After asking various questions about unification, I don't think vhashify
quite supports what I have in mind. I wanted to get some opinions/ideas
from the users of this mailing list.
I am thinking if vservers can somehow be used to provide MAC (Mandatory
Access Control) through containers. For example, a vserver shares the
same filesystem as the host server, with read and write access to the
host files being defined through a set of MAC policies. In this way,
different policies can be defined for different vservers. Also, writes
can be contained within a vserver (so that if a file is written to, a
copy is made in the vserver's space) and integrated with the host only
through explicit 'commits' to allow, for example, new configurations to
be tested in an environment exactly the same as the host server and then
transferred to the host using a commit.
Any comments please?
Thanks.
-FS
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
