-May run various network services, binding to the same ports
without special configuration. Services are started normally (sysv script, whatever
the distro you are using).
-Have independant process list, so they can't interfere. You can't see or send
signal to process in other vservers (or the root server)
-I have also modified the capability system a little, so those virtual server
administrators can't take over the machine. I have introduced a per-process
capability ceiling, inherited by sub-process. Even setuid program can't grab
more capabilities..
-Update packages normally, create users, Use any admin procedure/tool
Maybe such a project has already been done. Anyway, I have written a lot
of documentation about it (how it works, pro and con and so on). It works
on top of 2.4.10 or 2.4.11 (probably anything). I would really like to get
some comments.
You can find all the documentation and packages at
http://www.solucorp.qc.ca/miscprj/s_context.hc
All this is GPL...
---------------------------------------------------------
Jacques Gelinas <jack@solucorp.qc.ca>
vserver: run general purpose virtual servers on one box, full speed!
http://www.solucorp.qc.ca/miscprj/s_context.hc
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/