From owner-freebsd-hackers Sat Nov 4 10:27: 0 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from thehousleys.net (frenchknot.ne.mediaone.net [24.147.224.201]) by hub.freebsd.org (Postfix) with ESMTP id DF51637B4E5 for ; Sat, 4 Nov 2000 10:26:57 -0800 (PST) Received: from thehousleys.net (baby.int.thehousleys.net [192.168.0.24]) by thehousleys.net (8.11.0/8.11.1) with ESMTP id eA4IOAs95945; Sat, 4 Nov 2000 13:24:10 -0500 (EST) (envelope-from jim@thehousleys.net) Message-ID: <3A045447.5BED0241@thehousleys.net> Date: Sat, 04 Nov 2000 13:24:07 -0500 From: James Housley X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Stephanie Wehner <_@r4k.net> Cc: Wes Peters , hackers@FreeBSD.ORG Subject: Re: jail and sysvipc (was Re: 4.2beta and shmget) References: <20001104175614.A550@r4k.net> <3A044BAF.E859BC3D@softweyr.com> <20001104191654.B858@r4k.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Stephanie Wehner wrote: > > On Sat, Nov 04, 2000 at 10:47:27AM -0700, Wes Peters wrote: > > > It works fine for me. Try this little program and see if it successfully > > attaches the shared memory segment: > > thx :) actually I think it might have something to do with jail then, > cause this test works fine on the actual host machine but not in the jail. > Looking at the jail manpage, you now have to set jail.sysvipc_allowed > in order to make it work. > > Are there any plans to adapt jail to work with (as stated in the manpage) > multiple namespaces for sysv stuff ? > From discussion on this and/or other lists, I forget where. This was done to make 4.2 "secure" or at least not bad in reference to SHM and jail code. The same discussions mentioned plans to actually fix/DTRT, but hat will take time. Jim -- jeh@FreeBSD.org http://www.FreeBSD.org The Power to Serve jim@TheHousleys.Net http://www.TheHousleys.net --------------------------------------------------------------------- "It's a damn poor mind that can only think of one way to spell a word." -- -Andrew Jackson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message