[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#508523: Fix for this issue

After a conversation on IRC with Herbert Pötzl it appears that the changes in the position of some xattr flags on the vserver patch used within the Debian kernel are to blame for this behaviour.

There is an additional flag differences which affect chroot security which should also be changed also.

#508523 is also probably related.

The parts of the vserver patch Debian uses which need to be changed for consistency with the other vserver implementations (including consistency with Debian Etch's kernels) are:

+#define FS_IXUNLINK_FL	0x01000000 /* Immutable invert on unlink */
should be
+#define FS_IXUNLINK_FL	0x08000000 /* Immutable invert on unlink */


+#define FS_BARRIER_FL  0x10000000 /* Barrier for chroot() */
should be
+#define FS_BARRIER_FL  0x04000000 /* Barrier for chroot() */

I've documented a brief summary of what is happening at http://linux-vserver.org/Installation_on_Debian#Issues_with_the_current_2.6.26_Kernel

From Ben Green

Reply to: