mirror of
https://git.FreeBSD.org/src.git
synced 2025-01-17 15:27:36 +00:00
413628a7e3
Bring in updated jail support from bz_jail branch. This enhances the current jail implementation to permit multiple addresses per jail. In addtion to IPv4, IPv6 is supported as well. Due to updated checks it is even possible to have jails without an IP address at all, which basically gives one a chroot with restricted process view, no networking,.. SCTP support was updated and supports IPv6 in jails as well. Cpuset support permits jails to be bound to specific processor sets after creation. Jails can have an unrestricted (no duplicate protection, etc.) name in addition to the hostname. The jail name cannot be changed from within a jail and is considered to be used for management purposes or as audit-token in the future. DDB 'show jails' command was added to aid debugging. Proper compat support permits 32bit jail binaries to be used on 64bit systems to manage jails. Also backward compatibility was preserved where possible: for jail v1 syscalls, as well as with user space management utilities. Both jail as well as prison version were updated for the new features. A gap was intentionally left as the intermediate versions had been used by various patches floating around the last years. Bump __FreeBSD_version for the afore mentioned and in kernel changes. Special thanks to: - Pawel Jakub Dawidek (pjd) for his multi-IPv4 patches and Olivier Houchard (cognet) for initial single-IPv6 patches. - Jeff Roberson (jeff) and Randall Stewart (rrs) for their help, ideas and review on cpuset and SCTP support. - Robert Watson (rwatson) for lots and lots of help, discussions, suggestions and review of most of the patch at various stages. - John Baldwin (jhb) for his help. - Simon L. Nielsen (simon) as early adopter testing changes on cluster machines as well as all the testers and people who provided feedback the last months on freebsd-jail and other channels. - My employer, CK Software GmbH, for the support so I could work on this. Reviewed by: (see above) MFC after: 3 months (this is just so that I get the mail) X-MFC Before: 7.2-RELEASE if possible |
||
|---|---|---|
| .. | ||
| amd64 | ||
| arm | ||
| boot | ||
| bsm | ||
| cam | ||
| cddl | ||
| compat | ||
| conf | ||
| contrib | ||
| crypto | ||
| ddb | ||
| dev | ||
| fs | ||
| gdb | ||
| geom | ||
| gnu | ||
| i386 | ||
| ia64 | ||
| isa | ||
| kern | ||
| kgssapi | ||
| libkern | ||
| mips | ||
| modules | ||
| net | ||
| net80211 | ||
| netatalk | ||
| netgraph | ||
| netinet | ||
| netinet6 | ||
| netipsec | ||
| netipx | ||
| netnatm | ||
| netncp | ||
| netsmb | ||
| nfs | ||
| nfs4client | ||
| nfsclient | ||
| nfsserver | ||
| nlm | ||
| opencrypto | ||
| pc98 | ||
| pccard | ||
| pci | ||
| powerpc | ||
| rpc | ||
| security | ||
| sparc64 | ||
| sun4v | ||
| sys | ||
| tools | ||
| ufs | ||
| vm | ||
| xdr | ||
| xen | ||
| Makefile | ||