Quoting James O'Gorman <[email protected]> (from Mon, 28 Jun 2010
23:40:21 +0100):
On 28 Jun 2010, at 16:38, Jamie Gritton wrote:
On 06/28/10 08:41, Rodrigo Mosconi wrote:
An idea: if it works like a "jaild"? A daemon management the start-up,
shutdown, console redirection? All the admins task could be done by a
"jailctl"?
I don't know what work a daemon would have to do. I only see it running
tasks on startup, and then waiting until something tells it on shutdown
to wake up and stop the jails. That "something" would have to be that
jailctl you mention. If there's a jail program running anyway, might as
well keep all functionality in that one program.
Perhaps it's worth looking at Solaris Zones here, as that runs a
daemon in both the global zone and each container. I can't recall
exactly what it does off-hand as I don't have a Solaris box to hand
but it's probably similar to what you're talking about. I'm pretty
sure zoneadm talks to zoneadmd to start/stop/configure each zone in
the kernel.
Yes, but it also takes care about the zone console device
(http://docs.sun.com/app/docs/doc/817-1592/z.inst.ov-12?l=en&a=view).
This (and maybe some resource control stuff) is the only thing I see
which may make sense to be handled by a daemon, everything else could
be handled by zoneadm directly. I also see a security benefit of the
daemon if you give the right to manage zones to an user/role != root.
Both is not available in FreeBSD.
There is also the zsched running per zone. This process is explained
at http://docs.sun.com/app/docs/doc/817-1592/z.inst.ov-13?a=view
Bye,
Alexander.
--
Never have so many understood so little about so much.
-- James Burke
http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7
http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[email protected]"
