From: Martin List-Petersen (martin_at_list-petersen.dk)
Date: Mon 16 Jun 2003 - 17:06:05 BST
Citat Mitchell Smith <mjs_at_blitztechnology.net>:
> Greetings list,
> I am wanting to create a management console for my virtual host users so
> that they may
> . Restart their virtual server if necessary
> . Log in on the console in the event they get over enthusiastic with their
> firewall rules or something and lock themselves out.
> My question is to the security of the vserver binary.
> obviously I would run a restricted shell like osh or something similar, but
> can anyone think of a way that I can.
> a. allow them to "vserver stop|start" with out being root
> b. "vserver enter'" only on their own vserver and no one elses.
> Obviously something such as this would be easier using something like user
> mode linux, but we have built our whole system on vserver, so it's a bit
> late to change.
vserver start | stop i can't see the big problem with. I would realise this
via a cron job, that checks a file or database or something else, then stops and
starts the vserver and writes a status back.
vserver enter i would find slightly more complicated to acomplish without
compromising your host system.
martin at list-petersen dot dk
-- Don't go surfing in South Dakota for a while.