Re: [Vserver] X11 vserver

From: Bodo Eggert <>
Date: Wed 05 Oct 2005 - 20:42:35 BST
Message-ID: <Pine.LNX.4.58.0510052127100.4308@be1.lrz>

On Wed, 5 Oct 2005, hellekin wrote:

> I followed the previous thread on X11 with attention as I'm trying the same
> thing: I'd like my host to remain as small as possible while providing users
> with an X11 interface.
> I started with adding CAP_SYS_RAWIO in the bcapabilities file and copying
> /dev/tty0, /dev/tty7 and /dev/tty10 to the vserver. Then, startx would fail
> with lack of /dev/mem, so I added it too. Then the mouse was missing, so I
> put /dev/psaux. I'm not sure this is the right way to go but the setup
> works.
> The nVidia video card (GeForce 6200) failed to load so I changed the server
> to VESA and it worked fine.
> My question is triple:
> 1. is there a better way to run an X11 in a vserver?

Provide a generic in-kernel access method to graphic cards and make X11
use it. The current interface is incapable of doing this.

> 2. how comes the nvidia module, loaded in the host, doesn't show up in the
> vserver?

Nobody cared to provide the strace showing the problem. Did you use the
nvidia glide(?) library?

> 3. what is the clean way to login to this host from the console?

I moved a tty$n interface into the vserver and edited inittab to provide
this console. This can be used to provide a console to 62 guests.

> For (1.) I guess the /dev/mem can be a problem.

An attacker can gain host root privileges using /dev/mem.

Never share a foxhole with anyone braver than yourself. 
Vserver mailing list
Received on Wed Oct 5 20:43:01 2005
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 05 Oct 2005 - 20:43:04 BST by hypermail 2.1.8