1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Hello everyone |
5 |
|
6 |
I am using hardened kernel with Xen patchset from |
7 |
http://ayuda.com.au/pub/xen/grsecurity/ on my box. |
8 |
When i have started this kernel, guests is not available through |
9 |
forwarded ports by ssh and 'forwarded' tomcat from one of guest boxes |
10 |
does not deliver start (or any other) page completely - seems that it |
11 |
hangs at 80-90 percent. Also one strange thing - when i`ll try to |
12 |
resolve any host from guest box i have timeout fail but i can ping NSes |
13 |
from guest and on host box with same NS all dns requests works. Iptables |
14 |
state restoring without any warnings in logs and its ruleset works fine |
15 |
with xen kernel from official portage tree. I am don`t test yes |
16 |
forwarding on hardened-only kernel with simular security options set for |
17 |
grsec and pax. I want to work with pax+grsec+xen kernel because host box |
18 |
config looks like VPS in datacenter - many xen instances with many users |
19 |
which do not know about security things. |
20 |
|
21 |
- -- |
22 |
|
23 |
|
24 |
|
25 |
WBR, Andrei Korolyov |
26 |
-----BEGIN PGP SIGNATURE----- |
27 |
Version: GnuPG v2.0.7 (GNU/Linux) |
28 |
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |
29 |
|
30 |
iD8DBQFH9P7QgtwJKCS8W+ERAt1GAKD4hWbnh0WTsSHLSDgKkdkSslJUagCg2mi9 |
31 |
CXFwJJaOI5lAGocIS9GSNew= |
32 |
=lAwk |
33 |
-----END PGP SIGNATURE----- |
34 |
|
35 |
-- |
36 |
gentoo-hardened@l.g.o mailing list |