From: Jonathan Sambrook (jonathan.sambrook_at_dsvr.co.uk)
Date: Thu 20 Feb 2003 - 16:26:19 GMT

• Previous message: Sam Vilain: "[vserver] O(1) s_context CPU scheduling"
• Next in thread: Herbert Poetzl: "Re: [vserver] [Patch] Sysctrl interface config option and cloaking of ctx entries in /proc/self/status"
• Reply: Herbert Poetzl: "Re: [vserver] [Patch] Sysctrl interface config option and cloaking of ctx entries in /proc/self/status"
• Reply: Sam Vilain: "Re: [vserver] [Patch] Sysctrl interface config option and cloaking of ctx entries in /proc/self/status"

I'm looking at the ctx patch for DSVR to see how we could integrate it
into our operation (see http://www.dsvr.co.uk).

We'd like vserver users to be as ignorant of their vserver-ness as
possible, hence cloaking /proc/self/status.

But for investigating/debugging/hacking-on-vserver purposes, this
cloaking should be sysctl-able.

The ctx sysctl should itself be cloakable too.

All this might not suit all tastes, so whilst the patch defaults to the
most secure option, the usual:

        echo 1 > /proc/sys/kernel/ctx/visible-self-status
        echo 1 > /proc/sys/kernel/ctx/visible-sysctrls

would restore previous behaviour.

Comments please.

Jonathan

-- 
                   
 Jonathan Sambrook 
Software  Developer 
 Designer  Servers

• text/plain attachment: dsvr-2.4.20-ctx16-sysctrl.patch

• application/pgp-signature attachment: stored

• Previous message: Sam Vilain: "[vserver] O(1) s_context CPU scheduling"
• Next in thread: Herbert Poetzl: "Re: [vserver] [Patch] Sysctrl interface config option and cloaking of ctx entries in /proc/self/status"
• Reply: Herbert Poetzl: "Re: [vserver] [Patch] Sysctrl interface config option and cloaking of ctx entries in /proc/self/status"
• Reply: Sam Vilain: "Re: [vserver] [Patch] Sysctrl interface config option and cloaking of ctx entries in /proc/self/status"