Salve Herbert, ML! Herbert Poetzl schrieb am Sonntag, den 02. Juli 2006 um 17:59h: > > What should I read to learn what fd,pts stands for and > > to know what /dev/pts/[14|20|21|31-34] are? > > *phew* good question, probably a lot of source code :) > > thing is, fd and pts (/14,/20 ...) are 'just' names > used for character and block device nodes, identified > by the unique major and minor identifiers ... > > so, basically c:136:14 means the 14th pseudo terminal > (regardless of the name, could as well be named hansi)
> > > >Could it by that I'm allowed to remove devices, but > > > >not allowed to create one? > > > > > > Exactly. Giving guests the ability to create devices is a huge security > > > risk, basically equivalent to just giving access to the host directly. Whats about the pseudo terminals? sshd, screen ... and some others can create new ones as [EMAIL PROTECTED] :) asterisk seems like to have an own terminal: # from [Asterist-Users] ML Tzafrir Cohen wrote on # Tue Jul 4 09:05:46 MST 2006 # safe_asterisk has a flawed logic: it assumes that the tty device will # always exist. Thus it is not suited for use with screen. I used "ln -s /dev/pts/31 /dev/tty9" successful, but on the next day /usr/sbin/safe_asterisk does not found /dev/tty9..... /dev/pts/31 exist only for my bash, after exiting this bash, also /dev/pts/31 has been gone, and so this "hack" does not work... ;( How can I create with /etc/init.d/asterisk a new pseudo terminal, e.g. /dev/pts/ast and "ln -s /dev/pts/ast /dev/tty9" Dirty trick would be to start with /etc/init.d/asterisk a ssh or telnet connection to 127.0.0.1, is there a smart way to create pseudo terminal, especialy that this terminal is durable and do not fade away when something crashed? > device nodes are always local, so they cannot be > 'forwarded' to another host, OTOH, you are free to > create fifos (pipes) and symlinks to 'redirect' > stuff remotely and local [EMAIL PROTECTED] mknode ..... /dev/pts/asterisk [EMAIL PROTECTED] ln -s /dev/pts/asterisk /dev/tty9 ??? #mknod /dev/tty9 c 7 7 mknod: »/dev/tty9«: Die Operation ist nicht erlaubt (operatin is not allowed) And "mknod /dev/tty9 -p" as FIFO does not help to run asterisk with a console. I found this: # From: Herbert Poetzl <herbert_at_13thfloor.at> # Date: Wed 17 May 2006 - 18:13:50 BST # Message-ID: <[EMAIL PROTECTED]> # On Sun, May 14, 2006 at 09:48:20PM -0700, EKC wrote: #> I'm running a perl script inside of a linux vserver, and the script #> requires access to tty and pty devices. However /dev/MAKEDEV and #> mknod #> cannot create pty devices from within a vserver. [...] #> Is there a way to add devices from within a vserver itself? #pts/ptmx is auto created inside a guest, with proper #permissions and security (tty and pty are not required #inside a guest, unless you want to assign certain 'real' #consoles to the guest, like vt0/1/2 etc) ok and how can I use this magic auto creation inside a guest with/for /etc/init.d/asterisk? ;) man ptmx getpt(3), grantpt(3), ptsname(3), unlockpt(3) still a little bit too comlex for me ;( man expect man screen Well I could write #!/bin/sh # ttydumy.sh rm /dev/tty9 ln -s $tty /dev/tty9 and call screen .../ttydumy.sh inside safe_asterisk, but it seems that screen inside slows asterisk. (and this is ugly for ssh login and screen -r with multiple screens...) So [EMAIL PROTECTED] can indirectly create dumy devices and there is still no tool like mknode for vserver - because it is not so neccessary and does not have such a high priority - right? Dont't get me wrong, I don't want to be unpolite and I don't want to be missunderstood that expecting support and including of that feature.... It's just that I want to understand the power of vserver and to do the best with them and also try to document/promote them that it is possible to run an umpached asterisk with a colord CLI (Patching asterisk would be a second solution, would work for me but I think many vserver user would not do this...) Greetings, rob This is OT for Vserver ML, more for vserver+asterisk user: PS: My personal workaround at the moment: start screen and one of that terminal is used to get asterisk colored inside this terminal: tty > /etc/asterisk/tty ln -s /dev/pts/$tty /dev/tty9 inside safe_asterisk a test if that device still exist... if yes TTY=tt9 so when asterisk crash and there is no TTY9 it will run without a hangup ;) _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver