Date: Thu, 20 Feb 2003 16:26:19 +0000 From: Jonathan Sambrook Reply-To: vserver@solucorp.qc.ca To: vserver@solucorp.qc.ca Subject: [vserver] [Patch] Sysctrl interface config option and cloaking of ctx entries in /proc/self/status I'm looking at the ctx patch for DSVR to see how we could integrate it into our operation (see http://www.dsvr.co.uk). We'd like vserver users to be as ignorant of their vserver-ness as possible, hence cloaking /proc/self/status. But for investigating/debugging/hacking-on-vserver purposes, this cloaking should be sysctl-able. The ctx sysctl should itself be cloakable too. All this might not suit all tastes, so whilst the patch defaults to the most secure option, the usual: echo 1 > /proc/sys/kernel/ctx/visible-self-status echo 1 > /proc/sys/kernel/ctx/visible-sysctrls would restore previous behaviour. Comments please. Jonathan -- Jonathan Sambrook Software Developer Designer Servers