Den 15.03.2011 14:58, skrev Daniel Hokka Zakrisson:
> Tor Rune Skoglund wrote:
>> Doing some testing on a newer kernel here.....
>>
>> After having created a virtual server, I get the following when trying
>> to run it:
>>
>> ----------
>> # vserver test start
>> 'VERIFYCAP' can be executed as root only
>> capabilities are not enabled in kernel-setup
>>
>> Failed to start vserver 'test'
>> ----------
>>
>> I AM root, so that's not it. Also, googling seems to show that
>> VERIFYCAP needs kernel CONFIG_SECURITY_CAPABILITIES . However,
>> there is no such option in my kernel:
>>
>> platform ~ # grep CAPA /usr/src/linux/.config
>> platform ~ #
>>
>> I have tried newer kernels, newer pacthes, newer util-vserver packages,
>> newer dietlibcs and so on, but are running out of ideas...
>>
>> Any hints?
>
> CONFIG_SECURITY is all you should need on recent kernels. What's that
> set to?
yep...:
platform ~ # grep SECURITY /usr/src/linux/.config
CONFIG_EXT2_FS_SECURITY=y
CONFIG_EXT3_FS_SECURITY=y
CONFIG_VSERVER_SECURITY=y
# CONFIG_SECURITY_DMESG_RESTRICT is not set
CONFIG_SECURITY=y
# CONFIG_SECURITYFS is not set
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_NETWORK_XFRM is not set
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_TOMOYO is not set
# CONFIG_SECURITY_APPARMOR is not set
CONFIG_DEFAULT_SECURITY_DAC=y
CONFIG_DEFAULT_SECURITY=""
- Tor Rune Skoglund
Received on Tue Mar 15 14:01:46 2011