On Thu, May 19, 2005 at 08:26:19PM -0400, Jean-Christophe Petit wrote: > Where I can get the > > 0.30.20x tools for the 2.4.30-vs1.2.10 kernel ?
there are various options for that: (latest) http://www.13thfloor.at/~ensc/util-vserver/files/alpha/ http://savannah.nongnu.org/projects/util-vserver/ http://vserver.13thfloor.at/Experimental/MDK/ (older) http://www.13thfloor.at/vserver/d_rel26/overview/ HTH, Herbert > regards > > > Herbert Poetzl wrote: > > >On Wed, May 18, 2005 at 09:30:31PM -0400, Jean-Christophe Petit wrote: > > > > > >>Thanks Herbert, > >> > >>sorry for the lack of infos: > >>2.4.30-vs1.2.10 with Per Context Quota/Disk Limits Addon q0.14 > >>util-vserver-0.30-1mdk > >>vproc-0.01 <vproc-0.01.tar> > >> > >>I'm using only one partition for all my 10 vps. > >> > >>/etc/vservers/<vps-name>/fstab looks like: > >>/dev/hdv1 / ext3 exec,dev,suid,rw,usrquota,grpquota 0 0 > >> > >>What can I do to have a /tmp with a noexec tag ? > >> > >> > > > >you can modify the 'vserver' script to mount something > >at /path/to/vserver/tmp, the 0.30 tools do not mount > >anything at /tmp so you'll get what you vserver has > >to offer there (i.e. very likely the same as you guest > >root system) > > > > > > > >>I tried to add: > >>none /tmp ext3 noexec 0 0 > >> > >>with no success: when I restart the vps, nothing changes. > >>I need to do that for security reasons. > >> > >> > > > >with 0.30.20x, the tools will mount a separate /tmp > >and you can change the details in the config file > >/etc/vservers/%name/fstab ... > > > >HTH, > >Herbert > > > > > > > >>thanks, > >> > >>JC > >> > >> > >>Herbert Poetzl wrote: > >> > >> > >> > >>>On Wed, May 18, 2005 at 03:37:26PM -0400, Jean-Christophe Petit wrote: > >>> > >>> > >>> > >>>>I tried, but it doesn't seem to work. > >>>>My kernel is 2.4.30-vs1.2.10 > >>>> > >>>> > >>>probably mentioning that at the first posting would > >>>have helped ... as would the tool version ;) > >>> > >>>basically the tools 'mount' /tmp for the vserver guest > >>>if you know where and when that happens, you can > >>>fine tune the options ... > >>> > >>>best, > >>>Herbert > >>> > >>> > >>> > >>>>I'm using the quota patch: serveral vserver on one partition > >>>> > >>>>thanks, > >>>>JC > >>>> > >>>>Christian Heim wrote: > >>>> > >>>> > >>>> > >>>>>On Wednesday 18 May 2005 19:15, Jean-Christophe Petit ( JP )wrote: > >>>>> > >>>>> > >>>>> > >>>>>>how can I restrict the /tmp in a vserver to execute anything ? > >>>>>> > >>>>>> > >>>>>> > >>>>>You could try to edit /etc/vservers/<vps-name>/fstab by adding the > >>>>>option noexec to the /tmp entry. Don't know if it's supported by > >>>>>vserver or could break things. > >>>>> > >>>>> > >>_______________________________________________ > >>Vserver mailing list > >>[email protected] > >>http://list.linux-vserver.org/mailman/listinfo/vserver > >> > >> > > > > > > > > > > > -- > Jean-Christophe Petit > Directeur R&D et DSI > Syspark inc. > T: 1 514 875 8755 > F: 1 514 875 8775 > > > _______________________________________________ > Vserver mailing list > [email protected] > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
