On Tue, 4 Mar 2003, John P. Eisenmenger wrote: > > Do you have the parent directory of the vserver root set with mode 000? > For example: > > [EMAIL PROTECTED] jpe # ls -ld /vservers /vservers/gentoo /vservers/x > d--------- 5 root root 4096 Feb 24 15:45 /vservers > drwxr-xr-x 17 root root 4096 Feb 12 10:35 /vservers/gentoo > drwxr-xr-x 16 root root 4096 Feb 12 15:42 /vservers/x > > Supposedly setting the permissions of the parent directory to 000 blocks > this method of escape. In fact I believe the vserver command will > complain loudly if this is not the case. > > -John
Hi John and Paul Unfortunetly this method while seems to work it imposes 2 constrains on the vserver: - to change context _after_ chroot (not chroot after chcontext), that requires - a chcontext program inside the vserver - a /proc mounted procfs (which I _really_ dont want to have in my vserver) Did I missed something or is there another way ? Thanks ---------------------------- Mihai RUSU Disclaimer: Any views or opinions presented within this e-mail are solely those of the author and do not necessarily represent those of any company, unless otherwise specifically stated.
