This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
manuals:vps:vpsadminos [2020/09/21 14:43] – all distros are supported Aither | manuals:vps:vpsadminos [2020/09/21 14:48] – dont mention userns Aither | ||
---|---|---|---|
Line 48: | Line 48: | ||
===== Changes in VPS behaviour ===== | ===== Changes in VPS behaviour ===== | ||
- | ==== User namespaces ==== | ||
- | VPS in vpsAdminOS are using so called //user namespaces// | ||
- | means that your system user and group IDs are mapped to different values on | ||
- | the host. For example, the root user in your VPS has UID 0, but from the | ||
- | host's point of view, its UID is e.g. 666000. Every member has been assigned a | ||
- | unique user namespace, which ensures that your data is isolated from other | ||
- | users. In case an attacker manages to leave the container, he will not be able | ||
- | to access data from VPS belonging to other members. | ||
- | |||
- | Every member is assigned a user namespace of 524288 user/group IDs. It means | ||
- | that you can use UID/GID from 0 to 524287. All VPS from one member are in the | ||
- | same user namespace. In the future, it will be possible to define custom | ||
- | UID/GID maps for VPS and NAS datasets, which will let each member to isolate | ||
- | his own VPS and yet share some chosen range of user/group IDs. | ||
==== General ==== | ==== General ==== | ||
Line 72: | Line 58: | ||
* Network is configured using '' | * Network is configured using '' | ||
- | * ''/ | ||
* If there is a directory called ''/ | * If there is a directory called ''/ | ||