|
On Wed, Feb 25, 2004 at 02:38:57PM -0500, Matthew Crocker wrote:
>
> Hello all,
>
> I'm working on the next generation of my network. Ideally I don't
> want any machine on the Internet but I would like to have the services
> the provide on the network. For example, I all of my servers to
> physically be on 192.168.x.y networks with User Mode Linux virtual
> machines running to handle each service. One physical machine may
> handle qmail in one UML, apache in another. If someone breaks root
> through an apache bug they do not become root on the network or the
> physical machine. Would it be possible to have a LVS enabled kernel
> running under a non-LVS enabled kernel using UML so my directors won't
> actually be on the Internet? If the LVS kernel crashed I could have
> the parent kernel restart the virtual machine with a shell script.
> root on any one machine will still be a normal user on the host machine
> and network.
Yes
--
Horms
|
