> on 2.x kernels, the raw_icmp capability replaces the
> insecure CAP_NET_RAW. raw_icmp is given by default
> on mainline util-vserver since (at least) 0.30.208
> (and we now have 0.30.209)
>
> > What I did to get it to work was:
> > * Add CAP_NET_RAW to the capabilities of the vserver (in /etc/vservers)
>
> again, are we talking about 1.2.x or 2.x kernels here?
This confused the heck out of me when I first read it... to clarify to
anyone else who didn't get it at first, and I may be the only one, "1.x
kernels" means Linux 2.4.x kernels patched with the linux vserver 1.2.x
version patches (i.e. vserver 1.2.x). "2.x kernels" means Linux 2.6.x
kernels patched with the linux vserver 2.x version patches (i.e. vserver
2.x).
Kernel 1.x == Linux 2.4, vserver 1.2.x
Kernel 2.x == Linux 2.6, vserver 2.x
-- Matthew Nuzum <matt@followers.net> www.followers.net - Makers of "Elite Content Management System" View samples of Elite CMS in action by visiting http://www.followers.net/portfolio/ _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserverReceived on Fri Nov 11 16:25:43 2005