From owner-freebsd-current@FreeBSD.ORG Sun Jun 27 16:10:01 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 986AF16A4CE; Sun, 27 Jun 2004 16:10:01 +0000 (GMT) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4014E43D1D; Sun, 27 Jun 2004 16:10:01 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id 9A17CACAF8; Sun, 27 Jun 2004 18:09:59 +0200 (CEST) Date: Sun, 27 Jun 2004 18:09:59 +0200 From: Pawel Jakub Dawidek To: "Bjoern A. Zeeb" Message-ID: <20040627160959.GL12007@darkness.comp.waw.pl> References: <20040627065932.GH12007@darkness.comp.waw.pl> <20040627101951.GJ12007@darkness.comp.waw.pl> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="8tpUGmYwaewiPhBZ" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 cc: Robert Watson cc: Julian Elischer cc: "Bjoern A. Zeeb" cc: FreeBSD current users Subject: Re: jail getfsstat patches. X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jun 2004 16:10:01 -0000 --8tpUGmYwaewiPhBZ Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jun 27, 2004 at 03:53:35PM +0000, Bjoern A. Zeeb wrote: +> One thing that I have seen while skipping through the first time: +>=20 +> could we avoid the function calls for non-jails or with +> jail_enforce_statfs=3D0 ? This would make the code somewhat longer +> as this part would be copied over multiple functions +>=20 +> if (jailed(cred) && jail_enforce_statfs) { +> /* call of the two functions */ +> } +>=20 +> (perhaps use a macro ?) but save people outside jails, w/o jails +> or with jail_enforce_statfs=3D0 the function calls. IMHO it should stay as it is, because: - Some other prison_* functions do the same, i.e. check jailed(cred) by themselfs. - Function prison_canseemount() should be renamed some day to cr_canseemount(), so I don't want it to be treated as jail-specific. - Code is much cleaner. - It doesn't save as too much CPU, really, and we don't need speed here. +> To answer another question: though I maybe thought/said s.th. else in +> the past I would like to keep the sysctl global and not have it per +> jail (if we start doing per-jail things we might really consider +> vimages (perhaps in 6-CURRENT) but that's out of the scope of +> this discussion). I agree, it shouldn't be per-jail. More than that, it should be removed in the future to don't allow for old behaviour. --=20 Pawel Jakub Dawidek http://www.FreeBSD.org pjd@FreeBSD.org http://garage.freebsd.pl FreeBSD committer Am I Evil? Yes, I Am! --8tpUGmYwaewiPhBZ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFA3vFXForvXbEpPzQRAkZ3AKCe1/9IBgc3alTPl+T7uDSkCT1GWACfUhhY 2lVdh8PfoLkm78X2PSvo5jU= =Up9C -----END PGP SIGNATURE----- --8tpUGmYwaewiPhBZ--