On Mon, 24 Nov 2003 14:34:03 -0500, Bert De Vuyst wrote > > Hello, > > After looking at the code of tool vrpm (part of vserver and util-vserver), I > have some questions. > > 1. The location of /vservers is hardcoded in this tool. > I think it's at better idea use the option VSERVERS_ROOT=/vservers in this > script and to use $VSERVERS_ROOT inside the script. > In case of the vserver package by Jacques, the next lines > if [ -f /etc/vservers.conf ] ; then > source /etc/vservers.conf > fi > would be a usefull idea to set the $VSERVERS_ROOT.
I will fix that > 2. In case the vserver is not running, the script starts a new security > context. Correct me if I'm wrong, but I think it's not a good idea. > Why? Some people have a backup of there vservers on a spare machine in case > there serverhardware fails. If they run vrpm on the spare machine, vrpm will > startup the vservers to update the packages. This can cause a problem as the > IP-address of the vserver is in use by the vserver running on the master > server, and you end up running 2 vservers using the same IP-address. > I think it would be beter to use chroot to run rpm in case the vserver is > down. Starting a new security context does not assign IPs. So it has no impact on other copies of the vserver running elsewhere. The idea of using a security context is to make sure that scripts executed during the RPM update can't access or break the root server. --------------------------------------------------------- Jacques Gelinas <[EMAIL PROTECTED]> vserver: run general purpose virtual servers on one box, full speed! http://www.solucorp.qc.ca/miscprj/s_context.hc _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
