Here it is, Last login: Sun Nov 23 21:53:32 2003 [EMAIL PROTECTED] root]# ls anaconda-ks.cfg install.log install.log.syslog vps [EMAIL PROTECTED] root]# vi /etc/vservers/redhat9.conf # Description: RedHat 9 VPS Server
if [ "" = "" ]; then PROFILE=prod fi case $PROFILE in prod) # Select the IP number(s) assigned to the virtual server # These IPs will be defined as IP alias # The alias will be setup on IPROOTDEV # You can specify the device if needed # IPROOT="eth0:1.2.3.4 eth1:3.4.5.6" IPROOT="172.16.0.109" # You can define on which device the IP alias will be done # The IP alias will be set when the server is started and unset # when the server is stopped # The netmask and broadcast are computed by default from IPROOTDEV #IPROOTMASK= #IPROOTBCAST= IPROOTDEV=eth0 # You can set a different host name for the vserver # If empty, the host name of the main server is used S_HOSTNAME=redhat9.icanreach.com ;; backup) IPROOT="" #IPROOTMASK= #IPROOTBCAST= IPROOTDEV=eth0 S_HOSTNAME= ;; esac # Set ONBOOT to yes or no if you want to enable this # virtual server at boot time ONBOOT=yes # Control the start order of the vservers # Lower value start first PRIORITY=100 # You can set a different NIS domain for the vserver # If empty, the current on is kept # Set it to "none" to have no NIS domain set S_DOMAINNAME= # You can set the priority level (nice) of all process in the vserver # Even root won't be able to raise it S_NICE= # You can set various flags for the new security context # lock: Prevent the vserver from setting new security context # sched: Merge scheduler priority of all processes in the vserver # so that it acts a like a single one. # nproc: Limit the number of processes in the vserver according to ulimit # (instead of a per user limit, this becomes a per vserver limit) # private: No other process can join this security context. Even root # Do not forget the quotes around the flags S_FLAGS="lock nproc" # You can set various ulimit flags and they will be inherited by the # vserver. You enter here various command line argument of ulimit # ULIMIT="-H -u 200" # The example above, combined with the nproc S_FLAGS will limit the # vserver to a maximum of 200 processes ULIMIT="-HS -u 1000" # You can set various capabilities. By default, the vserver are run # with a limited set, so you can let root run in a vserver and not # worry about it. He can\'t take over the machine. In some cases # you can to give a little more capabilities \(such as CAP_NET_RAW\) # S_CAPS="CAP_NET_RAW" S_CAPS="CAP_NET_RAW CAP_SYS_ADMIN CAP_NET_ADMIN" # Select an unused context (this is optional) # The default is to allocate a free context on the fly # In general you don't need to force a context #S_CONTEXT= > > From: "Charles Dale" <[EMAIL PROTECTED]> > Date: 2003/11/25 Tue PM 08:16:37 EST > To: <[EMAIL PROTECTED]> > Subject: RE: RE: [Vserver] Rpms for vserver 0.27 (got it) > > [snip] > > > Nov 24 12:00:13 redhat9 named: named: capset failed: Operation not > permitted > > Nov 24 12:00:13 redhat9 named: named startup failed > > Looks to me like CAP_SYS_RESOURCE hasn't been enabled for some reason for > that vserver. Please post contents of the vserver conf file. > > BTW, (to list in general), how do I easily find out which caps a particular > context has? > > Chuck > > _______________________________________________ > Vserver mailing list > [EMAIL PROTECTED] > http://list.linux-vserver.org/mailman/listinfo/vserver > _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver