From: Jacques Gelinas (jack_at_solucorp.qc.ca)
Date: Tue 26 Feb 2002 - 22:10:43 GMT
On Tue, 26 Feb 2002 16:57:36 -0500, Mihai RUSU wrote
> Hi
>
> Im curently testing 2.4.17ctx-7 with vserver 0.10. While playing this this
> I have noticed 2 issues:
> - netstat -an reports all connections no matter the curently selected
> context
Fixed in ctx-8
> - /sbin/ifconfig shows eth0 for the physical eth device (without any ip)
> and my chipv4 ip as a ip alias (eth0:1)
This is fixable by modifying /proc/net/dev. I want to create a new proc (called
vproc) to filter other information.
> For the first issue I think there can be done a quick hack based on the
> sources of openwall patch (www.openwall.org) as follows:
> - openwall kernels show on netstat only the connections which belong to
> the current userid
The patch on ctx-8 uses the security context. The solution in openwall, should work
on top of that and would be a per-vserver feature. openwall is part of the LSM
I think.
---------------------------------------------------------
Jacques Gelinas <jack_at_solucorp.qc.ca>
vserver: run general purpose virtual servers on one box, full speed!
http://www.solucorp.qc.ca/miscprj/s_context.hc