against the wall trying to
solve :) I now use iproute2 on everything, even on simple workstation
installations, so it is there if additional configuration is ever needed.
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://people.linux
with /dev/kmem or
otherwise tampering with the kernel, so I can't see how a feature like
this will provide any strong guarentees; unless heirarchies of contexts
(which would be extreemly cool) are planned. Or is it just intended as
a 'speed bump' / politeness feature?
--
harry
aka Rik Bobbaers
it solved a compile error (dereferencing pointer to incomplete
type).
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://people.linux-vserver.org/~harry
thinking always leads to conclusions... and those can be extremely dangerous
-- me
update from vserver: 2.2.0-rc7
have fun with it, all!!!
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://people.linux-vserver.org/~harry
thinking always leads to conclusions... and those can be extremely dangerous
-- me ;)
Disclaimer
mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
--
harry
aka Rik Bobbaers
K.U.Leuven
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://harry.ulyssis.org
thinking always leads to conclusions... and those can be extremely dangerous
-- me ;)
Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
table per
configured vlan. you suggest 1 table per virtual server?
greetz,
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://harry.ulyssis.org
Work hard and do your best, it'll make it easier for the rest
-- Garfield
Disclaimer: http
-e $i umount $1; done
exit 0;
fi
exit 1;
you just do unmount_vserver /vservers/bleh
and it makes sure it's unmounted in all namespaces.
it doesn't do much checking, but you get the picture, feel free to add
more sanity/safety checks ;)
greetz,
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT
there is not really a
problem, just some practical questions!
greetz,
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://harry.ulyssis.org
Work hard and do your best, it'll make it easier for the rest
-- Garfield
Disclaimer: http
that problem.
ps. i have the same setup as you... 1 LV per vserver :)
greetz
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://harry.ulyssis.org
Work hard and do your best, it'll make it easier for the rest
-- Garfield
Disclaimer
and pipacs!)
that's about it... it should work without any problems (it does so on a
production server here)
have fun with it all!!!
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://harry.ulyssis.org
Work hard and do your best, it'll
on that one?
greetz,
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://harry.ulyssis.org
Work hard and do your best, it'll make it easier for the rest
-- Garfield
Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://harry.ulyssis.org
Work hard and do your best, it'll make it easier for the rest
-- Garfield
Disclaimer: http
sorry guys, this was supposed to be to Bert only, that's why it was in
dutch...
just ignore :)
Rik Bobbaers wrote:
dag gentse collega!,
ik ben van plan de 2.6.16.22 patch te maken met de laatste rc van
vserver (en de laatste grsec).
deze zal je altijd kunnen vinden op :
http
... if you need a grsec + vserver kernel... this is the one to get! ;)
greetz (and thanks to all who helped :))
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://harry.ulyssis.org
Work hard and do your best, it'll make it easier for the rest
they release this much patches... but at least you got
the chance to upgrade again :)
btw. the localversion-grsec problem with make-kpkg... it's solved here :)
Have fun with it!
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://harry.ulyssis.org
to release his grsec 2.1.9 officially... (or
maybe not ;)) i'll try to get a grsec + vserver patch ready for 2.6.16
somewhere this week...
the latest patch is for 2.6.14.6, and is at:
http://harry.ulyssis.org/vserver
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71
will talk to herbert on what vserver
patch i will merge it with...
we just need to be patient ;)
ps. updating grsec to 2.6.16 myself is not such a good idea, since i'm not
THAT familiar with grsec and pax code...
greetz,
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52
there in the default vserver 2.1.0 patch
off course... backporting the 2.1.1-rc9 has proven to be a bit too much work,
so i fear, unstable))
so... upgrade all!!! :)
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://harry.ulyssis.org
Work
# CONFIG_GRKERNSEC_SOCKET is not set
#
# Sysctl support
#
CONFIG_GRKERNSEC_SYSCTL=y
CONFIG_GRKERNSEC_SYSCTL_ON=y
#
# Logging Options
#
CONFIG_GRKERNSEC_FLOODTIME=10
CONFIG_GRKERNSEC_FLOODBURST=4
# CONFIG_KEYS is not set
# CONFIG_SECURITY is not set
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT
can do this with:
echo 0 /proc/sys/kernel/grsecurity/chroot_caps
(or the appropriate sysctl command ;))
if people think it 's a good thing to merge the patches... just let me know,
i'll see what i can do to keep this a little bit up to date.
have fun all!
--
harry
aka Rik Bobbaers
K.U.Leuven
://www.paul.sladen.org/vserver/archives/200511/0165.html
http://www.paul.sladen.org/vserver/archives/200511/0189.html
there are sollutions to this BIND problem (check the manual(s))
further... i don't know about any other advantages/disadvantages...
anyone??? ;)
--
harry
aka Rik Bobbaers
K.U.Leuven
22 matches
Mail list logo