On Wed, 22 Apr 2009, Miroslav Lachman wrote:
Hi,
Bjoern A. Zeeb wrote:
On Wed, 22 Apr 2009, Miroslav Lachman wrote:
Hi,
I am running system FreeBSD 7.1-STABLE amd64 GENERIC (Wed Feb 11 09:56:08
CET 2009) hosting few jails.
The machine has dual core CPU and some jails are set to run only on one
core (core 0 in this example):
host# cpuset -l 0 -j 25
As I tested today, root user inside the jail can change this by the same
command as I am doing it from the host system:
injail# cpuset -l 0,1 -j 25
And from now, jail with JID 25 is running on both cores.
Is it expected behavior of cpuset to allow user inside the jail change
cpuset of the jail itself or is it a bug?
It seems to me as undesirable.
it is (undesirable) and it seems to be a bug as even if you do
host# cpuset -l 0 -r -j 25
you can get back to 0,1 from within the jail.
I'll check how/why this is possible.
/bz
PS: moving this to freebsd-jail@
Ok, I am not sure what is going wrong here; well I know but I don't
know if it's intended in cpuset. Trying to talk to the right people
but they seen to be AWOL atm.
If you are brave, you could try:
http://people.freebsd.org/~bz/20090423-01-cpuset-jails.diff
I haven't even compiled it yet. It may work, it may not work, it may
make your machine panicing, ... just to warn you.
it should still allow you to create further sets within a jail but you
should not be able to change the "root set" of the jail from inside
the jail anymore (in case it works;)
/bz
--
Bjoern A. Zeeb The greatest risk is not taking one.
_______________________________________________
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
