On Sun, 25 Sep 2005, Brandon Fosdick wrote:
Robert Watson wrote:
There are several ways you can do it, but they generally fall into two
classes of activies:
(1) Modifying the name space exclusion assumption for jails, so that the
file system name spaces overlap. One way to do this is with nullfs.
(2) Having a daemon or tool that runs outside of the jail and brokers
communication between the jails. One example might be a daemon that
inserts a UNIX domain socket into both jails and then provides
references to shared IPC objects between the two "by request".
Another example might be a daemon or tool that responds to a request
and creates a hard link from a socket/fifo endpoint visible in one
jail to a name visible in another jail, perhaps when setting up the
jail. The former requires more infrastructure, but the latter is less
flexible.
The jail(8) man page says that if the MIB
security.jail.sysvipc_allowed=1 processes inside a jail can use IPC to
talk to stuff in other jails. How does that affect mysql in a jail? Do I
need this enabled to run mysql?
Last I checked, MySQL used solely TCP and UNIX domain sockets for
communication, and not System V IPC. I believe PostgreSQL, however, used
System V IPC.
Robert N M Watson
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
