Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: replace chroot() with a chroot overlay file system?
From: Matthias Scheler (tronzhadum.de)
Date: Mon Nov 07 2005 - 02:09:47 CST
In article <20051106133804.GB16675drowsy.duskware.de>,
Martin Husemann <martinduskware.de> writes:
> On Sun, Nov 06, 2005 at 12:38:08PM +0100, haad wrote:
>> My question is can we implement something like FreeBSD jail & Solaris10
> Could someone please give a summary of Solaris zones?
Zones are virtual hosts sharing a single kernel. The global zone (the
real system) has full access rights to everything, all the other so
called local zones are restricted. They are e.g. trapped in a sub
directory of the filesystem space, cannot configure network interfaces
and don't see other zones. Each local zones gets one or more
IP addresses configured in the global zone for network connectivity.
Although all zones share one network stack they are limitted to using
their own IP addresses and have seperate TCP and UDP port spaces.
Matthias Scheler http://scheler.de/~matthias/