| Dangerous updates? [message #7096] |
Tue, 03 October 2006 16:47  |
rollinw
Messages: 25
Registered: June 2006
Location: Santa Barbara, California
|
Junior Member |
|
|
Our system is based on CentOS 4.3 using the latest released test vzkernel. We run Suse 9.3 x8_64 as our VPSs.
Recently a developer not experienced in OpenVZ attempted to run SUSE System Updates from YaST on a VPS. YaST, very obligingly, tried to install all the system updates, including those for the SUSE kernel. What happened was not pretty. Apparently parts of the vzkernel were modified, and CentOS libraries were updated. After YaST was run on all the VPSs, once they were stopped, they would no longer start correctly. Init would die while trying to initialize the programs in /etc/init.d/, and only a skeleton system would start up. One could enter the VPS and start init level 3 things manually, but they would no longer get started by the system.
Well, we tried destroying the bad VPSs and re-creating them. This did not change the startup problem. We tried uninstalling the VZkernel OS rpm, and then re-installing it. This also did not solve the problem. We ended up re-installing CentOS 4.3 and starting from scratch. After that everything worked OK.
The bottom line here is a question. Is the use of yast (or yum) inside a VPS a potential security issue for an entire OpenVZ installation? Has anyone else experience this kind of thing?
I would appreciate your comments on this.
Thanks,
rollinw
Rollin Weeks
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
