PLDWWW: Vserver
PatrykZawadzki
PatrykZawadzki at pld-linux.org
Thu Feb 16 11:19:59 CET 2006
Author: PatrykZawadzki Date: Thu Feb 16 10:19:59 2006 GMT
Module: PLDWWW URL: http://pld-linux.org/Vserver
---- Log message:
---- Page affected: Vserver
---- Diffs:
================================================================
test sshd[17644]: error: Bind to port 22 on 192.168.0.1 failed: Cannot assign requested address.
}}}
- Fix: set separate addresses after ''ListenAddress'' in ''/etc/ssh/sshd_config'' both on host system. (not necessary on guest as it's limited to chbind addresses anyway)
+ Fix: set separate addresses after ''Listen``Address'' in ''/etc/ssh/sshd_config'' both on host system. (not necessary on guest as it's limited to chbind addresses anyway)
=== bind won't install because of a mknod problem ===
bind requires some special device nodes inside it's chroot jail located in ''/var/lib/named''. Vserver security does not allow device node creation so you will have to install the package specifying {{{--exclude-dirs=/var/lib/named/dev}}} and then create the devices from outside of the vserver context.
+ To run bind you will have to change one more thing. PLD version of bind uses chroot for extra security and vserver security removes all special kernel capabilities. To allow chrooting inside your DNS vserver, use the following:
+
+ {{{
+ # echo CAP_SYS_RESOURCE >> /etc/vservers/test/bcapabilities
+ }}}
+
+ === syslog-ng won't run ===
+
+ There is no access to klogd inside vservers so all you have to do is change the following line in the config file:
+
+ {{{
+ source src { pipe ("/proc/kmsg" log_prefix("kernel: ")); unix-stream("/dev/log"); internal(); };
+ }}}
+
+ Into:
+
+ {{{
+ source src { unix-stream("/dev/log"); internal(); };
+ }}}
+
More information about the pld-cvs-commit
mailing list