About this list Date view Thread view Subject view Author view Attachment view

From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Wed 06 Jul 2005 - 15:26:32 BST


On Tue, Jul 05, 2005 at 11:40:43PM -0500, Micah Anderson wrote:
> Herbert Poetzl schrieb am Wednesday, den 06. July 2005:
>
> > On Wed, Jul 06, 2005 at 05:35:07AM +0200, Harald Kapper wrote:
> > > On Wed, 6 Jul 2005 04:59:27 +0200, Herbert Poetzl <herbert_at_13thfloor.at> wrote:
> > >
> > > >debian sarge is broken (at least regarding linux-vserver)
> > >
> > > hi
> > > uhm - if this is so why are there not bug-reports / package-maintainers
> > > notified, etc.?
> > >
> > > anyway, would you care to share your opinion on which
> > > distro vservers aren't broken?
> >
> > they work just fine on almost all distros including debian,
> > it's just not advised to take the debian packages for now
> > (until debian folks have fixed them)
>
> So that we can know, can you give an idea of what the problems are?

sure, the following stuff comes to my mind:

 - vshelper async/sync call
 - 32/64 bit compatibility broken/missing
 - vroot device cannot be built as module
 - vc_wait_exit() required for stop/reboot
   synchronization is broken
 - mips/ppc64/hppa/um syscall support broken
 - missing support for virtual syslog
 - can't compile with proc disabled
 - /proc/sys/kernel/{hostname,os*,vers*}
   virtualization missing
 - spectator context sees ghost inits
 - xfs mount option (tagxid) broken
 - alpha getxpid support missing
   that means no pid virtualization :)

> I am using the debian kernel patch and util-vserver packages on 4
> different machines and I haven't had any problems.

probably most/all x86 machines with a legacy config
(i.e. the 2.4 kernel + tools would work fine there, no?)

> This does not mean
> that there are no problems, but I haven't seen any and would like to
> know what might be things I could encounter (and others probably want
> to know too).

also we did a lot of cleanups and added to the debug
information, so that we can easily hunt down issues
reported by folks, but that won't work with a debian
kernel, because the information there is just outdated

> > this means:
> >
> > - get a vanilla kernel (2.6.12.2 is current)
> > - get the linux-vserver patch (vs2.0-rc5 is current)
>
> Additionally, I have updated kernel-patch-vserver so that patch
> vs2.0-rc4 is working for debian kernel 2.6.11-7. I am working on
> updating the 2.6.8 patch to also work with vs2.0. The Debian 2.6.12
> kernel is coming soon (it has been held up by the gcc-4.0 transition),
> and when it is available I will update the patch to work with that
> kernel as well.

so where is the point in using a debian kernel then,
if the only effect seems to be that you have to get
the kernel from unstable, and wait a few weeks until
you do get it :)

> If you wish to be more conservative, and play with a more "stable"
> situation, with less enhancements, the Debian vserver patch works
> against kernel-source-2.4.27 (in stable, using the vserver stable
> vs1.2.10 patch).

does that mean you get the exploits from 2.4.27 too?
(see /. article "Debian struggling with security")

> > - get the most recent tools (util-vserver-0.30.207)
>
> The util-vserver package in debian unstable has 0.30.207 available on
> all architectures except ia64 (0.30.204-6).

yes, which would be fine, if they'd actually work ...
unfortunately it seems that they _assume_ the x86
syscall number on _all_ archs, which makes them fail
on most non x86 archs ...

(see http://linux-vserver.org/Syscall+Switch+Info for
details about the correct syscall number)

a recompile of the 0.30.207 source fixes the issue,
so to me it is a debian bug, no?

> > PS: I'm pretty sure debian folks (including maintainers)
> > will soon catch up (and fix the issues) ... nevertheless
> > feel free to submit bug reports to the debian maintainers
> > for all your issues you encounter with the sarge version.
>
> Please do, dont bug Bertl because the debian packages are out of date,
> report the bugs using the Debian BTS (install package reportbug and
> run it!).

thanks,
Herbert

> Micah

> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver

_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 06 Jul 2005 - 15:26:59 BST by hypermail 2.1.3