On Thu, Oct 14, 2004 at 03:26:07PM +0200, [EMAIL PROTECTED] wrote: > Hi, > > A special thank to Bjoern and Christian for your response. > > Effectively, a simple "modprobe capability" and all work fine after a > "vserver vm1 stop". > > But I've got a question that must be clear for me and my future > vserver machine: > > Is it normal that from a verser, whitch IP address is an alias ( > eth0:vm1 ) and eth0 is used by host server, I can see eth0 and the IP > address associated, with a simple "ifconfig -a" ?
unless you set VXF_HIDE_NETIF, yes that is normal (assuming 1.9.3-rc2 here) > If I Update my verser.conf by a "S_CAPS="CAP_NET_ADMIN", from a > vserver, I can now stop all the machine by a "ifconfig eth0 down". yep, that is what CAP_NET_ADMIN is for (see /usr/include/linux/capability.h or the linux- vserver paper) > I play with such things because I try to realise a balanced Vserver > and I have to create or delete some alias around eth0, but inside a > vserver. > > My old tests with a kernel 2.4.26 work perfectly well, but I noticed > that, from a vserver, I can see eth0, but NOT its IP address. So it > seems to be less dangerous ! hmm, no not really, CAP_NET_ADMIN allows everything ... > Does all of this goes in a right way ? What I saw and what I think > are inline with the vserver project concept ? > > A last question: Is it possible to use ipvs inside a vserver ? never tried ... might work, but probably not ... > Thanks again for all your help. best, Herbert > Pierre. > _______________________________________________ > Vserver mailing list > [EMAIL PROTECTED] > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
