-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
Ok, I've done a few things. First I've tested and determined a number of problems with the testfs.sh-0.99 that was being used. Bertl has incorporated my changes, and fixed a number of others and has made testfs.sh-0.11 which more accurately represents successes. Additionally, I've gotten a system together with a fresh sarge install that I could test these things. I have completed my tests with the 2.4 kernel and kernel patch, and am limiting this reply that only, I will do the 2.6 tests next and report those back as separate findings. Ola Lundqvist wrote: >reassign 329090 kernel-patch-vserver >thanks You need to CC control@ in order for these commands to take affect. If you will notice, this bug is still on util-vserver. However, as you will find from my exhaustive tests below, it seems to remain a bug with util-vserver, and should not be changed (at least for 2.4, once I have done tests on 2.6 we will know if this bug needs to be cloned and the 2.4 issues stay with util-vserver, and the 2.6 versions go to the kernel-patch). > I have only tested with ext2 and ext3 on my systems on a 2.4.27 kernel > patched a long time ago. Do not remember when. This isn't going to help us too much. You are basically saying that this is a 2.4.27 kernel, but not which debian version, and you aren't specifying which vserver kernel-patch you are running. Without that information, it is really hard to correlate. However, I've done tests with the current versions that are in sarge now. See below. > 0.30.204-5sarge2 (sarge version, built on machine with no vserver support): > [000]. xattr related tests ... > [101]. [102]. [103]* [104]* [106]* [108]. [109]* > [112]. [113]. [114]* [115]. [116]. [117]. [118]. [119]. > [121]* [122]* [123]. [124]* [199]. My tests: Test #1 Using all debian sarge componants: kernel-source: 2.4.27-10 (debian sarge) util-vserver: 0.30-204-5sarge2 (debian sarge) kernel-patch: 1.9.5.3 (debian sarge) 103, 104, 106, 109, 121, 122 all fail on ext2, not 114 or 124 as your tests show. Conclusion: either the fixes to testfs caused error 114 and 124 to go away, or you have a different kernel-source or kernel-patch applied. Either try again with testfs.sh-0.11 or install the latest sarge kernel source and kernel-patch-vserver as those versions are all that matter here. Test #2 Using only debian sarge util-vserver: kernel-source: 2.4.31 (upstream) util-vserver: 0.30-204-5sarge2 (debian sarge) kernel-patch: 1.2.10 (upstream) 103, 104, 106, 109, 121, 122 all fail on ext2, the same as failed using all debian sarge componants in test #1. Conclusion: based on the results from this test, and the previous, it is clear that the debian kernel source and the debian kernel patch dont make a difference here > 0.30.208-2 (unstable version, built on sarge host with no vserver support): > [000]. xattr related tests ... > [101]. [102]. [103]. [104]* [106]. [108]. [109]. > [112]. [113]. [114]* [115]. [116]. [117]. [118]. [119]. > [121]. [122]* [123]. [124]* [199]. My tests: Test #3 Using debian sarge componants with upstream util-vserver: kernel-source: 2.4.27-10 (debian sarge) util-vserver: 0.30-208+fix03 (upstream) kernel-patch: 1.9.5.3 (debian sarge) Only test 106 fails... Not 104, 114, 122 or 124. Conclusion: either the fixes to testfs caused 104, 114, 122, 124 to go away or you have a different kernel-source or kernel-patch applied, try with testfs.sh-0.11 to see, or just try with a current sarge kernel and patch since that is all that matters here. Test #4 Using all upstream componants: kernel-source: 2.4.31 (upstream) util-vserver: 0.30-208+fix03 (upstream) kernel-patch: 1.2.10 (upstream) Only test 106 fails, same as the previous test, when we use the debian sarge kernel-source and kernel-patch. Conclusion: Based on the results of this test, and the previous, it is clear that the debian sarge kernel source and debian sarge kernel patch don't make a difference here either, the problem has been isolated to util-vserver 0.30-204-5sarge2 in sarge. If this is actually a problem, I do not know, this definatetly needs to be determined. Additionally, test 106 could be in error, this should also be checked. The above tests are only done with ext2, I am not sure why you didn't do the xfs, reiserfs and jfs tests, but there is no need, as I have done them: Test #1 Using all debian sarge componants: kernel-source: 2.4.27-10 (debian sarge) util-vserver: 0.30-204-5sarge2 (debian sarge) kernel-patch: 1.9.5.3 (debian sarge) ext3 failures: 103, 104, 106, 109, 121, 122 (note: same as ext2 in test #1) xfs failures: 103, 104, 106, 109, 114, 115, 117, 121, 122, 124 reiserfs failures: 103, 104, 106, 109, 118, 119, 121, 122 jfs failures: 103, 104, 106, 109, 112, 113, 114, 116, 118, 119, 121, 122, 123, 124 Test #2 Using only debian sarge util-vserver: kernel-source: 2.4.31 (upstream) util-vserver: 0.30-204-5sarge2 (debian sarge) kernel-patch: 1.2.10 (upstream) ext3 failures: 103, 104, 106, 109, 121, 122 (note: same as test #1) xfs failures: 103, 104, 106, 109, 114, 115, 117, 121, 122, 124 (note: same as test #1) reiserfs failures: 103, 104, 106, 109, 118, 119, 121, 122 (note: same as test #1) jfs failures: 103, 104, 106, 109, 112, 113, 114, 116, 118, 119, 121, 122, 123, 124 (note: same as test #1) Conclusion: All tests had the same results as test #1 the conclusion reached originally still holds: it is clear that the debian kernel source and the debian kernel patch dont make a difference here Test #3 Using debian sarge componants with upstream util-vserver: kernel-source: 2.4.27-10 (debian sarge) util-vserver: 0.30-208+fix03 (upstream) kernel-patch: 1.9.5.3 (debian sarge) ext3 failures: 106 xfs failures: 103, 104, 106, 114, 115, 117, 121, 122, 124 reiserfs failures: 106, 118, 119 jfs failures: 102, 103, 104, 106, 108, 109, 112, 113, 114, 116, 118, 119, 121, 122, 123, 124 Test #4 Using all upstream componants: kernel-source: 2.4.31 (upstream) util-vserver: 0.30-208+fix03 (upstream) kernel-patch: 1.2.10 (upstream) ext3 failures: 106 (note: same as test #3) xfs failures: 103, 104, 106, 114, 115, 117, 121, 122, 124 (note: same as test #3) reiserfs failures: 106, 118, 119 (note: same as test #3) jfs failures: 102, 103, 104, 106, 108, 109, 112, 113, 114, 116, 118, 119, 121, 122, 123, 124 (note: same as test #3) Conclusion: using *all* upstream pieces, the same failures occur when using debian kernel source and kernel patch. This leads me to believe that either the upstream kernel source is broken, the upstream linux vserver patch is broken, or most likely the testfs is not working properly for these tests. > So my conclusion is that where you build the binary (if it is a i386 machine) > do not give any difference from a security point of view. I agree, your test results show no difference, I dont believe this has anything to do with it. Micah -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDTas39n4qXRzy1ioRAu9hAJoD9VmatLu5KqHy4/yKAcs8HlgjAACgpI7U DFzIQiA+iFtN608yD4MRnzE= =0HBa -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
