On Tue, 30 Oct 2001 15:38:01 -0000, Tim Sellar wrote: >virtuald performs a lookup within vsd.conf to determine if a connection to a >virtual server is allowed (so virtual servers can be disabled) and then >chroots into the relevant file system. If the request is directed at the >host server that request too is chrooted but because of the 'loopback' entry >(see the soft link beneath /home/vsd/vs) it operates on the hosting server's >own file system. With this mechanism it is feasible to place freevsd within >virtual server's themselves and use freevsd commands to manage a stand-alone >server's Apache/Sendmail/Users.
[snip] >Virtual domain support will be enhanced so that for each virtual domain a >user account will be created (using the domain name) which has ownership of >all the domain's files. This account would typically be the one then used to >provide ftp and (possibly, but cautiously) ssh access. If additional >ftp/telnet/ssh users are required they would need to be created using normal >add_user commands on the virtual server, would appear in the satndard >/etc/passwd, and could be manipulated using the sendmail /etc/aliases >/etc/virtusertable files. Note that VSD virtual users cannot feature in the >sendmail config files as sendmail has no concept of them. > >Tim Hi Tim I've been doing some more experimenting on this just now, and found the following: 1/ When virtuald looks up vsd.conf for ftp access, it finds that foo.com is listed as a "managed domain", not a "virtual server". It then ignores foo.com and looks to 'proftpd.conf' on the physical host to find foo.com. 2/ If "domain foo" is changed to "virtualserver foo", and an IP and 'status active' added, then virtuald will read this and allow proftp to try to connect. Because /home/vsd/vs/foo does not exist, ftp returns a 'server down' message. 3/ still with the 'virtual server' kludge, ssh will now connect properly to its proper home dircectory. Changed 'virtual server' back to the proper 'managed domain' and for some reason ssh connects again. ??? It wouldn't connect before that. Sshd is running standalone. 4/ returning to "domain foo", and adding 'status active' and the IP make no difference, but give error messages about these not being valid within a "domain". 5 / the users in the 'managed domain' have been added properly to /etc/passwd with 'useradd' What I basically want to do is to add users within a VS, in the same way as adding users to a traditional physical host. The main difference is having the extra layer of protection against the real OS. Surely this has been done a million times before?? And these users have been given ftp and ssh access ?? I can't for the life of me see what on earth I'm doing wrong - it almost looks like a bug except for the fact that others must (?) have this process working. This is using freevsd 1.4.9-2 on RH6.2 (updated), self-built skel, kernel 2.4.6, xinetd, iptables Cheers Lyn ------------------------- The freeVSD Support List -------------------------- Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support Unsubscribe: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support Archives: http://freevsd.org/support/mail-archives/freevsd-support -----------------------------------------------------------------------------
