[Vserver] vattribute & reducecap usage:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
About this list Date view Thread view Subject view Author view Attachment view

From: Peter V. Saveliev (peet_at_peet.spb.ru)
Date: Wed 24 Aug 2005 - 08:07:28 BST

...

8<---------------------------------------------------------------

1st question:

~ # cat /proc/virtual/49159/status
UseCnt: 24
Tasks: 9
Flags: 0000000300000200
BCaps: fffffffffffffeff
CCaps: 0000000000000000
Ticks: 0

~ # vattribute --set --xid 49159 --bcap !CAP_MKNOD

~ # cat /proc/virtual/49159/status
UseCnt: 24
Tasks: 9
Flags: 0000000300000200
BCaps: 0000000000000000
CCaps: 0000000000000000
Ticks: 0

what's wrong?

8<---------------------------------------------------------------

2nd question: I have two virtual servers. The first starts with:
chbind --ip 192.168.213.103 -- \
        vcontext --create -- \
        vsched --fill-rate 95 --interval 100 --tokens-max 200 --tokens 100 -- \
        vuname --xid self --set -t nodename=peet.spb.ru -- \
        vattribute --flag sched_prio -- \
        sctxinfo /var/run/rt-network/virtual/peet.spb.ru -- \
        `which env` -i PATH=$PATH `which vcontext` --migrate-self --endsetup -- \
        reducecap --secure -- \
        chroot . /usr/local/sbin/init -i /dev/initctl -t /etc/inittab

and I've got then:
~ # cat /proc/virtual/49156/status
UseCnt: 239
Tasks: 66
Flags: 0000000300000200
BCaps: 00000000344c04ff
^^^^^^^^^^^^^^^^^^^
CCaps: 0000000000000000
Ticks: 0

sctxinfo is an sh scripts that saves current xid to the file and exec() string after "--"

The second starts:
chbind --ip 192.168.213.102 -- \
        vcontext --create -- \
        vsched --fill-rate 95 --interval 100 --tokens-max 200 --tokens 100 -- \
        vuname --xid self --set -t nodename=apache2.hst.ru -- \
        vattribute --flag sched_prio -- \
        sctxinfo /var/run/rt-network/virtual/apache2.hst.ru -- \
        `which env` -i PATH=$PATH `which vcontext` --migrate-self --endsetup -- \
        reducecap --secure -- \
        chroot . /usr/local/sbin/init -i /dev/initctl -t /etc/inittab

~ # cat /proc/virtual/49160/status
UseCnt: 24
Tasks: 9
Flags: 0000000300000200
BCaps: fffffffffffffeff
^^^^^^^^^^^^^^^^^^^
CCaps: 0000000000000000
Ticks: 0

Why I got normal security in the first case and no security at all in the second?

Thanks. 

-- 
Peter V. Saveliev
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 24 Aug 2005 - 08:07:04 BST by hypermail 2.1.3