Is it possible/safe to run vservers from different locations on the host's hard
drive?
My understanding from the docs (http://linux-vserver.org/Secure_chroot_Barrier
for one) is that the "setattr --barrier" command has to be run on the directory
where the vservers "vdir" is located. So if my vservers are located in
"/vservers/", then I run "setattr --barrier /vservers" and that "protects" all
the vservers located there.
I've always run ALL the vservers from the same location and so this has never
been an issue. But many of the comments on the high availability thread have
made me wonder about the ease and safety of running different vservers from
different locations.
So I have two questions.
1. What if each vserver "vdir" is its own LVM partition which will be mounted to
a directory in /vservers when needed. So before I run my "mail" vserver, I have
to run "mount /dev/VSERVERS/MAIL /vservers/mail". Is the /vservers/mail
directory still protected? Do I need to do anything else like set the barrier
inside the vserver before I start it?
2. What if I want to run vservers off of two LVM partitions, let's say
"/vservers1" and "/vservers2", so they could be mounted on different cluster
nodes. So my mail vserver might be at "/vservers1/mail" while my web vserver is
"/vservers2/www". Do I need to run "setattr --barrier /vservers1" AFTER the LVM
is mounted, or is it enough to run it at boot time (before the LVM is mounted?
Assuming that "works", then can I simply set "/etc/vservers/mail/vdir" to point
to "/vservers1/mail" and everything works or is there anywhere else I need to
set this vserver's vdir.
TIA
Jeff Jansen
Received on Sun Aug 1 11:09:47 2010