Here is a wonderful github repository for playing around with BPF https://github.com/iovisor/bcc
Server is up and running again. This morning I finished the xen (3.4) and kernel (2.6.32) updates I prepared yesterday evening. The only pitfall I stumbled across, was that the kernel in the debian repository (2.6.26-xen) seemingly wasn’t compatible with the latest xen in the debian repository (system would hang while booting, I guess that’s what I get for using “testing”).
Anyway, anyone using “lenny” or “testing” and wanting to update xen; here are a few tips to make the transition a breeze:
- The debian wiki is full of useful information regarding xen
- backports.org has a current xen kernel (linux-image-2.6.32-bpo.4-xen-amd64) that works fine with xen 3.4, just follow the instructions on backports.org on how to add it to apt.
- I had to deactivate the “vfb” (VNC console) setting in the domU config files to get my guests to boot, browsing the Internet I saw people having the same problem with the “dhcp” setting.
- If you are planning on updating the guests kernels too (advised), remember to change the “kernel” and “ramdisk” settings in the domU config files accordingly
With these few points in mind, the update is a breeze.
The combination of rkhunter and the latest stable Linux kernel has been giving me problems the last few days. Considering that I couldn’t find anything about this on the Internet, I guess it must be something special about my box. rkhunter makes my server hang when it gets to the part where it checks for hidden processes if I use the 2.6.26-3 kernel. If I use the same .config and make myself a 2.6.25-16 (the latest stable 2.6.25) rkhunter runs without problems.
While it is nice that I found the problem, it was a pain narrowing down the culprit. The last few days I had noticed that my server was dead in the water every morning and had at first suspected vmware, since I had installed that a few days ago on the server (and had to make a new kernel to get it running). Well, everything is fine now. Next time I have to update my kernel, I’ll remember to do a test run of /etc/cron.daily