package yum found 347882 3.2.21-1 thank you Hi Thomas,
Thomas Goirand wrote: > Please test the new package that we just sent to the archive, and let us > know if the bug is still there. As what has just been uploaded is the > latest version of yum, I guess this shouldn't be the case. The vserver tool is still complaining in basically the same way as before. # vserver f9test build -m yum -- -d f9 You are using a version of yum which is insecure and broken in chroot related operations; either apply the patches shipped in the 'contrib/' directory of util-vserver, or ask the author of yum to apply them (preferred). In the meantime, 'vyum' will continue with dirty hacks which might not work when the vserver is running and local DOS attacks are possible. Execution will continue in 5 seconds... Either the problem still persists, or the problem has been fixed upstream in a way that util-vserver cannot detect yet. If you can confirm this is the case, please reassign. Did you check out the patch I attached in my last mail to this bug report ? > Also, when reading your report, I'm unsure. Are you saying that yum > can't bootstrap something in a chroot? If you think it is the case with > your util-vserver, then I can tell you that is an issue in it. Our > scripts ARE working with the current SID version of yum (at least). > It is my understanding that vserver is doing more than simply setting up a little chroot. One thing that comes to mind is the "externalizing of the package management", meaning dpkg's (and rpm's) database lives outside of the chroot. While I don't care that much about this particular feature, this is the default behaviour when setting up a new vserver - only a later call to the "internalize" function will put the database back into the chroot directory. Unfortunately I don't understand enough about rpm to determine the exact scope of the patch. Thanks for your work on yum, Philipp > Let me know so I can close the issue... -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
