On Tue, May 21, 2002 at 10:33:09AM -0400, Nathan Hawkins wrote: > Jails are kind of like the translators. They're a kernel-specifc (or > whatever the Hurd is supposed to be) add-on.
Just to illuminate this a bit more. The Hurd is not really an extension to something. The Hurd is the system. The microkernel only provides the basic features of resource management, like enforcing the scheduling policy and managing the pagemap. Everything else, network, filesystems, signals, pipes, sockets, all of that is in the Hurd. But all of this is run as userland processes, and in lots of different servers that communicate, cooperate, are replaced, run with different permissions, start up or die. The users can start all Hurd servers himself in a meaningful way, running a second Hurd system beside the first. Or he can just start individual servers, use them in addition or instead the system default servers. It requires a bit to get used to. A jail is not anything like a translator, but a translator can be like a jail. You would start the translator that would provide a filesystem like a jail provides. And then you would set your root directory to be that of the filesystem provided by this translator. And then you can exec the program you want to be in the jail. However, this would only cover the chroot part. For example, to restrict which processes it can see and control, you need to write a new process server, and make that process be the one used by the program you exec. That would cover the process part. Other things that are restricted in a way had to be implemented by proxy'ing more Hurd server components. For example, fakeroot in the Hurd consists of two parts, one part that fakes a root user id (called fakeauth, because it is a proxy to the authentication server), and one part that fakes the filesystem operations (the /hurd/fakeroot translator). Together, they implement fakeroot.sh like this: exec /bin/settrans --chroot \ /bin/fakeauth /bin/sh -c "cd `pwd; exec $*" \ -- / /hurd/fakeroot --chroot makes the translator started to be the root and current directory of the command following --chroot (up to the --). This translator is /hurd/fakeroot on the whole filesystem ("/" before /hurd/fakeroot). The command run in this fakeroot filesystem is /bin/fakeauth /bin/sh ... fakeauth itself runs the command following it with a faked auth server. All this is in user space. Nothing of this requires any specific kernel level support. All of the basic functionality required to use it is already in the Hurd system, so the whole implementation of fakeroot does not need any root privileges or changes to the existing system either. I explained this so lengthy because hopefully it sheds some light on how the Hurd works conceptionally, and why the Hurd is the system itself, and not an extension to a kernel. The Hurd itself can be extended by users in the same way the Hurd works itself. Thanks, Marcus -- `Rhubarb is no Egyptian god.' Debian http://www.debian.org [EMAIL PROTECTED] Marcus Brinkmann GNU http://www.gnu.org [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.marcus-brinkmann.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]