--- linux-i686-2.6.22/kernel/vserver/space.c.orig	2008-03-11 20:14:21.000000000 -0400
+++ linux-i686-2.6.22/kernel/vserver/space.c	2008-03-11 20:13:53.000000000 -0400
@@ -15,12 +15,15 @@
 #include <linux/utsname.h>
 #include <linux/nsproxy.h>
 #include <linux/err.h>
+#include <net/net_namespace.h>
 #include <asm/uaccess.h>
 
 #include <linux/vs_context.h>
 #include <linux/vserver/space.h>
 #include <linux/vserver/space_cmd.h>
 
+#include <linux/capability.h>
+
 
 atomic_t vs_global_nsproxy	= ATOMIC_INIT(0);
 atomic_t vs_global_fs		= ATOMIC_INIT(0);
@@ -55,9 +58,21 @@
 	struct mnt_namespace *old_ns;
 	struct uts_namespace *old_uts;
 	struct ipc_namespace *old_ipc;
+	struct net *old_net;
 	struct nsproxy *nsproxy;
 
+	/* Dunno if task_lock is really needed */
+	task_lock(current);
+	if (!cap_raised(current->cap_effective, CAP_SYS_ADMIN)) {
+		current->cap_effective = cap_raise(current->cap_effective, CAP_SYS_ADMIN);
+	}
 	nsproxy = copy_nsproxy(old_nsproxy);
+	if (cap_raised(current->cap_effective, CAP_SYS_ADMIN)) {
+		current->cap_effective = cap_lower(current->cap_effective, CAP_SYS_ADMIN);
+	}
+	task_unlock(current);
+	/* <- */
+
 	if (!nsproxy)
 		goto out;
 
@@ -84,6 +99,16 @@
 			get_ipc_ns(nsproxy->ipc_ns);
 	} else
 		old_ipc = NULL;
+	
+	if (mask & CLONE_NEWNET) {
+		old_net = nsproxy->net_ns;
+		nsproxy->net_ns = new_nsproxy->net_ns;
+		if (nsproxy->net_ns) {
+			get_net(nsproxy->net_ns);
+		}	
+	} else
+		old_net = NULL;
+
 
 	if (old_ns)
 		put_mnt_ns(old_ns);
@@ -91,6 +116,9 @@
 		put_uts_ns(old_uts);
 	if (old_ipc)
 		put_ipc_ns(old_ipc);
+	if (old_net)
+		put_net(old_net);
+
 out:
 	return nsproxy;
 }
@@ -251,7 +279,8 @@
 
 int vc_enter_space(struct vx_info *vxi, void __user *data)
 {
-	struct vcmd_space_mask vc_data = { .mask = 0 };
+	/* Ask dhozac how to pass this flag from user space - Sapan*/
+	struct vcmd_space_mask vc_data = { .mask = CLONE_NEWNET };
 
 	if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
 		return -EFAULT;