On Fri, Apr 21, 2006 at 05:30:53PM +0300, Nikolay Kichukov wrote:
hi, the version is:
util-vserver 0.30.209-2
Would you suggest an upgrade to get the traceroute going? It is not so
important to make traceroute working. It is the idea that stays behind
that. ;-) To have the guest at full operational power as if it is a
real machine.
can you provide a static binary of that traceroute tool
for testing? it is supposed to work with ram_icmp
capability enabled ...
TIA,
Herbert
Thanks and regards,
-Nikolay Kichukov
- Original Message -
From: Herbert Poetzl [EMAIL PROTECTED]
To: Nikolay Kichukov [EMAIL PROTECTED]
Cc: vserver@list.linux-vserver.org
Sent: Thursday, April 20, 2006 9:43 PM
Subject: Re: [Vserver] vserver traceroute
On Thu, Apr 20, 2006 at 05:24:00PM +0300, Nikolay Kichukov wrote:
hello,
even trying to traceroute -I is still giving that same error message.
What could be wrong? Do I need to set some extra ccapabilities?
Also, what does the --secure option of the vattribute do ?
that really depends on the tool version, which
one do you have?
usually it removes most capabilites from the guest
best,
Herbert
Regards,
-Nikolay Kichukov
- Original Message -
From: Xavier Montagutelli [EMAIL PROTECTED]
To: vserver@list.linux-vserver.org
Sent: Thursday, April 20, 2006 3:33 PM
Subject: Re: [Vserver] vserver traceroute
On Thursday 20 April 2006 13:29, Nikolay Kichukov wrote:
Hello guys,
Thanks for the advice, and sorry for taking me so long to respond.
I tried setting:
host# vattribute --set --xid xid --secure --ccap raw_icmp
and when i try to traceroute a host I am again getting:
traceroute: raw socket: Operation not permitted
On my debian box, traceroute use by default UDP packets, not ICMP
packets.
Try -I icmp to use icmp.
Any further ideas?
Another problem has now appeared:
When i try to ssh to the guest sshd, i am getting the following
error:
fatal: chroot(/var/run/sshd): Operation not permitted
/var/run/sshd is rwx for root and r-x for the group and others
Any ideas?
Additional info:
util-vserver 0.30.209-2 debian package
kernel 1.6.14.4-vs2.1.0
On Tue, 2006-04-11 at 13:17 +0200, Daniel Hokka Zakrisson wrote:
Nikolay Kichukov wrote:
Hi,
Thanks for the advise,
I'd like to test that and I already have raw_icmp in the flags
file
for
the vserver, but is there a way i can set that without rebooting
the
vserver?
It's a context capability, so you should put it in ccapabilities
file.
I've searched for information about chcontext and did not find a
lot
about setting those caps and flags dynamically. Is that
possible? If
yes, how?
vattribute --set --xid name or xid of the guest --secure --ccap
raw_icmp (add additional --bcaps here if you have any, as they'll
be
reset otherwise)
Also, another question is, i have already created(built) the
vserver
without --context NNN, and now I would like to get the vserver
running
only in a specified context, ie. 444. How can i implement that?
echo NNN /etc/vservers/name/context
http://www.nongnu.org/util-vserver/doc/conf/configuration.html
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
--
Xavier Montagutelli Tel : +33 (0)5 55 45 77 20
Service Commun Informatique Fax : +33 (0)5 55 45 77 60
Universite de Limoges
123, avenue Albert Thomas
87060 Limoges cedex
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
