Re: [Vserver] proc not mounted and other suggestions

,loadavg} doesn't hurt and is a good start ... /proc/{sysrq-trigger,ide,scsi,bus} is evil ;) /proc/mounts is evil too since it discloses the devices where the virtual server and other virtual servers are mounted. -- Sandino Araico Sánchez -- Melón se comió las plumas

Re: [Vserver] [Release] Stable 1.27

/overview enjoy, Herbert ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver -- Sandino Araico Sánchez -- Lo que no mata engorda. ___ Vserver mailing list

Re: [Vserver] vserver + grsec + gradm problem

grsecurity's kernel settings, but all the same - 'open: Permission denied' What am i doing wrong? Maybe it'a a bug? it's a bug you hit usaing vservers _and_ grsecurity's ACL subsystem. -- Sandino Araico Sánchez -- Melón se comió las plumas

Re: [Vserver] vserver + grsec + gradm problem

conflicts other than desireable restrictions inside chroot. or do some merging ( I used to have this car with pedals as a kid, lots of fun, wouldn't recommend it for production environment though... ) -- Sandino Araico Sánchez -- Melón se comió las plumas

Re: [Vserver] vserver + grsec + gradm problem

? -- Sandino Araico Sánchez -- Melón se comió las plumas ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] grsecurity ending

, it might be interesting to absorb those parts useful for linux-vserver into a security branch of linux-vserver ... (would be 2.6 branch of course) best, Herbert From: Sandino Araico Sánchez [EMAIL PROTECTED] I've just uploaded the patch Vserver 1.27 + GR Security 1.9.14 against 2.4.25 to http

Re: [Vserver] grsecurity ending

in the early days of security enhancing patches) with different devs taking care of different modules. -- Sandino Araico Sánchez -- ... there's no spoon ... ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] Mailing List Future ...

[EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver -- Sandino Araico Sánchez -- ... there's no spoon ... ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] Re: BSDJAILS in 2.6.x as LSM?

Marc E. Fiuczynski wrote: Based on my reading of perf. numbers published in LSM's USENIX security conference, LSM does not impact performance any more significantly than vserver does. I.e., the numbers are so small that it doesn't really appear to make a big difference. Correct me if I wrong! I

Re: [Vserver] Reiser4 views/process oriented security proposal

Christian Mayrhuber wrote: Could become interesting: http://www.namesys.com/blackbox_security.html The process-oriented ACL seems functionality equivalent to grsec process-based ACLs. One disadvantage of grsec + vserver is that ACLs are applied system-wide and must be administered on the

Re: [Vserver] Reiser4 views/process oriented security proposal

he needs the hosting provider to setup a new iptables rule or a new grsec ACL. Marc -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Sandino Araico Sánchez Sent: Wednesday, September 15, 2004 10:36 PM To: [EMAIL PROTECTED] Subject: Re: [Vserver] Reiser4 views

Re: [Vserver] Reiser4 views/process oriented security proposal

, Marc -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Sandino Araico Sánchez Sent: Friday, September 17, 2004 5:20 AM To: [EMAIL PROTECTED] Subject: Re: [Vserver] Reiser4 views/process oriented security proposal Marc E. Fiuczynski wrote: Hi Sandino, In what

[Vserver] vserver + grsec patch for 2.4.34

-devmapper-ioctl.patch linux-2.4.22-VFS-lock.patch -- Sandino Araico Sánchez -- Melón se comió las plumas ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] vserver + grsec patch for 2.4.34

next week. Sandino Araico Sánchez -- Free as in Beer: You can drink as many as you want but you have to pay for them. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] moving guests

Herbert Poetzl wrote: I allready have set up shared filesystem im running my guests from, was just looking for a possibility so guests wouldnt need to be re-started when im in need to move them around. stop/start should take less than 5 seconds if the guests are configured properly,

[Vserver] Anounce: CentOS 5 guest image

passwd tcpdump telnet unzip wget which zip exit -- Sandino Araico Sánchez edce71952773051c884f6a49cc194445 8a3ac99fbf88d0c58677ffd9706081bb5471b756 2bc1ad9b84e28ba8725ee0008c80a7f0 5945bcf00844d5a421f7b66e3c5c28467e48f2bc -- 2d188949024d886941f4dff4f500918d 510f47aeec377edb804439a0dae774b9d94269b9

Re: [Vserver] Anounce: CentOS 5 guest image

Daniel Hokka Zakrisson wrote: Sandino Araico Sánchez wrote: In case somebody finds it useful, here it is: http://mirrors.sandino.net/vserver/images/centos-5-i686-2007-07-14.tar.bz2 http://mirrors.sandino.net/vserver/images/centos-5-i686-2007-07-14.tar.bz2.md5 http://mirrors.sandino.net

Re: [Vserver] Anounce: CentOS 5 guest image

Daniel Hokka Zakrisson wrote: Sandino Araico Sánchez wrote: That's right, but yum does not always work on Debian or Gentoo hosts. Oh? Details? Both Debian and Gentoo have packages for yum, so that sounds like bug(s) which should be reported to the maintainers... Yum is marked

Re: [Vserver] Anounce: CentOS 5 guest image

Daniel Hokka Zakrisson wrote: Sandino Araico Sánchez wrote: Yum is marked unstable in Gentoo. It works sometimes but i got used to unpacking the guest image and running a script that creates the config directory and the config file... It takes me about 20 minutes to setup a new vservar