Re: Per Jail Memory Limits
Tom Judge wrote: So I have worked up some thing usable fore us based on the 7.0 code from the wiki. This patch is for 7.1 in implements both soft and hard memory limits. Details are here: http://www.tomjudge.com/index.php/FreeBSD/Jails/MemoryLimits Changes that add supporting infrastructure for cpu limiting are in the patch but changes to the schedulers have not been included. If you need the scheduling support you will need to patch sched_4bsd with the code from the original patch set here: http://lists.freebsd.org/pipermail/freebsd-jail/2008-June/000333.html Hope this is useful for some people. I added links to this thread and to your patch into wiki page http://wiki.freebsd.org/Jails. I hope it will help people to find your work. Do you plan to make it for 7.2 and other future releases? Miroslav Lachman ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: Per Jail Memory Limits
Miroslav Lachman wrote: Tom Judge wrote: So I have worked up some thing usable fore us based on the 7.0 code from the wiki. This patch is for 7.1 in implements both soft and hard memory limits. Details are here: http://www.tomjudge.com/index.php/FreeBSD/Jails/MemoryLimits Changes that add supporting infrastructure for cpu limiting are in the patch but changes to the schedulers have not been included. If you need the scheduling support you will need to patch sched_4bsd with the code from the original patch set here: http://lists.freebsd.org/pipermail/freebsd-jail/2008-June/000333.html Hope this is useful for some people. I added links to this thread and to your patch into wiki page http://wiki.freebsd.org/Jails. I hope it will help people to find your work. Do you plan to make it for 7.2 and other future releases? Miroslav Lachman ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org It is good that people work in this direction! At present there are some patches, however any of them is not finished. I suggest to discuss in details a problem. The most important questions. 1. It is necessary to limit what resources? 2. How resources should be limited? Soft and hard limits. 3. How to count memory occupied with group of processes? 4. How to limit memory use? Whether correctly to kill processes? 5. How to limit use of processor time at absence in ULE separate turns of performance for jails? 6. Whether limits should be inherited at creation jails? etc. -- Menshikov Konstantin ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: how to make the jail safe for the parent system?
Andrey Groshev wrote:
Hi, All!
I understand, what not absolutely normal question, but...
There is I and my server.
Also there is other person a server responsible for a web.
Periodically he wants that I would instal some software, but in my
representation, this software bad or unnecessary.
I wish to make jail for its and its software.
To give to this person complete access to it, let does all that wants.
But, if in the jail create wrong start scripts, then the parent system
too cannot be started up to the end.
For example: in jail in /etc/rc.local write /bin/sh
And that starts all after this prison will not receive handle.
Question: how it to avoid?
Hi.
I`m think, that this is bug in /etc/rc.d/jail script.
You can fix /etc/rc.d/jail
626 run_rc_command ${cmd}
627 sleep 5
instead
626 run_rc_command ${cmd}
This work.
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: Per Jail Memory Limits
Miroslav Lachman wrote: Tom Judge wrote: So I have worked up some thing usable fore us based on the 7.0 code from the wiki. This patch is for 7.1 in implements both soft and hard memory limits. Details are here: http://www.tomjudge.com/index.php/FreeBSD/Jails/MemoryLimits Changes that add supporting infrastructure for cpu limiting are in the patch but changes to the schedulers have not been included. If you need the scheduling support you will need to patch sched_4bsd with the code from the original patch set here: http://lists.freebsd.org/pipermail/freebsd-jail/2008-June/000333.html Hope this is useful for some people. I added links to this thread and to your patch into wiki page http://wiki.freebsd.org/Jails. I hope it will help people to find your work. Do you plan to make it for 7.2 and other future releases? Thanks for adding it to the wiki. It should be simple to apply to 7.2, I can try to knock out a patch in my spare time for this. However at this time I have no plans to take this any further, it seems plenty of people are working on this problem. Maybe one day there will be an in tree solution. Tom ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
