Re: [FreeBSD 6] semctl broken compared to 4-STABLE ...

Sun, 02 Apr 2006 12:38:34 -0700 

On Sun, 2 Apr 2006, Kris Kennaway wrote:


On Sun, Apr 02, 2006 at 02:55:39PM -0300, Marc G. Fournier wrote:


Back in April '05, someone posted a thread about PostgreSQL within FreeBSD
jails:

http://unix.derkeiler.com/Mailing-Lists/FreeBSD/stable/2005-04/0837.html

At the time (and to date) I reported that I was running several PostgreSQL
daemons, all on the same port, using FreeBSD 4.x, and all within a jail
each ... and I continue to do this without any problems ...

Today, on our new FreeBSD 6.x machine, I am now experiencing the same
problem that Alexander originally reported ...

Its not PostgreSQL related ... I'm running 4x7.4 servers on a FreeBSD 4.x
box, all on the same port ... here, I'm trying to run 2x7.4 servers on a
FreeBSD RELENG_6 box ...

So, something has changed with FreeBSD 6's (and, according to the above
thread, 5's) use of shared memory and semaphores that is breaking the
ability to do this ... something that did work as hoped in FreeBSD 4 ...


See jail(8)?


If you are referring to:

     security.jail.sysvipc_allowed
          This MIB entry determines whether or not processes within a jail
          have access to System V IPC primitives.  In the current jail imple-
          mentation, System V primitives share a single namespace across the
          host and jail environments, meaning that processes within a jail
          would be able to communicate with (and potentially interfere with)
          processes outside of the jail, and in other jails.  As such, this
          functionality is disabled by default, but can be enabled by setting
          this MIB entry to 1.


That wording hasn't changed since FreeBSD4.x, so you are saying that 
FreeBSD6.x has become *less* stable/secure in this regard then FreeBSD 4.x 
was?  Seems an odd direction to go ...



Please note, I'm not expecting FreeBSD 6.x to be *more* secure as far as 
namespaces are concerned for shared memory ... I'm just not expecting 
FreeBSD 6.x to create problems that didn't exist in 4.x :(  And, by the 
fact that I have 17 PostgreSQL daemons, all running on port 5432, on my 
FreeBSD 4.x box right now, I *know* that this did work with 4.x ...


----
Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
Email: [EMAIL PROTECTED]           Yahoo!: yscrappy              ICQ: 7615664
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"






















					Reply via email to