About this list Date view Thread view Subject view Author view Attachment view

From: Dan Keimatsu (keimatsu_at_music.ne.jp)
Date: Thu 01 Jul 2004 - 07:21:29 BST


Hi

At Tue, 29 Jun 2004 14:02:54 +0200,
Herbert Poetzl wrote:
>
> On Tue, Jun 29, 2004 at 08:07:16PM +0900, Dan Keimatsu wrote:
> >
> > Hi
> >
> > A reply, thank you.
> >
> > At Tue, 29 Jun 2004 11:26:47 +0200,
> > Matthias Wieser wrote:
> > >
> > > Hi
> > > > What is CONFIG_PROC_SECURE?
> > > > and By setup of kernel which set this to yes, /proc has not been
> > > > mounted within vserver (Guest side) again. Is this the right motion?
> > > It hides some of the proc content as far as I understand it.
>
> CONFIG_PROC_SECURE allows you to enable/disable the
> procfs security from the kernel side ... disabling
> it will give you 'unmodified' proc behaviour, where
> all proc entries are accessible ...
>
> > > You should use the new util-vserver utils. These do have a init scipt named
> > >
> > > /etc/init.d/vprocunhide
> > >
> > > This did the magic for me
> >
> > The good result was able to be obtained as a result of finding and
> > performing vprochide in util-vserver-0.29-214.
> >
> > Here, it is one question.
> >
> > Although /proc has been mounted by vserver (guest side), the file
> > which has a publication in vprocunhide-files was also able to read
> > contents by the /proc subordinate of vserver (guest side).
> > Is this the right motion?
>
> the procfs is a single filesystem, every mount of
> that filesystem uses the same superblock and the same
> inodes, this gives you some kind of shared filesystems
> across all 'users' of the procfs, the proc security
> renders some entries invisible for contexts >(=)1
>
> vs1.9.1.10 is not supposed to show or allow access
> to any disabled entries from within a vserver, if that
> happens, it's a bug, and you should report it ...

Is the version of 1.9.x with kernel2.6 of use with commercial
VPS service unreal?

> HTH,
> Herbert
>
> > > Ciao, Matthias
> > > --
> > > Matthias Wieser http://www.hiasl.net
> > > Hafnerriegel 53 ICQ: 12597522
> > > 8010 Graz AFS: www.afs.at
> > > +43-650-8474256 Beach Volley Ball
> > > _______________________________________________
> > > Vserver mailing list
> > > Vserver_at_list.linux-vserver.org
> > > http://list.linux-vserver.org/mailman/listinfo/vserver
> >
> >
> > ---
> > Dan Keimatsu
> > _______________________________________________
> > Vserver mailing list
> > Vserver_at_list.linux-vserver.org
> > http://list.linux-vserver.org/mailman/listinfo/vserver
>

---
Dan Keimatsu
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 01 Jul 2004 - 07:23:42 BST by hypermail 2.1.3