Re: [vserver] Can't see all my processes?

From: David Karban <konference_at_karban.eu>
Date: Mon 12 May 2008 - 22:24:46 BST
Message-ID: <4828B59E.80706@karban.eu>

Ed W napsal(a):
> Hi
Hi,
I had same issue with bind run in vserver in chroot jail with grsecurity
chroot jail protection. Bind process was visible from host by vps, but
not in guest. Without chroot jail protection was visible in guest too.

But the question is ... are you chrooting in vserver ?
>
>> Is it running as a non-root user?
>
> Yes
>
>> Did you enable that process-hiding thing
>> in grsec?
>>
>
> Not sure which one you mean - I *do* have the "hide kernel processes"
> option enabled and I can't see it's one of the sysctl disableable
> options. (The obvious option is to boot a different kernel, but it's
> not easy on a production machine)
>
>
> It's very peculiar - in the vserver pstree shows
>
> dnscache / # pstree -p
> ?(1)-+-cron(14672)
> |-svscan(14641)-+-supervise(14642)
> | `-supervise(14644)---multilog(14645)
> `-syslog-ng(14659)
>
>
> But in the host
>
> |-svscan(14641)-+-supervise(14642)---dnscache(14643)
> | `-supervise(14644)---multilog(14645)
>
>
> I'm not really sure how to get more info on the process to see why
> it's perhaps hiding. Any suggestions?
>
> Cheers
>
> Ed W
>
Received on Mon May 12 22:25:00 2008

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Mon 12 May 2008 - 22:25:08 BST by hypermail 2.1.8