Re: Mac OS X Jails
Re: Mac OS X Jails
- Subject: Re: Mac OS X Jails
- From: Brian Mastenbrook <email@hidden>
- Date: Thu, 30 Jul 2009 14:49:49 -0500
On Jul 30, 2009, at 1:45 PM, Terry Lambert wrote:
Given your description of your problem space, you don't need
partitioning of additional resource namespaces for security reasons,
so you could simply use chroot instead and handle it as a filesystem/
security identifier namespace issue.
IANAL, but if you do decide to go down this route keep in mind that
from a license perspective chroot is the same as virtualization, which
is not allowed for non-server versions of OS X [1]. If you violate
this condition of the license, your license to use that copy of OS X
is automatically terminated, and you must destroy your copies of the
software.
Nothing permits you to have more than one copy at a time of any
portion of the Apple Software [2], and not even buying additional
licenses will allow you to run multiple copies of the operating system
at the same time. For Server, you'll need to have one license per
chroot. For your 8-environment configuration, this works out to the
cost of the base license ($499) plus $499 per chroot, totaling $4491.
You'd probably be better off with a stack of Mac Minis at that point.
You may be able to build enough of a chroot environment out of
darwinbuild for your application, which would get around these issues.
Or you could make directories of hardlinks for your chroot, but any
file modifications would be shared across chroots.
You might be able to do something with union mounts as well, but I
think you'd still need at least one independent copy of the operating
system, which would still require Server.
Historically developers have simply installed multiple copies of OS X
in separate partitions on the same machine, but this probably also
violates the agreement for non-Server. The same clause that prohibits
running multiple copies of the operating at the same time also
prohibits having multiple copies of the operating system installed at
the same time.
As I said, I'm not a lawyer; I'm simply going on Apple's own
interpretation of the license agreement as forbidding VMware to
virtualize client versions of OS X.
For reference:
http://images.apple.com/legal/sla/docs/macosx105.pdf
http://images.apple.com/legal/sla/docs/macosxserver105.pdf
[1] "This License allows you to install, use and run one (1) copy of
the Apple Software on a single Apple-labeled computer at a time."
[2] Except for a single copy made for backup purposes. I'm sure many
Time Machine users have already violated this stipulation accidentally
as well.
--
Brian Mastenbrook
email@hidden
http://brian.mastenbrook.net/
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden