About this list Date view Thread view Subject view Author view Attachment view

From: Herbert P÷tzl (herbert_at_13thfloor.at)
Date: Fri 11 Jul 2003 - 21:37:09 BST


On Fri, Jul 11, 2003 at 01:01:12PM +0200, Thomas Gebhardt wrote:
> Hi,
>
> > > what about server unification, how was this solved?
> >
> > It is not. Unfortunatly.
>
> Wouldn't it suffice to scan all files in /usr and its
> subdirectories (on the vservers) looking for file
> attributes and md5sum, "unifying" all the files that
> are identical?

hmm, let me explain how rpm based distros
use unification:

 - the rpm 'spec' file has a list of files
   which are to be included in the resulting
   rpm, roughly categorizing their funtion,
   (binary, man page, config file, etc)
 - this makes it easy to separate for example
   log files from config files from shared
   libraries and binary executables ...

why not unify all 'equal' files (md5 hash e.g.)?
consider two newly created vservers, with lots
of config/log/temp files in it. they would have
the same md5 sum, but will after the first start
of each vserver start to divergate, which would
not be possible if they where unified in the first
place ...

> > > what about security updates in regard of unification?
> > > any comments/infos are welcome ...
>
> > That is really not a easy thing to fix. All help is appriciated of course.
>
> What's the problem here? After a security update on one/several/all
> vservers the different vservers will diverge. If one has a mechanism
> for "unifying" different vservers, one could rescan and reunify
> the vervsers. Of course, it would be more elegant just to rescan
> the files of the packages that are involved in the update.

best,
Herbert

> Cheers, Thomas
>


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Fri 11 Jul 2003 - 21:53:07 BST by hypermail 2.1.3