On 09/04/12 14:37, Bjoern A. Zeeb wrote:
On Tue, 4 Sep 2012, Jamie Gritton wrote:
It's true that a jail left in the DYING state can't be re-created
normally. But it can with the "-d" flag or the "allow.dying" parameter.
In that case, an existing but dying jail will be re-attached to and this
resurrected. So it can be gotten around, and would be a matter of
education. Or perhaps we could change the default behavior to silently
all re-creation of dying jails. Is there any harm in this? I.e. would
there be any difference noticeable to the user if a jail was created
with some old TCP connections attached to it?
Yes, really bad and TCP is not the only thing in theory. Assume
your management does not make sure the same users gets the same jail;
you elak a lot of (possibly security related) information. Would also
make it quite hard in terms of auditing etc. to get this right unless
done knowingly and on purpose.
This isn't a ZFS concern anymore it sounds like (if we tie ZFS to
names), but I still wonder about better handling of dying jails. The
other question that comes to mind is, could we make dying jails closer
to nonexistent than they are? Such as stripping them of their jid, so a
jid could be immediately re-used - and a dying jail couldn't be queried
via jail_get. Or perhaps passing off a removed jail's TIME_WAIT tcp
connections to a placeholder jail, possibly to prison0?
I suppose vnet could complicate either of those in ways I'm unaware of.
- Jamie
_______________________________________________
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
