From owner-freebsd-arch  Fri Jul 14 15:12:59 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9])
	by hub.freebsd.org (Postfix) with ESMTP
	id 003F537BEC6; Fri, 14 Jul 2000 15:12:53 -0700 (PDT)
	(envelope-from julian@elischer.org)
Received: from InterJet.elischer.org (InterJet.elischer.org [192.168.1.1])
	by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id PAA59395;
	Fri, 14 Jul 2000 15:12:45 -0700 (PDT)
Date: Fri, 14 Jul 2000 15:12:44 -0700 (PDT)
From: Julian Elischer <julian@elischer.org>
To: Dan Nelson <dnelson@emsphone.com>
Cc: Warner Losh <imp@village.org>, Adrian Chadd <adrian@FreeBSD.ORG>,
	freebsd-arch@FreeBSD.ORG
Subject: Re: SysctlFS
In-Reply-To: <20000714170824.A21158@dan.emsphone.com>
Message-ID: <Pine.BSF.4.10.10007141511370.59294-100000@InterJet.elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG



On Fri, 14 Jul 2000, Dan Nelson wrote:

> In the last episode (Jul 14), Julian Elischer said:
> > On Fri, 14 Jul 2000, Warner Losh wrote:
> > > In message <20000714124805.F17372@ywing.creative.net.au> Adrian Chadd writes:
> > >: As I said in my previous email, persistence isn't the primary
> > >: problem in my eyes. There are many ways people can handle it. What
> > >: I see as being an interesting problem is handling devfs across
> > >: multiple process/group namespaces (jail/chroot) without cluttering
> > >: up your mount table.
> > > 
> > > Yes.  Another issue is the new hot plug devices.  It is highly
> > > desirable to allow arbitrary commands to run when they come and go.
> > 
> > I have some solutions for both problems..
> > At least for the devfs in jail problems..
> > 
> > in particular a variant on a symbolic link which is interpretted as a
> > symlink into /dev this would allow many /devs to exist without many
> > mounted filesystems in each jail
> 
> Would it be possible to have a symbolic link type that breaks out of a
> jail?  So you would have a "/myjail/dev ->> /dev" link in the jail that
> ends up referring to the real /dev.  This would also fix the /proc
> problem.  You wouldn't want to link /myjail/usr/lib to /usr/lib,
> though, because the jailed root would be able to modify the binaries,
> but /dev and /proc seem safe.
> 
basically that was the idea.. but you could only set it if you were root
and not in a jail.


> -- 
> 	Dan Nelson
> 	dnelson@emsphone.com
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message