On Fri, Jan 14, 2005 at 06:34:02PM -0800, Andrew Mendelsohn wrote: > Hi, > > Using 2.6.10 with patch-2.6.10-vs1.9.3.17.diff and compiling > util-vserver 0.30.196, it seems that I can't remove capabilities via the > /usr/local//etc/vservers/webserver/bcapabilities configuration file > using ~ALL. The /usr/local//etc/vservers/webserver/ccapabilities file > does what it is supposed to when set to ~ALL. > > Output of cat /proc/self/vinfo before config files are set to ~ALL > > XID: 10 > BCaps: ffffffffd44c04ff > CCaps: 0000000000000101 > CFlags: 0000000202000010 > CIPid: 0 > > Output of cat /proc/self/vinfo after both config files are set to ~ALL > > XID: 10 > BCaps: ffffffffd44c04ff > CCaps: 0000000000000000 > CFlags: 0000000202000010 > CIPid: 0 > > Is it a bug, or do I need an additional configuration step?
hmm, didn't test with the config setup, but a quick check with vxc showed that it is working as expected $ vxc --xid 100 -- grep Cap /proc/self/status New security context is 100 CapInh: 0000000000000000 CapPrm: 00000000fffffeff CapEff: 00000000fffffeff $ vxc --xid 100 --bcap ~ALL -- cat /proc/self/vinfo New security context is 100 XID: 100 BCaps: 0000000000000000 CCaps: 0000000000000000 CFlags: 0000000200000000 CIPid: 0 $ vxc --xid 100 --bcap ~ALL -- grep Cap /proc/self/status New security context is 100 CapInh: 0000000000000000 CapPrm: 0000000000000000 CapEff: 0000000000000000 (kernel) 2.6.11-rc1-vs1.9.4-rc1 no relevant changes to 2.6.10-vs1.9.3.17 please check with --debug if the --bcap arg is passed properly to vattribue ... TIA, Herbert > Thanks, > Andy > > > > > > > _______________________________________________ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver