About this list Date view Thread view Subject view Author view Attachment view

From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Tue 07 Oct 2003 - 22:53:44 BST


On Mon, Oct 06, 2003 at 07:34:07PM -0500, Jacques Gelinas wrote:
> Hello!
>
> I have released for testing kernel 2.4.22ctx-18 pre1. As the name implies
> this is a test release. I am also releasing vserver 0.24.
>
> You can find the stuff at ftp.solucorp.qc.ca/pub/vserver/testing. There is
> a patch against kernel 2.4.22 and the tar file for vserver 0.24. No binaries.

which now, to increase the confusion exists in two
different version as you forgot? to bump the revision
(the one you sent me, and the one you released)

we need to improve communication really fast,
TIA,
Herbert

> What is ctx-18. It could be the last version before we jump to the new virtual
> syscall strategy. What is new in it.
>
> chrootsafe
>
> This is a new system call that unlike chroot, can't be escaped.
> The system call does various things
>
> -Change the current directory as well as the root directory.
>
> -Fails if there is any open directory
>
> -Keep a pointer on the new root parent to create a no man land
> (like done with chmod 000 /vservers before).
>
> Using this new system call, chmod 000 is not needed anymore and we can
> support vservers inside vservers.
>
>
> setctxlimit
>
> This is a new system call (and a new utility) to change the ulimit
> like limits of a security context (or a vserver).
>
> Currently I have used the same numbers as ulimit (RLIMIT_NOFILE and
> so on) but this may change.
>
> The kernel currently keeps track of the open file and memory. Memory
> (virtual) is not tested very well.
>
> new_s_context
>
> The system call has been changed completly. You can select several
> security context (up to 16). And root in a security context is allowed
> to shuffle in the security contexts already assigned.
>
> This was done to allow vservers inside vservers. Basically, you assign
> several security context to one vserver and this vserver is allowed
> to assign a subset to another context.
>
> The exact semantic of this may evolve.
>
> You need vserver 0.24 to operate this kernel.
>
> A bug in net/ipv4/udp.c was fixed. It appears when we moved from 2.4.20 to
> 2.4.21 and probably caused various mis-behavior for UDP.
>
> ctx-18 also contains ctx-17a and b enhancements for multi-home vservers.
>
> ---------------------------------------------------------
> Jacques Gelinas <jack_at_solucorp.qc.ca>
> vserver: run general purpose virtual servers on one box, full speed!
> http://www.solucorp.qc.ca/miscprj/s_context.hc
> _______________________________________________
> Vserver mailing list
> Vserver_at_lists.tuxbox.dk
> http://lists.tuxbox.dk/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 07 Oct 2003 - 23:23:00 BST by hypermail 2.1.3