|
|
|
|
|
|
|
|
|
|
xen-users
Re: [Xen-users] User access to "xm console"
Anand wrote:
> Would you mind sharing your custom script ?
The script I wrote for handling the "virtual serial console" setup with
Xen 3 is as follows:
---- BEGIN SCRIPT ----
#!/usr/bin/perl
use English;
$ENV{'PATH'} =
'/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin';
die("This script must be setuid root") if $EUID != 0;
$instname = (getpwuid($UID))[6];
($real_instname) = $instname =~ /^([a-z0-9\._\-]+)$/i;
print "*** Entering console, press Ctrl-] to detach ***\n";
system('/usr/sbin/xm', 'console', $real_instname);
print "\n*** Console detached ***\n";
---- END SCRIPT ----
I installed this script as /usr/local/bin/xencons-sh, owned by user
root, group vscons, mode 4750. This allows just the users in group
vscons (for whom this should be their shell anyway) to run it,
preventing anyone else from doing untoward things with the script.
Make sure that you install your distribution's package containing
suidperl ("perl-suid" on Debian), as this script must run setuid root,
otherwise it won't be able to open the console.
--
Derrik Pates
demon@xxxxxxxxxxxxx
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|