> Split the authentication domain into two. > One for ordinary users in which "our CPU server" and > the file server (fossil processes) runs, and the other > in which the file server (the box itself) boots and runs.
I remember reading about that. To be honest, I was wondering if there might be a simpler way, without having to run a second auth server. For example (and I haven't tried either): * arrange for the cpu/ncpu listener to run in a namespace where /bin/rc is mode 750, so only members of the designated group can run it * put a group-membership check in some "early" /bin/rc startup file Dave Eckhardt
