10-28-2008
It's generally NOT possible to prevent root from seeing a local disk. You can, however, try to create a user-space filesystem which squashes root's access to it. I think cryptfs used to do this. The other possibility is using setfacl to achieve this effect. However, root can always call setfacl to remove whatever restrictions you add.
The long-term solution is to separate the root privilege into roles and have those roles separated through a judicious sudo configuration.
10 More Discussions You Might Find Interesting
1. IP Networking
i have one private network with one ip address, and i have a seperate network on a seperate ip address.
now, each network is behind a firewall/router. now what i want to do is be able to access one server on the second network from a computer on the first., but with the private ip address, (this... (2 Replies)
Discussion started by: norsk hedensk
2 Replies
2. Solaris
Hi everyone,
I'm looking to hire for private lessons a individual who is presently working as a unix system administrator or instructor in school who is teaching unix. I live in Clifton nj my nubmer is Cell **no phonenumbers on this forum** or email
**no emails on this forum** please let me... (1 Reply)
Discussion started by: john furman
1 Replies
3. IP Networking
Hi all,
Currently we are in the progress of setting up a private network on all of our Sun Solaris servers. Purpose is to move all backup tasks to the private, hence reduce load on public network.
Some of our servers only consists of 1 network card but with several ports. Shall we purchase... (10 Replies)
Discussion started by: *Jess*
10 Replies
4. Shell Programming and Scripting
How might I write a shell script that queries a user for information that is sensitive (say a password)-- and does something like:
Password? ******** <---- the user's entered information
or
Password? <---- the user's entered information
... (0 Replies)
Discussion started by: Prodiga1
0 Replies
5. Solaris
I have a Oracle dbase running in a Solaris 10 cluster and have two private interconnects that are being used for communication. Is there any way to connect these two interconnects together using IPMP for redundancy? I've made several attempts with no luck so far and was wondering if anyone had... (17 Replies)
Discussion started by: goose25
17 Replies
6. OS X (Apple)
Hello, whilst editing sudoers at 07:24 this morning via visudo I noticed that there are two files which get changed simultaneously as shown below. Then in fact what I noticed is that /private/etc contains exactly what /etc contains.
Why is this? What is the difference between these two... (2 Replies)
Discussion started by: michellepace
2 Replies
7. Windows & DOS: Issues & Discussions
Hello,
I have a desktop which has two network cards installed on it and I connected these two card through a hub.
On the desktop in have installed a Windows Vista Home Edition SO and a Windowx XP SO in a virtual way. I also had intalled a Virtual BOX software and Windows XP run through it.
By... (1 Reply)
Discussion started by: zendcool
1 Replies
8. Shell Programming and Scripting
I have two types of files
pubring.pkr
secring.skr
secring.skr is encrypted and not able to read.
How can i read secring.skr in text format after decrypting ?
is there any way of decrypting this file?
Unix HP - UX Version. (4 Replies)
Discussion started by: airesh
4 Replies
9. Post Here to Contact Site Administrators and Moderators
Hi,
As i am recieving private messages, i am unable to reply to them. Could you please enable my private messages.
Thanks! (2 Replies)
Discussion started by: Amulya
2 Replies
10. What is on Your Mind?
Well I have just noticed over the years that I have PMs that I have not seen or even known about.
Apologies if any of you have not had any replies to your PMs. It is too late now as some go back to my early days on here.
The notification that comes up currently has notified me of a couple... (10 Replies)
Discussion started by: wisecracker
10 Replies
LEARN ABOUT X11R4
switch_root
SWITCH_ROOT(8) System Administration SWITCH_ROOT(8)
NAME
switch_root - switch to another filesystem as the root of the mount tree
SYNOPSIS
switch_root [-hV]
switch_root newroot init [arg...]
DESCRIPTION
switch_root moves already mounted /proc, /dev, /sys and /run to newroot and makes newroot the new root filesystem and starts init process.
WARNING: switch_root removes recursively all files and directories on the current root filesystem.
OPTIONS
-h, --help
Display help text and exit.
-V, --version
Display version information and exit.
RETURN VALUE
switch_root returns 0 on success and 1 on failure.
NOTES
switch_root will fail to function if newroot is not the root of a mount. If you want to switch root into a directory that does not meet
this requirement then you can first use a bind-mounting trick to turn any directory into a mount point:
mount --bind $DIR $DIR
SEE ALSO
chroot(2), init(8), mkinitrd(8), mount(8)
AUTHORS
Peter Jones <pjones@redhat.com>
Jeremy Katz <katzj@redhat.com>
Karel Zak <kzak@redhat.com>
AVAILABILITY
The switch_root command is part of the util-linux package and is available from https://www.kernel.org/pub/linux/utils/util-linux/.
util-linux June 2009 SWITCH_ROOT(8)