On Sun, Jun 27, 2004 at 03:53:35PM +0000, Bjoern A. Zeeb wrote: +> One thing that I have seen while skipping through the first time: +> +> could we avoid the function calls for non-jails or with +> jail_enforce_statfs=0 ? This would make the code somewhat longer +> as this part would be copied over multiple functions +> +> if (jailed(cred) && jail_enforce_statfs) { +> /* call of the two functions */ +> } +> +> (perhaps use a macro ?) but save people outside jails, w/o jails +> or with jail_enforce_statfs=0 the function calls. IMHO it should stay as it is, because: - Some other prison_* functions do the same, i.e. check jailed(cred) by themselfs. - Function prison_canseemount() should be renamed some day to cr_canseemount(), so I don't want it to be treated as jail-specific. - Code is much cleaner. - It doesn't save as too much CPU, really, and we don't need speed here. +> To answer another question: though I maybe thought/said s.th. else in +> the past I would like to keep the sysctl global and not have it per +> jail (if we start doing per-jail things we might really consider +> vimages (perhaps in 6-CURRENT) but that's out of the scope of +> this discussion). I agree, it shouldn't be per-jail. More than that, it should be removed in the future to don't allow for old behaviour. -- Pawel Jakub Dawidek http://www.FreeBSD.org pjd_at_FreeBSD.org http://garage.freebsd.pl FreeBSD committer Am I Evil? Yes, I Am!
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:59 UTC