might be a good idea!:)
let me know if that fixes the problem. could you give me the grsec
config part of your kernel?
tnx!
Oliver Heinz wrote:
Am Samstag, 18. November 2006 21:46 schrieb Herbert Poetzl:
On Sat, Nov 18, 2006 at 01:05:48PM +0100, Oliver Heinz wrote:
Am Freitag, 17. November 2006 18:48 schrieb Oliver Heinz:
Am Freitag, 17. November 2006 17:49 schrieb Herbert Poetzl:
On Fri, Nov 17, 2006 at 11:05:52AM +0100, Oliver Heinz wrote:
Am Donnerstag, 16. November 2006 13:11 schrieb Daniel Hokka
Zakrisson:
Oliver Heinz wrote:
Hello,
yesterday I upgraded my development server from
vmlinuz-2.6.12.5-vs2.0 to 2.6.17.14-grsec2.1.9-vs2.0.2.1 and
util-vserver from util-vserver-0.30.210 to
util-vserver-0.30.211.
All Debian/Ubuntu guests are running fine, but for the old
Suse9.0 guest when entering via vserver servername enter i get
an error:
[EMAIL PROTECTED]:/usr/src/packages# vserver dakar enter vlogin:
openpty(): No such file or directory
[EMAIL PROTECTED]:/usr/src/packages#
Any Idea what's wrong? Entering via ssh works fine, all
services are running, so it's not a major issue, just annoing.
Does it have /dev/ptmx and a mounted /dev/pts? When you log in
through ssh, what tty are you on?
dakar:~ # w
10:56:59 up 1 day, 1:03, 2 users, load average: 0.16, 0.16,
0.29 USER TTY LOGIN@ IDLE JCPU PCPU WHAT
oheinz ttyp1 10:28 11:22 0.10s 0.10s -bash
root ttyp2 10:56 0.00s 0.04s 0.00s w
~~~~~~~~~
looks like legacy ptys .. haven't seen them
for some time now, not sure that is related though ..
I was wondering too, when I ssh to a real physical host with suse 9.0
and kernel 2.4 I get ptys
what does /dev contain in your guest?
Just those few devices that are SuSE default ;-)
- I tried to attach the List but: Message body is too big and nobody
approved it yet. Is there someting special you are interessted?
ttys?pts?
ahem, this is what your guest should actually have in its
/dev, nothing more ...
# ls /dev
console full log= null ptmx pts/ random tty urandom zero
maybe an additional hdv1, but that's it, everything
else is not required and reduces your guest's security
which is why the tools do not put stuff there besides
the entries listed above ...
Thanks for that advice, but this vserver is an internal development platform
for a real server, which (of course) does have all those /dev entries . So
security in this guest is not an issue.
But it probably is not a good idea to have all that static dev entries that
are for 2.4 kernels running with a 2.6 vserver enabled kernel, idn't it.
So I did remove all that crap, left only
crw------- 1 root tty 5, 1 2006-11-19 15:14 console
crw-rw-rw- 1 root root 1, 7 2005-07-12 14:14 full
prw------- 1 root root 0 2006-11-19 15:14 initctl
crw-rw-rw- 1 root root 1, 3 2005-07-12 14:14 null
crw-rw-rw- 1 root tty 5, 2 2006-11-19 15:12 ptmx
drwxr-xr-x 2 root root 4096 2006-11-15 18:34 pts
crw-rw-rw- 1 root root 1, 8 2005-07-12 14:14 random
crw-rw-rw- 1 root tty 5, 0 2006-11-19 15:04 tty
-rw-r--r-- 1 root root 582 2006-11-19 15:13 tty10
cr--r--r-- 1 root root 1, 9 2006-11-15 18:34 urandom
crw-rw-rw- 1 root root 1, 5 2005-07-12 14:14 zero
But now I get an:
[EMAIL PROTECTED]:~# vserver dakar enter
vlogin: ioctl(): Not a typewriter
[EMAIL PROTECTED]:~#
and login via ssh is now broken too :-(
Nov 19 15:08:56 dakar sshd[1912]: error: openpty: No such file or directory
Nov 19 15:08:56 dakar sshd[1912]: error: session_pty_req: session 0 alloc
failed
Should I check with an non grsec vserver-kernel? Maybe it's grsec related?
Thanks so far,
Oliver
best,
Herbert
TIA,
Oliver
TIA,
Herbert
dakar:~ # mount
/dev/hda2 on / type reiserfs (rw)
proc on /proc type proc (rw)
devpts on /dev/pts type devpts (rw,mode=0620,gid=5)
dakar:~ # ls -la /dev/ptmx
crw-rw-rw- 1 root tty 5, 2 Sep 23 2003 /dev/ptmx
Thanks so far,
Oliver
_______________________________________________
Vserver mailing list
[email protected]
http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
[email protected]
http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
[email protected]
http://list.linux-vserver.org/mailman/listinfo/vserver
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
[EMAIL PROTECTED] -=- http://people.linux-vserver.org/~harry
thinking always leads to conclusions... and those can be extremely dangerous
-- me ;)
Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
_______________________________________________
Vserver mailing list
[email protected]
http://list.linux-vserver.org/mailman/listinfo/vserver
