jail2 patchset 12
Kris Kennaway
kris at obsecurity.org
Sun Sep 17 14:20:04 PDT 2006
On Sat, Sep 16, 2006 at 02:54:16PM +0300, Alex Lyashkov wrote:
> Hello All,
>
> Some time ago I finished the next public jail2 patchset.
> As of now, jail2 supports per-jail SYSV IPC namespaces.
> It is possible to configure which jails can and which cannot use
> SYSV IPC. The UID hash is also perl-jail now.
> he patchset also implements per-jail resource limits, such as:
> - number of SYSV IPC objects;
> - number of processes;
> - number of filedescriptors.
> In addition, all jail-related code was moved under 'options JAIL'.
>
> The project's homepage:
> http://docs.freevps.com/doku.php?id=freebsd:index
I get the following panic when creating a jail:
panic: mutex allprison not owned at ../../../kern/kern_jail.c:374
cpuid = 1
KDB: enter: panic
[thread pid 930 tid 106142 ]
Stopped at kdb_enter+0x32: leave
db> wh
Tracing pid 930 tid 106142 td 0xd30841b0
kdb_enter(c0756d95,1,c0755e9c,f17c9b80,d30841b0,...) at kdb_enter+0x32
panic(c0755e9c,c075431c,c0754331,176,1,...) at panic+0x1b1
_mtx_unlock_spin_flags(c07c6214,1,c0754331,176,0,...) at _mtx_unlock_spin_flags
prison_find(1,0,0,d30841b0,c5bb9800,...) at prison_find+0x2e
jail_attach(d30841b0,f17c9bf0,c0754331,9f,c5bb992c,...) at jail_attach+0x38
jail(d30841b0,f17c9d04,4,f17c9d38,1,...) at jail+0x3b5
syscall(3b,3b,3b,bfbfe8c0,bfbfe904,...) at syscall+0x152
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (338, FreeBSD ELF32, jail), eip = 0x280d1ee7, esp = 0xbfbfe3ac, ebp = 0xbfbfe888 ---
930 545 544 0 R CPU 1 jail
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20060917/0e3f90a5/attachment.pgp
More information about the freebsd-hackers
mailing list