From: Viorel Anghel (vang_at_lug.ro)
Date: Thu 12 Feb 2004 - 13:05:51 GMT
On Thu, Feb 12, 2004 at 01:25:42PM +0100, Floris van Gog wrote:
> BIND9 does not even need CAP_SYS_RESOURCE. It is running in a vserver
> here (1.2x) without problems with S_CAP="" in the config file.
which 1.2x exactly?
> Why grant it things it does not need?
>
>
> Alex Lyashkov wrote:
>
> > On Thursday 12 February 2004 13:58, Christian Mayrhuber wrote:
> >
> >>Viorel Anghel wrote:
> >>
> >>>My first post here and i would like to thank to all the developers for
> >>>their terrific work.
> >>>
> >>>Now, my problem. Short story: kernel 2.4.24, vserver 1.26 (no other
> >>>patches). bind9 with nocapset (Paul Sladen's debian packages), running
> >>>inside a vserver. doesn't answer to udp requests, but works with tcp
> >>>requests.
> >>>
> >>>short question: does anyone using bind9 inside vserver with recent series
> >>>of patches (it worked for me with old Jacques G�linas's ctx patches).
> >>
> >>Yes,
> >>
> >>Debian woody, kernel-2.4.24-vs1.26, Bind9 9.2.1-2.woody,
> >>S_CAPS="CAP_SYS_RESOURCE" in $VSERVER.conf.
> >>Running fine with vs1.26 as it did with ctx17a.
> >>
> >
> > in 1.2.x CAP_SYS_RESOURCE allow vps admin overwrite process limit per vps.
> > it safety to use only with 1.3.x
> >
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
--
___
<o-o> Viorel ANGHEL <vang @ lug.ro>
[`-']
-"-"- In Linux We Trust.
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver