Re: [Jailkit-users] JailKit features

jailkit-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] JailKit features

From:	Olivier Sessink
Subject:	Re: [Jailkit-users] JailKit features
Date:	Thu, 17 Nov 2011 10:13:57 +0100
User-agent:	Mozilla/5.0 (X11; Linux i686; rv:7.0.1) Gecko/20110929 Thunderbird/7.0.1

On 11/17/2011 08:41 AM, Sam Hon wrote:

Hi all,

I love the work being done on JailKit. My purpose of this email is to
find out in depth what JailKit can offer as an operating system level
virtualization. By OS level virtualization I mean zones or containers
rather than a full OS bootup with hardware emulation.

Jailkit only uses the chroot() system call that is present on manyoperating systems. The chroot() call just switches the root of thefilesystem for a certain process to a give directory. It can, therefore,only limit things hat are dependent on access to certain files (if thefile is outside the root, it cannot access it).

You'll need additional measures for other restrictions, such as cgroups,ulimit, firewalls etc.

A full operating-system-level virtualization is OpenVZ, have you lookedinto that?


Olivier

[Prev in Thread]

Current Thread

[Next in Thread]

[Jailkit-users] JailKit features, Sam Hon, 2011/11/17
- Re: [Jailkit-users] JailKit features, Olivier Sessink <=

Prev by Date: [Jailkit-users] JailKit features
Next by Date: [Jailkit-users] Jailkit failure to install on 32bit Ubuntu 11.10
Previous by thread: [Jailkit-users] JailKit features
Next by thread: [Jailkit-users] Jailkit failure to install on 32bit Ubuntu 11.10
Index(es):
- Date
- Thread