On 3 Oct 2008, at 23:02, Jordan Brown wrote: > Nicolas Williams wrote: >> On Fri, Oct 03, 2008 at 02:37:28PM -0700, Jordan Brown wrote: >>> Nick is trying to isolate virtual systems, not users. I've seen >>> this >> >> That was, obviously, not the impression tat I got. It's trivial to >> separate virtual systems by just running them in zones. But if I >> misread what Nick was asking, then you're right, we should respond >> with >> documentation on how to setup zones and so on (that documentation >> exists, of course, and can easily be found online; I suspect Google >> knows all about it). > > My interpretation (and hopefully Nick will jump in here soon and > clarify) is that he's trying to get some additional cross-zone > sharing, > over simply running a fresh Apache in each zone.
Sorry, shouldn't have posted that shortly before a near-7-hour journey. Just digesting the replies now. >> I think the mention of zone_enter() is what made me think take Nick's >> question quite literally. That is, I assumed that zones newbie would >> not have known about zone_enter(), therefore I assumed Nick is not a >> newbie. Nick is a newbie to zones:-) > Remember that "user" is a relative term. The "user" of a hosting > company is the hosting customer, *not* the guy behind the web browser. Exactly. The zone_enter will happen at server startup. To have it happen per-request in the server would imply an enormous overhead, because it's a complete misfit to the Apache architecture. CGI could perhaps do it in a similar manner to the existing setuid wrapper, but that's a lesser solution to a less-interesting problem. > Note also that (with no disrespect meant to Nick) a common newbie > behavior is to latch onto some random interface and attempt to bend it > to solve the problem at hand, whether or not it's the intended way to > solve that problem. That may indeed be the case. Though I should add, my newbiedom applies to Solaris kernel goodies, not to Apache or web-serving (guess it's time to attach my apache book .sig:-) I'm exploring (or, if you prefer, latching on to) the possibility of a strong solution to a long-standing problem. > -- Nick Kew Application Development with Apache - the Apache Modules Book http://www.apachetutor.org/ _______________________________________________ zones-discuss mailing list zones-discuss@opensolaris.org
