First page Back Continue Last page Summary Graphics
Root vs. normal user
Things inside UML may be root
On host, they are normal user
Useful for testing
Allow many admins without many roots
- One service per UML
- One admin per service
- Admins have root inside UML but not on host
Notes:
Another hard distinction is between root and normal users. Again, UML straddles this boundary.
UML normally runs as a normal user, so it has no particular privileges on the host. However, whoever is logged in to the UML can be expected to have root privileges inside it.
This is useful for testing. A risky procedure can be tested without risking a physical machine by doing it inside a virtual machine. If it goes horribly wrong, then the UML can just be thrown out.
Another interesting application implied by this is to allow many people to administer services without giving them all root access on the host. Each service can be put in its own virtual machine, and one person given root access to it. Then, there are many people with root privileges, but none of them need root on the host. root on the host would only be required to set up whatever network access was needed by the services.