From owner-freebsd-jail@FreeBSD.ORG Thu Apr 23 23:22:12 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 80A32106566C for ; Thu, 23 Apr 2009 23:22:12 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) by mx1.freebsd.org (Postfix) with ESMTP id 3E29B8FC08 for ; Thu, 23 Apr 2009 23:22:11 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from localhost (localhost.codelab.cz [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 9488D19E023; Fri, 24 Apr 2009 01:22:09 +0200 (CEST) Received: from [192.168.1.2] (r5bb235.net.upc.cz [86.49.61.235]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id 3AF1919E019; Fri, 24 Apr 2009 01:22:07 +0200 (CEST) Message-ID: <49F0F81F.8050503@quip.cz> Date: Fri, 24 Apr 2009 01:22:07 +0200 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 X-Accept-Language: cz, cs, en, en-us MIME-Version: 1.0 To: "Bjoern A. Zeeb" References: <49EE4B6B.5020005@quip.cz> <20090422094447.A15361@maildrop.int.zabbadoz.net> <49EEF5DB.4030408@quip.cz> <20090423141908.T15361@maildrop.int.zabbadoz.net> In-Reply-To: <20090423141908.T15361@maildrop.int.zabbadoz.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org Subject: Re: changing cpuset of jail from inside of jail - is it feature? X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 23:22:12 -0000 Bjoern A. Zeeb wrote: [...] > Ok, I am not sure what is going wrong here; well I know but I don't > know if it's intended in cpuset. Trying to talk to the right people > but they seen to be AWOL atm. > > > If you are brave, you could try: > > http://people.freebsd.org/~bz/20090423-01-cpuset-jails.diff > > I haven't even compiled it yet. It may work, it may not work, it may > make your machine panicing, ... just to warn you. > > it should still allow you to create further sets within a jail but you > should not be able to change the "root set" of the jail from inside > the jail anymore (in case it works;) I did just a quick test. (OK, not so quick, because compilation inside Qemu on my old PC takes 2 hours ;]) It compiles without problems and did what I expect: root@72-rc1 ~/# jls JID IP Address Hostname Path 1 alpha.test /usr/jail/alpha root@72-rc1 ~/# jexec 1 tcsh root@alpha //# cpuset -l 0 -j 1 cpuset: setaffinity: Operation not permitted root@alpha //# cpuset -l 0 -r -j 1 cpuset: setaffinity: Operation not permitted I have no real multicore machine to test it more deeply. (can't test it on production servers and spare machine is blocked by another task) Will this fix be included in 7.2-RELEASE or is it too late to commit this fix? Miroslav Lachman