Re: (pspace,pid) vs true pid virtualization

From: Kirill Korotaev
Date: Mon Feb 20 2006 - 04:46:15 EST


Hello,

- Should any children of pid 1 be allowed to live when pid == 1 is killed?

agan that's a feature which would be nice, especially
for the lightweight contexts, which do not have an init
process running inside the guest
whom should child_reaper refer to?

- Should a process have some sort of global (on the machine identifier)?
this is mandatory, as it is required to kill any process
from the host (admin) context, without entering the pid
space (which would lead to all kind of security issues)
fine, agreed on this finally, same for OpenVZ.

- Should the pids in a pid space be visible from the outside?
yes, while not strictly required, folks really like to
view the overall system state. this can be done with the
help of special tools, but again it should be done
without entering each guest pid space ...
also fine.

- Should the parent of pid 1 be able to wait for it for it's children?
definitely, we (Linux-VServer) added this some time ago
and it helps to maintain/restart a guest.
but why sys_waitpid? we can make it in many other ways,
can't we? moreover, sys_waitpid() is the most unnatural from my point of view, since container is not fully dead when the last process dies, it makes some cleanup postponed.
And we had issues in OpenVZ, that very fast VPS stop/start can fail due to not freed resources yet.

- Is a completely disjoin pid space acceptable to anyone?
yes, as long as the beforementioned access, management
and control mechanisms are in place ...
then it is not disjoin? :)

- What should the parent of pid == 1 see?
doesn't really matter, but I see three options there:
- the parent space
- the child space
- both
but should parent see pspace init? only one task from pspace?

- Should we be able to monitor a pid space from the outside?
yes, definitely, but it could happen via some special
interfaces, i.e. no need to make it compatible
disagree. why we need to introduce copy of existing syscalls?
do you want to fix all the existing apps? ps, top, kill etc.? How about third party apps?

- Should we be able to have processes enter a pid space?
definitely, without that, the entire VPS concept will
not work, folks use the 'admin' backdoors 90% of the
time ...
agreed. Though I don't like a backdoor name :) It is just a way to get access to VPS.

Kirill

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/