colinux-users — coLinux users mailing list

Re: [coLinux-users] install software in fedora

[Holger K. <hol...@gm...>]

mattias jonsson schrieb:
> 
> how to install software in colinux fedora?

yum

[coLinux-users] install software in fedora

[mattias j. <mj...@ma...>]

aG93IHRvIGluc3RhbGwgc29mdHdhcmUgaW4gY29saW51eCBmZWRvcmE/

[coLinux-users] can not log into kde desktop via vnc after logout in kde?

[zhang z. <zha...@gm...>]

Hi:
I carelessly logged out of kde and the next time I use vnc to log in,
the kde desktop does not appear, and it was only a white box in
vncviewer, anybody knows the solutions? Thank you very much.

yours:
zhang

Re: [coLinux-users] test

[Sam M. <pa...@gm...>]

What are you testing? And why do you need to test it more than once?
And can you please stop spamming this list with 'test' messages!

On 05/08/06, mattias jonsson <mj...@ma...> wrote:
>
>
> only a test
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
>
> _______________________________________________
> coLinux-users mailing list
> coL...@li...
> https://lists.sourceforge.net/lists/listinfo/colinux-users
>
>
>

[coLinux-users] test

[mattias j. <mj...@ma...>]

b25seSBhIHRlc3Q=

Re: [coLinux-users] seccomp under coLinux

[<an...@cp...>]

On Fri, Aug 04, 2006 at 03:07:06PM +0900, Jun OKAJIMA wrote:
> Maybe the biggest matter for you is, to contract a good lawyer.
> Although I feel using coLinux is fairly safety solution for grid computing,
> but no one here including me can not guarantee anything, and

Well, this was implicit as for every open source software.

> we know every program must have bugs.
> ( and of course, we have no responsibility of any compensation.)

Hmm are we changing topic here? ;)

First I also get zero compensation from the users that potentially
could be using coLinux to run CPUShare. They get compensation from me
instead, and most important before I allow them to be compensated (and
in turn before they can take any risk) they have to explicitly agree
to take any risk associated with the CPUShare software themself by
committing themself to the CPUShare User Agreement.

http://www.cpushare.com/user_agreement

CPUShare has also zero responsibility if something goes wrong, all
CPUShare released software is under the LGPL 2.1, it's pure free
software like the Linux Kernel.

The User Agreement is explicit that CPUShare will never be liable for
any damage. And if you don't agree with the user agreement you can't
create a CPUShare account and in turn you can't use CPUShare.

CPUShare doesn't distribute any proprietary software at all, even the
very linux kernel that is the thing that has to provide the security
to CPUShare, has to be run at the risk of the user.

CPUShare has clear commercial objectives but it's still a research
project, and like you said all software can have bugs, and I've
absolutely no control on the hardware bugs. Also note that boinc and
world community grid may have bugs too because nothing is perfect.

Furthermore every seccomp security related bug, is a bug for everyone
else using linux in multiuser systems too.

> So, it must be wise to take steps to meet the situation that you are sued,
> before starting something actually. Dont you think so?

Why do you think somebody should want to sue me in the first place?

Everything I'm doing is perfectly legal, I'm obviously going to pay
plenty of taxes as well if it'll be profitable, so I don't have any
reason to be worried to be sued in my own conscience.

I know anybody can sue anybody for anything (this was largely
demonstrated by a recent lawsuit), but if I was to care about that I
would need to stop writing open source software as a whole, not just
the CPUShare client software.

I'm not living to be worried by anything. I live to be legal, I live
to pay taxes, and I live to create wealth. The rest I simply don't
care about.

> For technical view point, not legal or business one, What you should
> do is making a better installer ( and documents and icons or,,) of
> coLinux, and doing large validation tests.

Initially my installer will generate a .iso CD image. Later I could
also make a colinux installer (or you could extend your own installer
to automatically eat the local .iso CPUShareLiveCD), but it's too
early at the moment. My only short term objective is to verify the
CPUShareLiveCD .iso image will run under coLinux.

Thanks a lot for the help!

Re: [coLinux-users] seccomp under coLinux

[Jun O. <ok...@di...>]

an...@cp... さんは書きました:
>On Tue, Aug 01, 2006 at 09:36:21PM +0900, Jun OKAJIMA wrote:
>> No, for the point view of security of seccomp,
>> booting or not does not matter.
>> I just say that if you want to do this on a commercial basis,
>
>> you would be annoying about complaining mails about BSOD or such.
>
>The most important thing is that the seccomp bytecode can't escape the
>seccomp jail. If the system crashes for other reasons because colinux
>is unstable it's not a blocker problem. However it obviously wouldn't
>be a good thing if it crashes, it would create bad PR around
>CPUShare.
>
>I think it should be you to tell me when you think colinux is ready to
>be deployed as a CPUShare virtualization platform.
>

Yes, I agree with it.

Maybe the biggest matter for you is, to contract a good lawyer.
Although I feel using coLinux is fairly safety solution for grid computing,
but no one here including me can not guarantee anything, and
we know every program must have bugs.
( and of course, we have no responsibility of any compensation.)
So, it must be wise to take steps to meet the situation that you are sued,
before starting something actually. Dont you think so?


>>From my part I would like to offer the users different virtualization
>solutions.  I'm not in the business of virtualization and it's hard
>for me to tell if vmware or some other virtualization platform is more
>secure than colinux (vmware and most others aren't open source so it's
>impossible to make any comparison with colinux). I could try to
>compare qemu to colinux, but they're very different, colinux runs at
>full cpu speed, qemu is a JIT that has to translate all bytecode, so
>it's slower. I simply want to give the users the choice, there will be
>ones that will prefer colinux because it's open source and they can
>verify that there are no backdoors, and others that will prefer vmware
>because they feel safer because it has fewer (or none) bugs, others
>that will use qemu even if it's slower than colinux and vmware etc...
>
>> Okay, understand.
>> And, this is the usage we ( me and Dan Aloni, the inventor) has been
>> thinking about from the early stage of the development.
>
>I'll certainly do my best to support colinux in CPUShare as one of the
>possible virtualization solutions, because it's an interesting
>project.
>

For technical view point, not legal or business one,
What you should do is making a better installer ( and documents and icons or,,)
of coLinux, and doing large validation tests. 

              --- Okajima, Jun. Tokyo, Japan.

Re: [coLinux-users] seccomp under coLinux

[<an...@cp...>]

On Tue, Aug 01, 2006 at 09:36:21PM +0900, Jun OKAJIMA wrote:
> No, for the point view of security of seccomp,
> booting or not does not matter.
> I just say that if you want to do this on a commercial basis,
> (and I guess you seem to plan to do it)

Yes.

> you would be annoying about complaining mails about BSOD or such.

The most important thing is that the seccomp bytecode can't escape the
seccomp jail. If the system crashes for other reasons because colinux
is unstable it's not a blocker problem. However it obviously wouldn't
be a good thing if it crashes, it would create bad PR around
CPUShare.

I think it should be you to tell me when you think colinux is ready to
be deployed as a CPUShare virtualization platform.

>From my part I would like to offer the users different virtualization
solutions.  I'm not in the business of virtualization and it's hard
for me to tell if vmware or some other virtualization platform is more
secure than colinux (vmware and most others aren't open source so it's
impossible to make any comparison with colinux). I could try to
compare qemu to colinux, but they're very different, colinux runs at
full cpu speed, qemu is a JIT that has to translate all bytecode, so
it's slower. I simply want to give the users the choice, there will be
ones that will prefer colinux because it's open source and they can
verify that there are no backdoors, and others that will prefer vmware
because they feel safer because it has fewer (or none) bugs, others
that will use qemu even if it's slower than colinux and vmware etc...

> Okay, understand.
> And, this is the usage we ( me and Dan Aloni, the inventor) has been
> thinking about from the early stage of the development.

I'll certainly do my best to support colinux in CPUShare as one of the
possible virtualization solutions, because it's an interesting
project.

> I hope it will work fine.

Time will tell ;).

Once you have a kernel with seccomp enabled based on 2.6.18-rc3 or
later, please let me know, so I can try to run CPUShare on top of it
to see what happens.

Many thanks!

Re: [coLinux-users] seccomp under coLinux

[Jun O. <ok...@di...>]

an...@cp... さんは書きました:
>On Tue, Aug 01, 2006 at 06:59:43PM +0900, Jun OKAJIMA wrote:
>> I mean, seccomp seems not to use file or network I/O.
>
>Yes. It only uses pipes to communicate with other tasks, and the pipes
>are software abstractions inside the linux guest. All other tasks can
>be trusted. The only thing that cannot be trusted is the bytecode that
>is computing under the seccomp jail.
>
>> Then, the problem is just coLinux kernel boots or not.
>
>I don't understand very well. What do you mean boots or not? What
>security implications there would be if the colinux kernel doesn't
>boot?  If it doesn't boot the untrusted bytecode won't run in the
>first place.
>

No, for the point view of security of seccomp,
booting or not does not matter.
I just say that if you want to do this on a commercial basis,
(and I guess you seem to plan to do it)
you would be annoying about complaining mails about BSOD or such.


>> Why bootable CD?
>> Maybe I get something wrong?
>> If you use bootable CD ( e.g. KNOPPIX for seccomp or such.),
>> then, coLinux would not be associated with it.
>
>I'd like to have a single image that can be booted hard on the
>hardware by inserting the cd at boot time, but that can also be run on
>top of windows under various virtualization solutions. And colinux
>should be able to boot using an isofs image as the root filesystem,
>right? Colinux doesn't require the isofs to be bootable, but the fact
>it's bootable shouldn't hurt colinux and it will make the cd useful to
>non-colinux users too. That's why it'll be bootable ;)
>

Okay, understand.
And, this is the usage we ( me and Dan Aloni, the inventor) has been
thinking about from the early stage of the development.
I hope it will work fine.

                       --- Okajima, Jun. Tokyo, Japan.

Re: [coLinux-users] seccomp under coLinux

[<an...@cp...>]

On Tue, Aug 01, 2006 at 06:59:43PM +0900, Jun OKAJIMA wrote:
> I mean, seccomp seems not to use file or network I/O.

Yes. It only uses pipes to communicate with other tasks, and the pipes
are software abstractions inside the linux guest. All other tasks can
be trusted. The only thing that cannot be trusted is the bytecode that
is computing under the seccomp jail.

> Then, the problem is just coLinux kernel boots or not.

I don't understand very well. What do you mean boots or not? What
security implications there would be if the colinux kernel doesn't
boot?  If it doesn't boot the untrusted bytecode won't run in the
first place.

> Why bootable CD?
> Maybe I get something wrong?
> If you use bootable CD ( e.g. KNOPPIX for seccomp or such.),
> then, coLinux would not be associated with it.

I'd like to have a single image that can be booted hard on the
hardware by inserting the cd at boot time, but that can also be run on
top of windows under various virtualization solutions. And colinux
should be able to boot using an isofs image as the root filesystem,
right? Colinux doesn't require the isofs to be bootable, but the fact
it's bootable shouldn't hurt colinux and it will make the cd useful to
non-colinux users too. That's why it'll be bootable ;)

Thanks for the help!

Re: [coLinux-users] seccomp under coLinux

[Jun O. <ok...@di...>]

>
>> The answer is, not sure, but dont care.
>> 
>> coLinux has many bugs, and it is theoretically possible to
>> exploit Windows with the bugs. But, I guess if you are using
>> seccomp they are not serios threats. It seems to be difficult that
>> exploiting Windows with seccomp bugs.
>
>So you mean that most of the bugs can only be triggered by more
>complex syscalls that translates in complex windows calls?
>

Basically yes, also.
But, for your purpose (grid computing),
Probably just coLinux runs or not is the issue.
I mean, seccomp seems not to use file or network I/O.
Then, the problem is just coLinux kernel boots or not.
In other words, once coLinux runs, I suppose it runs very stable for
seccomp usage, and it is safety, I guess.

>> And there is another concern. Does seccomp has functions to avoid
>> DoS attack? For example, running very huge task to stop your
>> computer or such.
>
>The ram size of the seccomp task is already handled by the CPUShare
>software (mixing the buy order with the sell order with the maximum
>ram available according to /proc/meminfo). It's a common problem with
>the normal native linux, or did I misunderstand?
>
>The model I would prefer is to boot a livecd, so I could upload a
>single livecd and have it run under colinux and other virtualization
>solutions as well. That should be feasible.
>

Why bootable CD?
Maybe I get something wrong?
If you use bootable CD ( e.g. KNOPPIX for seccomp or such.),
then, coLinux would not be associated with it.

>I wonder if there's a way to detect the version of colinux from the
>linux guest, that would allow me in case 2 to block all buggy colinux
>versions and to send a meaningful email to all affected users, until
>they upgrade their colinux package. That's quite an important feature,
>because I could also immediately reject all potentially vulnerable
>clients, I already can do that in case of kernel seccomp bugs or in
>case of CPUShare client bugs. A /proc/ file would do the trick just
>fine.
>
>Thanks.
>
>

Re: [coLinux-users] my OS crashes...

[Sam M. <pa...@gm...>]

I have run coLinux on a Windows Server 2003 box with no issues in the
past. Your hardware configuration, as Holger suggests, is more likely
the cause.

Sam

On 31/07/06, xia xeus <xia...@gm...> wrote:
> Dear everyone,
>
> I am on windows server 2003. I wanted to run colinux on my computer
> and when I tried to run it gave me blue screen crash.
>
> Tried twice, but was not able to run the colinux.
>
> Please let me know if you know what can be done to run colinux on this OS.
>
> PS. The server OS I am running has other services. ISA and VMware
> Workstation too.
>
> Thanks.
>
> xia
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> coLinux-users mailing list
> coL...@li...
> https://lists.sourceforge.net/lists/listinfo/colinux-users
>

Re: [coLinux-users] my OS crashes...

[Holger K. <hol...@gm...>]

xia xeus schrieb:
> I guess it was not very related.
> 
> quite disappointing, but can you pls let me know a good reason for the
> command in boot.ini
> 
Colinux doesn't work with noexecute feature turned on. It gives a
bluescreen. Did you try it?

Re: [coLinux-users] when changing input methods, ctrl-space conflict with windows input method

[danny s. <da...@or...>]

On 30/07/06, zhang zhengquan <zha...@gm...> wrote:
> Hello,every body,I am a colinux and a linux newbie.
> I use scim, and when I use ctrl-space to shift between its input
> methods, nothing changed and what changed is my input methods in
> windows. Alt-tab is OK shifting between gnome desktop programs,why
> ctrl-space isn't?
> Any suggestions is appreciated, Thanks a lot!
>
> best wishes
> zhangzhengquan
>
Hi Zhang,

I would strongly suggest asking around more than just here, for
example linuxquestions.org, and on a related Scim mailing list.
Someone here may have the solution, but the other two places would be
far more likely.

Its very probable that SCim has aconfiguration that allows alternative
hotkeys to be setup, and this is probably what you must do. Otherwise,
I must admit to not being at all sure which would get to the keyboard
buffer first.

Danny
-- 
Danny Staple MBCS
OrionRobots
http://orionrobots.co.uk/blogs/dannystaple
(Full contact details available through website)

Re: [coLinux-users] my OS crashes...

[Holger K. <hol...@gm...>]

> I am on windows server 2003. I wanted to run colinux on my computer
> and when I tried to run it gave me blue screen crash.
> 

I suggest you try
/NoExecute=AlwaysOff
in boot.ini

[coLinux-users] my OS crashes...

[xia x. <xia...@gm...>]

Dear everyone,

I am on windows server 2003. I wanted to run colinux on my computer
and when I tried to run it gave me blue screen crash.

Tried twice, but was not able to run the colinux.

Please let me know if you know what can be done to run colinux on this OS.

PS. The server OS I am running has other services. ISA and VMware
Workstation too.

Thanks.

xia

Re: [coLinux-users] seccomp under coLinux

[<an...@cp...>]

On Mon, Jul 31, 2006 at 12:55:04AM +0900, Jun OKAJIMA wrote:
> I have been thinking same idea.
> Meaningful usage, I suppose.
>
> Basically, Yes.

Sounds good ;)

> The condition the host (=Windows) is threatened is,
> 
>  - Attacker gets root of the guest.
>  - coLinux has a bug.
>  - seccomp or linux has a bug.
>
> The third condition is same when you are using normal Linux,
> so omit the discussion here.
> The first condition must not happen, if seccomp has no bug
> ( = 3rd cond.)

Indeed, in turn 1st is also the same as normal linux.

> Then, the discussion goes to the second cond.

Yes.

> The answer is, not sure, but dont care.
> 
> coLinux has many bugs, and it is theoretically possible to
> exploit Windows with the bugs. But, I guess if you are using
> seccomp they are not serios threats. It seems to be difficult that
> exploiting Windows with seccomp bugs.

So you mean that most of the bugs can only be triggered by more
complex syscalls that translates in complex windows calls?

> And there is another concern. Does seccomp has functions to avoid
> DoS attack? For example, running very huge task to stop your
> computer or such.

The ram size of the seccomp task is already handled by the CPUShare
software (mixing the buy order with the sell order with the maximum
ram available according to /proc/meminfo). It's a common problem with
the normal native linux, or did I misunderstand?

The model I would prefer is to boot a livecd, so I could upload a
single livecd and have it run under colinux and other virtualization
solutions as well. That should be feasible.

I wonder if there's a way to detect the version of colinux from the
linux guest, that would allow me in case 2 to block all buggy colinux
versions and to send a meaningful email to all affected users, until
they upgrade their colinux package. That's quite an important feature,
because I could also immediately reject all potentially vulnerable
clients, I already can do that in case of kernel seccomp bugs or in
case of CPUShare client bugs. A /proc/ file would do the trick just
fine.

Thanks.

Re: [coLinux-users] gentoo-> rsync error: error in rsync protocol data stream (code 12) at io.c(666)

[Mark M <mar...@ya...>]

My fault. I forgot to increase the memory size from 64M when I
installed 0.6.4

It looks like I was OOM'ing, and processes were being quietly killed
without me noticing (hidden by the many output lines of emerge sync)

Thanks,
Mark.

--- Sam Moffatt <pa...@gm...> wrote:

...
> your config file may also reveal some things. The real answer is I
...

Send instant messages to your online friends http://au.messenger.yahoo.com 

Re: [coLinux-users] seccomp under coLinux

[Jun O. <ok...@di...>]

>
>I'm looking into colinux, as one of the possible ways to run seccomp
>under windows.
>

I have been thinking same idea.
Meaningful usage, I suppose.

>
>My question is if you can confirm that untrusted bytecode executed
>under seccomp under colinux (as normal user, not-root) would not risk
>to harm the host OS (and the guest kernel). If answer is yes, you
>basically found a way to add the seccomp feature to Windows, and
>that's valuable info.
>

Basically, Yes.


>
>I also wonder how would you rate colinux secure, in seccomp terms. How
>many chances are there that somebody could find a way to exploit the
>seccomp jail by exploiting a colinux bug?
>

The condition the host (=Windows) is threatened is,

 - Attacker gets root of the guest.
 - coLinux has a bug.
 - seccomp or linux has a bug.

The third condition is same when you are using normal Linux,
so omit the discussion here.
The first condition must not happen, if seccomp has no bug
( = 3rd cond.)

Then, the discussion goes to the second cond.

The answer is, not sure, but dont care.

coLinux has many bugs, and it is theoretically possible to
exploit Windows with the bugs. But, I guess if you are using
seccomp they are not serios threats. It seems to be difficult that
exploiting Windows with seccomp bugs.

And there is another concern. Does seccomp has functions to avoid
DoS attack? For example, running very huge task to stop your
computer or such.

               --- Okajima, Jun. Tokyo, Japan.

[coLinux-users] seccomp under coLinux

[Andrea A. <an...@cp...>]

Hello,

I'm looking into colinux, as one of the possible ways to run seccomp
under windows.

My question is if you can confirm that untrusted bytecode executed
under seccomp under colinux (as normal user, not-root) would not risk
to harm the host OS (and the guest kernel). If answer is yes, you
basically found a way to add the seccomp feature to Windows, and
that's valuable info.

I also wonder how would you rate colinux secure, in seccomp terms. How
many chances are there that somebody could find a way to exploit the
seccomp jail by exploiting a colinux bug?

Thanks.

Re: [coLinux-users] gentoo-> rsync error: error in rsync protocol data stream (code 12) at io.c(666)

[Sam M. <pa...@gm...>]

Sounds like something is dropping packets, what form of networking are
you using? TAP? I'm going to assume that you're using 0.6.3? A copy of
your config file may also reveal some things. The real answer is I
don't know, but perhaps someone might know something, especially if
you provide more information :)

</AlternateUniverse>The devil is intercepting your packets and eating
them. Its obvious from the error message (e.g.
666)</AlternateUniverse>  ;)

Sam

On 30/07/06, Mark M <mar...@ya...> wrote:
> Not sure if this is gentoo related or colinux related.
>
> When doing an emerge sync I get the following error every 5min or so.
>
> rsync error: error in rsync protocol data stream (code 12) at io.c(666)
>
> Any ideas what is happening here?
>
> Incidentally, in the installer, perhaps it should be sugggested that
> debian is more appropriate for a novice as it supplies pre-built
> binaries.
>
> Flame away LOL.
>
> Thanks, Mark.
>
> Send instant messages to your online friends http://au.messenger.yahoo.com
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> coLinux-users mailing list
> coL...@li...
> https://lists.sourceforge.net/lists/listinfo/colinux-users
>

[coLinux-users] when changing input methods, ctrl-space conflict with windows input method

[zhang z. <zha...@gm...>]

Hello,every body,I am a colinux and a linux newbie.
I use scim, and when I use ctrl-space to shift between its input
methods, nothing changed and what changed is my input methods in
windows. Alt-tab is OK shifting between gnome desktop programs,why
ctrl-space isn't?
Any suggestions is appreciated, Thanks a lot!

best wishes
zhangzhengquan

[coLinux-users] gentoo-> rsync error: error in rsync protocol data stream (code 12) at io.c(666)

[Mark M <mar...@ya...>]

Not sure if this is gentoo related or colinux related.

When doing an emerge sync I get the following error every 5min or so.

rsync error: error in rsync protocol data stream (code 12) at io.c(666)

Any ideas what is happening here?

Incidentally, in the installer, perhaps it should be sugggested that
debian is more appropriate for a novice as it supplies pre-built
binaries. 

Flame away LOL.

Thanks, Mark.

Send instant messages to your online friends http://au.messenger.yahoo.com 

Re: [coLinux-users] test

[Sam M. <pa...@gm...>]

A test of what?

On 30/07/06, mattias jonsson <mj...@ma...> wrote:
>
>
> only a test
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
>
> _______________________________________________
> coLinux-users mailing list
> coL...@li...
> https://lists.sourceforge.net/lists/listinfo/colinux-users
>
>
>

[coLinux-users] test

[mattias j. <mj...@ma...>]

b25seSBhIHRlc3Q=