From owner-freebsd-virtualization@FreeBSD.ORG  Wed Jul  9 21:02:39 2008
Return-Path: <owner-freebsd-virtualization@FreeBSD.ORG>
Delivered-To: freebsd-virtualization@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 19D561065672
	for <freebsd-virtualization@freebsd.org>;
	Wed,  9 Jul 2008 21:02:39 +0000 (UTC)
	(envelope-from jamie@gritton.org)
Received: from gritton.org (gritton.org [161.58.222.4])
	by mx1.freebsd.org (Postfix) with ESMTP id D2F568FC1B
	for <freebsd-virtualization@freebsd.org>;
	Wed,  9 Jul 2008 21:02:38 +0000 (UTC)
	(envelope-from jamie@gritton.org)
Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net
	[198.65.168.24]) (authenticated bits=0)
	by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id m69L2bpP083738
	for <freebsd-virtualization@freebsd.org>;
	Wed, 9 Jul 2008 15:02:38 -0600 (MDT)
Message-ID: <48752768.9080106@gritton.org>
Date: Wed, 09 Jul 2008 15:02:32 -0600
From: James Gritton <jamie@gritton.org>
User-Agent: Thunderbird 2.0.0.9 (X11/20080228)
MIME-Version: 1.0
To: freebsd-virtualization@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV version 0.93, clamav-milter version 0.93 on gritton.org
X-Virus-Status: Clean
Subject: jail_set (pretty much) done
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
	<freebsd-virtualization.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>,
	<mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization>
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>,
	<mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jul 2008 21:02:39 -0000

The name-based FreeBSD Jail extensions are now ready for use.  I've 
added support to the user-space programs (jail, jls, jexec), and added 
some fluff to the relevant man pages.

This still stands alone - I haven't yet integrated it with Vimage, which 
is the next step.  But it's there for anyone who wants to take a look at 
it on its own.  I've put diffs against Current in 
http://gritton.org/jail_set.diff, and I have a perforce branch in 
//depot/user/jamie/jail_set/.

In a nutshell, this adds three system calls: jail_get, jail_set, and 
jail_remove.  Jail_remove is a no-brainer.  The other two allow jails to 
be created and existing jails to be modified in a manner similar to the 
nmount system call.  The user-level jail and jls programs work with 
these system calls to set/get an arbitrary set of name-based jail 
parameters.  The system has a certain set of parameters, key among them 
the members of original jail structure, and modules are free to add 
their own parameters.  The linux OS info has been changed to use this 
setup as a demonstration (and because it's just better that way).

Hierarchical jails are supported (though turned off by default).

It's all in the updated jail(2) and jail(8) man pages.

- Jamie