Opened 6 years ago
Last modified 6 years ago
#3109 new task
we need a policy for the users in jail
Reported by: | sa2ajj | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | sys - other |
Version: | Keywords: | ansible | |
Cc: | sysadmins, skelly |
Description
I just checked the processes running @ service.bb.net and saw that the process inside the jail is run as 'sean' (skelly's user name @ infra).
I think we need to implement a policy of sort so the users in jails at least do not overlap with users on service host.
Change History (3)
comment:1 Changed 6 years ago by dustin
comment:2 Changed 6 years ago by sa2ajj
- Cc skelly added
Yes, user ids.
I'm way too new to jails to answer the question about namespaces.
comment:3 Changed 6 years ago by dustin
- Milestone changed from sys - on-bb-infra to sys - other
Note: See
TracTickets for help on using
tickets.
This is really about userids, right? Are userids in jails namespaced?