About this list Date view Thread view Subject view Author view Attachment view

From: Nick Craig-Wood (ncw1_at_axis.demon.co.uk)
Date: Sat 02 Feb 2002 - 11:17:22 GMT


On Fri, Feb 01, 2002 at 09:47:14PM -0500, Jacques Gelinas wrote:
> Now, how is this affecting you. I guess that you wanted access to ssh or
> some telnet services in the vserver, so you disabled the sshd or xinetd
> services on the root server and enabled v_sshd or v_xinetd. Then you
> log to the root server using one ssh or telnet. the v_xx service are tying
> a service to a single IP, allowing the various vservers to bind to the same
> service.
>
> By binding sshd to a single IP, all shells started by sshd inherit this
> binding. With ctx-6, they can't see all the interfaces. So if you try
> to start a new vserver, or restart an old one, you will see those messages.
>
> I have fixed this problem by disabling this functionality for security context
> 0. So the root server still see all device and vserver only see
> their own stuff.

For the specific case of sshd you can use ListenAddress in
/etc/ssh/sshd_config instead of v_sshd which I guess would fix the
above problem too.

  ListenAddress

     Specifies the local addresses sshd should listen on. The follow-
     ing forms may be used:

           ListenAddress host|IPv4_addr|IPv6_addr
           ListenAddress host|IPv4_addr:port
           ListenAddress [host|IPv6_addr]:port

     If port is not specified, sshd will listen on the address and all
     prior Port options specified. The default is to listen on all
     local addresses. Multiple ListenAddress options are permitted.
     Additionally, any Port options must precede this option for non
     port qualified addresses.

-- 
Nick Craig-Wood
ncw1_at_axis.demon.co.uk


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 06 Nov 2002 - 07:03:39 GMT by hypermail 2.1.3