Robert Watson wrote:
On Mon, 3 Apr 2006, Marc G. Fournier wrote:
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/48471
[kernel] [patch] new feature: private IPC for every jail
Its an ancient, 4.x patch for having private IPC in a jail ... not
sure how hard it would be to bring it up to 6.x / -current standards
though ... but it seems like something 'good' that is needed ...
In the past I've looked at doing things along these lines, but usually
stall after a first hack when trying to decide how to deal with two
critical issues:
(1) The fact that system v ipc primitives are loadable, and
unloadable, which
requires some careful handling relating to registration order, etc.
this is related to the problem that needs to be solved for getting
vimage into -current.
(2) The name space model for system v ipc is flat, so while it's
desirable to
allow the administrator in the host environment to monitor and
control
resource use in the jail (for example, delete allocated but unused
segments), doing that requires developing an administrative model
for it.
it is possible the admin environment can't see it.
unless you prefix it with something..
These challenges can be surmounted, but the doing them in a nice way
requires some thought.
Robert N M Watson
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
