From: Justin M Kuntz (jkuntz_at_prominic.com)
Date: Tue 29 Oct 2002 - 22:57:44 GMT
I personally am already making use of security contexts starting at 2, and
so I'd hate to see us forced to use > 1000, whether we want quota support
or not. Ultimately I'd like a way to be found whereby the security context
range is not directly tied to the quotas, but I realize there are only so
many tradeoffs which can be made to keep the code clean.
Thank you for all of your work on this!
Justin
Jacques
Gelinas To: vserver_at_solucorp.qc.ca
<jack_at_solucorp cc:
.qc.ca> Fax to:
Subject: Re: [vserver] Quotas
10/29/2002
04:52 PM
Please respond
to vserver
On Tue, 29 Oct 2002 12:41:20 -0500, Dave wrote
> For example I don't mind if the context has to be fixed for each
> vserver, if this was the price for not having to patch userland tools.
> If we combine the 16bit uid + 16bit context, there're still 64K servers
> to be created before we run out of "virtuals" on the same machine.
> Right?
Btw, for those who want to play with special context (assigned by hand), I
can
change the kernel so on-the-fly security context are allocated from 1000
and up
making sure the one you have select by hand will only be used by this
vserver.
My idea about vserver quota was a little like that. Some uid remapping.
I was adding another tricks. The quota of all users in a vserver was summed
and
enter as a special user. Each vserver would be associated with a special
users. For
example, if vserver foo is created, then user quota_foo would be created
and
it would be possible to limit globally a vserver just by limiting user
quota_foo.
---------------------------------------------------------
Jacques Gelinas <jack_at_solucorp.qc.ca>
vserver: run general purpose virtual servers on one box, full speed!
http://www.solucorp.qc.ca/miscprj/s_context.hc