This was already corrected in vzctl (3.0.22-9) unstable; urgency=low
* Correction of capability problem on some platforms. Closes: #482974. -- Ola Lundqvist <o...@debian.org> Sat, 7 Jun 2008 19:26:21 +0200 Do you have any other idéa? // Ola On Thu, Jan 29, 2009 at 08:54:13AM +0100, Ola Lundqvist wrote: > Hi Kir > > I will backport this fix. I thought I already did that. Thanks! > > // Ola > > Quoting Kir Kolyshkin <k...@openvz.org>: > > >This is caused by newer kernel headers (in this case on a build system > >that was used to build this vzctl package), and is fixed in > >vzctl-3.0.23. See the following git commit: > > > >http://git.openvz.org/?p=vzctl;a=commit;h=0d6bfad92c7cb6a193801ce8dac3a0dc64396ca8 > > > >So the solution is either to upgrade to vzctl-3.0.23 or to backport > >this simple fix. > > > >Ola Lundqvist wrote: > >>Hi Daniel > >> > >>This is interesting as it works very well on my systems. On other hand > >>that > >>system is a 686 based one. > >> > >>You write that you have not significantly changed your system, but at the > >>same time you write that you are not sure that it has ever worked with the > >>2.6.26 kernel. > >> > >>Can you please elaborate when it worked last time, and what you have done > >>since then? > >> > >>Which version of the linux kernel are you running for example? > >>If you switch to the 2.6.24 kernel do it work then? > >> > >>Best regards, > >> > >>// Ola > >> > >>On Wed, Jan 28, 2009 at 01:34:52PM +1100, Daniel Pittman wrote: > >> > >>>Package: vzctl > >>>Version: 3.0.22-14 > >>>Severity: grave > >>>Justification: renders package unusable > >>> > >>>When trying to start a VE I get the following output: > >>> > >>>] sudo vzctl start sd-dev > >>>Starting VE ... > >>>VE is mounted > >>>Unable to set capability: Operation not permitted > >>>Unable to set capability > >>>VE start failed > >>>VE is unmounted > >>> > >>>When I strace the system I see the following call to set capabilities: > >>> > >>>[pid 14391] capget(0x20071026, 0, NULL) = -1 EFAULT (Bad address) > >>>[pid 14390] exit_group(0) = ? > >>>Process 14390 detached > >>>[pid 14391] capset(0x20071026, 0, > >>>{CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TTY_CONFIG|0x78000000, > >>> > >>>CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TTY_CONFIG|0x78000000, > >>> > >>>CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TTY_CONFIG|0x78000000}) > >>> = -1 EPERM (Operation not > >>>permitted) > >>> > >>> > >>>This fails to start the VE, reporting that the capset operation failed. > >>>None of my configuration has been modified significantly, and certainly > >>>not > >>>to change the capability set of the VE or anything like that. > >>> > >>>This same configuration worked on a 2.6.24 VZ kernel, but I am not > >>> sure it ever > >>>worked on the 2.6.26 kernel. > >>> > >>>-- System Information: > >>>Debian Release: 5.0 > >>> APT prefers unstable > >>> APT policy: (500, 'unstable'), (1, 'experimental') > >>>Architecture: amd64 (x86_64) > >>> > >>>Kernel: Linux 2.6.26-1-openvz-amd64 (SMP w/2 CPU cores) > >>>Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) > >>>Shell: /bin/sh linked to /bin/dash > >>> > >>>Versions of packages vzctl depends on: > >>>ii iproute 20080725-2 networking and > >>>traffic control too > >>>ii libc6 2.7-18 GNU C Library: Shared > >>> libraries > >>>ii vzquota 3.0.11-1 server virtualization > >>> solution - q > >>> > >>>Versions of packages vzctl recommends: > >>>ii rsync 3.0.5-1 fast remote file copy > >>> program (lik > >>> > >>>Versions of packages vzctl suggests: > >>>pn linux-patch-openvz <none> (no description available) > >>> > >>>-- no debconf information > >>> > >>> > >>> > >>> > >> > >> > > > > -- > --- Inguza Technology AB --- MSc in Information Technology ---- > / o...@inguza.com Annebergsslingan 37 \ > | o...@debian.org 654 65 KARLSTAD | > | http://inguza.com/ Mobile: +46 (0)70-332 1551 | > \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / > --------------------------------------------------------------- > > -- --- Inguza Technology AB --- MSc in Information Technology ---- / o...@inguza.com Annebergsslingan 37 \ | o...@debian.org 654 65 KARLSTAD | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org