Re: cvs commit: src/usr.sbin/jexec jexec.8 jexec.c

From: Robert Watson <rwatson_at_FreeBSD.org>
Date: Thu, 29 May 2008 15:56:50 +0100 (BST)
On Thu, 29 May 2008, Michael Reifenberger wrote:

> On Thu, May 29, 2008 at 03:14:20PM +0100, Robert Watson wrote: ...
>> The other concept that might be of benefit is a "dead" jail vs. a "live" 
>> jail -- with TCP connections taking a while to run down, there can often be 
>> dangling jail references that don't garbage collect for a few minutes. 
>> Perhaps, where there is ambiguity, live jails (ones with referencing 
>> processes) should be preferred to dead ones.
>
> Thats something that the admin should take care for.

How might they do that?  Remember that any command that works only when the 
jail IP is "unambiguous" will become effectively non-deterministic as a result 
of un-garbage collected jails.  So sometimes jexec -h <whatever> foo will 
simply work, and sometimes return an error, depending on whether 2MSL has 
happened yet or not.  I have to say that I really don't think that this 
addition is a good idea.  Once unique, administratively-determined jail names 
are available, and if we add the idea of "dying" jails, then this may be 
useful.  Otherwise, it seems like a conceptually inconsistent concept that 
fails to match the implementation -- i.e., one that will always work badly.

Robert N M Watson
Computer Laboratory
University of Cambridge
Received on Thu May 29 2008 - 14:56:51 UTC