Your message dated Tue, 31 May 2011 05:24:14 +0100
with message-id <1306815854.4277.104.camel@localhost>
and subject line Re: Fix for this issue
has caused the Debian Bug report #508523,
regarding [linux-image-2.6.26-1-vserver-amd64] Can't delete vservers or remove
hashed files (works in 2.6.25)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
508523: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508523
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: util-vserver
Version: 0.30.216~r2772-5
Severity: important
root@rootwood:/home/ivan# vserver saturn5 delete
Are you sure you want to delete the vserver saturn5 (y/N) y
/bin/rm: cannot remove `/var/lib/vservers/saturn5/sbin/installkernel':
Operation not permitted
and so on, for hundreds of files...
ls -l /var/lib/vservers/saturn5/sbin/installkernel
-rwxr-xr-x 2 root root 2331 2008-06-27 07:21
/var/lib/vservers/saturn5/sbin/installkernel
It appears that all the files it is complaining about were hashified and are
thus shared between multiple vservers.
I also cannot remove any shared files at all:
root@rootwood:/home/ivan# vserver qis enter
qis:/# rm -f /usr/local/share/perl/5.8.8/FS/cust_main.pm
rm: cannot remove `/usr/local/share/perl/5.8.8/FS/cust_main.pm': Operation not
permitted
-- System Information:
Debian Release: 5.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-vserver-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages util-vserver depends on:
ii debconf 1.5.24 Debian configuration management sy
ii iproute 20080725-2 networking and traffic control too
ii libbeecrypt6 4.1.2-7 open source C library of cryptogra
ii libc6 2.7-16 GNU C Library: Shared libraries
ii make 3.81-5 The GNU version of the "make" util
ii net-tools 1.60-22 The NET-3 networking toolkit
ii util-linux 2.13.1.1-1 Miscellaneous system utilities
Versions of packages util-vserver recommends:
ii binutils 2.18.1~cvs20080103-7 The GNU assembler, linker and bina
ii debootstrap 1.0.10 Bootstrap a basic Debian system
Versions of packages util-vserver suggests:
ii iptables 1.4.1.1-4 administration tools for packet fi
ii linux-image-2.6.24-1-amd64 [l 2.6.24-7 Linux 2.6.24 image on AMD64
ii linux-image-2.6.25-2-amd64 [l 2.6.25-7 Linux 2.6.25 image on AMD64
ii linux-image-2.6.25-2-vserver- 2.6.25-7 Linux 2.6.25 image on AMD64
ii linux-image-2.6.26-1-vserver- 2.6.26-11 Linux 2.6.26 image on AMD64, Linux
ii module-init-tools 3.4-1 tools for managing Linux kernel mo
ii procps 1:3.2.7-9 /proc file system utilities
pn vlan <none> (no description available)
ii wget 1.11.4-2 retrieves files from the web
pn yum <none> (no description available)
-- debconf information:
util-vserver/prerm_stop_running_vservers: true
util-vserver/postrm_remove_vserver_configs: false
--- End Message ---
--- Begin Message ---
Version: 2.6.32-3
On Tue, 2009-05-12 at 14:38 +0100, [email protected] wrote:
> After a conversation on IRC with Herbert Pƶtzl it appears that the
> changes in the position of some xattr flags on the vserver patch used
> within the Debian kernel are to blame for this behaviour.
>
> There is an additional flag differences which affect chroot security
> which should also be changed also.
>
> #508523 is also probably related.
>
>
> The parts of the vserver patch Debian uses which need to be changed
> for consistency with the other vserver implementations (including
> consistency with Debian Etch's kernels) are:
>
> +#define FS_IXUNLINK_FL 0x01000000 /* Immutable invert on unlink */
> should be
> +#define FS_IXUNLINK_FL 0x08000000 /* Immutable invert on unlink */
>
> and
>
> +#define FS_BARRIER_FL 0x10000000 /* Barrier for chroot() */
> should be
> +#define FS_BARRIER_FL 0x04000000 /* Barrier for chroot() */
>
> I've documented a brief summary of what is happening at
> http://linux-vserver.org/Installation_on_Debian#Issues_with_the_current_2.6.26_Kernel
I have very little knowledge of vserver, and I don't know how we came to
use different values for these macros. Unfortunately we cannot change
them in a stable update to Debian 5.0 'lenny' as this will cause further
disruption.
I believe this bug has been fixed in Debian 6.0 'squeeze', in that the
values of these macros are as you say they should be.
Ben.
--
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.
signature.asc
Description: This is a digitally signed message part
--- End Message ---
