Mount Points

Navigation:  CageFS > Configuration >

Mount Points

Previous pageReturn to chapter overviewNext page

CageFS creates individual namespace for each user, making it impossible for users to see each other's files and creating high level of isolation. The way namespace is organized:

 

1./usr/share/cagefs-skeleton with safe files is created
2.Any directory from the server that needs to be shared across all users is mounted into /usr/share/cagefs-skeleton
a.list of such directories is defined in /etc/cagefs/cagefs.mp
3./var/cagefs/[prefix]/username directory for each user. Prefix is defined as last two digits of user id. User id is taken from /etc/passwd file.
4.Separate /etc directory is created and populated for each user inside /var/cagefs/[prefix]/username
5./tmp directory is mounted for each user separately into ~username/.cagefs-tmp directory
6.Additional custom directories can be mounted for each user by defining them in /etc/cagefs/cagefs.mp

7. You can define custom directories per user using virt.mp files [CageFS 5.1 and higher]

 

To define individual custom directories in /etc/cagefs/cagefs.mp following format is used:

@/full/path/to/directory,permission notation

This is useful when you need to give each user its own copy of a particular system directory, like:

@/var/run/screen,777

Such entry would create separate /var/run/screen for each user, with permissions set to 777

 

To modify mount points, edit /etc/cagefs/cagefs.mp. Here is an example of cagefs.mp:

 

/var/lib/mysql
/var/lib/dav
/var/www/cgi-bin
/var/spool
/dev/pts
/usr/local/apache/domlogs
/proc
/opt
@/var/spool/cron,700
@/var/run/screen,777

 

If you want to change mount points, make sure you re-initialize mount points for all customers:

 

$ cagefsctl --remount-all

 

This command will kill all current processes and reset mount points.