[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 1/5] docs/qemu-deprivilege: Revise and update with status and future plans

George Dunlap writes ("[PATCH 1/5] docs/qemu-deprivilege: Revise and update 
with status and future plans"):
> docs/qemu-deprivilege.txt had some basic instructions for using
> dm_restrict, but it was incomplete, misleading, and stale.

Thanks for the updates to the unshare stuff.

> +### Device Model Deprivileging
> +
> +    Status, Linux: Tech Preview, with limited support

I think this maybe needs

  +    Status, FreeBSD dom0: Unsupported

too ?  The usual default is supported and not listing it at all is

> +NOTE: Most modern systems have 32-bit UIDs, and so can in theory go up
> +to 2^31 (or 2^32 if uids are unsigned).  POSIX only guarantees 16-bit
> +UIDs however; UID 65535 is reserved for an invalid value, and 65534 is
> +normally allocated to "nobody".  Additionally, some container systems
> +have proposed using the upper 32 bits of the uid for a container ID.
This is a good paragraph.

Can I suggest we pick a different example to 65536 ?  It's visually
similar to the familiar values of 65534 and 65535 and abuts them.

osstest uses 200000 but that's not a multiple of 2^16.
How about 131072 ?


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.