I am looking at setting up a host that users can host services from. These are specific types of games and will require the user to log in. I’m bouncing between either bsd oor Debian to host, but I have a few questions.
First, I want to know if my solutions so far are viable:
I am going to use limits (or login classes on bsd) to place resource limits on ram and cpu, as well as quota to place quota limits on disk space that can be used, both hard and soft limits. I also plan to set up an imap server so that each user can have email and pull their system notifications down to their phone or whatever they want.
I also plan on locking them in their home directory to a point; I will set their perms on their directory to 770 and the home directory will be set to 000 so that they can not read or chdir to it.
I will also set up a wheel group (if I go the linux route) so that users can not su or sudo at all.
So, here are my questions:
First, is there a way (with linux or bsd) to prevent users binding to ports other than those assigned? I’d like to give each user a port and let them use that, but prevent them from using anything else.
Second, how might I handle outbound traffic inspection? If I get notified that someone is abusing the service by say, connecting to someone else’s servers over and over and spamming (DOS, essentially), how would I track that down?
Finally, are there any other considerations that I might need to look at? Any other tips and ideas would be welcome.
Thanks,
Answer
You are looking at essentially developing your own control panel and management system for a specialized application stack. This is not something that can be answered all at once, but can only be answered through many months of your hard work to make it happen.
All of your goals sounds reasonable with standard toolsets that exist in mainstream OSs and their variants. You will need to split your question into tightly scoped areas of influence in order to get a valuable, objective answer from ServerFault.
Any other tips and ideas would be welcome.
Consider pre-existing game and webhosting control panels to do most of what you’re planning on doing. Consider control panel frameworks like OpenPanel. Don’t re-invent the wheel.
Attribution
Source : Link , Question Author : talanis , Answer Author : Wesley
