Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Hi Thanks for this. Yes I think it would be good to fix this, and I think we could convince the release team about it as well. I'll bring it up on the kernel maintainers mailinglist. I'm not a kernel maintainer myself. // Ola On Tue, Jul 10, 2012 at 07:37:29PM +0200, Christoph Lechleitner wrote: > Am 2012-07-10 19:12, schrieb Michael Renner: > > On Jul 10, 2012, at 17:25 , Christoph Lechleitner wrote: > > > >> Am 2012-07-10 16:58, schrieb Benjamin Henrion: > >>> I am affected by that bug, as updatedb crashes inside a VZ: > >>> > >>> Can someone fix that? > >> > >> Just to be sure, you did notice we from ITEG are providing binary > >> packages for now? > > > > Thanks - they work fine for me! > > Btw., I had a short mail discussion with Jonathan, and he asked me to > release source packages, too, in order to make it easier to trace and > reproduce my steps. > > He also told my how to so and where to put what source package files in > the repository, so I'll try to do so. It may take some time though. > > Regards, Christoph > -- --- Inguza Technology AB --- MSc in Information Technology / o...@inguza.comAnnebergsslingan 37\ | o...@debian.org 654 65 KARLSTAD| | http://inguza.com/Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Am 2012-07-10 19:12, schrieb Michael Renner: > On Jul 10, 2012, at 17:25 , Christoph Lechleitner wrote: > >> Am 2012-07-10 16:58, schrieb Benjamin Henrion: >>> I am affected by that bug, as updatedb crashes inside a VZ: >>> >>> Can someone fix that? >> >> Just to be sure, you did notice we from ITEG are providing binary >> packages for now? > > Thanks - they work fine for me! Btw., I had a short mail discussion with Jonathan, and he asked me to release source packages, too, in order to make it easier to trace and reproduce my steps. He also told my how to so and where to put what source package files in the repository, so I'll try to do so. It may take some time though. Regards, Christoph -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
On Jul 10, 2012, at 17:25 , Christoph Lechleitner wrote: > Am 2012-07-10 16:58, schrieb Benjamin Henrion: >> I am affected by that bug, as updatedb crashes inside a VZ: >> >> Can someone fix that? > > Just to be sure, you did notice we from ITEG are providing binary > packages for now? Thanks - they work fine for me! Ola, Jonathan: Could you please integrate the fix or at least comment on this? Thanks. best, Michael -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Am 2012-07-10 16:58, schrieb Benjamin Henrion: > I am affected by that bug, as updatedb crashes inside a VZ: > > Can someone fix that? Just to be sure, you did notice we from ITEG are providing binary packages for now? They are at http://deb.clazzes.org/debian/pool/squeeze-contrib-1/ resp. available via the deb source deb http://deb.clazzes.org/debian squeeze-contrib-1 main See http://deb.clazzes.org for archive keys. Everything is available via https: too. Regards Christoph -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Michael Renner [120702]: > On Jun 28, 2012, at 7:18 , Ola Lundqvist wrote: > > > I do not know if there is much point in that. We can do that of course > > but as we soon have a new release without those kernels I do not > > really see the benefit of doing so. > > > As long as the Debian Squeeze kernels are actively maintained serious > regressions and/or security issues within OpenVZ should be addressed > as well. I don't care about small functionality issues since most of > the OpenVZ users are accustomed to them by now, but if something > breaks this needs to be addressed. I am affected by that bug, as updatedb crashes inside a VZ: = 101# cat /proc/self/mountinfo cat: /proc/self/mountinfo: Cannot allocate memory = > If you don't do this, please drop the kernels altogether so that > people can build an alternate repository and don't get led into the > false assumption that Debian is taking care of them. The half-assed > approach you propose is hurting more than it helps. > > > Rationale: > > * The bug can lead to easy denial of service attacks from unprivileged > users within containers > * The (unverified?) fix for this bug is a 4 line diff. > * Wheezy Puppet includes code that reads /proc/self/mountinfo causing > puppet-managed Wheezy containers on Squeeze OpenVZ hosts to exhibit > the DoS scenario outlined above. The patch is an attachment to the archives of the openvz users mailing list. Can someone fix that? -- Benjamin Henrion FFII Brussels - +32-484-566109 - +32-2-4148403 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
On Jun 28, 2012, at 7:18 , Ola Lundqvist wrote: > I do not know if there is much point in that. We can do that of course > but as we soon have a new release without those kernels I do not > really see the benefit of doing so. As long as the Debian Squeeze kernels are actively maintained serious regressions and/or security issues within OpenVZ should be addressed as well. I don't care about small functionality issues since most of the OpenVZ users are accustomed to them by now, but if something breaks this needs to be addressed. If you don't do this, please drop the kernels altogether so that people can build an alternate repository and don't get led into the false assumption that Debian is taking care of them. The half-assed approach you propose is hurting more than it helps. Rationale: * The bug can lead to easy denial of service attacks from unprivileged users within containers * The (unverified?) fix for this bug is a 4 line diff. * Wheezy Puppet includes code that reads /proc/self/mountinfo causing puppet-managed Wheezy containers on Squeeze OpenVZ hosts to exhibit the DoS scenario outlined above. all the best, Michael -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat, /proc/self/mountinfo" inside a vm
Am 2012-06-30 13:24, schrieb Tim Small: > > Doesn't that look like dropping Debian+OpenVZ users in it a bit? I totally agree. > Suddenly they have to switch to a non-Debian kernel (or otherwise a > completely different virtualisation technology) half way through a > stable release with no notice, and then manually track security updates > outside of the Debian security infrastructure etc.? You are talking out of my soul. I can add one additional argument for patching one line (!) in the Debian kernel over using a totally unofficial RedHat kernel: OpenVZ's RedHat kernel does not feature everything the Debian kernel does, especially DRBD! I cannot live without DRBD, but it got mainline with only 2.6.33, while RHEL 6 uses 2.6.32 and RedHat refused to backport DRBD in favour of a similar appoach by themselves. Proxmox (Debian based virtualization distro) also uses that RedHat kernel, but at least they don't just alienate it, they add features like DRBD and rebuild it as Debian package. So please, either - integrate that patch or - point us to a replacement kernel that does not cut out DRBD (proxmox?) > Is LXC considered to be a practical OpenVZ replacement by now? It > doesn't really seem to be getting much attention, and I can't say I know > anyone who's using it... I tried that once, shortly after it became mainline. At that time it did'nt work with most guest distros because it did'nt even try to solve the udev mess. Regards Christoph -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat, /proc/self/mountinfo" inside a vm
Hmm, I just re-read http://www.debian.org/releases/stable/amd64/release-notes/ch-upgrading.en.html#deprecated and it says "Debian GNU/Linux 6.0 will be the last release to include Linux kernel virtualization featuresets outside of mainline. This means that the OpenVZ and Linux-Vserver featuresets should be considered deprecated" OK, that's fair enough, but it doesn't say "and support will be dropped about a year after Squeeze is released, but before wheezy is ready", unless there's some fine-print I'm missing somewhere... Doesn't that look like dropping Debian+OpenVZ users in it a bit? Suddenly they have to switch to a non-Debian kernel (or otherwise a completely different virtualisation technology) half way through a stable release with no notice, and then manually track security updates outside of the Debian security infrastructure etc.? Is LXC considered to be a practical OpenVZ replacement by now? It doesn't really seem to be getting much attention, and I can't say I know anyone who's using it... Tim. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Hi vzctl and vzquota will still be supported. I will (very soon now) upload a new version with instructions on how to install the .rpm kernel and what to do there. // Ola Quoting Jonathan Nieder : Ola Lundqvist wrote: Thanks. Yes, but in this case the advice is to use the available .rpm packages and alienize those to .deb. Oh, dear. Shouldn't we add a NEWS file or something to let existing users know the package in squeeze is not supported any more, then? -- --- Inguza Technology AB --- MSc in Information Technology / o...@inguza.comAnnebergsslingan 37\ | o...@debian.org 654 65 KARLSTAD| | http://inguza.com/Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Ola Lundqvist wrote: > Thanks. Yes, but in this case the advice is to use the available > .rpm packages and alienize those to .deb. Oh, dear. Shouldn't we add a NEWS file or something to let existing users know the package in squeeze is not supported any more, then? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Hi Jonathan Thanks. Yes, but in this case the advice is to use the available .rpm packages and alienize those to .deb. // Ola On Thu, Jun 28, 2012 at 12:24:44AM -0500, Jonathan Nieder wrote: > Ola Lundqvist wrote: > > > I do not know if there is much point in that. We can do that of course > > but as we soon have a new release without those kernels I do not > > really see the benefit of doing so. > > Squeeze still has at least a year of support left. But I'm trusting > your judgment about which openvz patches are safe to apply to it (and > I imagine Ben does the same). > > Thanks, > Jonathan > -- --- Inguza Technology AB --- MSc in Information Technology / o...@inguza.comAnnebergsslingan 37\ | o...@debian.org 654 65 KARLSTAD| | http://inguza.com/Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Hi I do not know if there is much point in that. We can do that of course but as we soon have a new release without those kernels I do not really see the benefit of doing so. // Ola On Wed, May 23, 2012 at 05:53:21PM -0500, Jonathan Nieder wrote: > tags 655385 + patch moreinfo > quit > > Hi Ola and Christoph, > > Christoph Lechleitner wrote: > > > There is a patch solving this problem: > > http://forum.openvz.org/index.php?t=msg&th=10493&goto=45496&#msg_45496 > > > > Using this patch I was able to solve the problem for us. > > Thanks! > > Ola, should we apply this patch? > -- --- Inguza Technology AB --- MSc in Information Technology / o...@inguza.comAnnebergsslingan 37\ | o...@debian.org 654 65 KARLSTAD| | http://inguza.com/Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
Ola Lundqvist wrote: > I do not know if there is much point in that. We can do that of course > but as we soon have a new release without those kernels I do not > really see the benefit of doing so. Squeeze still has at least a year of support left. But I'm trusting your judgment about which openvz patches are safe to apply to it (and I imagine Ben does the same). Thanks, Jonathan -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#655385: [squeeze openvz] "Cannot allocate memory" when doing "cat /proc/self/mountinfo" inside a vm
tags 655385 + patch moreinfo quit Hi Ola and Christoph, Christoph Lechleitner wrote: > There is a patch solving this problem: > http://forum.openvz.org/index.php?t=msg&th=10493&goto=45496&#msg_45496 > > Using this patch I was able to solve the problem for us. Thanks! Ola, should we apply this patch? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
