Solaris 10/OpenSolaris x86 Customer data on NFSv4 from x4540s. Researching various ways to setup a SSH cluster for customers, for full shell access (to compile, and crontab etc).
But it would be "nicer" if I could somehow restrict what the customer sees of other customers. Ie, Privacy laws, and leaking customer information. So not really stopping customers from seeing and using the system-files, but rather each others' files, user-names (in 'ps', 'w', 'ls') and so on. Worse than that, sometimes there are 'admin-accounts', with a multiple 'sub-accounts' contained within (works great with FTP for example). Both the 'admin-account' and 'sub-accounts' have the same UID (so that quotas are shared). Would be especially nice if a login as a sub-account could only see its home directory, and not other sub-account's home-directories. But as it has the same UID, I do not see this as possible. I guess something like FreeBSD's jail might work, but I do not know the full extent on how resource heavy it is. Solaris do not have jails though, right? Solaris Zones is not a realistic options, with some 200-300 customers per server. (Solaris zones tend to handle 5-10 per server before becoming unusable). I could use OS level 'chroot': Either by copying everything needed to customer's directories, not really realistic. Or all system directories/files would have to be mounted inside each customers directory. Having a union-mount per customer probably would not be realistic in the long run. 200-300 union-mounts might not be impossible though, but presumably if a customer were to leave a daemon, the mount would have to stay. Can ZFS do union/loopback mounts? (Is it called union mounts, or is that from my NetBSD days?) Using rbash or similar seems to not really be for this type of situation, and indeed, it appears really easy to run a different shell (say, bash) and have normal access. Currently using standard chmod, and some ACLs, I can restrict customers from seeing any other customer files inside their home directory. But I can not stop the same UID. As a random crazy thought, I wonder if a kernel-module could be designed so that, nobody has access to a mount point (say /export), but upon login, a process/process group, is granted access to exactly one directory-tree inside that mountpoint (say, /export/customer/a), and released when process is terminated. (Although, I can already see problems with daemons creating new process groups... oh well). I guess I suspect there is no answer, but I thought I would check to see if someone has come up with something clever. -- This message posted from opensolaris.org _______________________________________________ sysadmin-discuss mailing list sysadmin-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/sysadmin-discuss
