About this list Date view Thread view Subject view Author view Attachment view

From: Linas Vepstas (linas_at_linas.org)
Date: Thu 06 Nov 2003 - 18:27:38 GMT

On Thu, Nov 06, 2003 at 04:28:55AM +0100, Herbert Poetzl was heard to remark:
> On Wed, Nov 05, 2003 at 01:15:28PM -0600, Linas Vepstas wrote:
> >
> > I was exploring using some of the vserver features without going "all the way"
> > and using vservers. To do this, it's become clear to me that a set of tools
> > that are easier to use/better than setpcap/getpcap are needed. Is there
> > anyone working on such a thing?
> hmm, what do you have in mind?

Well, I found the output of getpcap cryptic, and was unable to Google up
any documentation that was 'adequate'.

As to using vservers without 'going all the way', I was just playing
with the various 'levels' in between: e.g. running bind9:
-- start bind9, let it chroot
-- use setpcap, take way chroot and other privs,
-- use context setting tool, make sure bind can no longer see other processes.

I dunno. Maybe in the end, there no difference/not a lot of differnce
between doing this and creating true virtual servers... I'm just playing
with alternate approaches.

> vserver ppc64 patches? right this way ;)

ok, shortly,

> are you able/willing to test on that platform?

yes, a little bit as time permits...


pub  1024D/01045933 2001-02-01 Linas Vepstas (Labas!) <linas_at_linas.org>
PGP Key fingerprint = 8305 2521 6000 0B5E 8984  3F54 64A9 9A82 0104 5933
Vserver mailing list

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 06 Nov 2003 - 18:28:34 GMT by hypermail 2.1.3