On Fri, 11 May 2007 04:05:21 +0100, Corey Wright <[EMAIL PROTECTED]> wrote:

> the only problems i've encounter without COW is:
>1. slapping my forehead when i accidentally vhashify /etc, try to modify a
> config file, and spend several minutes trying to figure out why i can't
> modify the file though i've set it u+w.  (that happened sometime in the
> beginning and only happened once. ;-)
>2. upon upgrading or uninstall a package containing set[ug]id files, dpkg
> tries to unset the set[ug]id bit of the files (as a security precaution in
> case someone has hardlinked it and is keeping it around waiting for an
> exploit to be found in it).  of course this fails as the hashified file
> cannot be modified, but even worse dpkg stumbles on making a mess without
> reporting an error/failure.  i patched dpkg to not unset the file.  another
> debian user patched vhashify to skip set[ug]id files, which is the more
> proper solution (i only patched dpkg because it was the easier solution
> having already found the problematic code in dpkg while debugging the
> problem).  see the vserver mailing list archives for our patches.  see bug
> http://bugs.debian.org/382760 for my dpkg bug report.
>those are the two problems i've ever found.
>a tip is to rehashify your vservers and prune your .hash directory after
> package updates.  you can find a discussion on pruning scripts that i
> prompted on the mailing list sometime ago.

Excellent, thankyou for that, those were exactly the sorts of problems I 

I'd like to read the thread about pruning and the patches. The archive doesn't 
search well through google and has no inbuilt search. Any idea when the 
discussion was? I would prefer not to load anyones servers (and my HD) by 
downloading the lot.

When the archive says "email me" for the mbox, who is me?


 From Ben Green

Vserver mailing list

Reply via email to