From: Adam H. Pendleton (fmonkey_at_fmonkey.net)
Date: Sun 15 Dec 2002 - 23:22:23 GMT
I am about to replace the rh7.3-minimal file with a list of packages of my
own choosing, composed of the packages installed by RedHat when using the
categories I select at install time (Print Support, etc.). In other words,
this file will contain all the packages that are installed in the root
system. The reason for this is that I need each vserver to appear as
identical to the "master" server as possible, in terms of utilities,
programs, packages, etc. My question is: are there any of these packages
that I should NOT include in this list? I am assuming that because vserver
is really just about changing the context of processes, that changes to the
kernel, through means such as iptables, will affect all vservers? Does
that mean I should avoid installing the ipchains/iptables packages, because
I do not want users of this vserver to be able to inadvertently change the
firewall configuration of any other vserver? Is this sort of behavior
protected by vserver?
ahp