Re: [9fans] Backgrounding a task

2017-10-24 Thread Chris McGee 

> Think about multiple processes owned by multiple users running on a
> cpu server.  Which processes should be allowed to join which
> namespaces?
> 
> Perhaps allowing only the hostowner to join namespaces for debugging
> and administration purposes would be acceptable.

Ah, right. What about only allowing a process to join another namespace if the 
user is the same?

> This seems a contrived example.  Would you really spend HOURS working
> on setting up a namespace by hand?  Surely you would instead be
> working on a script that builds the namespace for you; make the
> computer do the work.  Then when you mess up, you can modify the
> script, create a new window, and try again.

Yes, good point. That's the best way to do it. Also screen file can help add 
commands to the script post facto. The hours term isn't so much in the 
development of the environment but more to do with the amount of time you could 
be working in that shell instance. All the while not remembering all of the 
things you did to the namespace and environment in that time.

Cheers,
Chris

Re: [9fans] Backgrounding a task

2017-10-24 Thread Giacomo Tesio 
Here it is: 
https://github.com/JehanneOS/jehanne/commit/320e6e6f35bfbc2e37dbd079c8d6a9124bd9ac6c

The simple test attached confirms that it works as expected:
https://github.com/JehanneOS/jehanne/blob/master/qa/kern/nsclone.c

Now it's just matter of modifying the plumber to use this facility and
add a ns/clone command that take a pid and a command to run so that

ns/clone 256 rc

would start a new rc in a copy of the name space of the process with pid 256.


Giacomo


2017-10-24 21:18 GMT+02:00 Giacomo Tesio :
> 2017-10-24 16:21 GMT+02:00 Alex Musolino :
>> Creating a child process is something that a process explicitly
>> controls and the RFNOTEG flag of rfork(2) allows a process to control
>> whether or not it shares its namespace with its children.  Allowing
>> other, unrelated processes to fiddle with your namespace is quite
>> different.
>>
>> Think about multiple processes owned by multiple users running on a
>> cpu server.  Which processes should be allowed to join which
>> namespaces?
>>
>> Perhaps allowing only the hostowner to join namespaces for debugging
>> and administration purposes would be acceptable.
>
> I like this idea a lot. I will give it a try in Jehanne.
>
> However I'm going to use a slightly different design: writing "clone"
> to /proc/$pid/ns will cause the current process to replace its own
> name space with a *copy* of that of $pid.
> If the owner of $pid is different from that of the current process or
> if $pid is not running on the same machine as the current process, the
> write will fail with an error.
>
> However any change to the name space after the clone does not impact
> the original process.
>
> As for the plumber, I will add a message that make the plumber clone
> the name space of a target process.
>
> This should address both use-cases without issues for the processes
> running in the original name space.
>
>
> Giacomo

Re: [9fans] Backgrounding a task

2017-10-24 Thread Giacomo Tesio 
2017-10-24 16:21 GMT+02:00 Alex Musolino :
> Creating a child process is something that a process explicitly
> controls and the RFNOTEG flag of rfork(2) allows a process to control
> whether or not it shares its namespace with its children.  Allowing
> other, unrelated processes to fiddle with your namespace is quite
> different.
>
> Think about multiple processes owned by multiple users running on a
> cpu server.  Which processes should be allowed to join which
> namespaces?
>
> Perhaps allowing only the hostowner to join namespaces for debugging
> and administration purposes would be acceptable.

I like this idea a lot. I will give it a try in Jehanne.

However I'm going to use a slightly different design: writing "clone"
to /proc/$pid/ns will cause the current process to replace its own
name space with a *copy* of that of $pid.
If the owner of $pid is different from that of the current process or
if $pid is not running on the same machine as the current process, the
write will fail with an error.

However any change to the name space after the clone does not impact
the original process.

As for the plumber, I will add a message that make the plumber clone
the name space of a target process.

This should address both use-cases without issues for the processes
running in the original name space.


Giacomo

Re: [9fans] Backgrounding a task

2017-10-24 Thread Alex Musolino 
> The namespace join facility looks interesting. Do you have a patch
> somewhere for it?

I'll see what I can dig up though it wouldn't tbe erribly difficult to
reimplement.  You basically just need to modify the pgrp pointer of
the proc, adjusting ref counts as required.

>> Of course, a lot of the isolation that per-process namespaces give
>> you is suddenly undone by the introduction of this facility.
>
> I'm not sure if the lack of isolation is any different than what can
> be done with a child process that shares the namespace.  Is there a
> particular case that you are thinking?

Creating a child process is something that a process explicitly
controls and the RFNOTEG flag of rfork(2) allows a process to control
whether or not it shares its namespace with its children.  Allowing
other, unrelated processes to fiddle with your namespace is quite
different.

Think about multiple processes owned by multiple users running on a
cpu server.  Which processes should be allowed to join which
namespaces?

Perhaps allowing only the hostowner to join namespaces for debugging
and administration purposes would be acceptable.

>> At this point I'm not entirely convinced that it's worth the
>> trouble.
> 
> I think that it can be depending on how much time you have spent
> building up a namespace for a process.  Perhaps I have spent hours
> working on something slowly customizing the namespace mounting and
> binding things.  If I end up running a long running command that
> blocks and I want to work in parallel with it then I must remember
> everything that I have done and repeat in a new window.  It seems
> like something the computer should do for me or at least help me to do
> it.

This seems a contrived example.  Would you really spend HOURS working
on setting up a namespace by hand?  Surely you would instead be
working on a script that builds the namespace for you; make the
computer do the work.  Then when you mess up, you can modify the
script, create a new window, and try again.

One more thing to consider is the #σ device in 9front which seems to
address some of the problems that you might otherwise use nsjoin to
solve.

--
Cheers,
Alex Musolino

Re: [9fans] Backgrounding a task

2017-10-24 Thread Chris McGee 
The namespace join facility looks interesting. Do you have a patch somewhere 
for it?

> Of course, a lot of the isolation that per-process namespaces give you
> is suddenly undone by the introduction of this facility.  

I'm not sure if the lack of isolation is any different than what can be done 
with a child process that shares the namespace. Is there a particular case that 
you are thinking?

> At this
> point I'm not entirely convinced that it's worth the trouble.

I think that it can be depending on how much time you have spent building up a 
namespace for a process. Perhaps I have spent hours working on something slowly 
customizing the namespace mounting and binding things. If I end up running a 
long running command that blocks and I want to work in parallel with it then I 
must remember everything that I have done and repeat in a new window. It seems 
like something the computer should do for me or at least help me to do it.