tags 305216 +patch thanks This will probably occur on everything newer than 2.4.28, I have this on 2.4.30 and 2.6.10.
I've created a patch to do this the Correct Way(tm), according to Bertl @ #vserver on OFTC. Maybe the checking of the attributes isn't perfect yet, but it's a start ;) Tom
diff -ruN util-vserver-0.30.207.orig/debian/util-vserver.postinst util-vserver-0.30.207/debian/util-vserver.postinst --- util-vserver-0.30.207.orig/debian/util-vserver.postinst 2005-05-21 14:22:52.114410000 +0200 +++ util-vserver-0.30.207/debian/util-vserver.postinst 2005-05-21 15:07:56.635260976 +0200 @@ -18,9 +18,15 @@ update-rc.d vprocunhide defaults 25 15 >/dev/null fi - chmod 000 /var/lib/vservers/ - chattr +t /var/lib/vservers/ -# setattr --barrier /var/lib/vservers/ || true + # fix older 000 mode to 0700 and older attr +t if present + if [ "`ls -ld /var/lib/vservers/|cut -d' ' -f1`" == "d---------" -a "`lsattr -d /var/lib/vservers/|cut -c16`" == "t" ]; + then + chmod 0700 /var/lib/vservers + chattr -t /var/lib/vservers + fi + + # set chroot barrier + setattr --barrier /var/lib/vservers/*/.. || true # UPGRADE PATH FROM vserver PACKAGE! # It should be fairly fail safe.
