LinuxGuruz
  • Last 5 Forum Topics
    Replies
    Views
    Last post


The Web Only This Site
  • BOOKMARK

  • ADD TO FAVORITES

  • REFERENCES


  • MARC

    Mailing list ARChives
    - Search by -
     Subjects
     Authors
     Bodies





    FOLDOC

    Computing Dictionary




  • Text Link Ads






  • LINUX man pages
  • Linux Man Page Viewer


    The following form allows you to view linux man pages.

    Command:

    chcontext

    
    
    
    

    SYNTAX

           chcontext [options] <command arguments>
    
    
    

    DESCRIPTION

           chcontext allocates a new security context and executes  a  command  in
           that context.  By default, a new/unused context is allocated
    
    
    

    OPTIONS

           --cap CAP_NAME
                  Add  a  capability from the command. This option may be repeated
                  several time. See  /usr/include/linux/capability.h  In  general,
                  this  option  is used with the --secure option. --secure removes
                  most critical capabilities and --cap adds specific ones.
    
           --cap !CAP_NAME
                  Remove a  capability  from  the  command.  This  option  may  be
                  repeated several time. See /usr/include/linux/capability.h
    
           --ctx num
                  Select  the context. Only root in context 0 is allowed to select
                  a specific context.  Context number 1 is special. It can see all
                  processes in any contexts, but can't kill them though.
    
           --disconnect
                  Start  the command in background and make the process a child of
                  process 1.
    
           --domainname new_domainname
                  Set the domainname (NIS)  in  the  new  security  context.   Use
                  "none" to unset the domainname.
    
           --flag Set one flag in the new or current security context. The follow-
                  ing flags are supported. The option may be used several time.
                     lock: The new process is trapped and can't use
                           chcontext anymore.
                     sched: The new process and its children will
                            share a common execution priority.
                     nproc: Limit the number of process in the
                            vserver according to ulimit setting.
                            Normally, ulimit is a per user thing.
                            With this flag, it becomes a per vserver
                            thing.
                     private: No one can join this security context
                              once created.
    
           --hostname new_hostname
                  Set the hostname in the new security context.   This  is  needed
                  because if you create a less privileged security context, it may
                  be unable to change its hostname.
    
           --secure
           context /usr/sbin/chcontext xterm &
    
           # We check, there is no xterm running, yet we can # see it.   ps  ax  |
           grep xterm
    
           # Are we running in security context 0 # We check the s_context line in
           /proc/self/status cat /proc/self/status
    
           #  Ok  we  in  security  context  0  #  Try  the  security  context   1
           /usr/sbin/chcontext --ctx 1 ps ax | grep xterm
    
           #  Ok,  we see the xterm, we try to kill it /usr/sbin/chcontext --ctx 1
           killall xterm
    
           # No, security context 1 can see, but can't kill # let's  find  out  in
           which  security  context  this  #  xterm is running /usr/sbin/chcontext
           --ctx 1 ps ax | grep xterm
    
           # Ok, this is PID XX. We need the security context  /usr/sbin/chcontext
           --ctx 1 cat /proc/XX/status
    
           #  We  see  the  s_context, this is SS.  # We want to kill this process
           /usr/sbin/chcontext --ctx SS killall xterm
    
           Please contribute some, if you feel it's important.
    
    
    

    AUTHORS

           This Man page was written by Klavs Klavsen <kl@vsen.dk> and based  upon
           the helpful output from the program itself and the documentation on the
           Virtual    Server    site     <http://www.solucorp.qc.ca/miscprj/s_con-
           text.hc?prjstate=1&nodoc=0>
    
    
    

    SEE ALSO

           chbind(8)   rebootmgr(8)   reducecap(8)   vps(8)   vpstree(8)   vrpm(8)
           vserver(8) vserver-stat(8) vtop(8)
    
    
    

    Klavs Klavsen 0.1.0 chcontext(8)

    
    
  • MORE RESOURCE


  • Linux

    The Distributions





    Linux

    The Software





    Linux

    The News



  • MARKETING






  • Toll Free

webmaster@linuxguruz.com
Copyright © 1999 - 2016 by LinuxGuruz