| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1:
s/suser/suser_xxx/
2:
Add new function: suser(struct proc *), prototyped in <sys/proc.h>.
3:
s/suser_xxx(\([a-zA-Z0-9_]*\)->p_ucred, \&\1->p_acflag)/suser(\1)/
The remaining suser_xxx() calls will be scrutinized and dealt with
later.
There may be some unneeded #include <sys/cred.h>, but they are left
as an exercise for Bruce.
More changes to the suser() API will come along with the "jail" code.
|
| | |
|
| |
|
|
|
|
| |
routine was [ab]used for two different things, and you couldn't tell from
the wait channel which one had wedged.
Catch a few things missing from NFS_NOSERVER.
|
| |
|
|
|
|
| |
it builds if NFS_NOSERVER is defined.
Spotted by: Bruce Evans <bde@zeta.org.au>
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This makes it possible to change the sysctl tree at runtime.
* Change KLD to find and register any sysctl nodes contained in the loaded
file and to unregister them when the file is unloaded.
Reviewed by: Archie Cobbs <archie@whistle.com>,
Peter Wemm <peter@netplex.com.au> (well they looked at it anyway)
|
| |
|
|
| |
kernel compile
|
| |
|
|
|
|
|
|
|
|
| |
changes to the VM system to support the new swapper, VM bug
fixes, several VM optimizations, and some additional revamping of the
VM code. The specific bug fixes will be documented with additional
forced commits. This commit is somewhat rough in regards to code
cleanup issues.
Reviewed by: "John S. Dyson" <root@dyson.iquest.net>, "David Greenman" <dg@root.com>
|
| | |
|
| |
|
|
| |
Submitted by: Bradley Dunn <bradley@dunn.org> (pr: kern/8817)
|
| |
|
|
|
|
| |
slightly garbled but older servers seemed to understand it).
Reviewed by: David O'Brien <obrien@nuxi.ucdavis.edu>
|
| |
|
|
|
|
|
| |
ECANCELED, EILSEQ.
Fixed ibcs2 and especially linux EIDRM and ENOMSG errno mapping.
Reviewed by: Dan Nelson <dnelson@emsphone.com>
|
| |
|
|
| |
that it can never fail.
|
| | |
|
| |
|
|
| |
and local variables, goto labels, and functions declared but not defined.
|
| |
|
|
|
|
| |
free() sometimes.
Reviewed by: Eric Haug <ejh@eas.slu.edu>
|
| |
|
|
|
|
|
| |
second argument. np_size is a 64 bit int, so is the second arg. This
might have caused needless 2G/4G file size problems.
I believe it was Bruce who queried this.
|
| |
|
|
|
|
| |
sure that this is necessary to be a sync write here since a VOP_FSYNC()
follows and it will schedule, sort and complete the writes that the
vm_object_page_clean() started (as I think I understand things).
|
| |
|
|
| |
rather than abusing the list next pointer with a magic number.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
is less than NFS_MINPACKET or greater than NFS_MAXPACKET in size, it
barfs and, I think, drops the connection.
However, there's no guarantee that in a multi-fragment RPC, all the
fragments will be at least as large as NFS_MINPACKET.
In fact, with the version of "tclnfs" we have here, which supports NFS
over TCP, at least when built under SunOS 4.1.3 (i.e., with 4.1.3's
user-mode ONC RPC library), I can *repeatably* cause "tclnfs" to send a
request with more than one fragment, one of which is only 8 bytes long.
I just do a 3877-byte write to a file, at an offset of 0.
The check that "slp->ns_reclen" is greater than or equal to
NFS_MINPACKET serves no useful purpose - if the NFS server code can't
handle packets < NFS_MINPACKET bytes, it can't handle them over *any*
protocol, so the check has to be done above the RPC-over-TCP layer - and
should be removed.
Obtained from: Fix from Guy Harris, forwarded by Rick Macklem.
|
| |
|
|
|
|
| |
detachment of vfs sysctls. Unloading of vfs LKMs doesn't actually
work for any vfs, since it leaves garbage pointers to memory
allocation control structures.
|
| |
|
|
|
|
|
|
| |
when nfs is an LKM. Declare it in a header file. Don't forget to use
it in non-Lite2 code. Initialize it to -1 instead of to 0, since 0
will soon be the mount type number for the first vfs loaded.
NetBSD uses strcmp() to avoid this ugly global.
|
| |
|
|
| |
NULL, buf free() can't.
|
| |
|
|
|
|
| |
another specialized mbuf type in the process. Also clean up some
of the cruft surrounding IPFW, multicast routing, RSVP, and other
ill-explored corners.
|
| |
|
|
|
|
|
|
|
| |
interface congestion (eg: nfs over a ppp link, etc). Don't log these
for UDP mounts, and don't cause syscalls to fail with EINTR.
This stops the 'nfs send error 55' warnings.
If the error is because the system is really hosed, this is the least
of your problems...
|
| |
|
|
|
|
|
| |
respectively. Most of the longs should probably have been
u_longs, but this changes is just to prevent warnings about
casts between pointers and integers of different sizes, not
to fix poorly chosen types.
|
| | |
|
| |
|
|
|
|
|
|
| |
NFS_*TIMO should possibly be converted to sysctl vars (jkh's suggestion),
but in some cases it looks like nfs keeps a copy of the value in a struct
hash sizes are already ifdef'd KERNEL, so there aren't userland inpact
from them...
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NFS_MINATTRTIMO VREG attrib cache timeout in sec
NFS_MAXATTRTIMO
NFS_MINDIRATTRTIMO VDIR attrib cache timeout in sec
NFS_MAXDIRATTRTIMO
NFS_GATHERDELAY Default write gather delay (msec)
NFS_UIDHASHSIZ Tune the size of nfssvc_sock with this
NFS_WDELAYHASHSIZ and with this
NFS_MUIDHASHSIZ Tune the size of nfsmount with this
NFS_NOSERVER (already documented in LINT)
NFS_DEBUG turn on NFS debugging
also, because NFS_ROOT is used by very different files, it has been
renamed to opt_nfsroot.h instead of the old opt_nfs.h....
|
| |
|
|
| |
code controlled by it did not even compile.)
|
| |
|
|
|
|
|
|
|
| |
Pre-2.8 versions of gcc generate a call to __divdi3() for all 64-bit
signed divisions, but egcs optimizes them to a shift and fixup when
the divisor is a constant power of 2. Unfortunately, it generates
a call to __cmpdi2() for the fixup, although all except possibly
ancient versions of gcc and egcs do ordinary 64-bit comparisons
inline.
|
| |
|
|
|
|
|
|
|
|
| |
FreeBSD/alpha. The most significant item is to change the command
argument to ioctl functions from int to u_long. This change brings us
inline with various other BSD versions. Driver writers may like to
use (__FreeBSD_version == 300003) to detect this change.
The prototype FreeBSD/alpha machdep will follow in a couple of days
time.
|
| |
|
|
|
|
|
| |
int -> int32_t; u_short -> u_int16_t. Also, use mode_t instead of u_short
for storing modes (mode_t is a u_int16_t).
Obtained from: NetBSD
|
| |
|
|
|
|
| |
the socket. Certain mode changes are not allowed.
Obtained from: NetBSD
|
| | |
|
| |
|
|
|
|
| |
export basis. Needs userland support yet.
Obtained from: NetBSD
|
| |
|
|
| |
Obtained from: NetBSD
|
| |
|
|
|
|
|
| |
we have weakened this test already for Digital Unix, so it may be enough
for Solaris. It needs to be checked again.
Obtained from: NetBSD
|
| |
|
|
|
|
|
|
| |
it just makes more work. We pass a copy of the uid/gid with the
credentials. (although, this may need to be revisited if a non AUTHUNIX
authentication method (such as NFSKERB) ever gets implemented).
Obtained from: NetBSD
|
| |
|
|
| |
Obtained from: NetBSD (but I changed the flag clear order in case).
|
| |
|
|
| |
Obtained from: NetBSD
|
| |
|
|
| |
Obtained from: NetBSD
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
or we can deadlock.
Obtained from: NetBSD
|
| |
|
|
| |
Obtained from: NetBSD
|
| |
|
|
| |
Obtained from: NetBSD
|
| |
|
|
| |
Obtained from: NetBSD
|
