create a non-root-privilege account and use sudo to perform any necessary maintenance. only give access to the needed commands via sudo and nothing more.
-wes On Tue, Dec 4, 2012 at 9:59 AM, <[email protected]> wrote: > Hey Pluggers, > > The only think I hate worse than unscheduled downtime is data loss, and I > have a situation where it would be very easy to accidentally destroy a lot > of data very quickly. I'd like to see if anyone has a clever idea about > preventing this from happening. > > Here's the situation: > 1) I have a current Linux system running as a host to virtual machines. > 2) I have a hardware RAID (call it /dev/sdb) holding many terabytes of > data. > > 3) /dev/sdb has no partition table, and is formatted as an entire-disk file > system, if that matters > 4) /dev/sdb is attached to one of the virtual machines (also current > Linux), > which reads and writes files on /dev/sdb regularly > > So far, so good, and everything works. Here's the scenario I'm worried > about: an accidental mount of /dev/sdb on the host system, either via > typing in the wrong window or during some maintenance task when the virtual > machine is thought to be shut down but isn't, will corrupt that file > system > and lead to the possible loss of all those terabytes of data. > > Yes, I have backups (which might take days to restore), and yes there's a > chance I could recover some or all of the data with various tools, but > those > are fixing a problem. I want to avoid the problem altogether. Can any of > you think of a clever way to provide a layer of protection around opening > the device from the host level? SELinux, perhaps? > > -Brian > > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
