How to set up identical VM's to access separate folders on a NAS VM & be unable to see each other's

Discussion in 'backup, imaging & disk mgmt' started by Ulysses_, May 12, 2019.

  1. Ulysses_

    Ulysses_ Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    275
    A script generates identical ubuntu VM's. They all have access to a ubuntu file server VM. We want them to only be able to see their own files on the file server and not each other's. How can this be done given the user is the same in all VM's and given the server names of all VM's are the same? Only the DHCP-derived IP's are different.

    In other words, how could permissions per IP be implemented? Or ownership per IP? Or per MAC address?

    Could limit the number of identical VM's to 10 if need be. The ideal would be to have all files in one folder instead of 10 separate folders. Create 10 different users to become the owners of the files? Also need to counter hackers getting root access to one VM and this is critical: how would they be stopped from accessing files owned by other VM's by spoofing IP's and MAC addresses?

    Could generate each VM with a MAC address that will be used to make the username that logs in to the file server, eg user1234567890ab where 12:34:56:78:90:ab is the MAC address, while the file server would have created user user1234567890ab on detection of the MAC address with arp-scan and crucially, the password would be passed to the VM as a text file in a virtual CD, and be a hash on the MAC. But what if the hacker eavesdrops file content while it is transfered? Seems complicated too, any other options?
     
    Last edited: May 13, 2019
  2. Brian K

    Brian K Imaging Specialist

    Joined:
    Jan 28, 2005
    Posts:
    12,113
    Location:
    NSW, Australia
    Ulysses_,

    Can you outline how these multiple VMs will be used? Why use VMs instead of physical OS?
     
  3. Ulysses_

    Ulysses_ Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    275
    They're all sandboxes for the browser function. Maybe some for p2p filesharing too.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.