On Mon, Feb 05, 2007 at 01:14:24PM +0000, Lyn St George wrote: > Hallo all > > I've just had a hard disk replaced with a fresh installtion of > CentOS4.4 and so I also built a new kernel, and for the first > time am getting this error: > chcontext: vc_new_s_context(): Operation not permitted > when trying to enter or stop a vserver.
EPERM means that you do not have the proper capability (CAP_SYS_ADMIN and xid=0) or that the guest is running with VX_INFO_PRIVATE (probably the latter is true in your case) > Kernel is 2.6.19.2, patch vs2.2.0-rc10, tools 30.212. The > vservers are using the legacy configs, ie a single config > file under /etc/vservers per vserver. this config is deprecated for a long time now (several years, IIRC, please upgrade that) > Tools are built with 'ALL' as the target apis. > > This host is using LVM, and while I can't see how this could > contribute towards this problem I can't see anything else > that is different from all other kernels and installations that > have gone without a hitch. I guess you have this one enabled: CONFIG_VSERVER_PRIVACY=y which is on by default, and honored with new tools/configs ... probably not correctly by the old legacy interfaces though ... > The testme.sh script shows that everything tested is OK. > At the moment these vservers are not working properly, ie > they don't start up most daemons and I have to enter them > with chroot and manually get things going. A 'ps ax' shows > all the host's processes visible inside the vserver, so plainly > the separation has failed. that is jumping to conclusions, as chroot will not change the process context, so naturally you will see host processess ... > Would anyone have any clues to point me to a solution? fast solution: disable the privacy long term solution: upgrade to the new config HTH, Herbert > - > Lyn > > _______________________________________________ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
