On Fri, 11 May 2007 04:05:21 +0100, Corey Wright <[EMAIL PROTECTED]> wrote:
> the only problems i've encounter without COW is: >1. slapping my forehead when i accidentally vhashify /etc, try to modify a > config file, and spend several minutes trying to figure out why i can't > modify the file though i've set it u+w. (that happened sometime in the > beginning and only happened once. ;-) >2. upon upgrading or uninstall a package containing set[ug]id files, dpkg > tries to unset the set[ug]id bit of the files (as a security precaution in > case someone has hardlinked it and is keeping it around waiting for an > exploit to be found in it). of course this fails as the hashified file > cannot be modified, but even worse dpkg stumbles on making a mess without > reporting an error/failure. i patched dpkg to not unset the file. another > debian user patched vhashify to skip set[ug]id files, which is the more > proper solution (i only patched dpkg because it was the easier solution > having already found the problematic code in dpkg while debugging the > problem). see the vserver mailing list archives for our patches. see bug > http://bugs.debian.org/382760 for my dpkg bug report. >those are the two problems i've ever found. >a tip is to rehashify your vservers and prune your .hash directory after > package updates. you can find a discussion on pruning scripts that i > prompted on the mailing list sometime ago. Excellent, thankyou for that, those were exactly the sorts of problems I expected. I'd like to read the thread about pruning and the patches. The archive doesn't search well through google and has no inbuilt search. Any idea when the discussion was? I would prefer not to load anyones servers (and my HD) by downloading the lot. When the archive says "email me" for the mbox, who is me? Cheers, -- From Ben Green _______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
