heya,
no frustration here. just asking if you checked it (i didn't know you
disabled it, i can only look at the .config ;))
anyway, if all grsec stuff is disabled. I dont know by heart if you can
disable chroot_caps, chroot_chmod, chroot_double and chroot_mount in proc.
if you can, than that should never be the problem. just checking...
(ps. did i reply twice or so?)
Rik Bobbaers
-- http://harry.enzoverder.be
linux/unix/system/network/security/hardware/DR admin
"If a man speaks his mind in a forest, and there's no woman to hear it ...
is he still wrong?"
> 2010/1/15 Rik Bobbaers <rik@enzoverder.be>
>
>> as i thought...
>>
>> CONFIG_GRKERNSEC_CHROOT_MOUNT=y
>>
>> please read this:
>> http://people.linux-vserver.org/~harry/<http://people.linux-vserver.org/%7Eharry/>(bottom
>> of the page)
>> on the settings needed for vserver to work..
>>
>> grtzzz...
>>
>> Rik Bobbaers
>>
>>
> I understand your frustration but hey, I checked that before asking !
> cat /proc/sys/kernel/grsecurity/chroot_deny_mount output 0 (I set it with
> systcl.conf and rebooted to be sure that was not the reason).
> That should be sufficient isn't it ?
>
>
> --
> Pierre.
> "Sometimes when I'm talking, my words can't keep up with my thoughts. I
> wonder why we think faster than we speak. Probably so we can think twice."
> -
> Bill Watterson
>
Received on Fri Jan 15 09:31:55 2010