BTW, just to be accurage, cgroups are also used for Virtualization too. Namespaces get interesting as well.
I forget this because I'm used to using oVirt (RHEV) that provides all the interfacing. Same goes for SELinux MLS/MCS with Virtualization/Containers using RHEV/OpenShift. - bjs On Tue, Oct 31, 2017 at 9:45 AM, Bryan Smith <[email protected]> wrote: > On Mon, Oct 30, 2017 at 6:53 PM, Alessandro Selli > <[email protected]> wrote: >> On Mon, 30 Oct 2017 at 10:27:11 +0200 >> Mark Clarke <[email protected]> wrote: >> >>> Should we add something on Linux capabilities when covering permissions? >>> There is all the plumbing stuff like cgroups and namespaces that is >>> mostly hidden from sysadmin and it might be better for level 2 & 3 but >>> linux capableness can help instead of using setuid for example? >> >> I'd say coverage of these topics is not appropriate for LPIC-1 exams. They >> are fairly advanced concepts that do not impact installation and the level of >> administration of a Linux machine that is covered in LPIC-1. Linux >> capabilities best fit a system hardening course, not an everyday >> administration one. Cgroups and namespaces are mostly used in virtualization >> and clustering, so all of these topics are IMO LPIC-3xx stuff. > > <Nitpick Warning=ON> > "s/Virtualization/Containers/g" > </Nitpick Warning=OFF> > > As always, one should step back and look at the target audience and levels. > > E.g., Focusing on a day-to-day junior sysadmin, here's one that jumps > out at me ... > > systemd creates cgroups for _all_ processes (and their trees). So a > junior sysadmin under my management would need to know ... > - Identify: the cgroup containing the processes > - identify: see if the cgroup has been limited to specific resources > - Operation: kill the entire process tree of that cgroup (if necessary) > > Understand identifying/killing would be a lower levelthan setting up > or analyzing cgroups and performance. > > I leave it up to others to decide where those levels and objectives should be. -- Bryan J Smith - http://www.linkedin.com/in/bjsmith E-mail: b.j.smith at ieee.org or me at bjsmith.me _______________________________________________ lpi-examdev mailing list [email protected] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
