After a conversation on IRC with Herbert Pƶtzl it appears that the
changes in the position of some xattr flags on the vserver patch used
within the Debian kernel are to blame for this behaviour.
There is an additional flag differences which affect chroot security
which should also be changed also.
#508523 is also probably related.
The parts of the vserver patch Debian uses which need to be changed
for consistency with the other vserver implementations (including
consistency with Debian Etch's kernels) are:
+#define FS_IXUNLINK_FL 0x01000000 /* Immutable invert on unlink */
should be
+#define FS_IXUNLINK_FL 0x08000000 /* Immutable invert on unlink */
and
+#define FS_BARRIER_FL 0x10000000 /* Barrier for chroot() */
should be
+#define FS_BARRIER_FL 0x04000000 /* Barrier for chroot() */
I've documented a brief summary of what is happening at
http://linux-vserver.org/Installation_on_Debian#Issues_with_the_current_2.6.26_Kernel
HTH
==
From Ben Green
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
