From nobody Thu Nov 25 10:27:28 2021 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 171F118B20F2 for ; Thu, 25 Nov 2021 10:27:36 +0000 (UTC) (envelope-from paul.g.webster@googlemail.com) Received: from mail-wr1-x430.google.com (mail-wr1-x430.google.com [IPv6:2a00:1450:4864:20::430]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4J0DbC6gPVz4n2y; Thu, 25 Nov 2021 10:27:35 +0000 (UTC) (envelope-from paul.g.webster@googlemail.com) Received: by mail-wr1-x430.google.com with SMTP id d24so10602169wra.0; Thu, 25 Nov 2021 02:27:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=reply-to:from:to:cc:references:in-reply-to:subject:date :organization:message-id:mime-version:content-transfer-encoding :content-language:thread-index; bh=PMW6mRDiyugnKq7Vrwic28JreOc+aaQ88mXEaYEyOKY=; b=fCx2KlSpdbfNvekPpMNtGe4c0s3fJjUiaqa7kb7cgh9GVlC2XTaPtzb6bA1wnA6oi2 fAGJNZvxN8+KfrFN13SsqJ63mU9k4X3e3zJKSnYf+8v6c6XwftDNZ5LecFzHKry97O0G KLuQmAnQmoKbNR36xiveYPvFP6VpVUDcAIfNILe3UQQM8cv/y+4cWwnMkW4YbZmj5STt /4VMNRUu0f3bHnlfPiFkOn6llx/soLhVLSOnvaCL+9TFraCWhSAzenGHvkxb7eezhFNB DbPiju9Z5PyZ0C7k5tUvsaAasdp0Pb30jsMtEW9KRrFO8mv4dHeS1lMhwN0tg2+0RTgI ClXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:reply-to:from:to:cc:references:in-reply-to :subject:date:organization:message-id:mime-version :content-transfer-encoding:content-language:thread-index; bh=PMW6mRDiyugnKq7Vrwic28JreOc+aaQ88mXEaYEyOKY=; b=aoYkMWs7SLWYusGmzyHWCnNRY0XiurO/7nGmSRlGVuN10E/84XzFYtOcctK8Pw2m5v VyzUBiDrS7LgEeQ/L3c0v9+qzzhd9cDHVu9oONyNcOovLRlkvAwKZb/MbzyP39y73jGE 3Ki/ugIfya2RLmwfFt5Fp/laicuxgUIsJqi2K7+VAINs9IvfrYF1mENU1Oq7reZkDBIC geLorv0NLFL5nf4KuGaW/kPPo5ynPqucQHvaaDWD7PsZYZyCn6cytXIi3cgDFb/FjCgb p/Ms9EB+jKRVlHsSXPDmnel26pMQEomRIye6o1JkAJztbfePFoBz7+CZ5+F4HWFyoHhT yO9g== X-Gm-Message-State: AOAM531DGSRznJQAnhC3S1r7ptk6a5+Zys2HBsStyVWqVAlsuXj8MM1V hGS3uGfLsXAoWbUIPkBKUr7gA1R713MJcQ== X-Google-Smtp-Source: ABdhPJyfcMcKv9q+sOp3Sr4mXenvVpmW8BMTZgyJ23aaJWxrtewEOax5gn57HAioAZ43PADfNTACJQ== X-Received: by 2002:a05:6000:1889:: with SMTP id a9mr5448211wri.68.1637836048626; Thu, 25 Nov 2021 02:27:28 -0800 (PST) Received: from PaulDesktop ([2a00:23c7:551f:f800:41df:609d:467e:b878]) by smtp.gmail.com with ESMTPSA id k27sm9298966wms.41.2021.11.25.02.27.28 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 25 Nov 2021 02:27:28 -0800 (PST) Reply-To: From: To: "'Miroslav Lachman'" <000.fbsd@quip.cz>, "'Shawn Webb'" , "'Joseph Mingrone'" Cc: "'FreeBSD Hackers'" References: <861r36xzpe.fsf@phe.ftfl.ca> <20211123232814.6vx3sqnsdvc52oc3@mutt-hbsd> <6f33be37-a7c1-6217-8646-30b7c0306226@quip.cz> In-Reply-To: <6f33be37-a7c1-6217-8646-30b7c0306226@quip.cz> Subject: RE: Call for Foundation-supported Project Ideas Date: Thu, 25 Nov 2021 10:27:28 -0000 Organization: Paul Webster Message-ID: <006c01d7e1e7$0c30f8f0$2492ead0$@googlemail.com> List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 16.0 Content-Language: en-gb Thread-Index: AQJGF5QjmUftfKBheoi+SViUiLzunQI/G58dAsHZdpWrD5cdsA== X-Rspamd-Queue-Id: 4J0DbC6gPVz4n2y X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; TAGGED_FROM(0.00)[] X-ThisMailContainsUnwantedMimeParts: N You can add Bhyve and IPFW to that list as well, though both are well documented good examples and guides that are not ancient and out of date are rare as gold dust. -----Original Message----- From: owner-freebsd-hackers@freebsd.org On Behalf Of Miroslav Lachman Sent: 25 November 2021 00:49 To: Shawn Webb ; Joseph Mingrone Cc: FreeBSD Hackers Subject: Re: Call for Foundation-supported Project Ideas On 24/11/2021 00:28, Shawn Webb wrote: [...] > 3. jail orchestration in base. it's great that we have all these > disparate jail management ports, but we lack a fully > coherent/integreated solution. I'd love to see jail orchestration > get the same love as zfs in base. While we are talking about jail orchestration in base (which will be really useful to me as well) I would like to see better integration of jail in more aspects in base. Jails are part of the base for more than a decade but still kind of hidden (similar to cpuset - many users don't know about it / how to use it easily). Alexander Leidinger posted proposal in 2019 "automatic jailing of services (rc.d/*)" [1] with patch [2]. This seems useful and easy to implement in base to me. As far as I know, Alexander also have patch to allow run Xorg in jail. As for cpuset thing - 11 years ago I proposed patch to add support for cpuset in rc.subr for any service [3] PR 142434 [4]. I think it is even more useful these days as computers have really a lot of CPU cores. [1] https://lists.freebsd.org/pipermail/freebsd-jail/2019-February/003710.html [2] https://pastebin.com/LBZRezgu [3] https://lists.freebsd.org/pipermail/freebsd-rc/2010-January/001816.html [4] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=142434 Kind regards Miroslav Lachman