[texhax] Pointer to TeX Sandbox Howto needed

Torsten Wagner wagner at ecei.tohoku.ac.jp
Tue Mar 24 02:42:08 CET 2009


as far as I can see schroot should be perfect for you. It allows to setup a 
chroot and give limited user access to it. Thus, a user can use "schroot 
latex" to compile a latex file. 
Please check the man pages of schroot ... web-search should spill out many 
useful links.

However, I do not know what is the nature of your user access. There are 
physical available in front of your machine ? Or will they log in by ssh?
If the second is the point you might like to use one of the virtual machines 
concepts allow a own ip-address for your "tex-machine" and a (as most as 
possible) completed closed environment encapsulated from your host 

Some, which I used already ordered from simple (less overhead) complex (much 
set-up work paid off by many bells and whistles)
schroot aka chroot (strictly spoken not a vm, but very less computational 

VServer (like a chroot on drugs :) )

VirtualBox (rather easy set-up but more gui-based on both host and clients)

Xen (this might requires a complete reinstall of your server machine)  

There a many many more 
might be a good overview to start with.

In addition the usage of lvm is imho very helpful. Every machine can get a own 
partition to live in, easy maintainable and changeable over time from the host 

Some of the virtual machine concepts allow sophisticated forking of a virtual 
environment. You just have to set-up onces a main system and only have to 
maintain this single system, however, every user might like to start a own 
machine to work within. If you like to isolated them (both users and machines) 
strictly from each other this might be what you want. 
There might be smaller to bigger overheads with one or the other solution but 
as far as computer power goes nowadays this should be not a significant 
problem, unlike we talk about concurrent users fare more then several dozen.

Hope that helps a bit


CC. As far as I know LaTeX and friends should feel homely in any of the above 
solutions. :)

> Hi,
> I need to run TeX in a chroot jail in order to allow non-trusted users to 
> LaTeX documents on a server of mine.
> I would be very happy if someone on this list could provide pointers to 
> mailing lists, howtos, or web sites where such sandboxing of TeX is 
> discussed.
> Alternatively, I would be happy to get pointers to small, robust TeX 
> installations which run under Linux. The TeX installation needs to be 
> small because I construct a new chroot jail from scratch each time TeX is 
> going to run. On the other hand, the small TeX installation needs not be 
> "complete" in any sense because my users can add whatever sty-files, 
> font-files, and so on they would like to have in their private jail. But I 
> would need a TeX installation which comprises LaTeX, BibTeX, Makeindex, 
> dvipdfm, and the Computer Modern fonts.
> Cheers,
> Klaus
> _______________________________________________
> TeX FAQ: http://www.tex.ac.uk/faq
> Mailing list archives: http://tug.org/pipermail/texhax/
> More links: http://tug.org/begin.html
> Automated subscription management: http://tug.org/mailman/listinfo/texhax
> Human mailing list managers: postmaster at tug.org
〒980-8579 仙台市青葉区荒巻字青葉6-6-05
Tel/Fax : 022-795-7076
E-mail  : wagner at ecei.tohoku.ac.jp
Web: http://www.bme.ecei.tohoku.ac.jp/

More information about the texhax mailing list