Re: [Vserver] Using SECURE_MOUNT

From: Herbert Poetzl <herbert_at_13thfloor.at>
Date: Wed 06 Sep 2006 - 21:13:13 BST
Message-ID: <20060906201313.GB29844@MAIL.13thfloor.at>

On Tue, Sep 05, 2006 at 12:35:48PM +0200, Wilhelm Meier wrote:
> Hi,
>
> I wonder how to use SECURE_MOUNT.
>
> I want to give a vserver secure access to a device so that mounting
> the device does not introduce any new device nodes.

that's the idea behind the secure mount

> What do I have to include in /etc/vservers/vsxx/bcapabilities?
> CAP_SYS_ADMIN?

nope, just the SECURE_MOUNT context capability (ccapabilities)

> Does this always imply the nodev-option for all mounts inside the
> vserver?

yes, for all mounts done from _inside_ a guest

HTH,
Herbert

> --
> Wilhelm
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Wed Sep 6 21:14:00 2006

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 06 Sep 2006 - 21:14:03 BST by hypermail 2.1.8