Le 18/02/2014 20:00, Ted Barnes a écrit :
> Hi All:
>
> I'm starting to explore "hashify", and have a number of questions
> (sorry, this is long but am hoping to gain a good understanding if
> possible). If there is a link that answers these, please let me know
> (the links I've found are short and I'm unsure if they are
> "current")? I'm running Wheezy host and guests, with Mate on the
> guests. Thanks!
>
> 1) Hashify advantages
>
> Are the advantages of using hashified guests a) saving disk space and
> b) performance (e.g., restarting a guest will be faster)?
>
i thnink only one advantage: shared ram for the file that are the same.
They are loaded once as the mapping is linked to the inode. Don't know
to which one the ram is accounted for, i guess the first to load it.
>
> 4) If hashified guest were compromised...
>
> If a hashfied guest were compromised with malware, and the attacker
> got to root on the guest, would a reboot put the guest's system files
> back in order? Or could the guest's hashified files still be
> compromised (assuming the attacker had not seized control of the host)?
>
no as overwritting an hasified file will trigger the copy on write
system and the compromised system will et the compromised version while
the others would have the linked version.
> 5) I intend to put /home in one Logical Volume, and put "/everything
> else" in another logical volume. I assume at the end of the day I
> only want to hashify the "/everthing else". Is that right? Given
> that the "vserver guestname hashify" command appears to hashify the
> entire vserver guest, is there a command alternative I could use?
>
of course exclude all directory that have no duplicate. Never hashify
/home this will make no sense.
> 6) Updates
>
> My understanding is after updating each guest, I would need to
> re-hashify them all - is that correct?
yes all modifications destroy link so you want to re hashify after
packages upgrades for exemple.
regards,
Ghislain.
Received on Wed Feb 19 13:29:53 2014