From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Wed 14 Jan 2004 - 13:19:03 GMT
On Wed, Jan 14, 2004 at 01:58:22PM +0100, Andreas Scholz wrote:
> yesterday i asked for your experiences with SuSE
> as vserver.
> Today i installed minimal SuSE 9, and patched a vanilla
> kernel 2.4.23 with vserver and acl patch.
hmm, may I ask why 2.4.23 and vs1.22 when there
is 2.4.24 and vs1.23? some kind of nostalgia?
reasons for not using 2.4.23 + vs1.22
- mremap() syscall can gain priviledges
- /dev/rtc leak parts of kernel memory
- /procfs vulnerability
> Now my "make" fails with error: undefined reference
> to 'IS_IMMUTABLE'  in the ext3 acl section.
> My question is: does the vserver patch work with acls ?
guess it works, but it needs some adaptations
(this should be solved in the devel branch)
replacing IS_IMMUTABLE either with IS_IMMUTABLE_FILE
or IS_IMMUTABLE_LINK, depending on the context
should solve this ...
> Has anyone running a system with acl+vserver ? Would
> it be an option to wait until vserver is ready for kernel 2.6
> (which includs acls) ?
sure would also be an option, but I guess the
changes are minimal ...
PS: volunteering to check the ACL stuff? if so
just let me know ...
> Thank you for advice - Andreas
>  Files:
> util-vserver-0.26.tar.bz2.4.23 (unused)
>  sounds like vserver-patch ? to be honest: at this point
> my knowledge is zero...
> Vserver mailing list
Vserver mailing list