On Wed, Aug 24, 2011 at 12:48:09PM +1000, Steve Kieu wrote:
> Hello everyone,
> As an effort to use sshfs inside guest I added like below
> cat /etc/vservers/devel/ccapabilities
> SECURE_MOUNT
> SECURE_REMOUNT
> BINARY_MOUNT
> cat /etc/vservers/devel/bcapabilities
> SYS_ADMIN
why would you give/require SYS_ADMIN?
(this basically allows the guest to mess with the host)
> I have not test the sshfs if it works yet, but when starting
> the vserver, stop it and try to delete it, I got a whole binch
> of error:
> /bin/rm: cannot remove `/var/lib/vservers/test/var/cache/man/ko/cat1':
> Read-only file system
> /bin/rm: cannot remove `/var/lib/vservers/test/var/cache/man/ko/cat5':
> Read-only file system
> /bin/rm: cannot remove `/var/lib/vservers/test/var/cache/man/index.db':
> Read-only file system
> The file in /etc/vservers/test is removed cleanly.
> I can only remove the file if I restart the physical host which is bad.
> Remove SYS_ADMIN - problem is still
> Change the file system mounted at /var/lib/vservers from ext4
> to ext3, still
> Remove the mount option tag - still
> so I am not sure if it is known bug and there is any patch, any
> work around for this?
> This is debian 6 system running on sparc machine using standard
> debian vserver kernel
> # uname -a
> Linux XXX 2.6.32-5-vserver-sparc64 #1 SMP Tue Jun 14 13:58:11
> UTC 2011 sparc64 GNU/Linux
please try with a recent kernel, e.g. 2.6.38.8 or even
better with a 3.0.x kernel (and the appropriate Linux-
VServer patch)
could be a sparc/64 related issue, to me it looks like
certain filesystem flags (xattrs) get messed up, but
there is no point in testing with a debian kernel
TIA,
Herbert
> Many thanks in advance,
> --
> Steve Kieu
Received on Wed Aug 24 12:32:31 2011