Re: [Vserver] unable to start server with quota's enabled
Herbert Poetzl said: well, I'd say you added the S_CONTEXT=100 after you encountered the first issues ... but you can check with the lsxid tool doing lsxid /vservers/web1/etc/init.d/rc lsxid /vservers/web1/bin/bash and you can probably fix it by doing: mv /vservers/web1 /vservers/web1.old cp -va /vservers/web1.old /vservers/web1 (everything after having mounted sda1 with tagxid) Got it! Herbert your fast on answers. Works great. 2 questions. 1.)I cannot find the lsxid command for debian, even after doing a google for it. 2.)Where can I host vserver+grsec2+tagctx kernel packages for debian? They appear production stable. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Re: alpha util-vserver patch: improve/fix dietlibc version detection
Hans Ulrich Niedermann [EMAIL PROTECTED] writes: What they fix: * handle a version number like 0.27-7 Can you check if CVS ([1]) fixes your problem? It does not. For _dietlibc_ver_min=27-7, the line _dietlibc_ver_min=${_dietlibc_ver_min%%[!0-9]*} doesn't do what it is supposed to do. What do you expect there? | $ _dietlibc_ver_min=27-7 | $ echo ${_dietlibc_ver_min%%[!0-9]*} | 27 seems to be the correct result. Enrico ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] The Future of Stable 1.2x ...
If for one am not willing to move my stable boxes to 2.6 kernels until I am quite sure of their stability. here here, I'm just staring to move to 1.27 with the 2.4.27 kernel. IIRC there were known problems with 1.27, not to mention security issues with 2.4.27. anyhoo, what about 1.2.10 as suggested by someone else? I'm planning on moving to 2.6 this summer, which means that some production boxes will stay on 2.4 at least until winter/next year. -- Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9 We're giving you a new chance in life, and an opportunity to screw it up in a new, original way. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] The Future of Stable 1.2x ...
Hello This is just my opinion on this matter. On Fri, Jan 07, 2005 at 12:41:04AM +0100, Herbert Poetzl wrote: ... depends on you! ;) Greetings Community! don't be alarmed, we are not going to wipe out the stable 1.2x branch now (we rather let it die in piece, eventually) but we have reached a point where the spiffy nomenclature we (I?) came up with reaches it's limits ... ... so we have to decide what should be released after 1.29 ... the obvious options are: * 1.2YY (e.g. 1.210) * 1.2.Y (e.g. 1.2.10) * 1.2Y(e.g. 1.2A) * 1.2-z (e.g. 1.2-final1) funny but (maybe) problematic names would be: * 1.30 * 1.29.1 I suggest one of the above two. It would fit the standard version numbering scheme as the development version should be named 2.0 when it is done, as (I understand at least, it is more or less a total rewrite). I change major versions when it is no longer backwards compatible in some major way (new database format without good automatic transition or similar). MAJOR.MINOR.BUGFIX We have major version 1 Minor version 29 and bugfix version 1. If the new version contain new features it should be named 1.30 or 1.30.0 so please let me know if you find any of those appealing or disgusting and let me know if you have a better idea ... but do it soon, as a (minor) bugfix is on it's way ... If it is a bugfix release then I suggest 1.29.1 also feel free to let me know what you want us to do with the stable 2.4 branch in the future ... (currently it's in deep freeze, bug fix mode) If you can keep the patches compatible with 2.4 kernel that is great but not truely necessary. It would be nice if the util-vserver tool is backwards compatible as people do not change kernel on production servers that much. At least I dont. On the other hand I do not have many produciton servers anymore as I have switched job. :) Regards, // Ola TIA, Herbert ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Re: alpha util-vserver patch: improve/fix dietlibc version detection
Enrico Scholz [EMAIL PROTECTED] writes: Hans Ulrich Niedermann [EMAIL PROTECTED] writes: For _dietlibc_ver_min=27-7, the line _dietlibc_ver_min=${_dietlibc_ver_min%%[!0-9]*} doesn't do what it is supposed to do. What do you expect there? | $ _dietlibc_ver_min=27-7 | $ echo ${_dietlibc_ver_min%%[!0-9]*} | 27 seems to be the correct result. Exactly, if it is in the shell. But due to [] being the m4 quotes, you have to write that as dietlibc_ver_min=${_dietlibc_ver_min%%[[!0-9]]*} in m4/ensc_dietlibc.m4. (I have now tested to verify how it went wrong instead of just stating it doesn't work :) Gru, Uli pgpgULuO6GgLZ.pgp Description: PGP signature ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] unable to start server with quota's enabled
Hi Lucas, 1.)I cannot find the lsxid command for debian, even after doing a google for it. they are part of the alpha tools. Currently there's no official Debian package for those utils but only for the stable ones. We're working on changing that. If you want to try the alpha-util-vserver debian test package rather than poking around with sources, drop me a private note. 2.)Where can I host vserver+grsec2+tagctx kernel packages for debian? I'm not sure they are of public interest, but i think as this is now the archive, people can come to you asking for them (personally i prefer my own kernels *g*). -- Best regards, Kilian signature.asc Description: Dies ist ein digital signierter Nachrichtenteil ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] unable to start server with quota's enabled
On Fri, Jan 07, 2005 at 02:02:07AM -0700, Lucas Albers wrote: Herbert Poetzl said: well, I'd say you added the S_CONTEXT=100 after you encountered the first issues ... but you can check with the lsxid tool doing lsxid /vservers/web1/etc/init.d/rc lsxid /vservers/web1/bin/bash and you can probably fix it by doing: mv /vservers/web1 /vservers/web1.old cp -va /vservers/web1.old /vservers/web1 (everything after having mounted sda1 with tagxid) Got it! Herbert your fast on answers. Works great. 2 questions. 1.) I cannot find the lsxid command for debian, even after doing a google for it. guess this will be addressed soon ... 2.) Where can I host vserver+grsec2+tagctx kernel packages for debian? wherever you like, just make sure to add a link to the wiki, so folks will find them ... They appear production stable. what about the 'known' grsec-vserver incompatibilities? best, Herbert -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] The Future of Stable 1.2x ...
On Fri, Jan 07, 2005 at 11:53:41AM +0100, Ola Lundqvist wrote: Hello This is just my opinion on this matter. On Fri, Jan 07, 2005 at 12:41:04AM +0100, Herbert Poetzl wrote: ... depends on you! ;) Greetings Community! don't be alarmed, we are not going to wipe out the stable 1.2x branch now (we rather let it die in piece, eventually) but we have reached a point where the spiffy nomenclature we (I?) came up with reaches it's limits ... ... so we have to decide what should be released after 1.29 ... the obvious options are: * 1.2YY (e.g. 1.210) * 1.2.Y (e.g. 1.2.10) * 1.2Y(e.g. 1.2A) * 1.2-z (e.g. 1.2-final1) funny but (maybe) problematic names would be: * 1.30 * 1.29.1 I suggest one of the above two. It would fit the standard version numbering scheme as the development version should be named 2.0 when it is done, as (I understand at least, it is more or less a total rewrite). I change major versions when it is no longer backwards compatible in some major way (new database format without good automatic transition or similar). MAJOR.MINOR.BUGFIX We have major version 1 Minor version 29 and bugfix version 1. If the new version contain new features it should be named 1.30 or 1.30.0 so please let me know if you find any of those appealing or disgusting and let me know if you have a better idea ... but do it soon, as a (minor) bugfix is on it's way ... If it is a bugfix release then I suggest 1.29.1 okay, thanks, I'll map that according to http://linux-vserver.org/Release+FAQ and take it as a vote for 1.2.10 ... also feel free to let me know what you want us to do with the stable 2.4 branch in the future ... (currently it's in deep freeze, bug fix mode) If you can keep the patches compatible with 2.4 kernel that is great but not truely necessary. It would be nice if the util-vserver tool is backwards compatible as people do not change kernel on production servers that much. At least I dont. On the other hand I do not have many produciton servers anymore as I have switched job. :) the alpha util-vserver are 'backwards' compatible as far as possible (and IIRC even better tested with 2.4 than with 2.6, where the work fine ;) thanks, Herbert PS: let's get the Debian stuff rolling whenever you have some time ... (i.e. let's meet on the channel) Regards, // Ola TIA, Herbert ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Re: alpha util-vserver patch: improve/fix dietlibc version detection
Hans Ulrich Niedermann [EMAIL PROTECTED] writes: For _dietlibc_ver_min=27-7, the line _dietlibc_ver_min=${_dietlibc_ver_min%%[!0-9]*} doesn't do what it is supposed to do. What do you expect there? | $ _dietlibc_ver_min=27-7 | $ echo ${_dietlibc_ver_min%%[!0-9]*} | 27 seems to be the correct result. Exactly, if it is in the shell. But due to [] being the m4 quotes, you have to write that as dietlibc_ver_min=${_dietlibc_ver_min%%[[!0-9]]*} in m4/ensc_dietlibc.m4. argll... stupid error. Thx for detecting it. Enrico ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] The Future of Stable 1.2x ...
Hello On Fri, Jan 07, 2005 at 04:24:42PM +0100, Herbert Poetzl wrote: On Fri, Jan 07, 2005 at 11:53:41AM +0100, Ola Lundqvist wrote: Hello This is just my opinion on this matter. On Fri, Jan 07, 2005 at 12:41:04AM +0100, Herbert Poetzl wrote: ... depends on you! ;) Greetings Community! don't be alarmed, we are not going to wipe out the stable 1.2x branch now (we rather let it die in piece, eventually) but we have reached a point where the spiffy nomenclature we (I?) came up with reaches it's limits ... ... so we have to decide what should be released after 1.29 ... the obvious options are: * 1.2YY (e.g. 1.210) * 1.2.Y (e.g. 1.2.10) * 1.2Y(e.g. 1.2A) * 1.2-z (e.g. 1.2-final1) funny but (maybe) problematic names would be: * 1.30 * 1.29.1 I suggest one of the above two. It would fit the standard version numbering scheme as the development version should be named 2.0 when it is done, as (I understand at least, it is more or less a total rewrite). I change major versions when it is no longer backwards compatible in some major way (new database format without good automatic transition or similar). MAJOR.MINOR.BUGFIX We have major version 1 Minor version 29 and bugfix version 1. If the new version contain new features it should be named 1.30 or 1.30.0 so please let me know if you find any of those appealing or disgusting and let me know if you have a better idea ... but do it soon, as a (minor) bugfix is on it's way ... If it is a bugfix release then I suggest 1.29.1 okay, thanks, I'll map that according to http://linux-vserver.org/Release+FAQ and take it as a vote for 1.2.10 ... Yes that sounds like a good thing. also feel free to let me know what you want us to do with the stable 2.4 branch in the future ... (currently it's in deep freeze, bug fix mode) If you can keep the patches compatible with 2.4 kernel that is great but not truely necessary. It would be nice if the util-vserver tool is backwards compatible as people do not change kernel on production servers that much. At least I dont. On the other hand I do not have many produciton servers anymore as I have switched job. :) the alpha util-vserver are 'backwards' compatible as far as possible (and IIRC even better tested with 2.4 than with 2.6, where the work fine ;) Really nice. thanks, Herbert PS: let's get the Debian stuff rolling whenever you have some time ... (i.e. let's meet on the channel) In there now. Regards, // Ola Regards, // Ola TIA, Herbert ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] New and having problems to build my 1st vserver...
Hello, all, and happy new year ! I recently discovered Linux-vservers, and I'm trying to build a vserver host. The kernel compilation and installation went well, and it works fine (Mandrake, 2.6.9vs1.9.3). I'm encountering problems to build my first vserver I definitely given up using the Vservers tools, and started using utils-vserver. I tried all the building options (copy fails, legacy too - I installed the rpm -, apt-rpm...), but the only which seems to work is debootstrap. The correct way was hard to guess, the only doc I found is a german pdf presentation... All the current doc on the main linux-vserver site refer the the old Vserver tools, or are incomplete :( Well, I'm currently writing down all my experiments in order to make a Mandrake-Linux-vservers doc. Well, I created a LVM/XFS partition, mounted it in /vservers/sample (Sample is the name of the test vserver I'm trying to create), and called: # vserver sample build -m debootstrap --interface. This fails because /vserver/sample already exists (It's mounted), and using --force fails too because vserver-build cannot mv a mounted directory... The solution would be to have a single partition for all vservers, but I want one for each. How can I do this ? Second thing: This forces me to install a Debian vserver... Well, I was planning to try Debian, but not this soon ;-) !!! I'd like to keep up with mandrake vservers for the beginning. Is there a way to build one ? Could I help the project by making a Mandrake profile like there is for Fc1/2, Rh9, Debian, Suse ??? Is it hard for a beginner ? Thanks for your help. -- ,, (° Nicolas Costes /|\ IUT de La Roche / Yon ( ^ ) Clé publique: http://www.keyserver.net/ ^ ^ Musique libre: http://www.magnatune.com/ pgpWOGU7Wwyg6.pgp Description: PGP signature ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] unable to start server with quota's enabled
Herbert Poetzl said: They appear production stable. what about the 'known' grsec-vserver incompatibilities? I have not encountered any bugs that have caused my vservers to crash, or had a security exploit, or data corruption... I was not aware their were any major bugs. Grsec has prevented one of my vservers from beign cracked from a vulnerablephpbb2 exploit, or having it escalated to a root exploit. The problem I am encountering is the need to backport security patches for arbitrary kernels. For example the 2.4.23,2.4.25, and 2.4.27 kernels. I prefer backporting security erratta if the systems are stable to minimize change in the kernel. Guess I will have to upgrade my kernels. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] documentation for cq-tools
I cannot find any documentation for cq-tools, other then a few command line examples here: http://vserver.13thfloor.at/Linux2.6/index.php?page=Per+Context+Disk+Limits Is their additional documentation on this tool? -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] New and having problems to 'build' my 1st vserver...
Nicolas Costes said: Second thing: This forces me to install a Debian vserver... Well, I was planning to try Debian, but not this soon ;-) !!! I'd like to keep up use debian as your vserver host, it's much easier to manager vservers on a debian box. I've used redhat/mandrake as vserver host, and very very much prefer using debian. I dont' remember the steps to get it to work with redhat/mandrake. I remember a lot of steps. You can always try with debian then switch back to mandrake when you see how it all works... -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver