[Users] new OpenVZ kernel, Owl ISOs, templates

Solar Designer solar at openwall.com
Tue Mar 23 00:21:08 EDT 2010


Hi,

I've just sent this announcement to our internal list:

http://www.openwall.com/lists/announce/2010/03/23/1

This time, we're not only using an up-to-date OpenVZ kernel, but in fact
we're ahead of OpenVZ's official kernels in terms of security fixes.
Please try our ISOs out (live & installable, including ability to play
with containers and even compile C/C++ programs and build RPMs while
CD-booted).  Please also try our pre-created OpenVZ container templates
out - they include a full set of development tools too, yet they're tiny
for the functionality offered (in fact, they became even smaller with
this update) - just around 115 MB .tar.gz and under 400 MB installed.
We currently fully support both 32-bit x86 and x86-64.

You may download via direct links from:

http://www.openwall.com/Owl/

Speaking of the kernel, we've updated 2.6.18-164.11.1.el5.028stab068.5
announced by Kir last week to use Red Hat's patches from their newer
stable kernel -164.15.1 (announced on 03/16).  Many of the changes
between -164.11.1 and -164.15.1 were security fixes:

http://lwn.net/Alerts/379054/

In case anyone wants to use "our" patches on top of
2.6.18-164.11.1.el5.028stab068.5 on a system other than Owl, we're
making the patches available here:

http://download.openwall.net/pub/patches/linux/openvz/

linux-2.6.18-164.11.1.el5.028stab068.5-164.15.1.el5.diff.gz contains
only Red Hat's patches.  Applying this patch on top of
2.6.18-164.11.1.el5.028stab068.5 upgrades it to -164.15.1.

linux-2.6.18-164.11.1.el5.028stab068.5-owl1.diff.gz contains the above
and also additional changes that we're making.  Some of those are
security fixes to architectures/subsystems that were unimportant for
RHEL (not supported by Red Hat).  Others are build fixes (to have the
kernel build with our configs as opposed to "just" Red Hat and OpenVZ
default configs), usability fixes, and finally there are some
customizations specific to Owl (which you might not want - e.g.,
reverting Red Hat's changes of default for panic_on_oops and for
console character encoding).

Once again, we'd prefer that you try Owl out and provide your feedback
to us such that we move the project forward in a direction useful to
you, but we're also sharing whatever patches we got in case you find
them useful elsewhere.

Enjoy.

Alexander


More information about the Users mailing list