Date: Mon, 19 Sep 2005 16:15:04 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-stable@FreeBSD.ORG, Daniel Gerzo <danger@rulez.sk> Subject: Re: Jail to jail network performance? Message-ID: <200509191415.j8JEF3Gu015805@lurza.secnetix.de> In-Reply-To: <169892035.20050915104634@rulez.sk>
next in thread | previous in thread | raw e-mail | index | archive | help
[Sorry, this is a late reply, but might be helpful.] Daniel Gerzo <danger@rulez.sk> wrote: > Hello Brandon, > Thursday, September 15, 2005, 5:17:57 AM, you wrote: > > [...] > > nullfs looks interesting. I was thinking about sharing files > > between jails using NFS, but it looks like nullfs would do the trick > > with better performance. Although the bugs section of the man page > > for mount_nullfs is rather scary. Does anyone have any experience > > with it? Does it actually work? > > btw unionfs is interesting as well, but the BUGS section is pretty the > same :) Another possibility is to use union mounts (i.e. using the "-o union" mount flag with a regular mount). This works without problems and is very stable, but it is a little less flexible than UNIONFS (or NULLFS) because it merges only the directory entries at the mount point. > > If the point here is to make /tmp/mysql.sock show up in another > > jail's file space, can I use a symlink instead? Can a jailed process > > see the target of the symlink? > > I read that using such a symlinks has security impacts. Symlinks within a jail cannot point to targets outside of that jail. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "When your hammer is C++, everything begins to look like a thumb." -- Steve Haflich, in comp.lang.c++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200509191415.j8JEF3Gu015805>