hello,
even trying to traceroute -I is still giving that same error message.
What could be wrong? Do I need to set some extra ccapabilities?
Also, what does the --secure option of the vattribute do ?
Regards,
-Nikolay Kichukov
----- Original Message -----
From: "Xavier Montagutelli" <xavier.montagutelli@unilim.fr>
To: <vserver@list.linux-vserver.org>
Sent: Thursday, April 20, 2006 3:33 PM
Subject: Re: [Vserver] vserver traceroute
> On Thursday 20 April 2006 13:29, Nikolay Kichukov wrote:
> > Hello guys,
> > Thanks for the advice, and sorry for taking me so long to respond.
> >
> > I tried setting:
> >
> > host# vattribute --set --xid <xid> --secure --ccap raw_icmp
> >
> > and when i try to traceroute a host I am again getting:
> >
> > traceroute: raw socket: Operation not permitted
>
> On my debian box, traceroute use by default UDP packets, not ICMP packets.
>
> Try "-I icmp" to use icmp.
>
> >
> > Any further ideas?
> >
> > Another problem has now appeared:
> > When i try to ssh to the guest sshd, i am getting the following error:
> >
> > fatal: chroot("/var/run/sshd"): Operation not permitted
> >
> > /var/run/sshd is rwx for root and r-x for the group and others
> >
> > Any ideas?
> >
> > Additional info:
> >
> > util-vserver 0.30.209-2 debian package
> > kernel 1.6.14.4-vs2.1.0
> >
> > On Tue, 2006-04-11 at 13:17 +0200, Daniel Hokka Zakrisson wrote:
> > > Nikolay Kichukov wrote:
> > > > Hi,
> > > > Thanks for the advise,
> > > > I'd like to test that and I already have raw_icmp in the flags file
for
> > > > the vserver, but is there a way i can set that without rebooting the
> > > > vserver?
> > >
> > > It's a context capability, so you should put it in ccapabilities file.
> > >
> > > > I've searched for information about chcontext and did not find a lot
> > > > about setting those caps and flags dynamically. Is that possible? If
> > > > yes, how?
> > >
> > > vattribute --set --xid <name or xid of the guest> --secure --ccap
> > > raw_icmp (add additional --bcaps here if you have any, as they'll be
> > > reset otherwise)
> > >
> > > > Also, another question is, i have already created(built) the vserver
> > > > without --context NNN, and now I would like to get the vserver
running
> > > > only in a specified context, ie. 444. How can i implement that?
> > >
> > > echo NNN > /etc/vservers/<name>/context
> > >
> > > http://www.nongnu.org/util-vserver/doc/conf/configuration.html
> >
> > _______________________________________________
> > Vserver mailing list
> > Vserver@list.linux-vserver.org
> > http://list.linux-vserver.org/mailman/listinfo/vserver
>
> --
> Xavier Montagutelli Tel : +33 (0)5 55 45 77 20
> Service Commun Informatique Fax : +33 (0)5 55 45 77 60
> Universite de Limoges
> 123, avenue Albert Thomas
> 87060 Limoges cedex
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
>
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Thu Apr 20 15:25:19 2006