From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Tue 03 Aug 2004 - 10:36:03 BST
On Tue, Aug 03, 2004 at 08:38:22AM +0200, Sebastian Ganschow wrote:
> Quoting Herbert Poetzl <herbert_at_13thfloor.at>:
>
> > On Mon, Aug 02, 2004 at 05:24:40PM +0200, Sebastian Ganschow wrote:
> > > Hi,
> >
> > Hi Sebastian!
> >
> > > I've got another Problem. When I'm using Context Disk Limits
> > > it is necassary to set the context ID in the configuration
> > > file with the Option S_CONTEXT. But when I set the context
> > > ID the vservers so not start while starting the System
> > > although the ON_BOOT Flag is set to yes.
> > >
> > > The following message appears:
> > >
> > > Starting the virtual server host2
> > > Server host2 is not running
> > > Usage: init 0123456SsQqAaBbCcUu
> > >
> > > When there is no context ID set, the vserver is starting
> > > while starting the System.
> >
> > first I have to apologize, yesterday my cat broke my
> > crystal ball, and the spare one is somewhere hidden
> > in the cellar ... so I have to ask:
>
> Ohh, that's bad. ;)
>
> Here's the info...
>
> >
> > what kernel version?
> 2.4.25-v1.27
>
> > what patch version?
> patch-2.4.26-vs1.27.diff
> patch-2.4.25-vs1.27-q0.14.diff
>
> > what tools and what tool version?
> util-vserver-0.30
>
> > what host distro?
> Debian Woody
>
> > what guest distro?
> also Debian Woody
>
> > what configuration?
> S_HOSTNAME="host2"
> IPROOT="192.168.1.122"
> IPROOTDEV="eth0"
> ONBOOT="yes"
> S_NICE=""
> S_FLAGS="lock nproc fakeinit"
> ULIMIT="-u 256 -n 1024 -t 32768"
> #S_CAPS="CAP_NET_RAW"
> S_CONTEXT="102"
> # *NOT* DNS domain name, for NIS only
> S_DOMAINNAME=""
>
> Hope it helps a little bit finding the Problem...
hmm, yep, guess this is a bug with the tools
Enrico could you comment on that?
> I've got another Question: Is it correct, that either i can use
> S_CAPS="CAP_NET_RAW" and can ping but also can see the
> Network Traffic of the other Vserver with tcpdump or don't
> use S_CAPS="CAP_NET_RAW" but can't ping anymore?
hmm, well, yes and no ... here are the facts:
- most ping implementations use a generic raw socket
for sending and receiving
- allowing generic raw sockets also allows to receive
generic traffic (the idea of raw sockets ;)
- to create raw sockets you need CAP_NET_RAW
some other facts:
- there is an userspace ping implementation (poink)
which works without CAP_NET_RAW
- vs1.9.x implements a workaround which allows to
open raw ICMP sockets, which allows for ping
HTH,
Herbert
> Sebastian
>
> >
> > TIA,
> > Herbert
> >
> > > greetings
> > > Sebastian
> > >
> > > --
> > > Sebastian Ganschow
> > > mailto:sebastian_at_ganschow.net
> > >
> > >
> > >
> > >
> > >
> > > ----------------------------------------------------------------
> > > This message was sent using IMP, the Internet Messaging Program.
> > > _______________________________________________
> > > Vserver mailing list
> > > Vserver_at_list.linux-vserver.org
> > > http://list.linux-vserver.org/mailman/listinfo/vserver
> >
> >
> >
> --
> Sebastian Ganschow
> mailto:sebastian_at_ganschow.net
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver