| 1 |
On 05/20/2011 07:11 AM, "Tóth Attila" wrote: |
| 2 |
> After a week I think I've sorted out nearly all issues about openrc on my |
| 3 |
> systems. |
| 4 |
> Bonding was compiled into the kernel. Upon I tried to echo mode 4 |
| 5 |
> (802.3ad) to set up the lacp, the system said there's no write access to |
| 6 |
> the mode file. So the bonding interface remained in round-robin mode. That |
| 7 |
> was disturbing. |
| 8 |
> |
| 9 |
> grsec: denied auto-loading kernel module for a network device with |
| 10 |
> CAP_SYS_MODULE (deprecated). Use CAP_NET_ADMIN and alias netdev-bonding |
| 11 |
> instead. |
| 12 |
> |
| 13 |
> I suspect there was something wrong in the background. |
| 14 |
> If I take a look at on the error message, I don't know that actually which |
| 15 |
> process tries to autoload the module. I would check out my policy to |
| 16 |
> specify CAP_NET_ADMIN also for that binary. For the second part I would be |
| 17 |
> interested to where I should add netdev-bonding as an alias for openrc or |
| 18 |
> whatnot? |
| 19 |
> |
| 20 |
> I've ended up compiling bonding as a module and the interface is in the |
| 21 |
> correct mode now after reboot. Loading the module now happens before |
| 22 |
> locking down the system. |
| 23 |
> |
| 24 |
> Regards: |
| 25 |
> Dw. |
| 26 |
|
| 27 |
Compiling it as a module is the way the devs recommend doing it. I've |
| 28 |
been compiling it into my kernels, but then I'm stuck with what I get, |
| 29 |
as you were. I want the round-robin, what's bothering me is the miimon |
| 30 |
which I can't change from 0 which means no mii mon which is not good. |
| 31 |
|
| 32 |
|
| 33 |
-- |
| 34 |
Anthony G. Basile, Ph.D. |
| 35 |
Gentoo Linux Developer [Hardened] |
| 36 |
E-Mail : blueness@g.o |
| 37 |
GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535 |
| 38 |
GnuPG ID : D0455535 |
Archives