From: Enrico Scholz (enrico.scholz_at_informatik.tu-chemnitz.de)
Date: Thu 18 Mar 2004 - 15:29:50 GMT
hv_at_tbz-pariv.de (Thomas Guettler) writes:
> If you use "--cap CAP_NET_RAW" with chcontext chroot is not possible.
I know about miscompilations with SuSE 9 (gcc 3.3.1). Can you try the
'-O0' flag and see if problem still exists?
> - util-vserver-0.29.3/NEWS:
> Version 0.30 --> What is it? 0.29.3 or 0.30?
0.29.3. It is a prerelease (which should be stable) and NEWS is listing
the changes for official versions only.
> - utils-vserver-0.29.3/doc/FAQ.txt:
> Object not found!
This file was taken from the old 'vserver' package which has this message
too. I will remove it in future versions.
> - vserver/util-vserver-0.29.3/util-vserver.spec
> URL: http://savannah.nongnu.org/projects/util-vserver/
> --> timeout
I believe I am not guilty in this issue ;) Entire *.gnu.org was unreachable
yesterday and the day before. I do not know details, perhaps it was cracked
again ;)
> - Would be nice if you get the missing capability in the error message:
> "Missing Capability CAP_SYS_CHROOT" instead of "Operation not permitted"
Very difficultly since for each operations a catalog of possible error
reasons would be needed. EPERM for chroot could mean non-root too.
> - What is the difference between chroot and capchroot?
capchroot can remove the CAP_SYS_CHROOT capability before executing the
command.
> - capchroot ignores unkown arguments: "capchroot --noochroot"
> A typo likes this can take you much time
>
> - chcontext --cap CAP_TYPO is allowed. Would be nice to get a warning.
Sorry, will not happen in the stable branch probably. It is in freeze
and I do not want to touch things like the CLI there. In alpha-branch it
is fixed already.
Thx for your reports
Enrico
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver