Re: [patch 1/1] /proc/$$/ipaddr and per-task networking bits

[Lorenzo Hernández García-Hierro]

El jue, 10-03-2005 a las 15:26 +0100, Arjan van de Ven escribió:
> a few questions
> 1) Why is this a config option; if it's useful it should just be always
> on really

Just to be removed if it applies for mainline.

> 2) Can you explain briefly what this is useful for?

For keeping track on the "originating ip address of the
task/process" (the ipv4 address of the user that started the
task/process).
It adds an ipaddr entry if available for each /proc/<pid> entry, among
the API changes.

Example:
root@dg:/usr/src# cat /proc/5907/ipaddr
192.128.102.93

> 3) How does this work for existing stuff if, say, your dhcp lease
> changes and your machine no longer owns a certain IP, what will happen
> to the tasks?
> 4) if a machine has multiple IPs.. which one is chosen ?

The patch has nothing to do with this, as it's objective is different.
See http://lkml.org/lkml/2005/3/10/108 and 
http://pearls.tuxedo-es.org/patches/selinux-avc_audit-log-curr_ip.patch
if you want useful and real examples on how it works and helps.

Cheers,
-- 
Lorenzo Hernández García-Hierro <lorenzo@xxxxxxx> 
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]

Attachment: signature.asc
Description: This is a digitally signed message part