Hi all, Please note that the skel and vsd-scripts that I published some days ago provides those changes.
Running independet services from the host server (centralized services management) does not work, mostly because the reasons Simon wrote, but it doesnt only you to disable specific services into a given virtual, but to expand the services without compromise other virtuals. Related to what problems that could bring, they way this skel and the scripts were built/modified are that /etc/xinetd.conf is owned by root and it doesnt use the "include" directive. If a host server is used to hold several virtual servers i think the host administrator should know about what services are running using privileged ports. Regards, ---Reply to mail from Simon Garner about [Openvds-devel] Re: ow to DISABLE vm-pop3 in virtual server??? > From: "Marcos Rubinstein - ALPA WWW" <[EMAIL PROTECTED]> >> >> .- use xinetd instead of inetd, and define the service to be >> used for each ip. You could even have xinetd running in each >> virtual!.- the same warning that before... applies. >> > > > I suggest that for future versions of freeVSD and OpenVDS it should be > changed so that (for RH7 with xinetd at least) each VS gets its own service > file in /etc/xinetd.d, and instead of using virtuald we bind each service to > its own IP using xinetd itself (with the bind_address directive). > > The advantages of this are twofold: > > 1) You can enable and disable inet services on a per-VS basis (in > particular, this lets you disable services like FTP and POP on the host > server). > > 2) Each service will be tracked separately by xinetd. Note that if a service > receives too many connections per minute (?), xinetd will disable that > service for 30 seconds. With the current configuration, this means that, for > example, if a user with a download accelerator like DAP starts hammering the > FTP service on *one* VS with a load of failed connections (e.g. if you have > ProFTPD set to only allow 2 connections from each host), then FTP service > could be disabled on *all* your VS's for 30 seconds! _______________________________________________________ Urivan Saaib Presidente CiberNET Mexico Email: [EMAIL PROTECTED] Tel/Fax: +52 (646) 1757195 ------------------------- The freeVSD Support List -------------------------- Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support Unsubscribe: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support Archives: http://freevsd.org/support/mail-archives/freevsd-support -----------------------------------------------------------------------------
