From: Nick Craig-Wood (ncw1_at_axis.demon.co.uk)
Date: Sat 02 Feb 2002 - 11:17:22 GMT
On Fri, Feb 01, 2002 at 09:47:14PM -0500, Jacques Gelinas wrote:
> Now, how is this affecting you. I guess that you wanted access to ssh or
> some telnet services in the vserver, so you disabled the sshd or xinetd
> services on the root server and enabled v_sshd or v_xinetd. Then you
> log to the root server using one ssh or telnet. the v_xx service are tying
> a service to a single IP, allowing the various vservers to bind to the same
> service.
>
> By binding sshd to a single IP, all shells started by sshd inherit this
> binding. With ctx-6, they can't see all the interfaces. So if you try
> to start a new vserver, or restart an old one, you will see those messages.
>
> I have fixed this problem by disabling this functionality for security context
> 0. So the root server still see all device and vserver only see
> their own stuff.
For the specific case of sshd you can use ListenAddress in
/etc/ssh/sshd_config instead of v_sshd which I guess would fix the
above problem too.
ListenAddress
Specifies the local addresses sshd should listen on. The follow-
ing forms may be used:
ListenAddress host|IPv4_addr|IPv6_addr
ListenAddress host|IPv4_addr:port
ListenAddress [host|IPv6_addr]:port
If port is not specified, sshd will listen on the address and all
prior Port options specified. The default is to listen on all
local addresses. Multiple ListenAddress options are permitted.
Additionally, any Port options must precede this option for non
port qualified addresses.
-- Nick Craig-Wood ncw1_at_axis.demon.co.uk