How to implement jail-aware SysV IPC (with my nasty patch)
kikuchan at uranus.dti.ne.jp
kikuchan at uranus.dti.ne.jp
Mon Jun 15 17:10:33 UTC 2015
On Mon, 15 Jun 2015 09:53:53 +0000, "Bjoern A. Zeeb" <bzeeb-lists at lists.zabbadoz.net> wrote:
> Hi,
>
> removed hackers, added virtualization.
>
>
>> On 12 Jun 2015, at 01:17 , kikuchan at uranus.dti.ne.jp wrote:
>>
>> Hello,
>>
>> I’m (still) trying to figure out how jail-aware SysV IPC mechanism should be.
>
> The best way probably is to finally get the “common” VIMAGE framework into HEAD to allow easy virtualisation of other services. That work has been sitting in perforce for a few years and simply needs updating for sysctls I think.
>
> Then use that to virtualise things and have a vipc like we have vnets. The good news is that you have identified most places and have the cleanup functions already so it’d be a matter of transforming your changes (assuming they are correct and working fine; haven’t actually read the patch in detail;-) to the different infrastructure. And that’s the easiest part.
>
>
> Bjoern
Hi Bjoern,
Thank you for your reply.
The "common" VIMAGE framework sounds good, I really want it.
I want to know what the IPC system looks like for user-land after virtualized,
and what happen if vnet like vipc is implemented.
For example, jail 1, 2, 3 join vipc group A, and jail 4, 5, 6 join vipc group B ??
Hmm, it looks good.
Regards,
Kikuchan
More information about the freebsd-virtualization
mailing list