lrm@b.cs.wvu.wvnet.edu (GTA Systems) (03/16/89)
Will a security problem (and is this possible) arise if I build a guest UNIX account that is only allowed to run AUFS (cap). Thanks in advance. Post or send mail to lrm@a.cs.wvu.wvnet.edu Larry Metzger GTA, Systems West Virginia University Stat and CS
tonyg@eagle.cvs.rochester.edu (Tony Giaccone) (10/20/89)
Hi,
I'm trying to get our AUFS running on our Sun 3/280 so that we can have
a file server for our appletalk network. I got the source from columbia,
compiled it locally with the test flag set. Everything seemed to compile
correctly.
My problem came when I tried to run this code. I started the stuff up (as
root), and it seemed to be working fine for about 3 days. By the third day
the server was hung. A quick ps showed that 10 copies of the aufs program
were hung (here's the relavant ps listing):
F UID PID PPID CP PRI NI ADDR SZ RSS WCHAN STAT TT TIME COMMAND
>1400001 121 969 1 0 -5 0 1f5 160 8 fac952e D ? 0:08 aufs
>1400001 121 6027 1 0 -5 0 398 160 8 fac722e D ? 0:01 aufs
>5400001 121 24736 1 0 -5 0 127 208 8 faa612e D ? 0:31 aufs
A quick scan of my AUFS log file showed 10 copies of the following sets of
messages, all with different pid's which matched the 10 hung processes.
>19912* 17:37:51 10/12/89 pid 969 starting for session 0
>00969: 17:37:51 10/12/89 Login requested for orin (we are running as root)
>00969: 17:37:51 10/12/89 Login: user orin, home directory /u5/orin
>19912* 17:47:19 10/12/89 Server timeout on session 0 pid 969, not talking to re
> + mote anymore
Becuase each of these processes was in disk wait, they were impossible to
kill. The only solution to this whole mess was to reboot our 3/280.
So my question to you folks is what did I do wrong?
Tony Giaccone
tonyg@cvs.rochester.edu