From owner-freebsd-current@FreeBSD.ORG Sun Jun 27 15:56:13 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 375F416A4CE; Sun, 27 Jun 2004 15:56:13 +0000 (GMT) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 79DE243D3F; Sun, 27 Jun 2004 15:56:12 +0000 (GMT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id 642C91FFDDD; Sun, 27 Jun 2004 17:56:04 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id 68F411FFDD9; Sun, 27 Jun 2004 17:56:02 +0200 (CEST) Received: by mail.int.zabbadoz.net (Postfix, from userid 1060) id 45B1F15384; Sun, 27 Jun 2004 15:53:34 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.int.zabbadoz.net (Postfix) with ESMTP id 3A94915329; Sun, 27 Jun 2004 15:53:35 +0000 (UTC) Date: Sun, 27 Jun 2004 15:53:35 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@e0-0.zab2.int.zabbadoz.net To: Pawel Jakub Dawidek In-Reply-To: <20040627101951.GJ12007@darkness.comp.waw.pl> Message-ID: References: <20040627101951.GJ12007@darkness.comp.waw.pl> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de cc: Robert Watson cc: Julian Elischer cc: "Bjoern A. Zeeb" cc: FreeBSD current users Subject: Re: jail getfsstat patches. X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jun 2004 15:56:13 -0000 On Sun, 27 Jun 2004, Pawel Jakub Dawidek wrote: Hi, first of all a BIG THANK YOU to Robert for the very detailed description. > On Sun, Jun 27, 2004 at 08:59:32AM +0200, Pawel Jakub Dawidek wrote: > +> If you give me a few days (maybe I'll be ready today) I'll try to prepare > +> patch to commit so we can review it together. > > Ok, here it goes: > > http://people.freebsd.org/~pjd/patches/jail_enforce_statfs.patch many thanks for the work; fetch says 17kb; looks like a very good abstraction and also includes patches for the emulations; great. I will look at this in detail. One thing that I have seen while skipping through the first time: could we avoid the function calls for non-jails or with jail_enforce_statfs=0 ? This would make the code somewhat longer as this part would be copied over multiple functions if (jailed(cred) && jail_enforce_statfs) { /* call of the two functions */ } (perhaps use a macro ?) but save people outside jails, w/o jails or with jail_enforce_statfs=0 the function calls. To answer another question: though I maybe thought/said s.th. else in the past I would like to keep the sysctl global and not have it per jail (if we start doing per-jail things we might really consider vimages (perhaps in 6-CURRENT) but that's out of the scope of this discussion). -- Greetings Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT