About this list Date view Thread view Subject view Author view Attachment view

From: Jean-Christophe Petit (jcpetit_at_syspark.com)
Date: Thu 19 May 2005 - 02:30:31 BST


Thanks Herbert,

sorry for the lack of infos:
2.4.30-vs1.2.10 with Per Context Quota/Disk Limits Addon q0.14
util-vserver-0.30-1mdk
vproc-0.01 <vproc-0.01.tar>

I'm using only one partition for all my 10 vps.

/etc/vservers/<vps-name>/fstab looks like:
/dev/hdv1 / ext3 exec,dev,suid,rw,usrquota,grpquota 0 0

What can I do to have a /tmp with a noexec tag ?
I tried to add:
none /tmp ext3 noexec 0 0

with no success: when I restart the vps, nothing changes.
I need to do that for security reasons.

thanks,

JC

Herbert Poetzl wrote:

>On Wed, May 18, 2005 at 03:37:26PM -0400, Jean-Christophe Petit wrote:
>
>
>>I tried, but it doesn't seem to work.
>>My kernel is 2.4.30-vs1.2.10
>>
>>
>
>probably mentioning that at the first posting would
>have helped ... as would the tool version ;)
>
>basically the tools 'mount' /tmp for the vserver guest
>if you know where and when that happens, you can
>fine tune the options ...
>
>best,
>Herbert
>
>
>
>>I'm using the quota patch: serveral vserver on one partition
>>
>>thanks,
>>JC
>>
>>Christian Heim wrote:
>>
>>
>>
>>>On Wednesday 18 May 2005 19:15, Jean-Christophe Petit ( JP )wrote:
>>>
>>>
>>>
>>>
>>>>how can I restrict the /tmp in a vserver to execute anything ?
>>>>
>>>>
>>>>
>>>>
>>>You could try to edit /etc/vservers/<vps-name>/fstab by adding the option
>>>noexec to the /tmp entry. Don't know if it's supported by vserver or could
>>>break things.
>>>
>>>
>>>
>>>
>>>
>>_______________________________________________
>>Vserver mailing list
>>Vserver_at_list.linux-vserver.org
>>http://list.linux-vserver.org/mailman/listinfo/vserver
>>
>>
>
>
>

_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 19 May 2005 - 02:25:27 BST by hypermail 2.1.3