About this list Date view Thread view Subject view Author view Attachment view

From: Lyn St George (lyn_at_zolotek.net)
Date: Tue 29 Apr 2003 - 13:45:38 BST

On Mon, 28 Apr 2003 23:57:55 +0000, Lyn St George wrote:

>Hi all
>I need to build a new 'ref' server to replace the old one (so
>as to use glib 2.2.x instead of 2.1.x) and have run into an
>unexpected problem.
>The new 'ref' server is built from RH7.3 the same way as the
>old one was built from RH6.2, ie, everything from: /bin, /sbin,
>/lib, /usr, /var was copied into 'ref1', and config files from /etc
>and others into 'ref2'. A new virtual server is then built from
>/usr/sbin/vserver using hard links from ref1, and plain copies
>from ref2. This has always worked well enough in the past.

To reply to my own message: the problem now is that, while
a new vserver will start, it does not differentiate properly
between root and ordinary users. Eg, 'su some_user' while
root results in a request for a password.

This means that something like 'su -c "/bin/foo" user' will not work
without being given a password, which is not practical. It really
does need to be fixed.

Root appears to be still root (eg root can edit a file owned by root
without problem) and users are less privileged (eg a user still
cannot edit a file owned by root, as it should be), and root is listed
in /etc/passwd as having a UID of zero which 'man su' says means
that a password should not be requested.

As root, 'id' prints both uid and gid as zero, as it should.

I'm quite lost on this one. Any help would be very much appreciated.

Lyn St George
+ http://www.zolotek.net .. eCommerce hosting, consulting
+ http://www.os2docs.org .. some 'How To' stuff ...

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 29 Apr 2003 - 13:30:57 BST by hypermail 2.1.3