2005/10/29, Herbert Poetzl <firstname.lastname@example.org>:
> On Fri, Oct 28, 2005 at 04:53:49PM +0200, Jens Holze wrote:
> > Hi!
> > I've just set up the latest vserver on FC4 and added two vservers one
> > based on debian sarge the other on FC4. The debian one should do some
> > basic networking stuff and backups. Therefore I'd like to run dnsmasq
> > on it. I installed it but when I activated it's dhcp function, i get
> > this message at boot:
> > Starting DNS forwarder and DHCP server: dnsmasqdnsmasq: cannot create
> > DHCP packet socket: Operation not permitted. Is CONFIG_PACKET enabled
> > in your kernel? (failed).
> > Of course, CONFIG_PACKET is enabled in kernel, so I'm not really
> > sure what to do to get the program running. Do I need to add S_CAPS
> > options?
> well, depends on what the tool is 'trying' to do ...
> maybe it is opening a raw socket (or trying to do so)
> at least the DHCP stuff seems to point into that direction
Well, dnsmasq is a dhcp and dns server which is actually what I want
it to do because names of all the machines that get ips and announce
their names via dhcp are automatically put together (it's hard work to
do this with bind and dhcp). The server will not be publically
accessible (lowered security is no problem) it's simply because I like
debian and thought I could have a virtual debian on fedora (and it
works well apart from this problem) where I could put all the
uninteresting network services...
> this would mean that it would require CAP_NET_RAW which
> in turn would permit interface sniffing inside the guest
I found that I needed to create a .conf for my server (there was none
before this) and put the SCAPS variable in it. But nothing changed
when booting the server. Where can I see that the options are actually
> maybe the DHCP stuff can be deactivated via some config
> option (for dnsmasqd)?
Yes, it can. But that's not what I intended. Is it really a problem to
run a dhcp inside a vserver?
> > Thanks in advance!
> > Jens
> > --
-- "Wars not make one great" - Master Yoda yodahome_at_googlemail.com - http://yodahome.de ICQ: 252623701 watch http://littlevampire.yodahome.de the relaunch is coming on Halloween '05 senseless wisdom of life - my geeky blog under http://yodahome.de/blog _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserverReceived on Sat Oct 29 16:57:55 2005