About this list Date view Thread view Subject view Author view Attachment view

From: Jonathan Sambrook (jonathan.sambrook_at_dsvr.co.uk)
Date: Thu 20 Feb 2003 - 16:26:19 GMT


I'm looking at the ctx patch for DSVR to see how we could integrate it
into our operation (see http://www.dsvr.co.uk).

We'd like vserver users to be as ignorant of their vserver-ness as
possible, hence cloaking /proc/self/status.

But for investigating/debugging/hacking-on-vserver purposes, this
cloaking should be sysctl-able.

The ctx sysctl should itself be cloakable too.

All this might not suit all tastes, so whilst the patch defaults to the
most secure option, the usual:

        echo 1 > /proc/sys/kernel/ctx/visible-self-status
        echo 1 > /proc/sys/kernel/ctx/visible-sysctrls

would restore previous behaviour.

Comments please.

Jonathan

-- 
                   
 Jonathan Sambrook 
Software  Developer 
 Designer  Servers




About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 20 Feb 2003 - 16:57:33 GMT by hypermail 2.1.3