A jail notion.

Zaphod Beeblebrox zbeeble at gmail.com
Wed Sep 4 18:55:48 UTC 2019


So... in general, I put jails in /jail.  I could, for instance, aggregate
all unique userids and groupids into /etc/master.password and /etc/group by
scanning /jail/*/etc/master.passwd, but then again, I could also run kerb.
This could be further generalized by following the jail root configured in
/etc/jail.conf.

Now... I admit the fact that not all jails will have a password or group
file, but looking at the fairly vast number of jails that I deploy, at
least for me, they almost all have password and group files.

What am I getting at?  Running top on the host ... many of the jail users
end up as numbers.  It would be supremely helpful if top was jail-enabled
in this manner.  In fact, although I routinely consider kerberos ... I
don't think it would solve this problem.  What does the userid of a process
look like under kerb?

Anyways... food for thought.


More information about the freebsd-hackers mailing list