* Bernd Walter <ticso_at_cicely12.cicely.de> wrote: > E.g. hardlink system binaries over multiple jails flaged immuteable. > No jail can compromise the data in other jails, while still allowing > the kernel to share memory pages for it. There are nicer ways to do that as far as I know. Just read-only nullmount some kind of base install to another directory. Union mount another directory on top that holds jail specific data. That way you have a `copy-on-write' FreeBSD install. Make sure you mount everything with noatime. -- Ed Schouten <ed_at_fxq.nl> WWW: http://g-rave.nl/
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:08 UTC