Re: [vserver] Problem with passwd

From: Steve Kieu <msh.computing_at_gmail.com>
Date: Tue 01 Nov 2011 - 23:38:25 GMT
Message-ID: <CAAQ-o+9=EM0uZUNuOeGG0zUou-dYnr68jD=zkS414FT2Bab6Pg@mail.gmail.com>

Not only the vserver problem, the config with problem shows some other
problems as well mostly in networking. (slow path) - and puppet client
stop working for not any reason - iproute1 stop working for multi gateway
config, etc..

Something is rally 'evil' in that config :-)

On Wed, Nov 2, 2011 at 10:29 AM, Steve Kieu <msh.computing@gmail.com> wrote:

> In deed it turns out that there is 'bad' things if turn selinux on
> together with vserver. Even the box itself selinux is set to permissive. Or
> somethng not good in relation to vservers in the security kernel config.
>
> I have rebuild the kernel and not selecting selinux and with .8 vserver
> patch and tested, things are fine.
>
> For reference I will attach two kernel config file with .8 patch to see if
> any relations to vservers these security settings. For now, I just compile
> the kernel without it then. Hope that it may give more information about
> why it fail or useful for you.
>
> Many thanks
>
>
>
> On Tue, Nov 1, 2011 at 1:30 PM, Herbert Poetzl <herbert@13thfloor.at>wrote:
>
>> On Tue, Nov 01, 2011 at 11:40:00AM +1100, Steve Kieu wrote:
>> > Hello ,
>>
>> > I have just discovered a strange problem with patch
>> > vs2.3.0.36.29.8 for 2.6.32.43. I can not inside the vserver
>> > guest from root to su to anybody, it prompts me password !
>>
>> > If the user does nto have password set then it is OK
>> > However if as root I run
>>
>> > passwd oter_username then I got error:
>>
>> > [root@cacti ~]# passwd stevek
>> > passwd: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 is not
>> > authorized to change the password of stevek
>>
>> > It happened with all guests, and it does not happen with
>> > vs2.3.0.36.29.7
>>
>> well, the changes between vs2.3.0.36.29.7 and vs2.3.0.36.29.8
>> are solely NFS related (see
>> http://vserver.13thfloor.at/ExperimentalT/delta-vs2.3.0.36.29.7-8.diff)
>> so I presume your guests are on NFS?
>>
>> > Please investigate if it is a bug somewhere?
>>
>> will do, please try to revert the delta linked above from
>> the kernel which causes this misbehaviour and let us know
>> if that fixes the issue for you ...
>>
>> thanks in advance,
>> Herbert
>>
>> > or advise me that I did somethign wrong, :-)
>> > I have to revert back to .7 for now
>>
>> > Thanks,
>>
>> > --
>> > Steve Kieu
>>
>
>
>
> --
> Steve Kieu
>

-- 
Steve Kieu
Received on Tue Nov 1 23:38:44 2011
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 01 Nov 2011 - 23:38:45 GMT by hypermail 2.1.8