Hi, It seems that abstract UNIX sockets "leak" from a vserver. I'm trying to run the same java app inside two vservers and only the first one started succeeds.
The critical piece from strace is: 20397 socket(PF_FILE, SOCK_STREAM, 0) = 5 20397 setsockopt(5, SOL_SOCKET, SO_PASSCRED, [7738151124464566273], 4) = 0 20397 bind(5, {sa_family=AF_FILE, [EMAIL PROTECTED]/run/.php-java-bridge_socket}, 110) = -1 EADDRINUSE (Address already in use) Looking at unix_bind() in net/unix/af_unix.c, it would seem that the socket hashes are identical across all vservers and that no additional context check is used. There is a context check in include/net/af_unix.h, but this does not seem to be used when creating sockets from unix_bind(). Any ideas? Regards Andreas
pgpRCrJhZsFKO.pgp
Description: PGP signature
_______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver