[96503] in RedHat Linux List
RE: Virtualising a Linux system
daemon@ATHENA.MIT.EDU (Simon Garner)
Tue Oct 27 15:10:28 1998
From: "Simon Garner" <sgarner@expio.co.nz>
To: <redhat-list@redhat.com>
Date: Wed, 28 Oct 1998 08:44:50 +1300
In-Reply-To: <3.0.3.32.19981027131838.00c1a8a0@mail.rtp.GSC.GTE.Com>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
Hi Mike,
> >a) how can I stop users from seeing other users' processes with
> >the 'ps aux' command? They must still be able to see their own
> >processes, however.
>
> Recompile 'ps' to not accept the 'a' argument. Or, replace 'ps'
> with a different utility to look into the process list (risky). Or,
> keep the original 'ps', but install a different 'ps' that doesn't
> obey the 'a' in a different directory that comes before the location
> of the real 'ps' in the users' search path (probably safest and best,
> though someone that knows what they're doing can defeat this by changing
> their path statement).
That sounds like it might work...
Where do I find the source code for ps?
>
> >b) how can I make it so that when a user logs in with their shell
> >account and runs a command like 'uname -n' (which prints the
> >current hostname), it prints their own domain name? E.g. if we're
> >hosting their domain name "foo.com", I want them to see "foo.com"
> >as their hostname in the shell.
>
> Again, recompile 'uname'. Have it check their login and look into
> a hash table to see what their domain name is, then spit that out.
But there's other ways to check the hostname without uname...
This one is going to be tricky. Maybe I'll just leave it.
Perhaps if I rephrase the question. How can I make it so when a
user telnets to their domain name, the issue.net welcome message
says something like "Welcome to foo.com"?
>
> >Look forward to a response.
>
> I'm not sure those were the answers you were looking for, but they
> should work. Be careful, though, since startup scripts use 'uname'
> and 'ps', so you don't want to break them. Another alternative is
> to create a -huge- chroot environment for each domain you host. As
> an aside, why are you allowing shell access?
>
I thought about chrooting everything, but it uses a collossal amount
of disk space, and I don't really think it's necessary.
Why am I allowing shell access? Because you can't do much with a
hosting account without it. You can't test CGIs, you can't make data-
bases, etc etc -- and most other hosting companies offer it, so we need
to offer it to compete.
Simon Garner.
EXPIO Communications, Ltd.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.