From owner-freebsd-stable@FreeBSD.ORG Tue May 9 11:19:26 2006 Return-Path: X-Original-To: freebsd-stable@FreeBSD.org Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E173C16A403; Tue, 9 May 2006 11:19:26 +0000 (UTC) (envelope-from fjoe@neo.samodelkin.net) Received: from neo.samodelkin.net (samodelkin.net [195.62.0.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5560843D58; Tue, 9 May 2006 11:19:26 +0000 (GMT) (envelope-from fjoe@neo.samodelkin.net) Received: by neo.samodelkin.net (Postfix, from userid 1000) id A6B6417019; Tue, 9 May 2006 18:19:24 +0700 (NOVST) Date: Tue, 9 May 2006 18:19:24 +0700 From: Max Khon To: Robert Watson Message-ID: <20060509111924.GD64148@samodelkin.net> References: <27148.1144030940@sss.pgh.pa.us> <20060402232832.M947@ganymede.hub.org> <20060402234459.Y947@ganymede.hub.org> <27417.1144033691@sss.pgh.pa.us> <20060403164139.D36756@fledge.watson.org> <14654.1144082224@sss.pgh.pa.us> <20060403194251.GF4474@ns.snowman.net> <20060403233540.D76562@fledge.watson.org> <20060403225145.GI4474@ns.snowman.net> <20060403235222.W76562@fledge.watson.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060403235222.W76562@fledge.watson.org> User-Agent: Mutt/1.4.2i Cc: Stephen Frost , freebsd-stable@FreeBSD.org, pgsql-hackers@postgresql.org, "Marc G. Fournier" , Kris Kennaway , Tom Lane Subject: Re: [HACKERS] semaphore usage "port based"? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 May 2006 11:19:27 -0000 Hi! On Mon, Apr 03, 2006 at 11:56:13PM +0100, Robert Watson wrote: > >>This is why it's disabled by default, and the jail documentation > >>specifically advises of this possibility. Excerpt below. > > > >Ah, I see, glad to see it's accurately documented. > > As it has been for the last five years, I believe since introduction of the > setting to allow System V IPC to be used with documented limitations. > > >Given the rather significant use of shared memory by Postgres it seems to > >me that jail'ing it under FBSD is unlikely to get you the kind of > >isolation between instances that you want (the assumption being that you > >want to avoid the possibility of a user under one jail impacting a user in > >another jail). As such, I'd suggest finding something else if you truely > >need that isolation for Postgres or dropping the jails entirely. > > > >Running the Postgres instances under different uids (as you'd probably > >expect to do anyway if not using the jails) is probably the right > >approach. Doing that and using jails would probably work, just don't > >delude yourself into thinking that you're safe from a malicious user in > >one jail. > > Yes, there seems to be an awful lot of noise being made about the fact that > the system does, in fact, work exactly as documented, and that the > configuration being complained about is one that is specifically documented > as being unsupported and undesirable. > > As commented elsewhere in this thread, currently, there is no > virtualization support for System V IPC in the FreeBSD Jail implementation. > That may change if/when someone implements it. Until it's implemented, it > isn't going to be there, and the system won't behave as though it's there > no matter how much jumping up and down is done. sysvipc has been implemented once, but it has been decided that it adds unnecessary bloat. That's sad. /fjoe