new feature: private IPC for every jail
Julian Elischer
julian at elischer.org
Mon Apr 3 19:40:56 UTC 2006
Robert Watson wrote:
>
> On Mon, 3 Apr 2006, Marc G. Fournier wrote:
>
>> http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/48471
>>
>> [kernel] [patch] new feature: private IPC for every jail
>>
>> Its an ancient, 4.x patch for having private IPC in a jail ... not
>> sure how hard it would be to bring it up to 6.x / -current standards
>> though ... but it seems like something 'good' that is needed ...
>
>
> In the past I've looked at doing things along these lines, but usually
> stall after a first hack when trying to decide how to deal with two
> critical issues:
>
> (1) The fact that system v ipc primitives are loadable, and
> unloadable, which
> requires some careful handling relating to registration order, etc.
this is related to the problem that needs to be solved for getting
vimage into -current.
>
> (2) The name space model for system v ipc is flat, so while it's
> desirable to
> allow the administrator in the host environment to monitor and
> control
> resource use in the jail (for example, delete allocated but unused
> segments), doing that requires developing an administrative model
> for it.
it is possible the admin environment can't see it.
unless you prefix it with something..
>
> These challenges can be surmounted, but the doing them in a nice way
> requires some thought.
>
> Robert N M Watson
> _______________________________________________
> freebsd-current at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to
> "freebsd-current-unsubscribe at freebsd.org"
More information about the freebsd-stable
mailing list