Package: vzctl Version: 3.0.22-14 Severity: grave Justification: renders package unusable
When trying to start a VE I get the following output: ] sudo vzctl start sd-dev Starting VE ... VE is mounted Unable to set capability: Operation not permitted Unable to set capability VE start failed VE is unmounted When I strace the system I see the following call to set capabilities: [pid 14391] capget(0x20071026, 0, NULL) = -1 EFAULT (Bad address) [pid 14390] exit_group(0) = ? Process 14390 detached [pid 14391] capset(0x20071026, 0, {CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TTY_CONFIG|0x78000000, CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TTY_CONFIG|0x78000000, CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TTY_CONFIG|0x78000000}) = -1 EPERM (Operation not permitted) This fails to start the VE, reporting that the capset operation failed. None of my configuration has been modified significantly, and certainly not to change the capability set of the VE or anything like that. This same configuration worked on a 2.6.24 VZ kernel, but I am not sure it ever worked on the 2.6.26 kernel. -- System Information: Debian Release: 5.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-openvz-amd64 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages vzctl depends on: ii iproute 20080725-2 networking and traffic control too ii libc6 2.7-18 GNU C Library: Shared libraries ii vzquota 3.0.11-1 server virtualization solution - q Versions of packages vzctl recommends: ii rsync 3.0.5-1 fast remote file copy program (lik Versions of packages vzctl suggests: pn linux-patch-openvz <none> (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org