Jailed sysvipc implementation.
Max Khon
fjoe at iclub.nsu.ru
Wed Jun 25 16:22:41 PDT 2003
hi, there!
On Wed, Jun 25, 2003 at 06:52:33PM +0400, Dmitry Sivachenko wrote:
> Yes, that is exactly what I want.
> This is similar to separate IP stack for each jail: this is more powerful
> solution, but more expensive (uses more kernel memory).
>
> Jail is not a true virtual machine.
> Let's keep it a *light* virtual machine replacement, with single IP stack,
> one memory zones for all jails and host, etc.
btw I know of two projects whose goal is IP stack virtualization for jail.
Virtual IP stack (as well as virtualized sysvipc with separate
memory zones) can be quite useful. Can provide two solutions?
- with shared memory zone (for those who want "light" version)
- with separate memory zones (for people who want to keep
sysvipc fully separated, i.e. one user can't exhaust all sysvipc resources
and make sysvipc unusable for second user)
/fjoe
More information about the freebsd-arch
mailing list