Hi, It seems that abstract UNIX sockets "leak" from a vserver. I'm trying to run the same java app inside two vservers and only the first one started succeeds.
The critical piece from strace is:
20397 socket(PF_FILE, SOCK_STREAM, 0) = 5
20397 setsockopt(5, SOL_SOCKET, SO_PASSCRED, [7738151124464566273], 4) = 0
20397 bind(5, {sa_family=AF_FILE, [EMAIL
PROTECTED]/run/.php-java-bridge_socket}, 110) = -1 EADDRINUSE (Address already
in use)
Looking at unix_bind() in net/unix/af_unix.c, it would seem that the socket
hashes are identical across all vservers and that no additional context check
is used. There is a context check in include/net/af_unix.h, but this
does not seem to be used when creating sockets from unix_bind().
Any ideas?
Regards
Andreas
pgpRCrJhZsFKO.pgp
Description: PGP signature
_______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
