -0700 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.11) Gecko/20050727 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Robert Watson References: <20060403003318.K947@ganymede.hub.org> <20060403163220.F36756@fledge.watson.org> In-Reply-To: <20060403163220.F36756@fledge.watson.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "Marc G. Fournier" , freebsd-stable@freebsd.org, freebsd-current@freebsd.org, pjd@freebsd.org Subject: Re: new feature: private IPC for every jail X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Apr 2006 19:40:56 -0000 Robert Watson wrote: > > On Mon, 3 Apr 2006, Marc G. Fournier wrote: > >> http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/48471 >> >> [kernel] [patch] new feature: private IPC for every jail >> >> Its an ancient, 4.x patch for having private IPC in a jail ... not >> sure how hard it would be to bring it up to 6.x / -current standards >> though ... but it seems like something 'good' that is needed ... > > > In the past I've looked at doing things along these lines, but usually > stall after a first hack when trying to decide how to deal with two > critical issues: > > (1) The fact that system v ipc primitives are loadable, and > unloadable, which > requires some careful handling relating to registration order, etc. this is related to the problem that needs to be solved for getting vimage into -current. > > (2) The name space model for system v ipc is flat, so while it's > desirable to > allow the administrator in the host environment to monitor and > control > resource use in the jail (for example, delete allocated but unused > segments), doing that requires developing an administrative model > for it. it is possible the admin environment can't see it. unless you prefix it with something.. > > These challenges can be surmounted, but the doing them in a nice way > requires some thought. > > Robert N M Watson > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to > "freebsd-current-unsubscribe@freebsd.org"