Re: [Vserver] iptables
[EMAIL PROTECTED] ("Gregory (Grisha) Trubetskoy") writes:
> Given that vserver won't allow you to use iptables, has anyone tried a
> solutions where tha iptables command is replaced by a stub command that
> talks to a daemon in context 0 to set up tables?
vserver-djinni[1] is such a daemon and it should be easy to write
rules for iptables management. This program requires libvserver
from the util-vserver alpha-branch.
Enrico
Footnotes:
[1]
http://www.tu-chemnitz.de/~ensc/fedora.us-build/html/ar01s02.html#sec:components:vserver-djinni
http://www.tu-chemnitz.de/~ensc/fedora.us-build/files/
___
Vserver mailing list
[EMAIL PROTECTED]
http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] 2.6.5 and patch-2.6.5-vs1.9.0pre2.diff doesn't compile
Hello, Linux 2.6.5 with the patch http://vserver.13thfloor.at/Experimental/patch-2.6.5-vs1.9.0pre2.diff doesn't compile. When I run make bzImage, I get the error message below. I have tried gcc-2.95 and gcc-3.3.3. CC init/main.o In file included from init/main.c:35: include/linux/security.h:1022: error: parse error before "dqhash" include/linux/security.h:1022: warning: function declaration isn't a prototype make[1]: *** [init/main.o] Error 1 make: *** [init] Error 2 Regards Jakob ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] 2.6.5 and patch-2.6.5-vs1.9.0pre2.diff doesn't compile
On Mon, Apr 05, 2004 at 09:49:48AM +0200, Jakob Lell wrote: > Hello, > Linux 2.6.5 with the patch > http://vserver.13thfloor.at/Experimental/patch-2.6.5-vs1.9.0pre2.diff doesn't > compile. When I run make bzImage, I get the error message below. I have tried > gcc-2.95 and gcc-3.3.3. > > CC init/main.o > In file included from init/main.c:35: > include/linux/security.h:1022: error: parse error before "dqhash" > include/linux/security.h:1022: warning: function declaration isn't a prototype > make[1]: *** [init/main.o] Error 1 > make: *** [init] Error 2 thanks for reporting this, didn't try with SElinux (security) enabled, so I didn't hit that issue ... http://vserver.13thfloor.at/Experimental/delta-2.6.5-vs1.9.0pre2-vs1.9.0pre3.diff should fix this ... (pre4 will be out soon) thanks again, Herbert > Regards > Jakob > > ___ > Vserver mailing list > [EMAIL PROTECTED] > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Problem with quota disk
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I've succesfully installed vserver on debian woody on PII 450 with 190Mo RAM with vserser1.27 + q0.14 + bme0 patches :) I've put 2 Debian woody and 1 Sarge vservers on this computer. Now, i've 2 problems. I want limiting size of each vserver (1Go for exemple) and memory (128 Mo for exemple) too. I've read more docs, wiki, mailing-list but, it's not very simple :( The exemples i've found are for LVM or /vservers on dedicated partition :( Could you help me please ? Configuration : Main computer : woody + 2.4.25 + vserser1.27 + q0.14 + bme0 patches 190Mo RAM, ext3 /dev/hda3 3.7G 1.7G 1.9G 47% / /dev/hda1 92M 11M 77M 12% /boot ln -s /var/lib/vservers /vservers vserver1 + vserver 2 : woody vserver3 : sid cat /etc/vservers/vserser1.conf IPROOT="eth1:192.168.0.51/255.255.255.0" IPROOTDEV="eth1" S_HOSTNAME="vserver1.localdomain.net" S_DOMAINNAME="" S_NICE="" #S_CONTEXT="100" S_FLAGS="lock nproc fakeinit sched" ULIMIT="-HS -u 1000 -v 128000 -l 131072 -m 131072 -n 1024" ONBOOT="yes" S_CAPS="CAP_NET_RAW CAP_QUOTACTL" Regards - -- Franck http://www.linuxpourtous.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAcX3H1zwfep5k9qERAsqpAKCLEqR3101aM5PURBtY4JCjYU3KhACgqM8v 8LnN1TScf/Bm5i9yYbWDixY= =0xjQ -END PGP SIGNATURE- ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Problem with quota disk
On Mon, Apr 05, 2004 at 05:39:51PM +0200, Franck wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Hello, > > I've succesfully installed vserver on debian woody on PII 450 with 190Mo RAM > with vserser1.27 + q0.14 + bme0 patches :) > I've put 2 Debian woody and 1 Sarge vservers on this computer. > > Now, i've 2 problems. I want limiting size of each vserver (1Go for exemple) > and memory (128 Mo for exemple) too. > I've read more docs, wiki, mailing-list but, it's not very simple :( The > exemples i've found are for LVM or /vservers on dedicated partition :( > > Could you help me please ? repartition your system with a separate /vservers partition it is a) too dangerous, and b) too complicated to use context tagging on the root partition ... best, Herbert > Configuration : > Main computer : woody + 2.4.25 + vserser1.27 + q0.14 + bme0 patches > 190Mo RAM, ext3 > /dev/hda3 3.7G 1.7G 1.9G 47% / > /dev/hda1 92M 11M 77M 12% /boot > > ln -s /var/lib/vservers /vservers > > vserver1 + vserver 2 : woody > vserver3 : sid > > cat /etc/vservers/vserser1.conf > IPROOT="eth1:192.168.0.51/255.255.255.0" > IPROOTDEV="eth1" > S_HOSTNAME="vserver1.localdomain.net" > S_DOMAINNAME="" > S_NICE="" > #S_CONTEXT="100" > S_FLAGS="lock nproc fakeinit sched" > ULIMIT="-HS -u 1000 -v 128000 -l 131072 -m 131072 -n 1024" > ONBOOT="yes" > S_CAPS="CAP_NET_RAW CAP_QUOTACTL" > > Regards > - -- > Franck > > http://www.linuxpourtous.com > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.4 (GNU/Linux) > > iD8DBQFAcX3H1zwfep5k9qERAsqpAKCLEqR3101aM5PURBtY4JCjYU3KhACgqM8v > 8LnN1TScf/Bm5i9yYbWDixY= > =0xjQ > -END PGP SIGNATURE- > > ___ > Vserver mailing list > [EMAIL PROTECTED] > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Problem with quota disk
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > > Hello, > > > > I've succesfully installed vserver on debian woody on PII 450 with 190Mo > > RAM with vserser1.27 + q0.14 + bme0 patches :) > > I've put 2 Debian woody and 1 Sarge vservers on this computer. > > > > Now, i've 2 problems. I want limiting size of each vserver (1Go for > > exemple) and memory (128 Mo for exemple) too. > > I've read more docs, wiki, mailing-list but, it's not very simple :( The > > exemples i've found are for LVM or /vservers on dedicated partition :( > > > > Could you help me please ? > > repartition your system with a separate /vservers partition > it is a) too dangerous, and b) too complicated to use context > tagging on the root partition ... OK, i've made one other partition for /vsersers But how can i find some docs to limiting size of each vserverand memory too. ++ - -- Franck http://www.linuxpourtous.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAcYLy1zwfep5k9qERAoEhAJ9AX95JAXZYcVzsEH7FkYfMTg8uHQCfWkWl recwc4h5R7+k9ay6SvYYykA= =1Mx4 -END PGP SIGNATURE- ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Problem with quota disk
On Mon, Apr 05, 2004 at 06:01:54PM +0200, Franck wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > > Hello, > > > > > > I've succesfully installed vserver on debian woody on PII 450 with 190Mo > > > RAM with vserser1.27 + q0.14 + bme0 patches :) > > > I've put 2 Debian woody and 1 Sarge vservers on this computer. > > > > > > Now, i've 2 problems. I want limiting size of each vserver (1Go for > > > exemple) and memory (128 Mo for exemple) too. > > > I've read more docs, wiki, mailing-list but, it's not very simple :( The > > > exemples i've found are for LVM or /vservers on dedicated partition :( > > > > > > Could you help me please ? > > > > repartition your system with a separate /vservers partition > > it is a) too dangerous, and b) too complicated to use context > > tagging on the root partition ... > > OK, i've made one other partition for /vsersers > But how can i find some docs to limiting size of each vserverand memory too. memory limits are only partially enforced on stable, but you can limit the VM with the rlimit interface ... this is a little outdated, but addresses the context disk limits ... http://vserver.13thfloor.at/Linux2.6/index.php?page=Per+Context+Disk+Limits there is also an upcoming howto by talon? HTH, Herbert > ++ > - -- > Franck > > http://www.linuxpourtous.com > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.4 (GNU/Linux) > > iD8DBQFAcYLy1zwfep5k9qERAoEhAJ9AX95JAXZYcVzsEH7FkYfMTg8uHQCfWkWl > recwc4h5R7+k9ay6SvYYykA= > =1Mx4 > -END PGP SIGNATURE- > > ___ > Vserver mailing list > [EMAIL PROTECTED] > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Problem with quota disk
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > > > > Hello, > > > > > > > > I've succesfully installed vserver on debian woody on PII 450 with > > > > 190Mo RAM with vserser1.27 + q0.14 + bme0 patches :) > > > > I've put 2 Debian woody and 1 Sarge vservers on this computer. > > > > > > > > Now, i've 2 problems. I want limiting size of each vserver (1Go for > > > > exemple) and memory (128 Mo for exemple) too. > > > > I've read more docs, wiki, mailing-list but, it's not very simple :( > > > > The exemples i've found are for LVM or /vservers on dedicated > > > > partition :( > > > > > > > > Could you help me please ? > > > > > > repartition your system with a separate /vservers partition > > > it is a) too dangerous, and b) too complicated to use context > > > tagging on the root partition ... > > > > OK, i've made one other partition for /vsersers > > But how can i find some docs to limiting size of each vserverand memory > > too. > > memory limits are only partially enforced on stable, > but you can limit the VM with the rlimit interface ... > > this is a little outdated, but addresses the context > disk limits ... > > http://vserver.13thfloor.at/Linux2.6/index.php?page=Per+Context+Disk+Limits OK, thanks but what's /dev/shared/device and /dev/real/block/device ? My new hard disk is on /dev/hdb1 (2.1Go) pointing to /vsersers (/var/lib/ vservers/) > there is also an upcoming howto by talon? I'm obliged to apply all this patch ? bzcat ../patch-2.4.22-c17e.diff.bz2 | patch -p1 bzcat ../patch-2.4.22-c17e-mq0.11.diff.bz2 | patch -p1 bzcat ../patch-2.4.22-c17e-mq0.10-cx0.06.diff.bz2 | patch -p1 bzcat ../patch-2.4.22-c17e-mq0.11-cx0.06-cq0.11.diff.bz2 | patch -p1 bzcat ../patch-2.4.22-c17e-mq0.11-cx0.06-cq0.11-dl0.05.diff.bz2 | patch -p 2.4.25 + vserser1.27 + q0.14 + bme0 isn't the good way ? I'm very lost with all this patch :( ++ - -- Franck http://www.linuxpourtous.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAcY7C1zwfep5k9qERAqCYAJ0f/lBjbD4vfGLm99DykR6oxRA5KgCgr/v3 L5+gorRkkT17080+W6sG71k= =F+da -END PGP SIGNATURE- ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Problem with quota disk
On Mon, Apr 05, 2004 at 06:52:18PM +0200, Franck wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > > > > Hello, > > > > > > > > > > I've succesfully installed vserver on debian woody on PII 450 with > > > > > 190Mo RAM with vserser1.27 + q0.14 + bme0 patches :) > > > > > I've put 2 Debian woody and 1 Sarge vservers on this computer. > > > > > > > > > > Now, i've 2 problems. I want limiting size of each vserver (1Go for > > > > > exemple) and memory (128 Mo for exemple) too. > > > > > I've read more docs, wiki, mailing-list but, it's not very simple :( > > > > > The exemples i've found are for LVM or /vservers on dedicated > > > > > partition :( > > > > > > > > > > Could you help me please ? > > > > > > > > repartition your system with a separate /vservers partition > > > > it is a) too dangerous, and b) too complicated to use context > > > > tagging on the root partition ... > > > > > > OK, i've made one other partition for /vsersers > > > But how can i find some docs to limiting size of each vserverand memory > > > too. > > > > memory limits are only partially enforced on stable, > > but you can limit the VM with the rlimit interface ... > > > > this is a little outdated, but addresses the context > > disk limits ... > > > > http://vserver.13thfloor.at/Linux2.6/index.php?page=Per+Context+Disk+Limits > > OK, thanks but what's /dev/shared/device and /dev/real/block/device ? > My new hard disk is on /dev/hdb1 (2.1Go) pointing to /vsersers (/var/lib/ > vservers/) in your case, both are /dev/hdb1, you probably want to add the tagxid (or tagctx) option to /etc/fstab for that partition and later on, you might want to use the vroot device for quota inside a vserver (not required for disk limits) > > there is also an upcoming howto by talon? > I'm obliged to apply all this patch ? > bzcat ../patch-2.4.22-c17e.diff.bz2 | patch -p1 > bzcat ../patch-2.4.22-c17e-mq0.11.diff.bz2 | patch -p1 > bzcat ../patch-2.4.22-c17e-mq0.10-cx0.06.diff.bz2 | patch -p1 > bzcat ../patch-2.4.22-c17e-mq0.11-cx0.06-cq0.11.diff.bz2 | patch -p1 > bzcat ../patch-2.4.22-c17e-mq0.11-cx0.06-cq0.11-dl0.05.diff.bz2 | patch -p > > 2.4.25 + vserser1.27 + q0.14 + bme0 isn't the good way ? I'm very lost with > all this patch :( no, as I said, this is outdated, but feel free to update it (q0.14 contains successors of the patches mentioned above) HTH, Herbert PS: if you prefer direct communication, join us at the irc channel (#vserver irc.oftc.net) > ++ > - -- > Franck > > http://www.linuxpourtous.com > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.4 (GNU/Linux) > > iD8DBQFAcY7C1zwfep5k9qERAqCYAJ0f/lBjbD4vfGLm99DykR6oxRA5KgCgr/v3 > L5+gorRkkT17080+W6sG71k= > =F+da > -END PGP SIGNATURE- > > ___ > Vserver mailing list > [EMAIL PROTECTED] > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Problem with quota disk
> > > memory limits are only partially enforced on stable, > > > but you can limit the VM with the rlimit interface ... ULIMIT="-HS -u 1000 -v 128000 -l 131072 -m 131072 -n 1024" -v 128000 limit the memory to 128 MO i think ??? > > OK, thanks but what's /dev/shared/device and /dev/real/block/device ? > > My new hard disk is on /dev/hdb1 (2.1Go) pointing to /vsersers (/var/lib/ > > vservers/) > > in your case, both are /dev/hdb1, you probably want to add > the tagxid (or tagctx) option to /etc/fstab for that partition > and later on, you might want to use the vroot device for > quota inside a vserver (not required for disk limits) One problem at the same time :) quota in vserver will be in the futur. Now, i want limiting size of a vserver > > > there is also an upcoming howto by talon? > > > > I'm obliged to apply all this patch ? > > bzcat ../patch-2.4.22-c17e.diff.bz2 | patch -p1 > > bzcat ../patch-2.4.22-c17e-mq0.11.diff.bz2 | patch -p1 > > bzcat ../patch-2.4.22-c17e-mq0.10-cx0.06.diff.bz2 | patch -p1 > > bzcat ../patch-2.4.22-c17e-mq0.11-cx0.06-cq0.11.diff.bz2 | patch -p1 > > bzcat ../patch-2.4.22-c17e-mq0.11-cx0.06-cq0.11-dl0.05.diff.bz2 | patch > > -p > > > > 2.4.25 + vserser1.27 + q0.14 + bme0 isn't the good way ? I'm very lost > > with all this patch :( > > no, as I said, this is outdated, but feel free to update it > (q0.14 contains successors of the patches mentioned above) ./cqhadd -x 100 -v /dev/hdb1 adding quota hash for /dev/hdb1 ... failed: Function not implemented ./cqdlim -x 100 -S 0,200,0,1000,10 -v /dev/hdb1 dlimctl failed: No such device or address > PS: if you prefer direct communication, join us at the irc > channel (#vserver irc.oftc.net) YES :) -- Franck http://www.linuxpourtous.com ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Calculating size
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, i'm searching a script to calculate the current values for disk limit and, if possible store this on shutdown ... Regards - -- Franck http://www.linuxpourtous.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD4DBQFAcZ8w1zwfep5k9qERAlZUAKCCHcFZ1Gg8k+GWRISiyh1WPkcmdACYzLEz NAYDh0nsDgpRpt0erDtFow== =j89B -END PGP SIGNATURE- ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] reiserfs and barrier ...
Which item is this protecting against? Herbert Poetzl said: > > Hi everyone! > > yesterday we spent a few hours to find out the > (for reiserfs users?) obvious about reiserfs and > attributes like immutable or iunlink ... > > reiserfs (as in 2.4.25) requires an additional > mount option called 'attrs' to honor those flags > (and of course, to make the barrier work) > > so if you use reiserfs, keep in mind to activate > this option, otherwise it will not be secure > with linux-vserver ... > > HTH, > Herbert > > ___ > Vserver mailing list > [EMAIL PROTECTED] > http://list.linux-vserver.org/mailman/listinfo/vserver > -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana ___ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
