Get the LinuxSecurity news you want faster with RSS
Powered By
Openwall: Owl moves to 2.6 kernels, integrates OpenVZ; new ISOs
Source: Solar Designer - Posted by Dave Wreski
Fresh ISO images of Owl-current for x86 and x86-64 (generated today) are
available on our FTP mirrors (well, maybe not on all yet, but should be
by tomorrow). There are also direct download links on the Owl homepage
(pointing to a specific already-updated and fast mirror)
http://www.openwall.com/Owl/
These ISOs represent a major development milestone. We have replaced
the default kernel with a 2.6 OpenVZ one (featuring optional
container-based virtualization), we've integrated OpenVZ tools (vzctl
and vzquota packages needed to create, control, examine, and/or destroy
OpenVZ containers), and we've dropped support for Linux 2.4 kernels
(although they're still supported in the maintained Owl 2.0-stable
branch - until our next release).
Besides various changes related to the new kernel and OpenVZ
integration, we happened to update vsftpd and diffstat to new upstream
versions.
Please refer to the Owl-current change log for more detailed information
on the changes:
http://www.openwall.com/Owl/CHANGES-current.shtml
The new ISOs for 32-bit x86 will now make use of and require a "686" CPU
and PAE (Pentium Pro and above), supporting more than 4 GB of RAM (up to
64 GB) and NX bit when present. Of course, the 64-bit ISOs are (and
always were) even better in that respect.
On a related note, included below is some technical detail for the
curious. Any feedback is welcome on the owl-users mailing list.
These are "development" ISOs (after all, this is Owl-current), yet we've
tested them quite a bit. One of the curious tests was to rebuild the
entire Owl userland while CD-booted. Yes, this is possible and it is
actually very easy to do, by typing:
mount /ram -oremount,size=750M # about the minimum, use more if you can
su - build
rm RPMS # remove the symlink to pre-built packages
make
For a stress test, I actually did the above on an old Dual-P3 system
with a mere 768 MB of RAM (no hard drives used, no swap), and in under
4 hours I had all of the userland packages rebuilt (on tmpfs, in RAM).
I could then use the "settle" installer to actually use the newly built
packages for an install if I wanted to. There's normally no point in
going for a rebuild like that as we're providing all the packages on the
same ISOs pre-built, but it is a nice test and it shows the capabilities
of our live system. This would make more sense, for example, if you did:
su - build
rm RPMS
rm native
cp -a /rom/world/native .
vi native/Owl/packages/dhcp/dhcp.spec
# Read the disclaimer, set BUILD_DHCP_CLIENT to 1, save changes and exit
make PACKAGE=dhcp
(Just tested the above on Owl-current-20091123-i686.iso booted up in
QEMU, it works.)
One of the next steps is for us to provide pre-created OpenVZ templates
of Owl itself (such that you can easily create containers with Owl in
them). Meanwhile, you can experiment with pre-created templates of many
other Linux distributions available here:
http://download.openvz.org/template/precreated/
Indeed, we should also work on proper documentation for the new OpenVZ
related features of Owl.
Alexander
Only registered users can write comments. Please login or register.
