Ticket #1000 (new enhancement)
login chroots should support SSH sessions via containers
Reported by: | geofft | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | The Distant Future |
Component: | -- | Keywords: | hackathon |
Cc: | Fixed in version: | ||
Upstream bug: |
Description
It'd be nice if there were an option for remote sessions to run debathena-reactivate and thereby be able to sudo aptitude install random software the same way as on cluster. This would be reasonably secure if we threw Linux containers at the problem, since containers are designed to solve exactly the problem of having more-awesome chroots that allow securely partitioning root (so you can sell different containers as VPSes to mutually-untrusted users).
Probably the way to do this is to have it be an option that a user can enter, as opposed to something that's enabled automatically for everyone if you install debathena-reactivate on a system with remote login.
And so probably the way to do that is to teach schroot about containers.