About this list Date view Thread view Subject view Author view Attachment view

From: Floris van Gog (floris_at_vangog.net)
Date: Thu 12 Feb 2004 - 12:25:42 GMT


BIND9 does not even need CAP_SYS_RESOURCE. It is running in a vserver
here (1.2x) without problems with S_CAP="" in the config file.

Why grant it things it does not need?

Alex Lyashkov wrote:

> On Thursday 12 February 2004 13:58, Christian Mayrhuber wrote:
>
>>Viorel Anghel wrote:
>>
>>>My first post here and i would like to thank to all the developers for
>>>their terrific work.
>>>
>>>Now, my problem. Short story: kernel 2.4.24, vserver 1.26 (no other
>>>patches). bind9 with nocapset (Paul Sladen's debian packages), running
>>>inside a vserver. doesn't answer to udp requests, but works with tcp
>>>requests.
>>>
>>>short question: does anyone using bind9 inside vserver with recent series
>>>of patches (it worked for me with old Jacques Gélinas's ctx patches).
>>
>>Yes,
>>
>>Debian woody, kernel-2.4.24-vs1.26, Bind9 9.2.1-2.woody,
>>S_CAPS="CAP_SYS_RESOURCE" in $VSERVER.conf.
>>Running fine with vs1.26 as it did with ctx17a.
>>
>
> in 1.2.x CAP_SYS_RESOURCE allow vps admin overwrite process limit per vps.
> it safety to use only with 1.3.x
>
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 12 Feb 2004 - 12:26:47 GMT by hypermail 2.1.3