From owner-freebsd-arch@FreeBSD.ORG Wed Jun 7 05:59:40 2006 Return-Path: X-Original-To: freebsd-arch@freebsd.org Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6E8E416AA3F for ; Wed, 7 Jun 2006 05:59:40 +0000 (UTC) (envelope-from shadow@psoft.net) Received: from mail.sevcity.net (ns.sevcity.net [193.47.166.213]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8EAA443D45 for ; Wed, 7 Jun 2006 05:59:39 +0000 (GMT) (envelope-from shadow@psoft.net) Received: from mail.sevcity.net (service.sevcity [127.0.0.1]) by mail.sevcity.net (Postfix) with ESMTP id 5FBB917000B; Wed, 7 Jun 2006 09:01:05 +0300 (EEST) Received: from berloga.shadowland (umka.sevcity.net [193.47.166.138]) by mail.sevcity.net (Postfix) with ESMTP id 1F5AD170008; Wed, 7 Jun 2006 09:01:04 +0300 (EEST) Received: from berloga.shadowland (berloga.shadowland [127.0.0.1]) by berloga.shadowland (8.12.11.20060308/8.12.11) with ESMTP id k575xcUu003521; Wed, 7 Jun 2006 08:59:38 +0300 Received: (from root@localhost) by berloga.shadowland (8.12.11.20060308/8.12.11/Submit) id k575xb5d003519; Wed, 7 Jun 2006 08:59:37 +0300 From: Alex Lyashkov To: Julian Elischer In-Reply-To: <448633F2.7030902@elischer.org> References: <1149610678.4074.42.camel@berloga.shadowland> <20060606202741.D67271@mp2.macomnet.net> <448633F2.7030902@elischer.org> Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: quoted-printable Organization: Positive Software Message-Id: <1149659976.3224.79.camel@berloga.shadowland> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 (1.4.5-17) Date: Wed, 07 Jun 2006 08:59:37 +0300 X-Virus-Scanned: ClamAV using ClamSMTP Cc: freebsd-arch@freebsd.org Subject: Re: jail extensions X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jun 2006 06:00:01 -0000 =F7 =F3=D2=C4, 07.06.2006, =D7 05:03, Julian Elischer =D0=C9=DB=C5=D4: > Maxim Konovalov wrote: >=20 > >On Tue, 6 Jun 2006, 19:17+0300, Alex Lyashkov wrote: > > > > =20 > > > >>Hello All, > >> > >>I started to write some extension for jail. Global > >>idea is to write the complete virtual server solutions, > >>when each virtual server has its own resources and limits > >>of their usage. > >>Now implemented: > >>- all jail code compiled under 'options JAIL' > >>- separated uid hash > >>- separated SYSVIPC with limit IPC objects count > >>- process count limit > >> > >>At first time I plan to implement file handles limit and > >>limit of the total disk usage per jail. > >> > >>project homepage http://docs.freevps.com/doku.php?id=3Dfreebsd:index > >> =20 > >> > > > >I'd like to clarify Alex's point a bit: he wants to know his work is > >acceptable by the project and could be merged. It's obvious it's > >almost impossible to maintain that outside of the tree. > > > > =20 > > > I'd like to see him merge his project with Marco's . If so then I'd be=20 > more than happy > to see this stuff come in once it reaches a certain level of maturity. >=20 > Marco and I have been going over some possible macros that could be used=20 > to help with > a lot of this and if the macros were used then some of the changes could=20 > come in quite early > as they would compile out to NOPs for anyone not using the changes. > ( and provide an easy target for removal if it eventually doesn't complet= e). I focused with write flexible kernel API and create conception - any process run with own context. With 'jail2' all processes have cred->pr_prison defined. As for me it`s allow easy use struct prison as storage for any context related data such as uid hash, or diskquota hash, limits info or other. Process count limit and separated uid hash created as example to use this conception.=20 Same conception used at my other project - FreeVPS (http://www.freevps.com/tracker.html). Where i can see you and Marco work ? --=20 Alex Lyashkov