From: Jean-Christophe Petit (jcpetit_at_syspark.com)
Date: Fri 20 May 2005 - 01:26:19 BST
Where I can get the
0.30.20x tools for the 2.4.30-vs1.2.10 kernel ?
regards
Herbert Poetzl wrote:
>On Wed, May 18, 2005 at 09:30:31PM -0400, Jean-Christophe Petit wrote:
>
>
>>Thanks Herbert,
>>
>>sorry for the lack of infos:
>>2.4.30-vs1.2.10 with Per Context Quota/Disk Limits Addon q0.14
>>util-vserver-0.30-1mdk
>>vproc-0.01 <vproc-0.01.tar>
>>
>>I'm using only one partition for all my 10 vps.
>>
>>/etc/vservers/<vps-name>/fstab looks like:
>>/dev/hdv1 / ext3 exec,dev,suid,rw,usrquota,grpquota 0 0
>>
>>What can I do to have a /tmp with a noexec tag ?
>>
>>
>
>you can modify the 'vserver' script to mount something
>at /path/to/vserver/tmp, the 0.30 tools do not mount
>anything at /tmp so you'll get what you vserver has
>to offer there (i.e. very likely the same as you guest
>root system)
>
>
>
>>I tried to add:
>>none /tmp ext3 noexec 0 0
>>
>>with no success: when I restart the vps, nothing changes.
>>I need to do that for security reasons.
>>
>>
>
>with 0.30.20x, the tools will mount a separate /tmp
>and you can change the details in the config file
>/etc/vservers/%name/fstab ...
>
>HTH,
>Herbert
>
>
>
>>thanks,
>>
>>JC
>>
>>
>>Herbert Poetzl wrote:
>>
>>
>>
>>>On Wed, May 18, 2005 at 03:37:26PM -0400, Jean-Christophe Petit wrote:
>>>
>>>
>>>
>>>>I tried, but it doesn't seem to work.
>>>>My kernel is 2.4.30-vs1.2.10
>>>>
>>>>
>>>probably mentioning that at the first posting would
>>>have helped ... as would the tool version ;)
>>>
>>>basically the tools 'mount' /tmp for the vserver guest
>>>if you know where and when that happens, you can
>>>fine tune the options ...
>>>
>>>best,
>>>Herbert
>>>
>>>
>>>
>>>>I'm using the quota patch: serveral vserver on one partition
>>>>
>>>>thanks,
>>>>JC
>>>>
>>>>Christian Heim wrote:
>>>>
>>>>
>>>>
>>>>>On Wednesday 18 May 2005 19:15, Jean-Christophe Petit ( JP )wrote:
>>>>>
>>>>>
>>>>>
>>>>>>how can I restrict the /tmp in a vserver to execute anything ?
>>>>>>
>>>>>>
>>>>>>
>>>>>You could try to edit /etc/vservers/<vps-name>/fstab by adding the
>>>>>option noexec to the /tmp entry. Don't know if it's supported by vserver
>>>>>or could break things.
>>>>>
>>>>>
>>_______________________________________________
>>Vserver mailing list
>>Vserver_at_list.linux-vserver.org
>>http://list.linux-vserver.org/mailman/listinfo/vserver
>>
>>
>
>
>
>
-- Jean-Christophe Petit Directeur R&D et DSI Syspark inc. T: 1 514 875 8755 F: 1 514 875 8775_______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver