15 messages in org.freebsd.freebsd-hackersnullfs and named pipes.| From | Sent On | Attachments |
|---|---|---|
| Josef Karthauser | Feb 4, 2007 2:57 am | |
| Eric Anderson | Feb 6, 2007 4:48 pm | |
| Josef Karthauser | Feb 7, 2007 10:47 am | |
| Jeremie Le Hen | Feb 15, 2007 2:21 pm | |
| Josef Karthauser | Feb 15, 2007 3:22 pm | |
| Kostik Belousov | Feb 15, 2007 3:31 pm | |
| Josef Karthauser | Feb 15, 2007 4:34 pm | |
| Julian Elischer | Feb 15, 2007 6:11 pm | |
| Jeremie Le Hen | Feb 16, 2007 10:30 am | |
| Robert Watson | Feb 16, 2007 12:54 pm | |
| Kostik Belousov | Feb 16, 2007 2:36 pm | |
| Josef Karthauser | Feb 18, 2007 10:41 pm | |
| Robert Watson | Feb 19, 2007 2:01 pm | |
| Robert Watson | Feb 19, 2007 2:08 pm | |
| Robert Watson | Feb 19, 2007 2:28 pm |
| Subject: | nullfs and named pipes. | |
|---|---|---|
| From: | Jeremie Le Hen (jere...@le-hen.org) | |
| Date: | Feb 15, 2007 2:21:27 pm | |
| List: | org.freebsd.freebsd-hackers | |
Hi Josef,
On Sun, Feb 04, 2007 at 02:37:11AM +0000, Josef Karthauser wrote:
There appears to be a lot of confusion on the lists about this point as many people are trying to do this so as to make a single mysql server available from within a number of jails, for instance. However people appear to think that this is a limitation of the jail code, not a limitation of the null_fs code. Having named pipes work in null_fs filesystems would be a very handy thing indeed.
Note that all processes within a jail can only intefere with processes from another jail or host as if they were on different machines. This means they can communicate through PF_INET for instance but not PF_LOCAL.
IOW you have to think your jails as if theey were multiples boxes. You should therefore make them communicate with networking sockets and protect the latter with firewalling rules or tcpwrapper.
Regards,
-- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >