lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <54F72A8D.1070402@yuhu.biz>
Date:	Wed, 04 Mar 2015 17:53:49 +0200
From:	Marian Marinov <mm-l@...u.biz>
To:	Stephan Mueller <smueller@...onox.de>
CC:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: RFC: sysctl fixes

On 03/04/2015 05:48 PM, Stephan Mueller wrote:
> Am Mittwoch, 4. März 2015, 15:18:19 schrieb Marian Marinov:
>
> Hi Marian,
>
>> Hello,
>> we are running hundreds of containers and we got some valid requests
> >from customers that want to be able to change their container's
>> hostname using the sysctl command.
>>
>> The current implementation does not allow each UTS namespace to change
>> its own hostname.
>>
>> So we sponsored the development of fix for this issue.
>>
>> Please checkout the changes here:
>>
>> https://github.com/1HLtd/linux/compare/b24e2bdde4af656bb0679a101265ebb
>> 8f8735d3c...sysctl-hostname-fixes
>>
>> If this fix is acceptable I'll send the patches as it is common. But
>> first I want to know if you think this is the way to go.
> The description in http://lwn.net/Articles/531381/ does not work?

Stephan, the users can change the hostname of the container using the hostname command. I can also change their hostname
when I'm creating the containers.
However the customers need to be able to change the hostname of the machine using valid system command:

sysctl kernel.hostname=newhost
sysctl kernel.domainname=newdomain

Both of these commands try to talk to the kernel via the /proc filesystem. This is why we propose these fixes.
Without them, only the root on the host node can do this.

Correct me, if I'm wrong.

Marian

>> Thank you,
>> Marian
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-kernel"
>> in the body of a message to majordomo@...r.kernel.org
>> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>> Please read the FAQ at  http://www.tux.org/lkml/
>
> Ciao
> Stephan
>
>

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ