The server has been unavailable to most users from guesstimately yesterday evening until 13:30 (CET) today. Services were suddenly being denied access to various system locations (such as /tmp and /dev/null, which are rather vital).
While the exact cause is still being investigated, the most likely culprit is Gentoos package management software (portage). Whether it’s a general bug or "just" an error in one of the package ebuilds I do not know, but I’ll certainly try to find out.
I guess this means it’s time to go for a proper ACL system and Tripwire (or some other integrity checking tool).
Due to the server now having two separate internet connections I had to set up policy based routing, in order to make the server respond on the same interface as the request was received.
I took the opportunity to clean up my firewall rules, and the combination of these changes took a while to get right. This may have caused problems for some users from 4:00-6:00 (CET) this morning.
The server will be taken offline saturday (April 2nd) afternoon (~16:00 CET) for a few hardware upgrades. I expect it will be unavailable for anywhere between 20 minutes and a full hour, depending on how smoothly everything goes.