Did you build your kernel with CONFIG_SECURITY enabled? If so, make sure that you also enabled CONFIG_SECURITY_CAPABILITIES and that the module is loaded if it was built as a module. Otherwise the default capability handling is disabled and your vserver is therefore allowed to remove the interfaces.
Enrico,
Could you please make `chcontext --secure' confirm that the capabilities mask was changed, or that the `capability' module is loaded - this is extremely nasty behaviour that we should work around at all costs!
--
Sam Vilain, sam /\T vilain |><>T net, PGP key ID: 0x05B52F13
(include my PGP key ID in personal replies to avoid spam filtering)
_______________________________________________
Vserver mailing list
[EMAIL PROTECTED]
http://list.linux-vserver.org/mailman/listinfo/vserver
