Hi,
Hmmm it's indeed running as root then. The reason is this:
all uml's get started automatically at the start of the system because they
are meant to act as virtualized servers.
In my scripts, i also make a tap device and then delete it again when
the uml stops.
I also do arping in the script which doesn't work as a normal user.
What is a good solution if i want the UML's to start on system startup
and keep
the ability for the script to create the tap device and do arping or
would it be
better if put the creating & deleting of the tapdevices in a startup
script of
it's own?
This is full startup script of the uml i'm talking about:
============================================================
#! /bin/sh
set -e
if [ "x$1" = "x-v" ]; then
VERBOSE=1
shift
else
VERBOSE=0
fi
VERBOSE=1
e() { test $VERBOSE = 1 && echo $@; $@; }
# Stabdard script options
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="uml virtual machine"
SCRIPTNAME=/etc/init.d/uml_$NAME
NAME="loki"
# Uml options
BRIDGING=0
TAP="tap1"
IP_TAP="192.168.1.121"
IP_VM="192.168.1.21"
INT="eth1"
MYOPTIONS="mem=64M"
UML="/storage1/vm"
KERNEL="vmlinux_2.6.22.2"
UMLUSER="benedict"
OPTIONS="$MYOPTIONS devfs=nomount rw ubd0=$UML/root_fs_$NAME
ubd1=$UML/swap_fs_$NAME eth0=tuntap,$TAP umid=$NAME"
d_create_device() {
# create tun device if it doesn't exist yet + give appropriate rights
if [ ! -d /dev/net ]
then
# create the directory
mkdir -p /dev/net
echo " /dev/net aangemaakt"
#else
# echo " /dev/tun bestaat"
fi
if [ ! -e /dev/net/tun ]
then
# create the node
mknod -m 660 /dev/net/tun c 10 200
chown root:uml /dev/net/tun
chmod 660 /dev/net/tun
echo "/dev/net/tun aangemaakt"
# insert rules voor udev
if [ ! -f /etc/udev/rules.d/011-udev.rules ]
then
echo "udevrules aangemaakt"
touch /etc/udev/rules.d/011-udev.rules
cat 'KERNEL="tun", NAME="net/%k", GROUP="uml", MODE="0660"'
>> /etc/udev/rules.d/011-udev.rules
#else
# echo " udevrules bestaat "
fi
else
#echo " /dev/net/tun bestaat"
chown root:uml /dev/net/tun
fi
# create tap device if we aren't doing bridging
if [ $BRIDGING -eq 0 ]
then
echo "Creating $TAP"
tunctl -u $UMLUSER -t $TAP
ifconfig $TAP $IP_TAP up
route add -host $IP_VM dev $TAP
bash -c 'echo 1 > /proc/sys/net/ipv4/conf/'$TAP'/proxy_arp'
arp -Ds $IP_VM $INT pub
fi
}
#
# Function that starts the daemon/service.
#
d_start() {
#start-stop-daemon --start --quiet --pidfile $PIDFILE \
# --exec $DAEMON
d_create_device
e screen -S $NAME -d -m $UML/$KERNEL $OPTIONS con=null con0=fd:0,fd:1
}
#
# Function that stops the daemon/service.
#
d_stop() {
#start-stop-daemon --stop --quiet --pidfile $PIDFILE \
# --name $NAME
if [ -d /root/.uml/$NAME ]
then
e uml_mconsole $NAME cad
e sleep 8
fi
# remove the tap settings if we aren't doing bridging
if [ $BRIDGING -eq 0 ]
then
echo "Deleting $TAP"
arp -i $INT -d $IP_VM pub
route del -host $IP_VM dev $TAP
ifconfig $TAP 0.0.0.0 promisc up
tunctl -d $TAP
fi
}
#
# Function that sends a SIGHUP to the daemon/service.
#
d_reload() {
start-stop-daemon --stop --quiet --pidfile $PIDFILE \
--name $NAME --signal 1
}
case "$1" in
start)
echo "Starting $DESC: $NAME"
d_start
echo "."
;;
stop)
echo "Stopping $DESC: $NAME"
d_stop
echo "."
;;
restart|force-reload)
#
# If the "reload" option is implemented, move the
"force-reload"
# option to the "reload" entry above. If not,
"force-reload" is
# just the same as "restart".
#
echo -n "Restarting $DESC: $NAME"
d_stop
sleep 1
d_start
echo "."
;;
*)
# echo "Usage: $SCRIPTNAME
{start|stop|restart|reload|force-reload}" >&2
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac
exit 0
============================================================
Regards,
Benedict
> On Thu, Aug 23, 2007 at 01:42:38AM +0200, Benedict Verheyen wrote:
>
>>> And if you look at the file on the host, it's owned by root?
>>>
>> Yes, it's owned by root.
>>
>
> Then the UML is running as root on the host, which is not recommended.
>
>
>> How can i be certain that my uml is started as user benedict?
>>
>
> I.e. how can you check that it is, or how can you ensure that it is?
>
> For the first, ps will obviously tell you.
>
> For the second, be benedict when you start UML.
>
> Jeff
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
User-mode-linux-user mailing list
User-mode-linux-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
