From: Dariush Pietrzak (eyck_at_ghost.anime.pl)
Date: Fri 05 Dec 2003 - 11:41:29 GMT
> I set up a vserver by simply copying / to /vservers/test and making a
That's not how you're supposed to create vservers, if you want to do it
this way, you'd better know what you're doing.
> test:/dev this stopped working. Is this a feature or did I forgot to
> read something on /dev nodes?
Yes. This is how my /dev looks like:
sid:/# ls /dev/
full initctl log null ptmx pts random reboot shm tty urandom
and it should look roughly similiar in most vservers. You should use
vserver-utils for creating vservers, I use debian-newvserver.sh,
try vserver-copy etc..
Maybe it's shocking but security in vserver is based on not giving access
to /dev nodes -> 1) dangerous devs are removed from /dev, 2) mount syscall
is blocked 3) mknod is blocked. This is rougly similiar to security on
unix. ( If you could create your own devnodes, or mount filesystems you
could easily get full access to the system ).
-- Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9 Namagumi namagomi namagoroshi _______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver