Hi John,
On Mo 01 Okt 2012 04:12:25 CEST "John A. Sullivan III" wrote:
On Sun, 2012-09-30 at 10:35 -0400, senrabdet@aol.com wrote:
Another quick update - we think enabling fuse in the vserver guest is part of the problem, though the vserver folks suggest this may be a security/stability problem.
<snip> Newer kernels may break out the capability required to make FUSE work from the admin capability but I've not investigated that yet. If you allowed the admin capability in your vserver guest, you shot your security to bits. If I recall correctly, the capability limitation was not in mounting FUSE drives but only in unmounting them, strangely. That's why we moved the x2gocleansessions script to the VServer host - not to mention that it means we can run one process for many hundreds of servers rather than one each firing every five seconds.
We do have this working without opening the admin capabilities but I do not remember the details off the top of my head and we are using an old and heavily adapted version. Good luck with it - John
For X2Go Server 3.2.0.0 I am currently fully restructuring the
x2goserver src:package. Would it make sense for you to package the
x2gocleansessions script in a separate package? What other components
do you have running on the Vserver host that do not run on the X2Go
servers (Vserver guests)?
Mike
--
DAS-NETZWERKTEAM mike gabriel, rothenstein 5, 24214 neudorf-bornstein fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...