Re: lenny updates (networking)

To: Kir Kolyshkin <kir@openvz.org>
Cc: dann frazier <dannf@dannf.org>, debian-kernel@lists.debian.org, jmm@inutil.org, debian@openvz.org
Subject: Re: lenny updates (networking)
From: Ola Lundqvist <ola@inguza.com>
Date: Mon, 16 Mar 2009 12:47:39 +0100
Message-id: <[🔎] 20090316124739.rbu5lq9bvowwsoso@webmail.inguza.net>
In-reply-to: <[🔎] 49BE35CB.7080405@openvz.org>
References: <20090223234735.GJ5515@ldl.fc.hp.com> <[🔎] 20090303204404.GB17763@inguza.net> <[🔎] 20090309051708.GG14033@colo.lackof.org> <[🔎] 20090309191328.GA17856@inguza.net> <[🔎] 20090309194209.GC12403@colo.lackof.org> <[🔎] 20090309200721.GA32518@inguza.net> <49B58BF1.4080004@openvz.org> <49B5AC1C.5030905@openvz.org> <[🔎] 20090314171454.GA22193@inguza.net> <[🔎] 49BE35CB.7080405@openvz.org>

Hi Kir

Quoting Kir Kolyshkin <kir@openvz.org>:

Ola Lundqvist wrote:

[...]

http://git.openvz.org/?p=linux-2.6.26-openvz;a=commitdiff;h=ce67d5b4cc85fa0c6a6d226d436276ab307ae041
iptables: setup init iptables mask before net initialization
Trivial fix for IPv6 iptables in container. Not an ABI breaker.
Attached as 0042*
IPv6 is not really working in the current version. However this isan improvement to the current state.Not sure it should be included. I have added to my test build but Ithink I need advice from Dann here.
So we can either disable IPv6 in config or fix it. It's up to you/Dann
to decide. I'd go with fixing.


I tend to agree.

Speaking of IPv6, we also have a bunch of patches for ipv6 conntracks
in containers which I haven't sent since it looks more like a new
functionality rather than a bugfix.

If it is new functionality, then it can not go in. However if it isfixes (>= important) then it should go in. So if you see any importantones please let me know.

http://git.openvz.org/?p=linux-2.6.26-openvz;a=commitdiff;h=fffc6ffba65ec0b12aeb89f2e4a448785298aa75
net: set ve context when init/exit method is called
Attached as 0043*


Security issue?


No. Deadlocks/leaks on VE stop.

I personally consider deadlock as a denial of service. However thiscan only be done by root. On the other hand I assume it is stillimportant to fix it.


[...]

Best regards,

// Ola


--
 --- Inguza Technology AB --- MSc in Information Technology ----
/  ola@inguza.com                    Annebergsslingan 37        \
|  opal@debian.org                   654 65 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---------------------------------------------------------------

Reply to:

References:
- Re: lenny updates
  - From: Ola Lundqvist <ola@inguza.com>
- Re: lenny updates
  - From: dann frazier <dannf@dannf.org>
- Re: lenny updates
  - From: Ola Lundqvist <ola@inguza.com>
- Re: lenny updates
  - From: dann frazier <dannf@dannf.org>
- Re: lenny updates
  - From: Ola Lundqvist <ola@inguza.com>
- Re: lenny updates (networking)
  - From: Ola Lundqvist <ola@inguza.com>
- Re: lenny updates (networking)
  - From: Kir Kolyshkin <kir@openvz.org>

Prev by Date: Re: lenny updates
Next by Date: Bug#518344: [linux-source-2.6.28] hang on shutdown after acpid exiting
Previous by thread: Re: lenny updates (networking)
Next by thread: Re: lenny updates (networking)
Index(es):
- Date
- Thread