From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Sat 15 Jan 2005 - 19:04:13 GMT
On Fri, Jan 14, 2005 at 06:34:02PM -0800, Andrew Mendelsohn wrote:
> Hi,
>
> Using 2.6.10 with patch-2.6.10-vs1.9.3.17.diff and compiling
> util-vserver 0.30.196, it seems that I can't remove capabilities via the
> /usr/local//etc/vservers/webserver/bcapabilities configuration file
> using ~ALL. The /usr/local//etc/vservers/webserver/ccapabilities file
> does what it is supposed to when set to ~ALL.
>
> Output of cat /proc/self/vinfo before config files are set to ~ALL
>
> XID: 10
> BCaps: ffffffffd44c04ff
> CCaps: 0000000000000101
> CFlags: 0000000202000010
> CIPid: 0
>
> Output of cat /proc/self/vinfo after both config files are set to ~ALL
>
> XID: 10
> BCaps: ffffffffd44c04ff
> CCaps: 0000000000000000
> CFlags: 0000000202000010
> CIPid: 0
>
> Is it a bug, or do I need an additional configuration step?
hmm, didn't test with the config setup, but a quick
check with vxc showed that it is working as expected
$ vxc --xid 100 -- grep Cap /proc/self/status
New security context is 100
CapInh: 0000000000000000
CapPrm: 00000000fffffeff
CapEff: 00000000fffffeff
$ vxc --xid 100 --bcap ~ALL -- cat /proc/self/vinfo
New security context is 100
XID: 100
BCaps: 0000000000000000
CCaps: 0000000000000000
CFlags: 0000000200000000
CIPid: 0
$ vxc --xid 100 --bcap ~ALL -- grep Cap /proc/self/status
New security context is 100
CapInh: 0000000000000000
CapPrm: 0000000000000000
CapEff: 0000000000000000
(kernel) 2.6.11-rc1-vs1.9.4-rc1
no relevant changes to 2.6.10-vs1.9.3.17
please check with --debug if the --bcap arg is
passed properly to vattribue ...
TIA,
Herbert
> Thanks,
> Andy
>
>
>
>
>
>
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver