[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-users] console access to non root xen 3.0

Andrew Thompson wrote:
> On Wed, Apr 05, 2006 at 09:09:30AM +0200, Szalai Ferenc wrote:
>> Hi,
>> Is there any regular way to give console access to specified domU to
>> not root user? How xen domain providers can solve this problem with
>> xen 3.x? 
> Unixshell provides console access to their customers via ssh on an
> alternate port(not 22). I know it can be done, I'm just not sure how
> they're doing it.  
> For my personal use, I use xm console as root. A couple of times I've
> tried to figure out xencons, but didn't get any further than: 
> xen ~ # man xencons
> No manual entry for xencons
> xen ~ # xencons --help
> /usr/bin/xencons <host> <port>

If you mean local access (not via the network) then you can use sudo to give
the user permission to execute 'xm console'.  For access to a specific domU
you'd also need to use a separate domU config file for that domain, and give
the user additional sudo access to execute 'xm list.'  Then you can write a
little script the user can execute (but not write!) that will list running
domU's, grep the results for the custom config file name, and awk the output
line for that domain's Id.  Finally, the script would call 'xm console

Kind of roundabout I know, but we work with the tools we have.

 - Steve Brueckner, ATC-NY

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.