About this list Date view Thread view Subject view Author view Attachment view

From: Klavs Klavsen (klavs_at_EnableIT.dk)
Date: Sun 10 Nov 2002 - 11:24:39 GMT

On Sat, 2002-11-09 at 23:54, Paul Sladen wrote:
> On 6 Nov 2002, Klavs Klavsen wrote:

> > Sorry to say this guys, but if I let a vserver bind to - and
> > start f.ex. sshd - then you'll notice that port 22 on ALL aliases is
> > grabbed too - meaning I can no longer run anything on that port on any
> > alias.
> Well. Yes.
> Either start SSH on a specific IP with: (in `/etc/ssh/sshd_config')
> ListenAddress
but that would loose the "invisibility" of the vserver - the whole idea
of binding a vserver to an adress upon startup, is (among other things)
so the users of this vserver can't accidently (or intentionally) "steal"
another vservers ports.

> > I should be able to set it to eth0 - (meaning the eth0 "real" address")
> Or use `--nodev' so that it doesn't actually set up the device.
> Or use `chbind() directly' (eg. the v_ssh wrappers)
I'll quote a comment on this for earlier:

On 2 Nov 2002, Klavs klavsen wrote:
> But I like to be able to run it in exactly the same way, and just set
> in the vserver.conf file, if it should have it's own IP or not.

I'll eat that. Just set:


in the config file.


and I was just pointing out that setting IPROOT to does in fact
not work - it makes it even worse than setting the ip for one that
already exists.

Perhaps the best solution would be to make the vserver script check if
the IP in IPROOT has already been set, and if so - not to set it and
thus one would have 2 vservsers og a real and a vserver that shared IP

Isn't this the best way of enabling this?
I know of several who uses the vservers like this (all on same IP) and
none of them are stupid - and I feel that it's a legitimate use for
using vserver - also see my quote above.

Klavs Klavsen

--------------| This mail has been sent to you by: |------------ Klavs Klavsen - Open Source Consultant klavs_at_EnableIT.dk - http://www.EnableIT.dk

Get PGP key from www.keyserver.net - Key ID: 0x586D5BCA Fingerprint = 2873 188C 968E 600D D8F8 B8DA 3D3A 0B79 7E06 3C62 ---------------------------------------------------------------- Open Source Software - Sometimes you get more than you paid for. -- unknown

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sun 10 Nov 2002 - 12:48:30 GMT by hypermail 2.1.3