|
||||||||
> >The image builder is something Manuel mentioned long ago in the list > archives, and something I've considered doing before, but it's not> easy to do safely. You have to run as root to make the final image, > so you really have to be careful to watch what you're doing as you put > it together. Definitely would be nice to have though. I have an idea how I would do such a thing "safely". Would be interested in hearing what others think. I would have the build run on a separate server from the web server, and have the build be run through an ssh. (actually, once you go into the tunnel, it may not matter if it is on the same server. :-) Alternatively, sudo...but I think sudo has problems with multiple layers, if for example apache is already running under sudo? I'm drawing on some experience for work where we "outsource" certain functions across the network to force use of a physical network device. Our HA daemon runs a monitor program on a remote server, then snoops the conversation. Seth |