Opened 2 years ago

Last modified 2 years ago

#3109 new task

we need a policy for the users in jail

Reported by: sa2ajj Owned by:
Priority: major Milestone: sys - other
Version: Keywords: ansible
Cc: sysadmins, skelly

Description

I just checked the processes running @ service.bb.net and saw that the process inside the jail is run as 'sean' (skelly's user name @ infra).

I think we need to implement a policy of sort so the users in jails at least do not overlap with users on service host.

Change History (3)

comment:1 Changed 2 years ago by dustin

This is really about userids, right? Are userids in jails namespaced?

comment:2 Changed 2 years ago by sa2ajj

  • Cc skelly added

Yes, user ids.

I'm way too new to jails to answer the question about namespaces.

comment:3 Changed 2 years ago by dustin

  • Milestone changed from sys - on-bb-infra to sys - other
Note: See TracTickets for help on using tickets.