From: Mark Huang <mlhuang@cs.princeton.edu>
Date: Mon, 29 Nov 2004 21:56:45 +0000 (+0000)
Subject: - bootcd doesn't support extended attribute bits, so "setattr --barrier
X-Git-Tag: after-util-vserver-0_30_208-revert~197
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=aa23102e154486ee4ad2be9d55e5aff591734348;p=util-vserver.git

- bootcd doesn't support extended attribute bits, so "setattr --barrier
  /vservers" in the rpm %post scriplet won't actually work during
  the initial install. Make sure it's set every time vcached is run.
---

diff --git a/scripts/vcached b/scripts/vcached
index bed2211..19e0dff 100755
--- a/scripts/vcached
+++ b/scripts/vcached
@@ -17,7 +17,7 @@
 # Mark Huang <mlhuang@cs.princeton.edu>
 # Copyright (c) 2004  The Trustees of Princeton University (Trustees).
 #
-# $Id: vcached,v 1.8 2004/11/19 20:27:24 mlhuang Exp $
+# $Id: vcached,v 1.9 2004/11/23 14:47:35 mlhuang Exp $
 #
 
 # get configuration
@@ -57,6 +57,9 @@ test -e "$UTIL_VSERVER_VARS" || {
 }
 . "$UTIL_VSERVER_VARS"
 
+# make sure barrier bit is set on /vservers to prevent chroot() escapes
+$PKGLIBDIR/setattr --barrier $VROOTDIR
+
 # take out the trash
 rm -rf "$VROOTDIR/.vtmp"