On Wednesday 22 February 2006 23:44, Jon Scottorn wrote: > Is it recommended to not use mount within a vserver, should I just mount > it from the host side or does it not really matter if I do mount it > within the vserver? You should only add mount capabilities to the guest if you trust what's running inside. If you can it's better to mount your NFS mountpoints from the host (from either host or guest network context, depending on your choice)
This is more of a personal decision on what permissions you give to your guest's root. But if mounting is possible, you can't prevent the guest from accessing any devices (e.g. by mounting a pre-made /dev to work around missing mkdev capability). best, Bruno > Thanks again. > > On Wed, 2006-02-22 at 23:15 +0100, Herbert Poetzl wrote: > > On Wed, Feb 22, 2006 at 03:08:46PM -0700, Jon Scottorn wrote: > > > Hi All, > > > > > > I am wondering if the mount command can be run within a vserver? > > > I am trying to mount a nfs mount within a vserver and I get permission > > > denied. I can mount the nfs share from another machine that is not a > > > vserver and it works. > > > > with sufficient capabilities you can do that > > > > http://linux-vserver.org/Caps+and+Flags > > > > check out binary_mount and secure_mount capability > > > > HTH, > > Herbert > > > > > Thanks in advance, > > > > > > Jon Scottorn > > > Systems Administrator > > > The Possibility Forge, Inc. > > > http://www.possibilityforge.com > > > 435.635.0591 x.1004 > > > > > > _______________________________________________ > > > Vserver mailing list > > > [email protected] > > > http://list.linux-vserver.org/mailman/listinfo/vserver > > Jon Scottorn > Systems Administrator > The Possibility Forge, Inc. > http://www.possibilityforge.com > 435.635.0591 x.1004 _______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
