new feature: private IPC for every jail
Dmitry Pryanishnikov
dmitry at atlantis.dp.ua
Tue Apr 4 12:24:42 UTC 2006
Hello!
On Mon, 3 Apr 2006, Julian Elischer wrote:
>> (2) The name space model for system v ipc is flat, so while it's desirable
>> to
>> allow the administrator in the host environment to monitor and control
>> resource use in the jail (for example, delete allocated but unused
>> segments), doing that requires developing an administrative model for
>> it.
>
>
> it is possible the admin environment can't see it.
> unless you prefix it with something..
I think it would be nice if we can just name jail's IPC objects from host
environment using syntax like e.g.
/JID/name_in_jail
or
/jail_IP/name_in_jail
However, I can't find info whether "/" is legal as the 1st character of IPC
object ID. If yes, we should use another prefix. This approach won't work
if there are no restriction on IPC object IDs 1st character. Are there any?
Sincerely, Dmitry
--
Atlantis ISP, System Administrator
e-mail: dmitry at atlantis.dp.ua
nic-hdl: LYNX-RIPE
More information about the freebsd-current
mailing list