Index: NEWS =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/NEWS,v retrieving revision 1.1.2.1.2.10 retrieving revision 1.1.2.1.2.13 diff -u -p -I$Id: -r1.1.2.1.2.10 -r1.1.2.1.2.13 --- NEWS 11 Feb 2004 21:06:17 -0000 1.1.2.1.2.10 +++ NEWS 23 Apr 2004 11:40:40 -0000 1.1.2.1.2.13 @@ -1,3 +1,38 @@ +Version 0.30 +============ + + - BUGFIX: vlimit: fixed communication with kernel so that it + should work now. Output of this tools has been enhanced too. + + - BUGFIX: fixed off-by-one error when setting ipv4root; now the + full 16 IPs can be specified instead of 15 formerly + + - added better detection for the syscall number; this can solve + problems on non-ix86 architectures where __NR_vserver is not 273 + + - BUGFIX/ENHANCEMENTS: the CLI interface of 'reducecap' was fixed + significantly: now it is possible to remove capabilities like + CHOWN'. Formerly, only privileged caps like SYS_* or *_ADMIN + could be removed because of a coding error. Changes in the + related code are making it possible that both '--CAP_XXX' and + '--XXX' syntax will be recognized (based on patches and reports + by Bodo Eggert). + + - cleaned up the documentation and removed unused files + + - "minimum" installation method: added fc1 target, fixed the rh9 + filelist and use '-HS' in the sample.conf (reported by Arne + Blankerts) + + - 'distrib-info' knows now how to deal with Debian; vunify & + related tools should now work there (patch provided by Matthew + Lavy) + + - init-scripts are now a little bit more Debian compliantly + (Savannah patch #2633; provided by Noèl Köthe) + + + Version 0.29 ============ Index: configure.ac =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/configure.ac,v retrieving revision 1.1.2.1.2.31 retrieving revision 1.1.2.1.2.36 diff -u -p -I$Id: -r1.1.2.1.2.31 -r1.1.2.1.2.36 --- configure.ac 11 Feb 2004 21:06:17 -0000 1.1.2.1.2.31 +++ configure.ac 23 Apr 2004 11:40:40 -0000 1.1.2.1.2.36 @@ -25,7 +25,7 @@ dnl AC_PREREQ(2.57) -AC_INIT(util-vserver, 0.29, enrico.scholz@informatik.tu-chemnitz.de) +AC_INIT(util-vserver, 0.29.5, enrico.scholz@informatik.tu-chemnitz.de) AC_CONFIG_SRCDIR([src/capchroot.c]) AC_CONFIG_HEADER([config.h]) @@ -101,6 +101,7 @@ done IFS=$old_IFS AC_MSG_RESULT([$enable_apis]) +ENSC_SYSCALLNR(vserver,273) ENSC_SYSCALL ENSC_CHECK_EXT2FS_HEADER AC_CHECK_FUNCS([vserver]) Index: util-vserver.spec.in =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/util-vserver.spec.in,v retrieving revision 1.4.2.6 retrieving revision 1.4.2.8 diff -u -p -I$Id: -r1.4.2.6 -r1.4.2.8 --- util-vserver.spec.in 6 Feb 2004 22:20:59 -0000 1.4.2.6 +++ util-vserver.spec.in 23 Apr 2004 11:40:00 -0000 1.4.2.8 @@ -94,7 +94,6 @@ test "$1" = 0 || %{_initrddir}/rebootmg %files %defattr(-,root,root) %doc AUTHORS COPYING ChangeLog NEWS README THANKS -%doc doc/FAQ.txt %_sbindir/* %_libdir/%name %_includedir/vserver.h @@ -116,6 +115,8 @@ test "$1" = 0 || %{_initrddir}/rebootmg %changelog +* Thu Mar 18 2004 Enrico Scholz - 0:0.29.3-0 +- removed '%%doc doc/FAQ.txt' since file does not exist anymore * Fri Sep 26 2003 Enrico Scholz - 0:0.23.4-1 - initial build. Index: distrib/Makefile-files =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/distrib/Attic/Makefile-files,v retrieving revision 1.1 retrieving revision 1.1.4.1 diff -u -p -I$Id: -r1.1 -r1.1.4.1 --- distrib/Makefile-files 29 Sep 2003 22:01:58 -0000 1.1 +++ distrib/Makefile-files 3 Apr 2004 01:40:08 -0000 1.1.4.1 @@ -23,11 +23,13 @@ distrib_SCRPTS = distrib/install-mdk8.2 distrib/install-rh7.3 \ distrib/install-rh8.0 \ distrib/install-rh9.0 \ + distrib/install-fc1 \ distrib/sample.sh distrib_DAT = distrib/mdk8.2-minimum \ distrib/rh7.3-minimum \ distrib/rh8.0-minimum \ distrib/rh9.0-minimum \ + distrib/fc1-minimum \ distrib/sample.conf Index: distrib/fc1-minimum =================================================================== RCS file: distrib/fc1-minimum diff -N distrib/fc1-minimum --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ distrib/fc1-minimum 3 Apr 2004 00:02:27 -0000 1.1.2.1 @@ -0,0 +1,147 @@ +chkconfig-[0-9]*.i386.rpm +glibc-[0-9]*.i386.rpm +glibc-common-[0-9]*.i386.rpm +coreutils-[0-9]*.i386.rpm +termcap-*.noarch.rpm +libtermcap-[0-9]*.i386.rpm +ethtool-[0-9]*.i386.rpm +tzdata-2003d-1.noarch.rpm +beecrypt-3.0.1-0.20030630.1.i386.rpm +elfutils-libelf-0.89-2.i386.rpm +tcp_wrappers-7.6-34.as21.1.i386.rpm +gpm-[0-9]*.i386.rpm +4Suite-[0-9]*.i386.rpm +MAKEDEV-[0-9]*.i386.rpm +PyXML-[0-9]*.i386.rpm +SysVinit-[0-9]*.i386.rpm +a2ps-[0-9]*.i386.rpm +alchemist-[0-9]*.i386.rpm +anacron-[0-9]*.i386.rpm +ash-[0-9]*.i386.rpm +at-[0-9]*.i386.rpm +audiofile-[0-9]*.i386.rpm +authconfig-[0-9]*.i386.rpm +basesystem-*.noarch.rpm +bash-[0-9]*.i386.rpm +bzip2-[0-9]*.i386.rpm +bzip2-libs-[0-9]*.i386.rpm +cpio-[0-9]*.i386.rpm +cracklib-[0-9]*.i386.rpm +cracklib-dicts-[0-9]*.i386.rpm +crontabs-*.noarch.rpm +cyrus-sasl-[0-9]*.i386.rpm +cyrus-sasl-md5-[0-9]*.i386.rpm +db4-[0-9]*.i386.rpm +dev-[0-9]*.i386.rpm +diffutils-[0-9]*.i386.rpm +dosfstools-[0-9]*.i386.rpm +e2fsprogs-[0-9]*.i386.rpm +ed-[0-9]*.i386.rpm +fam-[0-9]*.i386.rpm +file-[0-9]*.i386.rpm +filesystem-[0-9]*.i386.rpm +findutils-[0-9]*.i386.rpm +libacl-[0-9]*.i386.rpm +libgcc-[0-9]*.i386.rpm +freetype-[0-9]*.i386.rpm +gawk-[0-9]*.i386.rpm +gdbm-[0-9]*.i386.rpm +glib-[0-9]*.i386.rpm +glib2-[0-9]*.i386.rpm +gnupg-[0-9]*.i386.rpm +grep-[0-9]*.i386.rpm +groff-[0-9]*.i386.rpm +gzip-[0-9]*.i386.rpm +indexhtml-*.noarch.rpm +info-[0-9]*.i386.rpm +initscripts-[0-9]*.i386.rpm +iputils-[0-9]*.i386.rpm +less-[0-9]*.i386.rpm +libcap-[0-9]*.i386.rpm +libghttp-[0-9]*.i386.rpm +libjpeg-[0-9]*.i386.rpm +libmng-[0-9]*.i386.rpm +libogg-[0-9]*.i386.rpm +libpng-[0-9]*.i386.rpm +libstdc++-[0-9]*.i386.rpm +libtiff-[0-9]*.i386.rpm +libuser-[0-9]*.i386.rpm +libvorbis-[0-9]*.i386.rpm +libxml-[0-9]*.i386.rpm +libxml2-[0-9]*.i386.rpm +libxslt-[0-9]*.i386.rpm +logrotate-[0-9]*.i386.rpm +losetup-[0-9]*.i386.rpm +m4-[0-9]*.i386.rpm +mailcap-*.noarch.rpm +mailx-[0-9]*.i386.rpm +make-[0-9]*.i386.rpm +man-[0-9]*.i386.rpm +man-pages-*.noarch.rpm +mktemp-[0-9]*.i386.rpm +mount-[0-9]*.i386.rpm +mpage-[0-9]*.i386.rpm +ncurses-[0-9]*.i386.rpm +netpbm-[0-9]*.i386.rpm +newt-[0-9]*.i386.rpm +ntsysv-[0-9]*.i386.rpm +openldap-[0-9]*.i386.rpm +openssh-[0-9]*.i386.rpm +openssh-clients-[0-9]*.i386.rpm +openssh-server-[0-9]*.i386.rpm +openssl-[0-9]*.i386.rpm +pam-[0-9]*.i386.rpm +passwd-[0-9]*.i386.rpm +patch-[0-9]*.i386.rpm +pcre-[0-9]*.i386.rpm +perl-[0-9]*.i386.rpm +perl-Filter-[0-9]*.i386.rpm +krb5-libs-[0-9]*.i386.rpm +libattr-[0-9]*.i386.rpm +hesiod-[0-9]*.i386.rpm +pnm2ppa-[0-9]*.i386.rpm +popt-[0-9]*.i386.rpm +portmap-[0-9]*.i386.rpm +procmail-[0-9]*.i386.rpm +procps-[0-9]*.i386.rpm +psmisc-[0-9]*.i386.rpm +psutils-[0-9]*.i386.rpm +python-[0-9]*.i386.rpm +readline-[0-9]*.i386.rpm +fedora-release-*.i386.rpm +rootfiles-*.noarch.rpm +rpm-[0-9]*.i386.rpm +sed-[0-9]*.i386.rpm +sendmail-[0-9]*.i386.rpm +setup-*.noarch.rpm +sgml-common-*.noarch.rpm +shadow-utils-[0-9]*.i386.rpm +slang-[0-9]*.i386.rpm +slocate-[0-9]*.i386.rpm +specspo-*.noarch.rpm +sysklogd-[0-9]*.i386.rpm +tar-[0-9]*.i386.rpm +tcl-[0-9]*.i386.rpm +tcsh-[0-9]*.i386.rpm +time-[0-9]*.i386.rpm +tmpwatch-[0-9]*.i386.rpm +umb-scheme-[0-9]*.i386.rpm +unzip-[0-9]*.i386.rpm +usermode-[0-9]*.i386.rpm +utempter-[0-9]*.i386.rpm +util-linux-[0-9]*.i386.rpm +vim-common-[0-9]*.i386.rpm +vim-minimal-[0-9]*.i386.rpm +vixie-cron-[0-9]*.i386.rpm +which-[0-9]*.i386.rpm +words-*.noarch.rpm +xinetd-[0-9]*.i386.rpm +zip-[0-9]*.i386.rpm +zlib-[0-9]*.i386.rpm +mingetty-[0-9]*.i386.rpm +iproute-[0-9]*.i386.rpm +modutils-[0-9]*.i386.rpm +gmp-[0-9]*.i386.rpm +expat-[0-9]*.i386.rpm +net-tools-[0-9]*.i386.rpm +nscd-[0-9]*.i386.rpm Index: distrib/install-fc1 =================================================================== RCS file: distrib/install-fc1 diff -N distrib/install-fc1 --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ distrib/install-fc1 3 Apr 2004 00:02:27 -0000 1.1.2.1 @@ -0,0 +1,70 @@ +#!/bin/sh + +# Copyright (C) 2004 Enrico Scholz +# based on distrib/install-rh9.0 by Jacques Gelinas +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +# This script creates a vserver from RedHat Fedora Core 1 CD. Only +# the first CD is used and must be mounted in /mnt/cdrom. +# Specify the name of the vserver +# "install-fc1 test" will create /vservers/test + +: ${UTIL_VSERVER_VARS:=$(dirname $0)/util-vserver-vars} +test -e "$UTIL_VSERVER_VARS" || { + echo "Can not find util-vserver installation; aborting..." + exit 1 +} +. "$UTIL_VSERVER_VARS" + +USR_LIB_VSERVER=$PKGLIBDIR + +if [ $# -lt 1 ] ; then + echo install-fc1 vserver-id [ type ] + echo type minimum means, minimum package for a server + echo type large means, all packages on the first CD +elif [ -d $VROOTDIR/$1/var/lib/rpm ] ; then + echo $VROOTDIR/$1 already exist +elif [ ! -d /mnt/cdrom/Fedora/RPMS ] ; then + echo No rpms in /mnt/cdrom/Fedora/RPMS. Is the CD mounted \? +else + VROOT=$VROOTDIR/$1 + $USR_LIB_VSERVER/install-pre.sh $1 + mkdir -p $VROOT/proc + mount -t proc none $VROOT/proc + mount -t devpts none $VROOT/dev/pts + mkdir -p $VROOT/var/lib/rpm + rpm --root $VROOT --initdb + if [ "$2" = "minimum" ] ; then + echo `cat $USR_LIB_VSERVER/fc1-minimum | wc -l` packages to install + cd /mnt/cdrom/Fedora/RPMS + rpm --root $VROOT -Uvh `cat $USR_LIB_VSERVER/fc1-minimum` + else + PKGS=`ls /mnt/cdrom/Fedora/RPMS/*.noarch.rpm \ + /mnt/cdrom/Fedora/RPMS/*.i386.rpm` + for except in control-center iptables kernel-pcmcia-cs\ + nfs-utils pciutils quota rp-pppoe tcpdump \ + lokkit kudzu-devel pciutils-devel \ + redhat-config-securitylevel redhat-config-nfs + do + PKGS=`ls $PKGS | grep -v $except` + done + echo `echo $PKGS | wc -w` packages to install + rpm --root $VROOT -Uvh $PKGS --nodeps + fi + umount $VROOT/proc + umount $VROOT/dev/pts + $USR_LIB_VSERVER/install-post.sh $1 +fi Index: distrib/rh9.0-minimum =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/distrib/Attic/rh9.0-minimum,v retrieving revision 1.1 retrieving revision 1.1.4.1 diff -u -p -I$Id: -r1.1 -r1.1.4.1 --- distrib/rh9.0-minimum 29 Sep 2003 22:01:58 -0000 1.1 +++ distrib/rh9.0-minimum 2 Apr 2004 23:59:45 -0000 1.1.4.1 @@ -1,7 +1,11 @@ +chkconfig-[0-9]*.i386.rpm +glibc-[0-9]*.i386.rpm +glibc-common-[0-9]*.i386.rpm +filesystem-[0-9]*.i386.rpm +tcp_wrappers-[0-9]*.i386.rpm +elfutils-libelf-[0-9]*.i386.rpm +coreutils-[0-9]*.i386.rpm 4Suite-[0-9]*.i386.rpm -Canna-[0-9]*.i386.rpm -Canna-libs-[0-9]*.i386.rpm -Distutils-*.noarch.rpm MAKEDEV-[0-9]*.i386.rpm PyXML-[0-9]*.i386.rpm SysVinit-[0-9]*.i386.rpm @@ -14,21 +18,15 @@ audiofile-[0-9]*.i386.rpm authconfig-[0-9]*.i386.rpm basesystem-*.noarch.rpm bash-[0-9]*.i386.rpm -bdflush-[0-9]*.i386.rpm bzip2-[0-9]*.i386.rpm bzip2-libs-[0-9]*.i386.rpm -chkconfig-[0-9]*.i386.rpm cpio-[0-9]*.i386.rpm cracklib-[0-9]*.i386.rpm cracklib-dicts-[0-9]*.i386.rpm crontabs-*.noarch.rpm cyrus-sasl-[0-9]*.i386.rpm cyrus-sasl-md5-[0-9]*.i386.rpm -db1-[0-9]*.i386.rpm -db2-[0-9]*.i386.rpm -db3-[0-9]*.i386.rpm db4-[0-9]*.i386.rpm -libelf-[0-9]*.i386.rpm dev-[0-9]*.i386.rpm diffutils-[0-9]*.i386.rpm dosfstools-[0-9]*.i386.rpm @@ -36,8 +34,6 @@ e2fsprogs-[0-9]*.i386.rpm ed-[0-9]*.i386.rpm fam-[0-9]*.i386.rpm file-[0-9]*.i386.rpm -filesystem-[0-9]*.noarch.rpm -fileutils-[0-9]*.i386.rpm findutils-[0-9]*.i386.rpm libacl-[0-9]*.i386.rpm libgcc-[0-9]*.i386.rpm @@ -46,14 +42,10 @@ gawk-[0-9]*.i386.rpm gdbm-[0-9]*.i386.rpm glib-[0-9]*.i386.rpm glib2-[0-9]*.i386.rpm -glibc-[0-9]*.i386.rpm -glibc-common-[0-9]*.i386.rpm gnupg-[0-9]*.i386.rpm grep-[0-9]*.i386.rpm groff-[0-9]*.i386.rpm -groff-perl-[0-9]*.i386.rpm gzip-[0-9]*.i386.rpm -htdig-[0-9]*.i386.rpm indexhtml-*.noarch.rpm info-[0-9]*.i386.rpm initscripts-[0-9]*.i386.rpm @@ -89,7 +81,6 @@ mpage-[0-9]*.i386.rpm ncurses-[0-9]*.i386.rpm netpbm-[0-9]*.i386.rpm newt-[0-9]*.i386.rpm -nhpf-[0-9]*.i386.rpm ntsysv-[0-9]*.i386.rpm openldap-[0-9]*.i386.rpm openssh-[0-9]*.i386.rpm @@ -113,21 +104,15 @@ procps-[0-9]*.i386.rpm psmisc-[0-9]*.i386.rpm pspell-[0-9]*.i386.rpm psutils-[0-9]*.i386.rpm -pwdb-[0-9]*.i386.rpm python-[0-9]*.i386.rpm -python-clap-*.noarch.rpm -python-popt-[0-9]*.i386.rpm -python-xmlrpc-[0-9]*.i386.rpm -python2-[0-9]*.i386.rpm readline-[0-9]*.i386.rpm -redhat-release-*.noarch.rpm +redhat-release-*.i386.rpm rootfiles-*.noarch.rpm rpm-[0-9]*.i386.rpm sed-[0-9]*.i386.rpm sendmail-[0-9]*.i386.rpm setup-*.noarch.rpm sgml-common-*.noarch.rpm -sh-utils-[0-9]*.i386.rpm shadow-utils-[0-9]*.i386.rpm slang-[0-9]*.i386.rpm slocate-[0-9]*.i386.rpm @@ -137,7 +122,6 @@ tar-[0-9]*.i386.rpm tcl-[0-9]*.i386.rpm tcsh-[0-9]*.i386.rpm termcap-*.noarch.rpm -textutils-[0-9]*.i386.rpm time-[0-9]*.i386.rpm tmpwatch-[0-9]*.i386.rpm umb-scheme-[0-9]*.i386.rpm @@ -151,7 +135,6 @@ vixie-cron-[0-9]*.i386.rpm which-[0-9]*.i386.rpm words-*.noarch.rpm xinetd-[0-9]*.i386.rpm -xml-common-*.noarch.rpm zip-[0-9]*.i386.rpm zlib-[0-9]*.i386.rpm mingetty-[0-9]*.i386.rpm @@ -160,4 +143,5 @@ modutils-[0-9]*.i386.rpm gmp-[0-9]*.i386.rpm expat-[0-9]*.i386.rpm net-tools-[0-9]*.i386.rpm +nscd-[0-9]*.i386.rpm Index: distrib/sample.conf =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/distrib/Attic/sample.conf,v retrieving revision 1.1 retrieving revision 1.1.4.1 diff -u -p -I$Id: -r1.1 -r1.1.4.1 --- distrib/sample.conf 29 Sep 2003 22:01:58 -0000 1.1 +++ distrib/sample.conf 2 Apr 2004 23:59:04 -0000 1.1.4.1 @@ -40,7 +40,7 @@ S_FLAGS="lock nproc" # ULIMIT="-H -u 200" # The example above, combined with the nproc S_FLAGS will limit the # vserver to a maximum of 200 processes -ULIMIT="-H -u 1000" +ULIMIT="-HS -u 1000" # You can set various capabilities. By default, the vserver are run # with a limited set, so you can let root run in a vserver and not # worry about it. He can't take over the machine. In some cases Index: doc/FAQ.txt =================================================================== RCS file: doc/FAQ.txt diff -N doc/FAQ.txt --- doc/FAQ.txt 29 Sep 2003 22:01:58 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,20 +0,0 @@ - - Object not found! - - The requested URL was not found on this server. If you entered - the URL manually please check your spelling and try again. - - If you think this is a server error, please contact the - [1]webmaster - -Error 404 - - - [2]remtk - ven 18 jui 2003 11:41:32 EDT - Apache/2.0.40 (Red Hat Linux) - -Références - - 1. mailto:root@localhost - 2. http://remtk/ Index: doc/Makefile-files =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/doc/Makefile-files,v retrieving revision 1.1 retrieving revision 1.1.4.1 diff -u -p -I$Id: -r1.1 -r1.1.4.1 --- doc/Makefile-files 29 Sep 2003 22:01:58 -0000 1.1 +++ doc/Makefile-files 18 Mar 2004 18:29:22 -0000 1.1.4.1 @@ -17,6 +17,4 @@ ## Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. ## -doc_DAT = doc/FAQ.txt \ - doc/changelog.txt \ - doc/intro.txt +doc_DAT = doc/intro.txt Index: doc/changelog.txt =================================================================== RCS file: doc/changelog.txt diff -N doc/changelog.txt --- doc/changelog.txt 29 Sep 2003 22:01:58 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,20 +0,0 @@ - - Object not found! - - The requested URL was not found on this server. If you entered - the URL manually please check your spelling and try again. - - If you think this is a server error, please contact the - [1]webmaster - -Error 404 - - - [2]remtk - ven 18 jui 2003 11:41:32 EDT - Apache/2.0.40 (Red Hat Linux) - -Références - - 1. mailto:root@localhost - 2. http://remtk/ Index: lib/Makefile-files =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/lib/Makefile-files,v retrieving revision 1.1.4.5 retrieving revision 1.1.4.6 diff -u -p -I$Id: -r1.1.4.5 -r1.1.4.6 --- lib/Makefile-files 28 Nov 2003 23:25:49 -0000 1.1.4.5 +++ lib/Makefile-files 4 Mar 2004 03:23:09 -0000 1.1.4.6 @@ -41,4 +41,4 @@ lib_XHDRS = lib/s lib_lib_LIBS = lib/libvserver.a lib_libvserver_a_SOURCES = $(lib_SRCS) -lib_libvserver_a_CPPFLAGS = -I$(kernelincludedir) -D_GNU_SOURCE +lib_libvserver_a_CPPFLAGS = -D_GNU_SOURCE Index: lib/syscall-compat.hc =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/lib/syscall-compat.hc,v retrieving revision 1.1.4.7 retrieving revision 1.1.4.8 diff -u -p -I$Id: -r1.1.4.7 -r1.1.4.8 --- lib/syscall-compat.hc 30 Dec 2003 13:45:57 -0000 1.1.4.7 +++ lib/syscall-compat.hc 19 Feb 2004 22:56:53 -0000 1.1.4.8 @@ -44,7 +44,7 @@ vc_set_ipv4root_compat(uint32_t bcast, struct vcmd_set_ipv4root_v3 msg; size_t i; - if (nb>=NB_IPV4ROOT) { + if (nb>NB_IPV4ROOT) { errno = -EINVAL; return -1; } Index: lib/syscall_rlimit-v11.hc =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/lib/syscall_rlimit-v11.hc,v retrieving revision 1.1.2.6 retrieving revision 1.1.2.7 diff -u -p -I$Id: -r1.1.2.6 -r1.1.2.7 --- lib/syscall_rlimit-v11.hc 30 Dec 2003 13:45:57 -0000 1.1.2.6 +++ lib/syscall_rlimit-v11.hc 20 Feb 2004 19:43:29 -0000 1.1.2.7 @@ -59,8 +59,8 @@ vc_set_rlimit_v11(xid_t ctx, int resourc static inline ALWAYSINLINE int vc_get_rlimit_mask_v11(xid_t ctx, int tmp, struct vc_rlimit_mask *lim) { - struct vcmd_ctx_rlimit_v0 vc_lim; - int rc; + struct vcmd_ctx_rlimit_mask_v0 vc_lim; + int rc; (void)tmp; Index: lib/vserver-internal.h =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/lib/vserver-internal.h,v retrieving revision 1.1.4.13 retrieving revision 1.1.4.14 diff -u -p -I$Id: -r1.1.4.13 -r1.1.4.14 --- lib/vserver-internal.h 5 Feb 2004 03:52:45 -0000 1.1.4.13 +++ lib/vserver-internal.h 14 Feb 2004 00:25:34 -0000 1.1.4.14 @@ -26,8 +26,8 @@ #include #include -#ifndef __NR_vserver -# define __NR_vserver 273 +#if !defined(__NR_vserver) && defined(ENSC_SYSCALL__NR_vserver) +# define __NR_vserver ENSC_SYSCALL__NR_vserver #endif #define VC_PREFIX 0) Index: m4/ensc_cflags.m4 =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/m4/ensc_cflags.m4,v retrieving revision 1.1.4.1 retrieving revision 1.1.4.2 diff -u -p -I$Id: -r1.1.4.1 -r1.1.4.2 --- m4/ensc_cflags.m4 26 Jan 2004 18:21:28 -0000 1.1.4.1 +++ m4/ensc_cflags.m4 4 Mar 2004 03:12:34 -0000 1.1.4.2 @@ -20,14 +20,14 @@ AC_DEFUN([__ENSC_CHECK_WARNFLAGS], warn_flags="-Werror -W" AC_MSG_CHECKING([whether the $1-compiler accepts ${warn_flags}]) AC_LANG_PUSH($1) - old_CFLAGS="${$3}" + __ensc_check_warnflags_old_CFLAGS="${$3}" $3="$warn_flags" AC_TRY_COMPILE([inline static void f(){}], [], [ensc_sys_compilerwarnflags_$2=${warn_flags}], [ensc_sys_compilerwarnflags_$2=]) AC_LANG_POP($1) - $3="$old_CFLAGS" + $3="$__ensc_check_warnflags_old_CFLAGS" if test x"${ensc_sys_compilerwarnflags_$2}" = x; then AC_MSG_RESULT([no]) @@ -82,7 +82,8 @@ AC_DEFUN([ENSC_CHECK_CXX_FLAG], # ENSC_CHECK_CC_FLAG(-flag1 -flag2 -flag3 ...) # ------------------------------------------------------------------------- -AC_DEFUN([ENSC_CHECK_CC_FLAG],[ +AC_DEFUN([ENSC_CHECK_CC_FLAG], +[ AC_REQUIRE([__ENSC_CHECK_WARNFLAGS_C]) echo 'void f(){}' > conftest.c Index: m4/ensc_e2fscheck.m4 =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/m4/ensc_e2fscheck.m4,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -u -p -I$Id: -r1.1.2.1 -r1.1.2.2 --- m4/ensc_e2fscheck.m4 26 Jan 2004 18:20:51 -0000 1.1.2.1 +++ m4/ensc_e2fscheck.m4 19 Feb 2004 22:56:27 -0000 1.1.2.2 @@ -46,9 +46,11 @@ the following reasons: * you have neither the e2fsprogs nor the kernel headers installed * kernel headers are broken (e.g. these of linux 2.6 are known to be) - and you do not have e2fsprogs headers installed; please try to - install e2fsprogs-devel (for Red Hat) or e2fsprogs-dev (for Debian) - in this case + and you do not have e2fsprogs headers installed; please try to install + - e2fsprogs-devel (for Red Hat), or + - libext2fs2-devel (for Mandrake), or + - e2fslibs-dev (for Debian) + in this case. * kernel headers are broken and your e2fsprogs headers are too old; until version 1.27 (inclusive), they are using reserved C++ keywords Index: m4/ensc_kerneldir.m4 =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/m4/ensc_kerneldir.m4,v retrieving revision 1.1.2.2 retrieving revision 1.1.2.3 diff -u -p -I$Id: -r1.1.2.2 -r1.1.2.3 --- m4/ensc_kerneldir.m4 26 Jan 2004 18:21:28 -0000 1.1.2.2 +++ m4/ensc_kerneldir.m4 4 Mar 2004 03:12:34 -0000 1.1.2.3 @@ -50,6 +50,8 @@ AC_DEFUN([ENSC_KERNEL_HEADERS], ensc_cv_path_kernelheaders=$ensc_cv_path_kerneldir/include ]) - $1=$ensc_cv_path_kernelheaders - AC_SUBST($1) + if test x"$1" != x; then + $1=$ensc_cv_path_kernelheaders + AC_SUBST($1) + fi ]) Index: m4/ensc_syscall.m4 =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/m4/ensc_syscall.m4,v retrieving revision 1.2.2.1 retrieving revision 1.2.2.2 diff -u -p -I$Id: -r1.2.2.1 -r1.2.2.2 --- m4/ensc_syscall.m4 5 Feb 2004 03:52:45 -0000 1.2.2.1 +++ m4/ensc_syscall.m4 4 Mar 2004 03:12:34 -0000 1.2.2.2 @@ -32,8 +32,6 @@ AC_DEFUN([ENSC_SYSCALL], xauto) AC_CACHE_CHECK([which syscall(2) invocation works], [ensc_cv_test_syscall], [ - old_CPPFLAGS=$CPPFLAGS - CPPFLAGS="-I$ensc_cv_path_kernelheaders" AC_LANG_PUSH(C) AC_COMPILE_IFELSE([ #include @@ -65,7 +63,6 @@ int main() { [ensc_cv_test_syscall=traditional]) AC_LANG_POP - CPPFLAGS=$old_CPPFLAGS ]) with_syscall=$ensc_cv_test_syscall ;; Index: m4/ensc_syscallnr.m4 =================================================================== RCS file: m4/ensc_syscallnr.m4 diff -N m4/ensc_syscallnr.m4 --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ m4/ensc_syscallnr.m4 9 Mar 2004 04:16:21 -0000 1.1.2.5 @@ -0,0 +1,62 @@ +dnl $Id: ensc_syscallnr.m4,v 1.1.2.5 2004/03/09 04:16:21 ensc Exp $ + +dnl Copyright (C) 2004 Enrico Scholz +dnl +dnl This program is free software; you can redistribute it and/or modify +dnl it under the terms of the GNU General Public License as published by +dnl the Free Software Foundation; version 2 of the License. +dnl +dnl This program is distributed in the hope that it will be useful, +dnl but WITHOUT ANY WARRANTY; without even the implied warranty of +dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +dnl GNU General Public License for more details. +dnl +dnl You should have received a copy of the GNU General Public License +dnl along with this program; if not, write to the Free Software +dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +dnl Usage: ENSC_SYSCALLNR(,) + +AC_DEFUN([ENSC_SYSCALLNR], +[ + AC_REQUIRE([AC_PROG_CPP]) + AC_REQUIRE([AC_PROG_EGREP]) + AC_REQUIRE([ENSC_KERNEL_HEADERS]) + + AC_CACHE_CHECK([for number of syscall '$1'], [ensc_cv_value_syscall_$1], + [ + AC_LANG_PUSH(C) + AC_LANG_CONFTEST([ +#include +#ifdef __NR_$1 +ensc_syscall_tmp_nr=__NR_$1; +ensc_syscall_tmp_src=ENSC_MARK +#endif +]) + ensc_syscall_tmp_nr= + ensc_syscall_tmp_src= + test "$ensc_syscall_tmp_nr" || \ + eval $($CPP $CPPFLAGS -D ENSC_MARK='glibc' conftest.c | $EGREP '^ensc_syscall_tmp_(nr=[[1-9]][[0-9]]*;|src=.*)$') + test "$ensc_syscall_tmp_nr" || \ + eval $($CPP $CPPFLAGS -D ENSC_MARK='kernel' -I $ensc_cv_path_kernelheaders conftest.c | $EGREP '^ensc_syscall_tmp_(nr=[[1-9]][[0-9]]*;|src=.*)$') + test "$ensc_syscall_tmp_nr" || { + ensc_syscall_tmp_nr=$2 + ensc_syscall_tmp_src=default + } + + if test x"$ensc_syscall_tmp_nr" = x; then + AC_MSG_ERROR( +[Can not determine value of __NR_$1; please verify your glibc/kernelheaders, and/or set CPPFLAGS='-D__NR_$1=' environment when calling configure.]) + fi + AC_LANG_POP + + ensc_cv_value_syscall_$1="$ensc_syscall_tmp_nr/$ensc_syscall_tmp_src" + ]) + + ensc_syscall_tmp_nr=${ensc_cv_value_syscall_$1%/*} + ensc_syscall_tmp_src=${ensc_cv_value_syscall_$1#*/} + + if test x"$ensc_syscall_tmp_src" != x'glibc'; then + AC_DEFINE_UNQUOTED(ENSC_SYSCALL__NR_$1, $ensc_syscall_tmp_nr, [The number of the $1 syscall]) + fi +]) Index: m4/validate.am =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/m4/validate.am,v retrieving revision 1.1.4.1 retrieving revision 1.1.4.2 diff -u -p -I$Id: -r1.1.4.1 -r1.1.4.2 --- m4/validate.am 3 Nov 2003 23:10:50 -0000 1.1.4.1 +++ m4/validate.am 4 Mar 2004 03:12:34 -0000 1.1.4.2 @@ -25,5 +25,6 @@ distclean-uptodate: .%-up-to-date: @rm -f .*-up-to-date + @$(MAKE) -s clean @touch -t 197001020000 '$@' - @$(MAKE) -s clean $(BUILT_SOURCES) + @$(MAKE) -s $(BUILT_SOURCES) Index: scripts/distrib-info =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/scripts/Attic/distrib-info,v retrieving revision 1.1.4.2 retrieving revision 1.1.4.3 diff -u -p -I$Id: -r1.1.4.2 -r1.1.4.3 --- scripts/distrib-info 30 Oct 2003 15:16:28 -0000 1.1.4.2 +++ scripts/distrib-info 20 Apr 2004 18:15:19 -0000 1.1.4.3 @@ -2,7 +2,8 @@ # Copyright (C) 2003 Enrico Scholz # based on distrib-info by Jacques Gelinas -# +# Debian support shoe-horned in by Matthew Lavy +# # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) @@ -70,6 +71,27 @@ if [ -f $DIRDIR/etc/redhat-release -o -f *) echo unknown request $KEY >&2 ;; + esac +elif [ -f $DISTDIR/etc/debian_version ] ; then + case $KEY in + pkgversion) + $CHROOTCMD /usr/bin/dpkg-query -W \ + --showformat='${Package}=${Version}#${Status}\n' \ + | perl -pe 's/(.+)-.*/$1/' \ + | grep "install ok installed" | cut -d"#" -f1 + ;; + unifiles) + echo $* | perl -pe 's/(.+)-.*/$1/' \ + | xargs $CHROOTCMD /usr/bin/dpkg -L \ + | grep -v "^/etc\|^/var" + ;; + dumpfiles) + echo $* | perl -pe 's/(.+)-.*/$1/' \ + | xargs $CHROOTCMD /usr/bin/dpkg -L + ;; + *) + echo unknown request $KEY >&2 + ;; esac else echo Distribution not supported yet >&2 Index: src/reducecap.c =================================================================== RCS file: /cvsroot/util-vserver/util-vserver/src/reducecap.c,v retrieving revision 1.1.4.2 retrieving revision 1.1.4.4 diff -u -p -I$Id: -r1.1.4.2 -r1.1.4.4 --- src/reducecap.c 30 Oct 2003 00:36:39 -0000 1.1.4.2 +++ src/reducecap.c 5 Mar 2004 04:59:36 -0000 1.1.4.4 @@ -27,6 +27,7 @@ #include #include #include +#include #include "linuxcaps.h" #include "vserver.h" @@ -161,49 +162,55 @@ int main (int argc, char *argv[]) // The following capabilities are normally available // to vservers administrator, but are place for // completeness - {"CAP_CHOWN",CAP_CHOWN}, - {"CAP_DAC_OVERRIDE",CAP_DAC_OVERRIDE}, - {"CAP_DAC_READ_SEARCH",CAP_DAC_READ_SEARCH}, - {"CAP_FOWNER",CAP_FOWNER}, - {"CAP_FSETID",CAP_FSETID}, - {"CAP_KILL",CAP_KILL}, - {"CAP_SETGID",CAP_SETGID}, - {"CAP_SETUID",CAP_SETUID}, - {"CAP_SETPCAP",CAP_SETPCAP}, - {"CAP_SYS_TTY_CONFIG",CAP_SYS_TTY_CONFIG}, - {"CAP_LEASE",CAP_LEASE}, - {"CAP_SYS_CHROOT",CAP_SYS_CHROOT}, + {"CHOWN",CAP_CHOWN}, + {"DAC_OVERRIDE",CAP_DAC_OVERRIDE}, + {"DAC_READ_SEARCH",CAP_DAC_READ_SEARCH}, + {"FOWNER",CAP_FOWNER}, + {"FSETID",CAP_FSETID}, + {"KILL",CAP_KILL}, + {"SETGID",CAP_SETGID}, + {"SETUID",CAP_SETUID}, + {"SETPCAP",CAP_SETPCAP}, + {"SYS_TTY_CONFIG",CAP_SYS_TTY_CONFIG}, + {"LEASE",CAP_LEASE}, + {"SYS_CHROOT",CAP_SYS_CHROOT}, // Those capabilities are not normally available // to vservers because they are not needed and // may represent a security risk - {"--LINUX_IMMUTABLE",CAP_LINUX_IMMUTABLE}, - {"--NET_BIND_SERVICE",CAP_NET_BIND_SERVICE}, - {"--NET_BROADCAST",CAP_NET_BROADCAST}, - {"--NET_ADMIN", CAP_NET_ADMIN}, - {"--NET_RAW", CAP_NET_RAW}, - {"--IPC_LOCK", CAP_IPC_LOCK}, - {"--IPC_OWNER", CAP_IPC_OWNER}, - {"--SYS_MODULE",CAP_SYS_MODULE}, - {"--SYS_RAWIO", CAP_SYS_RAWIO}, - {"--SYS_PACCT", CAP_SYS_PACCT}, - {"--SYS_ADMIN", CAP_SYS_ADMIN}, - {"--SYS_BOOT", CAP_SYS_BOOT}, - {"--SYS_NICE", CAP_SYS_NICE}, - {"--SYS_RESOURCE",CAP_SYS_RESOURCE}, - {"--SYS_TIME", CAP_SYS_TIME}, - {"--MKNOD", CAP_MKNOD}, - {"--QUOTACTL", CAP_QUOTACTL}, + {"LINUX_IMMUTABLE",CAP_LINUX_IMMUTABLE}, + {"NET_BIND_SERVICE",CAP_NET_BIND_SERVICE}, + {"NET_BROADCAST",CAP_NET_BROADCAST}, + {"NET_ADMIN", CAP_NET_ADMIN}, + {"NET_RAW", CAP_NET_RAW}, + {"IPC_LOCK", CAP_IPC_LOCK}, + {"IPC_OWNER", CAP_IPC_OWNER}, + {"SYS_MODULE",CAP_SYS_MODULE}, + {"SYS_RAWIO", CAP_SYS_RAWIO}, + {"SYS_PACCT", CAP_SYS_PACCT}, + {"SYS_ADMIN", CAP_SYS_ADMIN}, + {"SYS_BOOT", CAP_SYS_BOOT}, + {"SYS_NICE", CAP_SYS_NICE}, + {"SYS_RESOURCE",CAP_SYS_RESOURCE}, + {"SYS_TIME", CAP_SYS_TIME}, + {"MKNOD", CAP_MKNOD}, + {"QUOTACTL", CAP_QUOTACTL}, {NULL,0} }; int j; + arg += 2; + if (*arg=='\0') { + ++i; + break; + } + if (strncasecmp(arg, "CAP_", 4)==0) arg += 4; for (j=0; tbcap[j].option != NULL; j++){ if (strcasecmp(tbcap[j].option,arg)==0){ remove |= (1<] [-a|--all] [-MSH -- ]*\n" + " -c [-a|--all] [-MSH -- ]*\n" "Please report bugs to " PACKAGE_BUGREPORT "\n"); exit(res); } @@ -123,9 +123,9 @@ showAll(int ctx) struct vc_rlimit_mask mask; size_t i; - if (vc_get_rlimit_mask(-2, &mask)==-1) { + if (vc_get_rlimit_mask(ctx, &mask)==-1) { perror("vc_get_rlimit_mask()"); - //exit(1); + exit(1); } for (i=0; i<32; ++i) { @@ -133,6 +133,7 @@ showAll(int ctx) struct vc_rlimit limit; char buf[100], *ptr=buf; + if (((mask.min|mask.soft|mask.hard) & bitmask)==0) continue; if (vc_get_rlimit(ctx, i, &limit)==-1) { perror("vc_get_rlimit()"); //continue; @@ -157,7 +158,7 @@ static void size_t i; for (i=0; i<32; ++i) { if ((mask & (1<