jail extensions

[Alex Lyashkov]

В Срд, 07.06.2006, в 05:03, Julian Elischer пишет:
> Maxim Konovalov wrote:
> 
> >On Tue, 6 Jun 2006, 19:17+0300, Alex Lyashkov wrote:
> >
> >  
> >
> >>Hello All,
> >>
> >>I started to write some extension for jail. Global
> >>idea is to write the complete virtual server solutions,
> >>when each virtual server has its own resources and limits
> >>of their usage.
> >>Now implemented:
> >>- all jail code compiled under 'options JAIL'
> >>- separated uid hash
> >>- separated SYSVIPC with limit IPC objects count
> >>- process count limit
> >>
> >>At first time I plan to implement file handles limit and
> >>limit of the total disk usage per jail.
> >>
> >>project homepage http://docs.freevps.com/doku.php?id=freebsd:index
> >>    
> >>
> >
> >I'd like to clarify Alex's point a bit: he wants to know his work is
> >acceptable by the project and could be merged.  It's obvious it's
> >almost impossible to maintain that outside of the tree.
> >
> >  
> >
> I'd like to see him merge his project with Marco's . If so then I'd be 
> more than happy
> to see this stuff come in once it reaches a certain level of maturity.
> 
> Marco and I have been going over some possible macros that could be used 
> to help with
> a lot of this and if the macros were used then some of the changes could 
> come in quite early
> as they would compile out to NOPs for anyone not using the changes.
> ( and provide an easy target for removal if it eventually doesn't complete).
I focused with write flexible kernel API and create conception - any
process run with own context. With 'jail2' all processes have
cred->pr_prison defined. As for me it`s allow easy use struct prison as
storage for any context related data such as uid hash, or diskquota
hash, limits info or other. Process count limit and separated uid hash
created as example to use this conception. 
Same conception used at my other project - FreeVPS
(http://www.freevps.com/tracker.html).

Where i can see you and Marco work ?


-- 
Alex Lyashkov <shadow at psoft.net>