About this list Date view Thread view Subject view Author view Attachment view

From: Christian Mayrhuber (christian.mayrhuber_at_gmx.net)
Date: Tue 17 Aug 2004 - 15:25:45 BST


On Tuesday 17 August 2004 15:59, jfl wrote:
> Hello,
>
> I am trying to start a dhcpd in a vserver :
>
> Starting dhcpd: Internet Systems Consortium DHCP Server V3.0.1
> Copyright 2004 Internet Systems Consortium.
> All rights reserved.
> For info, please visit http://www.isc.org/sw/dhcp/
> unable to create icmp socket: Operation not permitted
> Wrote 0 deleted host decls to leases file.
> Wrote 0 new dynamic host decls to leases file.
> Wrote 8 leases to leases file.
> setsockopt: SO_BINDTODEVICE: Operation not permitted
>
> I see in the FAQ that there may be a problem with the broadcast address
> and that there is a method to fix that... but I don't see
> SO_BINDTODEVICE mentioned. I assume its to do with a capability I don't
> have? I looked in the original paper for references but found none, nor
> did anything turn up on a search of the site.
>
> I apologize for asking what must be a FAQ... but I didn't find it.
>
> Thanks for any help you may give.
>
>
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver

Have a look at /usr/include/linux/capability.h

In your case you will have to add the line
S_CAPS="CAP_NET_RAW"
to /etc/MYVSERVER.conf

Note: Every additionally granted capability weakens the security of your
vserver.

-- 
lg, Chris

_______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 17 Aug 2004 - 15:22:35 BST by hypermail 2.1.3