Hi,

It seems that abstract UNIX sockets "leak" from a vserver. I'm trying to run
the same java app inside two vservers and only the first one started succeeds.

The critical piece from strace is:

20397 socket(PF_FILE, SOCK_STREAM, 0)   = 5
20397 setsockopt(5, SOL_SOCKET, SO_PASSCRED, [7738151124464566273], 4) = 0
20397 bind(5, {sa_family=AF_FILE, [EMAIL 
PROTECTED]/run/.php-java-bridge_socket}, 110) = -1 EADDRINUSE (Address already 
in use)

Looking at unix_bind() in net/unix/af_unix.c, it would seem that the socket
hashes are identical across all vservers and that no additional context check
is used. There is a context check in include/net/af_unix.h, but this
does not seem to be used when creating sockets from unix_bind().

Any ideas?

Regards
Andreas

Attachment: pgpRCrJhZsFKO.pgp
Description: PGP signature

_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Reply via email to