A jail notion.
Zaphod Beeblebrox
zbeeble at gmail.com
Wed Sep 4 18:55:48 UTC 2019
So... in general, I put jails in /jail. I could, for instance, aggregate
all unique userids and groupids into /etc/master.password and /etc/group by
scanning /jail/*/etc/master.passwd, but then again, I could also run kerb.
This could be further generalized by following the jail root configured in
/etc/jail.conf.
Now... I admit the fact that not all jails will have a password or group
file, but looking at the fairly vast number of jails that I deploy, at
least for me, they almost all have password and group files.
What am I getting at? Running top on the host ... many of the jail users
end up as numbers. It would be supremely helpful if top was jail-enabled
in this manner. In fact, although I routinely consider kerberos ... I
don't think it would solve this problem. What does the userid of a process
look like under kerb?
Anyways... food for thought.
More information about the freebsd-hackers
mailing list