Chris Seberino wrote: > What is wrong with a bunch of chroot jails instead?
If you have to ask that question you have seriously missed the point. chroot jails are a PITA to work with. They also provide practically zero isolation from one to another. Sure they appear to be in different filesystem namespaces but any one of them can still run the machine out of memory which would kill the rest. There have been ways to escape from chroot jails. You cannot run a different kernel in a chroot jail. You cannot migrate chroot jails from one machine to another with no downtown. The list goes on. -- Tracy R Reed http://copilotconsulting.com 1-877-MY-COPILOT -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
