On Sat, Jul 01, 2006 at 02:34:25PM +0200, Robert Michel wrote:
> Salve Daniel!
>
> Thank you ;)
>
> On Sat, 01 Jul 2006, Daniel Hokka Zakrisson wrote:
> > >do not have a /dev/stdin. Is there a way I can
> > >create it myself?
> >
> > As this is just a symlink to /proc/self/fd/0, sure.
>
> ln -s /proc/self/fd/0 /dev/stdin
> ;)
>
>
> That was the solution. But I feel my problem is that
> I just know not engough - do you have a tip for me
> what read/learn?
>
> ls -lh /proc/self/fd/
> lrwx------ 1 root root 64 2006-07-01 14:08 0 -> /dev/pts/33
> lrwx------ 1 root root 64 2006-07-01 14:08 1 -> /dev/pts/33
> lrwx------ 1 root root 64 2006-07-01 14:08 2 -> /dev/pts/33
> lr-x------ 1 root root 64 2006-07-01 14:08 3 -> /proc/21458/fd
>
> ls -lh /dev/pts/*
> crw--w---- 1 root tty 136, 14 2006-07-01 13:54 /dev/pts/14
> crw--w---- 1 root tty 136, 20 2006-07-01 13:57 /dev/pts/20
> crw--w---- 1 root tty 136, 21 2006-07-01 14:09 /dev/pts/21
> crw--w---- 1 root tty 136, 31 2006-07-01 14:06 /dev/pts/31
> crw------- 1 root tty 136, 32 2006-07-01 14:09 /dev/pts/32
> crw--w---- 1 root tty 136, 33 2006-07-01 14:09 /dev/pts/33
> crw--w---- 1 root tty 136, 34 2006-07-01 13:59 /dev/pts/34
>
> What should I read to learn what fd,pts stands for and
> to know what /dev/pts/[14|20|21|31-34] are?
*phew* good question, probably a lot of source code :)
thing is, fd and pts (/14,/20 ...) are 'just' names
used for character and block device nodes, identified
by the unique major and minor identifiers ...
so, basically c:136:14 means the 14th pseudo terminal
(regardless of the name, could as well be named hansi)
> pts = pseudo tts?
> I think
> http://www.tldp.org/HOWTO/Text-Terminal-HOWTO-6.html
> should be good. But is there any goot tutorial for vserver,
> that explains restriction by vserver?
Linux-VServer heavily utilizes the linux capability
system, so those capabilities (or the lack of them)
basically defines your restrictions
take a look at the following urls for more details:
http://linux-vserver.org/Linux-VServer-Paper
http://linux-vserver.org/Caps+and+Flags
http://linux-vserver.org/Resource+Limits
> > >Could it by that I'm allowed to remove devices, but
> > >not allowed to create one?
> >
> > Exactly. Giving guests the ability to create devices is a huge security
> > risk, basically equivalent to just giving access to the host directly.
>
> Ok, but can you confirm that I'm able as root@guest to remove e.g.
> /dev/tty without the chance/right to restore them with an backup?
yes, but your provider could 'protect' you from
harm here, by making them immutable, but then you
still could remove all your binaries and libraries
without a chance of restoring them (except for a
backup :)
> And does this mean I can't create /dev/sound2 or /dev/tty.rob
> to map then to another machine (via ssh) on vserver?
device nodes are always local, so they cannot be
'forwarded' to another host, OTOH, you are free to
create fifos (pipes) and symlinks to 'redirect'
stuff remotely and local
HTC,
Herbert
> Thanks again for your help,
> rob
>
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Sun Jul 2 17:04:07 2006