• Last 5 Forum Topics
    Last post

The Web Only This Site



  • MARC

    Mailing list ARChives
    - Search by -


    Computing Dictionary

  • Text Link Ads

  • LINUX man pages
  • Linux Man Page Viewer

    The following form allows you to view linux man pages.





           chcontext [options] <command arguments>


           chcontext allocates a new security context and executes  a  command  in
           that context.  By default, a new/unused context is allocated


           --cap CAP_NAME
                  Add  a  capability from the command. This option may be repeated
                  several time. See  /usr/include/linux/capability.h  In  general,
                  this  option  is used with the --secure option. --secure removes
                  most critical capabilities and --cap adds specific ones.
           --cap !CAP_NAME
                  Remove a  capability  from  the  command.  This  option  may  be
                  repeated several time. See /usr/include/linux/capability.h
           --ctx num
                  Select  the context. Only root in context 0 is allowed to select
                  a specific context.  Context number 1 is special. It can see all
                  processes in any contexts, but can't kill them though.
                  Start  the command in background and make the process a child of
                  process 1.
           --domainname new_domainname
                  Set the domainname (NIS)  in  the  new  security  context.   Use
                  "none" to unset the domainname.
           --flag Set one flag in the new or current security context. The follow-
                  ing flags are supported. The option may be used several time.
                     lock: The new process is trapped and can't use
                           chcontext anymore.
                     sched: The new process and its children will
                            share a common execution priority.
                     nproc: Limit the number of process in the
                            vserver according to ulimit setting.
                            Normally, ulimit is a per user thing.
                            With this flag, it becomes a per vserver
                     private: No one can join this security context
                              once created.
           --hostname new_hostname
                  Set the hostname in the new security context.   This  is  needed
                  because if you create a less privileged security context, it may
                  be unable to change its hostname.
           context /usr/sbin/chcontext xterm &
           # We check, there is no xterm running, yet we can # see it.   ps  ax  |
           grep xterm
           # Are we running in security context 0 # We check the s_context line in
           /proc/self/status cat /proc/self/status
           #  Ok  we  in  security  context  0  #  Try  the  security  context   1
           /usr/sbin/chcontext --ctx 1 ps ax | grep xterm
           #  Ok,  we see the xterm, we try to kill it /usr/sbin/chcontext --ctx 1
           killall xterm
           # No, security context 1 can see, but can't kill # let's  find  out  in
           which  security  context  this  #  xterm is running /usr/sbin/chcontext
           --ctx 1 ps ax | grep xterm
           # Ok, this is PID XX. We need the security context  /usr/sbin/chcontext
           --ctx 1 cat /proc/XX/status
           #  We  see  the  s_context, this is SS.  # We want to kill this process
           /usr/sbin/chcontext --ctx SS killall xterm
           Please contribute some, if you feel it's important.


           This Man page was written by Klavs Klavsen <> and based  upon
           the helpful output from the program itself and the documentation on the
           Virtual    Server    site     <


           chbind(8)   rebootmgr(8)   reducecap(8)   vps(8)   vpstree(8)   vrpm(8)
           vserver(8) vserver-stat(8) vtop(8)

    Klavs Klavsen 0.1.0 chcontext(8)


  • Linux

    The Distributions


    The Software


    The News


  • Toll Free
Copyright © 1999 - 2016 by LinuxGuruz