From: Sandino Araico Sánchez (sandino_at_sandino.net)
Date: Tue 30 Mar 2004 - 06:17:08 BST
Dariush Pietrzak wrote:
>>I want to use gradm on main system, not in vserver, but as you can
>>see I can't because of this error. I'm successfully running kernel
>>with grsec + gradm, but I can't run vserver + grsec + gradm.
>>
>>
> and what is strange about that?
>(I'm trying to ride a bike, no problem here. I'm trying to drive a car,
>still no problem. But when I'm trying to ride a bike+car I get those
>mysterious erorrs....).
>
>
At the patch level, grsecurity and vserver have been very mixable, I've
had no other problems than the need to reduce chroot restrictions.
I've been trying to reproduce Justina's problem with gradm but I can't
reproduce it on context 0, It's only reproduceable inside a virtual
server but in such case it's a desireable behaveour.
> It's not that obvious how would you like to merge bike and car, same goes
>for grsec and vserver.
>
It takes ~1 hour to integrate the .rej files and the resulting patch
looks clean enough.
>You can merge those, but since functionality
>overlaps you have to decide either to drop one or the other in some places,
>
>
Functionality overlaps in some places like process vissibility which is
filtered twice but I've seen no functionality conflicts other than
desireable restrictions inside chroot.
>or do some merging ( I used to have this car with pedals as a kid, lots of fun,
>wouldn't recommend it for production environment though... )
>
>
>
-- Sandino Araico Sánchez -- Melón se comió las plumas...._______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver