[Vserver] vattribute resets bcapabilities ?:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

[Vserver] vattribute resets bcapabilities ?

From: Xavier Montagutelli <xavier.montagutelli_at_unilim.fr>
Date: Tue 04 Apr 2006 - 17:11:00 BST
Message-Id: <200604041811.01224.xavier.montagutelli@unilim.fr>

I try the "vattribute" command on a running vserver to change context
capabilities :

[root@www-hote ~]# grep Caps /proc/virtual/500/status
BCaps: 00000000344c04ff
CCaps: 0000000000000101

[root@www-hote ~]# vattribute --ccap SECURE_MOUNT --xid 500

[root@www-hote ~]# grep Caps /proc/virtual/500/status
BCaps: 0000000000000000
CCaps: 0000000000010101

It resets the native linux capabilities. From the sources, the kernel system
call "vc_set_ccaps" can only reduce the bcaps ; as the "bcaps" transmitted by
vattribute is zero, it gets this value.

Perhaps the "bcaps" member, in vattribute.c, should be computed respectively
to the "--bcaps" argument requiring a decrease of bcaps before calling
"vc_set_ccaps", in the case of an existing context ? The present behaviour is
a bit disturbing, as we have to add something like "--bcap 0xFFFFFFFF" to
leave it untouched.

PS : the --help has a little bug (0.30.210) :

 [root@www-hote ~]# vattribute --help

 --cap <cap> ... context capability to be added
==> --ccap 

-- 
Xavier Montagutelli                      Tel : +33 (0)5 55 45 77 20
Service Commun Informatique              Fax : +33 (0)5 55 45 77 60
Universite de Limoges
123, avenue Albert Thomas
87060 Limoges cedex
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Tue Apr 4 17:11:54 2006
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 04 Apr 2006 - 17:11:59 BST by hypermail 2.1.8