Re: active/inactive jails

From: Oliver Fromme <olli_at_lurza.secnetix.de>
Date: Fri, 6 Jun 2008 09:42:08 +0200 (CEST)
Michael Reifenberger wrote:
 > is the assumtion correct that an active jail has at least on process
 > associatet with it

I'm not sure if there's an official definition of the term
active jail.  I think Robert Watson once introduced the
designation of "live" and "dead" jails, where a live jail
would have at least one process attached.  Jails can
continue to exist even with no processes attached, because
other resources of the jail might still be active, such as
network sockets.

 > and that there can be only one active jail 
 > (with the same hostname/ip-number) per system at the same time?

No.  Neither hostname nor IP numbers nor chroot path need
to be unique.  You can easily test this yourself by opening
two terminals and typing the same command in both of them:

# jail / myname 127.0.0.1 /bin/sh

Then type "jls" in another window, and you'll see that
there are two different jails with the same properties.
The only unique identifier is the jail ID.

(Although it is not a bad idea for an admin to make sure
that at least the hostnames of "live" jails are unique,
because this makes managing jails easier.)

 > Is there an convinient way to get the processes associatet with
 > an jail.

ps(1) can display the jail numbers:  "ps -o jid,command"
(JID 0 means the host system).  You can easily filter the
output by jail ID.  If you don't know the jail ID, use
jls(8) to find the jail by hostname, IP number or chroot
path (which only works if you keep them unique, of course).

I once wrote a script called "jps" that makes it a little
easier.  "jps" lists all jailed processes with their JID,
and "jps <JID>" lists only the processes that belong to
the specified JID.

http://www.secnetix.de/olli/scripts/jps

Best regards
   Oliver

-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

"We, the unwilling, led by the unknowing,
are doing the impossible for the ungrateful.
We have done so much, for so long, with so little,
we are now qualified to do anything with nothing."
        -- Mother Teresa
Received on Fri Jun 06 2008 - 05:42:12 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:31 UTC