Bug#508523: Fix for this issue
After a conversation on IRC with Herbert Pötzl it appears that the
changes in the position of some xattr flags on the vserver patch used
within the Debian kernel are to blame for this behaviour.
There is an additional flag differences which affect chroot security
which should also be changed also.
#508523 is also probably related.
The parts of the vserver patch Debian uses which need to be changed
for consistency with the other vserver implementations (including
consistency with Debian Etch's kernels) are:
+#define FS_IXUNLINK_FL 0x01000000 /* Immutable invert on unlink */
+#define FS_IXUNLINK_FL 0x08000000 /* Immutable invert on unlink */
+#define FS_BARRIER_FL 0x10000000 /* Barrier for chroot() */
+#define FS_BARRIER_FL 0x04000000 /* Barrier for chroot() */
I've documented a brief summary of what is happening at
From Ben Green