At last I get some time to answer this (unfortunately nobody took it before me :) )
harish badrinath, le Wed 01 Feb 2012 14:14:37 +0530, a écrit : > I have proposed a talk on Gnu/Hurd at http://gnunify.in/. Great :) > I have watched > http://audio-video.gnu.org/video/ghm2011/Samuel_Thibault-GNU_Hurd.ogv. > Can you point me to similar material ?? See http://www.gnu.org/software/hurd/media_appearances > How do you create neighbor hurds and subhurds ?? Are there any > documentations that you recommend ?? See http://www.gnu.org/software/hurd/hurd/subhurd.html http://www.gnu.org/software/hurd/hurd/debugging/subhurd > (a) neighbor hurds and subhurds and LXC are there any fundamental differences > ?? subhurds come from the other way than LXC: LXC is about compartimenting things. subhurds is about re-installing all the stuff in another compartment. It's a huge difference from a security point of view: there is much more confidence that there is no security leak when you follow the subhurd way. See Justus' slides: a root user in a lxc domain can easily hurt the kernel. A subhurd just can not so easily. > (b)supposed i am running two isolated neighbor hurds .. each have a > process with ID 1. How will this look from the "global state" (i.e a > state from which you can actually see two two isolated neighbor hurds) There is no global state pid-wise: ps in the initial hurd will only show the processes in the initial hurd. ps in the other hurd will only show the processes in the other hurd. From the initial hurd, you can probably ask the kernel about all tasks, and then ask the proc server of the initial hurd for their pids. For the processes from the initial hurd it will give a pid number, and for the others (from the other hurd), it will answer it doesn't know them. And vice-versa for the proc server of the other hurd and the processes there. > (c) Hardware forwarding over network : like ssh X forwarding on > steroids :) .. would it be possible. Yes. That's one of the good thing of adding hurdish layers: you can then combine. Of course the performance can get hurt depending on asynchronicity of the protocol. > (d) Also is having mutliple pfinet translators .. a fancy way of > saying interface aliasing ?? Yes. > Are there any differences to interface aliasing The stacks are separate. So you can experiment with some tcp/ip stack implementation, without fearing losing Internet access through the other stack. > (e) Could i bind multiple pfinets to same cards .. IIRC we patched somewhere so that several all pfinets receive all packets from the network layers, so yes. In any case, there's no hard problem there. > can i bind multiple network stacks on the same card, is this possible > in Linux with a kernel module ?? It is possible, but they share the same address space. If your stack has bugs it may just crash the whole kernel. > (f) On Hurd file system is supposed to be the name-space. but fs is an > abstractaction (AFAIK). > So what happens when i chroot into a directory foo, which is a firm > link to / (it is a firm link) Then you are just back to the root, i.e. mostly a no-op. IIRC you'll even not keep any port forwarding, because the firmlink translator simply provides the port of /. > Given that i know nothing about subhurds and neighbor hurds can you > use firm links/bind mounts to try and achive 2 process in the same > machine ( I will explain what i was trying to say if this question > makes any sense). What do these 2 processes need to do? Samuel
