[illumos-Developer] Integrating identd
River Tarnell
r.tarnell at IEEE.ORG
Mon Apr 4 08:35:11 PDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andrew Gabriel:
> River Tarnell wrote:
> >For zones, I think when running in a local zone it should only
> >return connections associated with that zone (and return ESRCH for
> >other connections). In the global zone, perhaps a flag could be
> >used to select whether to return only connection from the global
> >zone (which identd would use), or connections from any zone (which
> >might be useful for other processes).
> The protocol does not include any provision for asking about other
> IP addresses AFAICS, so I can't see any way in which it could ask
> about connections in another zone (global, or non-global).
> Your proposed syscall is not so constrained though, and you are
> maybe worrying about limiting access to a feature you didn't need to
> add in the first place?
I'm not sure I understand...
If you mean that there's no need for a way to query addresses from other
zones, you're right, identd doesn't need that; but perhaps something
else that calls this interface would find it useful. Other bits of the
system have similar zone-aware interfaces (SO_ALLZONES being a similar
example).
Or do you mean that since the syscall already includes both endpoints,
the 'all zones' flag would be implicit when requesting an IP address
assigned to a non-global zone?
- river.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (SunOS)
iEYEARECAAYFAk2Z5S8ACgkQIXd7fCuc5vIiTQCgktALvH+AU5eb0p8+K4ORfiVl
eEMAn1LE93fVNtFPQ8CawaQYwcbxyqgb
=1tF3
-----END PGP SIGNATURE-----
More information about the Developer
mailing list