Date: Mon, 23 Apr 2001 20:00:47 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.ORG> To: Hroi Sigurdsson <hroi@asdf.dk> Cc: freebsd-arch@FreeBSD.ORG Subject: Re: jailNG Message-ID: <Pine.NEB.3.96L.1010423195108.99299B-100000@fledge.watson.org> In-Reply-To: <3AE48FFB.69A6142E@asdf.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 23 Apr 2001, Hroi Sigurdsson wrote: > Robert Watson wrote: > > > http://www.watson.org/~robert/jailng/ > > Very nice! What about the possibility of setting a non-overridable > "nice" value on jails or maybe rlimit? One issue that does need to be addressed in the new code is a problem inherited from the old code: a number of services are addressed on the global scope rather than the jail scope, including resource limits/accounting. One challenge in the jail implementation is a way to do this such that the jail code remains (relatively) cleanly abstracted from the remainder of the system. This is generally true of a number of namespace-based services, including System V IPC. I've toyed with a number of ideas, including a p->p_namespace, but haven't reached any firm conclusions yet, especially regarding situations where multiple issues (not just jail()) might be associated with namespace management. In the mean time, I'll continue my general cleanup of the authorization code. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010423195108.99299B-100000>