Re: [Vserver] Utility Programs in Vservers
Thanks Herbert. Your insights are always useful and fun. Rod On Wed, 16 Feb 2005, Herbert Poetzl wrote: > On Tue, Feb 15, 2005 at 09:15:32AM -0800, Roderick A. Anderson wrote: > > Well that's a pretty sorry excuse for a Subject but the only thing I could > > think of. :-) > > > > Short story. A client got their Vserver broken into and though it appears > > I got them cleaned out but I'm still doing some forensics. There were > > some files changed ( I don't think they knew it was a Vserver ) and fcheck > > caught the problem files but I'm not sure if they are even needed. > > hehe ... good that they didn't knew then ... > > > Is there any reason for ifdown, ifup, installkernel, ldconfig, sln, > > vhalt, vreboot are needed or should be in a Vserver? > > the is no use, but also no harm in ifdown/ifup if the > vserver does not have the NET_ADMIN capability ... > ldconfig and sln might be useful inside .. who knows > but vhalt and vreboot are not used anymore ... > > > This is pretty old kernel ( CTX ) and I think I made a mistake and > > created the Vserver from the main server. > > I'm also seeing some $VSERVER/dev/hdx?, $VSERVER/dev/log, > > $VSERVER/dev/stdout, $VSERVER/dev/ttyo?, and $VSERVER/dev/tty. > > anything more than the following is not needed and might > (or will) be dangerous if supplied ... > > crw-rw-rw-1 root root 1, 7 Apr 6 2003 full > srw-rw-rw-1 root root0 Feb 16 01:42 log= > crw-rw-rw-1 root root 1, 3 Apr 6 2003 null > crw-rw-rw-1 root root 5, 2 Feb 16 03:07 ptmx > drwxr-xr-x2 root root0 Feb 16 01:37 pts/ > crw-r--r--1 root root 1, 8 Apr 6 2003 random > crw-rw-rw-1 root root 5, 0 Apr 6 2003 tty > crw-r--r--1 root root 1, 9 Apr 6 2003 urandom > crw-rw-rw-1 root root 1, 5 Apr 6 2003 zero > > std* are usually symlinks into /proc so they should be > fine ... > > > Any pointers or thoughts? > > HTH, > Herbert > > > TIA, > > Rod > > -- > > "Open Source Software - You usually get more than you pay for..." > > "Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL" > > > > > > ___ > > Vserver mailing list > > Vserver@list.linux-vserver.org > > http://list.linux-vserver.org/mailman/listinfo/vserver > -- "Open Source Software - You usually get more than you pay for..." "Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL" ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Utility Programs in Vservers
On Tue, Feb 15, 2005 at 09:15:32AM -0800, Roderick A. Anderson wrote: > Well that's a pretty sorry excuse for a Subject but the only thing I could > think of. :-) > > Short story. A client got their Vserver broken into and though it appears > I got them cleaned out but I'm still doing some forensics. There were > some files changed ( I don't think they knew it was a Vserver ) and fcheck > caught the problem files but I'm not sure if they are even needed. hehe ... good that they didn't knew then ... > Is there any reason for ifdown, ifup, installkernel, ldconfig, sln, > vhalt, vreboot are needed or should be in a Vserver? the is no use, but also no harm in ifdown/ifup if the vserver does not have the NET_ADMIN capability ... ldconfig and sln might be useful inside .. who knows but vhalt and vreboot are not used anymore ... > This is pretty old kernel ( CTX ) and I think I made a mistake and > created the Vserver from the main server. > I'm also seeing some $VSERVER/dev/hdx?, $VSERVER/dev/log, > $VSERVER/dev/stdout, $VSERVER/dev/ttyo?, and $VSERVER/dev/tty. anything more than the following is not needed and might (or will) be dangerous if supplied ... crw-rw-rw-1 root root 1, 7 Apr 6 2003 full srw-rw-rw-1 root root0 Feb 16 01:42 log= crw-rw-rw-1 root root 1, 3 Apr 6 2003 null crw-rw-rw-1 root root 5, 2 Feb 16 03:07 ptmx drwxr-xr-x2 root root0 Feb 16 01:37 pts/ crw-r--r--1 root root 1, 8 Apr 6 2003 random crw-rw-rw-1 root root 5, 0 Apr 6 2003 tty crw-r--r--1 root root 1, 9 Apr 6 2003 urandom crw-rw-rw-1 root root 1, 5 Apr 6 2003 zero std* are usually symlinks into /proc so they should be fine ... > Any pointers or thoughts? HTH, Herbert > TIA, > Rod > -- > "Open Source Software - You usually get more than you pay for..." > "Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL" > > > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Utility Programs in Vservers
Well that's a pretty sorry excuse for a Subject but the only thing I could think of. :-) Short story. A client got their Vserver broken into and though it appears I got them cleaned out but I'm still doing some forensics. There were some files changed ( I don't think they knew it was a Vserver ) and fcheck caught the problem files but I'm not sure if they are even needed. Is there any reason for ifdown, ifup, installkernel, ldconfig, sln, vhalt, vreboot are needed or should be in a Vserver? This is pretty old kernel ( CTX ) and I think I made a mistake and created the Vserver from the main server. I'm also seeing some $VSERVER/dev/hdx?, $VSERVER/dev/log, $VSERVER/dev/stdout, $VSERVER/dev/ttyo?, and $VSERVER/dev/tty. Any pointers or thoughts? TIA, Rod -- "Open Source Software - You usually get more than you pay for..." "Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL" ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver