From: Schlomo Schapiro (Schlomo.Schapiro_at_mikado.de)
Date: Tue 02 Mar 2004 - 16:39:22 GMT
Hi,
I played around a little more and found out that it seem to be the util-vserver package that is guilty.
I compiled it on an older machine (gcc 2.95.3) and it worked well. The version compiled with gcc 3.3.1 on SuSE9.0 doesn't work correctly.
Did anyone else observer such a problem ? Or does everybody else use gcc 3.3.1 or SuSE9.0 without problems ?
Thanks,
Schlomo
PS: In either case, the compilation went without errors !
-- Schlomo Schapiro Senior Consultant Solution Center Novell/Linux mikado AG Bülowstraße 66 10783 Berlin-SchönebergTel.: (030) 21790-0 Mobil: (0177) 3279060 Fax: (030) 21790-200/ -201
>>> Herbert Poetzl <herbert_at_13thfloor.at> 2004-02-27 16:52:13 >>> On Fri, Feb 27, 2004 at 11:26:32AM +0100, Schlomo Schapiro wrote: > Hi, > cat /proc/self/status shows: > > CapPrm, CapEff, CapBset: fffffeff > > Shouldn't it be all f ? > > I tried now also the 1.3.8rc1 patch, no difference at all (applied & compiled clean on SuSE9.0 with gcc 3.3.1). > > also testme.sh still fails with test 201 and 202.
that is a problem and should not happen, please provide the complete output of testme.sh -vv
> Is there anybody else using SuSE 9.0, maybe it is the compiler ? > > Again, can please s.b. run this chcontext --ctx 100 bash -c 'getpcaps $$' on their system and post the output ? I would like to know wether the chroot capability shows up in the list or not.
here you go
# uname -a Linux (none) 2.4.21-vs1.00 #1 Sat Nov 1 10:51:30 CET 2003 i686 unknown # chcontext --ctx 100 bash -c 'getpcaps $$' New security context is 100 Capabilities for `21': =ep cap_setpcap-ep
# uname -a Linux (none) 2.4.25-vs1.3.7 #5 SMP Tue Feb 24 16:56:45 CET 2004 i686 unknown # chcontext --ctx 100 bash -c 'getpcaps $$' New security context is 100 Capabilities for `21': =ep cap_setpcap-ep
# uname -a Linux (none) 2.6.3-vs0.09.5 #9 Fri Feb 27 02:53:34 CET 2004 i686 unknown # chcontext --ctx 100 bash -c 'getpcaps $$' New security context is 100 Capabilities for `21': =ep cap_setpcap-ep
HTH, Herbert
> > Thanks, > Schlomo > > > -- > Schlomo Schapiro > Senior Consultant > Solution Center Novell/Linux > mikado AG > Bülowstraße 66 > 10783 Berlin-Schöneberg > > Tel.: (030) 21790-0 > Mobil: (0177) 3279060 > Fax: (030) 21790-200/ -201 > > >>> vserver_at_gelf.net 2004-02-27 10:49:45 >>> > What does "cat /proc/self/status" tell you (on the host server)? > > Am Fre, den 27.02.2004 schrieb Schlomo Schapiro um 10:40: > > Hi Herbert & List, > > > > I tried it as you suggested. Vanilla 2.4.25 with 1.26 vserver patch, static kernel. > > > > testme.sh reports that 201 and 202 failed (the tests with chcontext and fakeinit). > > > > vserver start still fails with the chroot error message (permission denied) and a test of > > chcontext --ctx 100 bash -c 'getpcaps $$' shows that the chroot capability is not present. > > > > Tell me, am I mistaken about the assumption that in this test the chroot capability should show up in the list ? > > > > Do you have any further ideas what to do ? > > > > Thanks, > > > > Schlomo > -- > Thomas Gelf <vserver_at_gelf.net> > > _______________________________________________ > Vserver mailing list > Vserver_at_list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver > > _______________________________________________ > Vserver mailing list > Vserver_at_list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver