Re: [Vserver] Gentoo Build fails
On Tuesday 26 April 2005 22:25, Oliver Welter wrote: Hi Folks, I tried to update my Gentoo System and my util-vserver fail to compile The systm was running finde for about 8 weeks, yesterday I started a world update and the util-vserver ebuild fialed. Any Ideas ?? Oliver Could you please post the output of `emerge info`? -- He who asks a question is a fool for a minute, He who doesn't ask is a fool for a lifetime. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Starting vserver kills my X session
Benedikt Boehm wrote: We discovered that /dev/console inside your vserver is evil WRT init. You can either remove /dev/console or rebuild init with /dev/null as console ... or mknod /dev/console as the same device as /dev/tty or /dev/null? Michal Ludvig -- * Personal homepage: http://www.logix.cz/michal ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Ssh from and to vservers and host
On Wed, 20 Apr 2005, Herbert Poetzl wrote: On Tue, Apr 19, 2005 at 11:06:56PM +0200, Arjen wrote: Hi! Playing around with my vservers i noticed this, i can ssh from my root server to my vservers, but from my vservers i can't ssh to another vserver, to the rootserver or to the 'outside'. Is this common behavior? If not any hints on how to get around this? I can imagine it has something to do with all network interfaces having the same macaddress on host and vservers, but was hoping there was a workaround. For now i'm stuck with 'Host verification failed', not handy when having port 22 on my nat-router forwarded to a vserver. Oh, btw, when I do it as root it works! Now I really don't get it. sounds like an userspace/configuration issue to me ... did you check the logs on the server side? maybe some permissions are not as expected ... does ssh or any shell work as user (inside the vserver)? Nothing in the logs... Yes, i can start f.e. sash without any problems. But i still can't ssh out of the vserver as a normal user, only as root. The thing is, i'm still battling this. I've got a similar problem using screen, when i start screen as a normal user it tells me: No more PTYs. Sorry could not find a PTY. I can fix this for screen by making it suid, but thats not a real solution. I've been googling for the ssh issue and found that this also could be related to not being able to allocate a tty. Sorry for bringing this up again, but i'm getting tired of having to su to be able to ssh out of my vservers. Any hints appreciated! -Arjen ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Interface issues
Hi all! I am running a single physical host, say 10.0.0.1 with a single vhost on, say 10.0.0.20. On the main host, I have ssh running to be able to get onto the machine to admin the vservers. Within the vserver, I do NOT have ssh running. When I nmap the machine (10.0.0.1), I get a list of ports, including SSH. When I nmap the vserver (10.0.0.20), I get the exact same list of ports as when I nmap the main server!!! I can even ssh to my vserver's IP and get logged into the physical host! This is no good to me for security reasons - so what have I done wrong? Why doesn't nmap'ing the vserver address only show the services which are running in the vserver? How does the vserver see whats running on the main host? Please xplain to me :) G -- / Gary Wilson, aka dragon/dragonlord/dragonv480\ .'(_.--. e: [EMAIL PROTECTED] MSN: dragonv480 .--._)`. _ | Skype:dragonv480 ICQ:342070475 AIM:dragonv480 | _ `.( `--' w: http://volvo480.northernscum.org.uk `--' ).' \w: http://www.northernscum.org.uk / ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Interface issues
seems you haven't setup services on your main host to only bind to 10.0.0.1, which used to be a pre-requisite whenever setting up new virtual-servers. On 4/27/05, Gaz Wilson [EMAIL PROTECTED] wrote: Hi all! I am running a single physical host, say 10.0.0.1 with a single vhost on, say 10.0.0.20. On the main host, I have ssh running to be able to get onto the machine to admin the vservers. Within the vserver, I do NOT have ssh running. When I nmap the machine (10.0.0.1), I get a list of ports, including SSH. When I nmap the vserver (10.0.0.20), I get the exact same list of ports as when I nmap the main server!!! I can even ssh to my vserver's IP and get logged into the physical host! This is no good to me for security reasons - so what have I done wrong? Why doesn't nmap'ing the vserver address only show the services which are running in the vserver? How does the vserver see whats running on the main host? Please xplain to me :) G -- / Gary Wilson, aka dragon/dragonlord/dragonv480\ .'(_.--. e: [EMAIL PROTECTED] MSN: dragonv480 .--._)`. _ | Skype:dragonv480 ICQ:342070475 AIM:dragonv480 | _ `.( `--' w: http://volvo480.northernscum.org.uk `--' ).' \w: http://www.northernscum.org.uk / ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver -- To avoid being added to my spam filter: 1. Utilize list replies unless otherwise requested. 2. If you DO send me a personal email, use english. 3. HTML isn't cute. It belongs on the web, not in my inbox. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Interface issues
On Wed, 27 Apr 2005, Allen Parker wrote: seems you haven't setup services on your main host to only bind to 10.0.0.1, which used to be a pre-requisite whenever setting up new virtual-servers. Nope, you're right - been staring too much at more complex stuff and I overlooked the basics on this occasion... Thanks GW -- / Gary Wilson, aka dragon/dragonlord/dragonv480\ .'(_.--. e: [EMAIL PROTECTED] MSN: dragonv480 .--._)`. _ | Skype:dragonv480 ICQ:342070475 AIM:dragonv480 | _ `.( `--' w: http://volvo480.northernscum.org.uk `--' ).' \w: http://www.northernscum.org.uk / ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Gentoo Build fails
On Wed, 2005-04-27 at 08:19 +0200, Oliver Welter wrote: Hi Bene Could you please post the output of `emerge info`? SNIP virtual/os-headers: 2.4.22-r1 /SNIP Try updating your kernel headers ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Gentoo Build fails
On Wed, 27 Apr 2005, Dennis Roos wrote: On Wed, 2005-04-27 at 15:14 +0200, Oliver Welter wrote: Hi Dennis, Could you please post the output of `emerge info`? SNIP virtual/os-headers: 2.4.22-r1 /SNIP Try updating your kernel headers Hmm, ok I use a 2.6 series kernel but these are 2.4 - but there are no other ones in the portage - so I dont know what to do :| emerge -p linux-headers These are the packages that I would merge, in order: Calculating dependencies ...done! [ebuild R ] sys-kernel/linux-headers-2.6.8.1-r2 emerge linux-headers would emerge the 2.6 headers in my case - run an emerge sync prior to the emerge, just to make sure. Although this belongs on a Gentoo list, here's my 0.02 Euro. I think you need to switch profile to 2005.0 (there's lots of documentation on the net about that), when you try emerging linux-headers it will merge the 2.6 headers. HTH, -Arjen ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Gentoo Build fails
I think you need to switch profile to 2005.0 (there's lots of documentation on the net about that), when you try emerging linux-headers it will merge the 2.6 headers. I did and this was the problem - I linked the 2.4 profile by mistake - should not do such work at midnight THX and sorry for the OT Oliver -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72 smime.p7s Description: S/MIME Cryptographic Signature ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Ssh from and to vservers and host
On Wed, Apr 27, 2005 at 11:26:22AM +0200, Arjen wrote: On Wed, 20 Apr 2005, Herbert Poetzl wrote: On Tue, Apr 19, 2005 at 11:06:56PM +0200, Arjen wrote: Hi! Playing around with my vservers i noticed this, i can ssh from my root server to my vservers, but from my vservers i can't ssh to another vserver, to the rootserver or to the 'outside'. Is this common behavior? If not any hints on how to get around this? I can imagine it has something to do with all network interfaces having the same macaddress on host and vservers, but was hoping there was a workaround. For now i'm stuck with 'Host verification failed', not handy when having port 22 on my nat-router forwarded to a vserver. Oh, btw, when I do it as root it works! Now I really don't get it. sounds like an userspace/configuration issue to me ... did you check the logs on the server side? maybe some permissions are not as expected ... does ssh or any shell work as user (inside the vserver)? Nothing in the logs... Yes, i can start f.e. sash without any problems. But i still can't ssh out of the vserver as a normal user, only as root. The thing is, i'm still battling this. I've got a similar problem using screen, when i start screen as a normal user it tells me: No more PTYs. Sorry could not find a PTY. what does 'ls -la /dev/' inside the vserver give, and what 'cat /proc/mounts'? I can fix this for screen by making it suid, but thats not a real solution. I've been googling for the ssh issue and found that this also could be related to not being able to allocate a tty. could you provide an strace -fF of a failing screen? TIA, Herbert Sorry for bringing this up again, but i'm getting tired of having to su to be able to ssh out of my vservers. Any hints appreciated! -Arjen ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Oracle 10g... any Production Environments on VServer?
On Wed, Apr 27, 2005 at 04:47:49PM +1200, Mike Tierney wrote: Hi Is anyone currently running Oracle 10g in a Vserver as a Production system? It seems to run just fine inside a Linux 2.6.11.5-vs.1.9.5 (SMP) Vserver. That was using the latest alpha utils with a SuSE SLES 9 guest (basically a copy of the root file system - minimal SLES 9 install of a mere 260-odd RPM's). The only issues I had were: 1) Adding RUNLEVEL=$1 into the start of /vserver/dbserver/etc/rc.d so the SLES 9 guest would start! this is probably due to a missing/wrong entry in your config tree (see the flower page for runlevel details) 2) Putting a few exit 0's into /vserver/dbserver/etc/init.d/network so it wouldn't hang on vserver start or stop(!). those scripts should not be executed at all, i.e. you better disable the 'network' service completely ... 3) Adding an extry for the Vserver's hostname into /vserver/dbserver/etc/hosts to stop Oracle giving me error 46 encountered when initializing ldm in my alert.log hmm, resolver issues? That last one was a harmless message but it was annoying seeing it pop up! :) I then left it running a nasty AIO stress-test overnight and in the morning it was fine. (The first time I ran it with too many threads and it extended the undo tablespace by 15 gigs and ground to a very abrupt halt!). So the question is, is anybody actually running Oracle 10g inside any Vservers and have they had any problem with it??? The only real downside I can see is that you'd be limiting your support from Oracle. Unless of course you rebooted with a certified Kernel (i.e. SuSE or Redhat), chrooted into the Vserver, and then replicated any problems before logging a support call. Which would be a bit of hassle, especially if you were running your applications in a Vserver on the same box!! Which is kind of the whole point Unless the Vserver database is merely a fail-over or standby copy. yeah, well, that's the beauty of proprietary services ... btw, postgresql is a very fine alternative to oracle, and this is not just hogwash told by folks who never used oracle before ... but of course YMMV best, Herbert Cheers Mike ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] automount anyone?
On Wed, 27 Apr 2005, Herbert Poetzl wrote: On Tue, Apr 26, 2005 at 03:31:33PM -0400, Gregory (Grisha) Trubetskoy wrote: Has anyone here tried using automount with vservers? did you try to mount the autofs 'just' inside the vserver namespace (well, that's what I would do anyways) 'just' would be somewhere after the namespace is created, but before admin cap is removed - i couldn't quite figure out a nice way to do this with util-vserver (fstab doesn't help since automounts are done via the automount command) but even if we did find a place to fire atuomount from - IIRC the capabilities exist per-context. so either the automount daemon belongs to the context and cannot act on mount requests (assuming the context does not have cap_admin), OR it's outside the context (and does not see the namespace)... or is there some middle ground where it shares the namespace, but not the context? btw, which version (kernel/tools) are you using? This was done on 2.6.10-vs1.9.4 and util 0.30.196. Thanks, Grisha ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Is the VServer the right thing for me?
Hi, how secure is a vserver? I'm working on an opensource project (mainly a php website but also a mailserver and a few scripts are needed) and i should give some people access to a linux-server (apache-configuration and such things). I've only one server and that's my productive one - i don't want to give anyone access to it. Would you give anyone (that you don't know realy good) root-access to a (correctly configured) vserver, when the host-system is a sensible productive system? Thanks for every answer, Oliver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Is the VServer the right thing for me?
hi Oliver, Would you give anyone (that you don't know realy good) root-access to a (correctly configured) vserver, when the host-system is a sensible productive system? As there are a lot of companys outside who sell vServer's on their systems I think - yes you can ;) vServer has mulitple securitty features to prevent people from breaking out of a context - I dont know if there is no way, but at least there is no known one at the moment Oliver -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72 smime.p7s Description: S/MIME Cryptographic Signature ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] automount anyone?
On Wed, Apr 27, 2005 at 11:13:56AM -0400, Gregory (Grisha) Trubetskoy wrote: On Wed, 27 Apr 2005, Herbert Poetzl wrote: On Tue, Apr 26, 2005 at 03:31:33PM -0400, Gregory (Grisha) Trubetskoy wrote: Has anyone here tried using automount with vservers? did you try to mount the autofs 'just' inside the vserver namespace (well, that's what I would do anyways) 'just' would be somewhere after the namespace is created, but before admin cap is removed - i couldn't quite figure out a nice way to do this with util-vserver (fstab doesn't help since automounts are done via the automount command) but even if we did find a place to fire atuomount from - IIRC the capabilities exist per-context. so either the automount daemon belongs to the context and cannot act on mount requests (assuming the context does not have cap_admin), OR it's outside the context (and does not see the namespace)... or is there some middle ground where it shares the namespace, but not the context? the magic word is vnamespace ... btw, which version (kernel/tools) are you using? This was done on 2.6.10-vs1.9.4 and util 0.30.196. please upgrade soon ... HTH, Herbert Thanks, Grisha ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Is the VServer the right thing for me?
Hi Oliver, Would you give anyone (that you don't know realy good) root-access to a (correctly configured) vserver, when the host-system is a sensible productive system? As there are a lot of companys outside who sell vServer's on their systems I think - yes you can ;) ok, that a good point/answer :-)) vServer has mulitple securitty features to prevent people from breaking out of a context - I dont know if there is no way, but at least there is no known one at the moment I'm trying a few days now to get the infomarions from all the papers on linux-vserver.org together ... but it's realy hard to find the red line through all that ... so i'm not realy sure if i've done all correct and if my vserver is secure (i'm no real linux-inside) isolated ... Is there a tool (like testme.sh) that tests the common (maybe also uncommon) possibilities of misconfigurations (like the capabilities and chroot-exploids) from inside the VServer? Thanks! Oliver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] kill: (1) - No such process
Hi Herbert. Still struggling with a ghost init and a horde of zombies... I forgot to tell (on IRC) that I couldn't reboot: init doesn't answer anymore! So I had to push the button :-{ [No alternative, I assume?] The behaviour is still the same unfortunately. I've let the computer do some work for a while (mutt, evolution, emacs, mozilla) No defunct processes. I've started (and stopped) the vserver *once*, now I can't start it anymore, the error is as before: - vcontext: vc_create_context(): File exists An error occured while executing the vserver startup sequence; when there are no other messages, it is very likely that the init-script (/sbin/init) failed. Common causes are: * /etc/rc.d/rc on Fedora Core 1 and RH9 fails always; the 'apt-rpm' build method knows how to deal with this, but on existing installations, appending 'true' to this file will help. - And zombies are starting to crawl again. The first one to appear is [lockfile], followed by another of the same species 10 minutes later. [If that rings a bell for you.] Gilles P.S. I have to leave now, but I'll be back later in the evening, on IRC, if you're willing to investigate what's going on. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Is the VServer the right thing for me?
On Wed, Apr 27, 2005 at 06:49:21PM +0200, Oliver Dietz wrote: Hi Oliver, Would you give anyone (that you don't know realy good) root-access to a (correctly configured) vserver, when the host-system is a sensible productive system? As there are a lot of companys outside who sell vServer's on their systems I think - yes you can ;) ok, that a good point/answer :-)) vServer has mulitple securitty features to prevent people from breaking out of a context - I dont know if there is no way, but at least there is no known one at the moment I'm trying a few days now to get the infomarions from all the papers on linux-vserver.org together ... but it's realy hard to find the red line through all that ... so i'm not realy sure if i've done all correct and if my vserver is secure (i'm no real linux-inside) isolated ... Is there a tool (like testme.sh) that tests the common (maybe also uncommon) possibilities of misconfigurations (like the capabilities and chroot-exploids) from inside the VServer? not yet, but sounds like something useful to me ... any volunteers? best, Herbert Thanks! Oliver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Ssh from and to vservers and host
Btw: I've been googling for the ssh issue and found that this also could be related to not being able to allocate a tty. Last lines of strace ssh germ: open(/etc/ssh/ssh_known_hosts, O_RDONLY) = -1 ENOENT (No such file or directory) open(/dev/tty, O_RDWR)= -1 EACCES (Permission denied) open(/dev/tty, O_RDWR)= -1 EACCES (Permission denied) write(2, Host key verification failed.\r\n, 31Host key verification failed. ) = 31 exit_group(255) = ? I guess is why I can't ssh as a normal user. Note that this is an install as found in the Gentoo guide, http://dev.gentoo.org/~hollow/vserver/guide/. HTH! TIA! -Arjen ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] kill: (1) - No such process
On Wed, Apr 27, 2005 at 07:12:21PM +0200, Gilles wrote: Hi Herbert. Still struggling with a ghost init and a horde of zombies... I forgot to tell (on IRC) that I couldn't reboot: init doesn't answer anymore! So I had to push the button :-{ [No alternative, I assume?] The behaviour is still the same unfortunately. I've let the computer do some work for a while (mutt, evolution, emacs, mozilla) No defunct processes. I've started (and stopped) the vserver *once*, now I can't start it anymore, the error is as before: - vcontext: vc_create_context(): File exists unusual .. but I would conclude that 'somehow' your vserver does something with the init on your host so I would suggest to look for things like ... - devices inside the vserver which should not be there - pipes/fifos leading out of the vserver 99% of such strange issues are caused by bad vserver guest setups ... An error occured while executing the vserver startup sequence; when there are no other messages, it is very likely that the init-script (/sbin/init) failed. Common causes are: * /etc/rc.d/rc on Fedora Core 1 and RH9 fails always; the 'apt-rpm' build method knows how to deal with this, but on existing installations, appending 'true' to this file will help. - And zombies are starting to crawl again. The first one to appear is [lockfile], followed by another of the same species 10 minutes later. [If that rings a bell for you.] which is the result of the 'hanging' host init ... best, Herbert PS: let's continue investigations when you return ... Gilles P.S. I have to leave now, but I'll be back later in the evening, on IRC, if you're willing to investigate what's going on. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Ssh from and to vservers and host
On Wed, Apr 27, 2005 at 07:27:06PM +0200, Arjen wrote: Btw: I've been googling for the ssh issue and found that this also could be related to not being able to allocate a tty. Last lines of strace ssh germ: open(/etc/ssh/ssh_known_hosts, O_RDONLY) = -1 ENOENT (No such file or directory) open(/dev/tty, O_RDWR)= -1 EACCES (Permission denied) open(/dev/tty, O_RDWR)= -1 EACCES (Permission denied) what does the following give (inside the vserver) ls -la /dev/tty and on the host: showattr /vservers/name/dev/tty best, Herbert write(2, Host key verification failed.\r\n, 31Host key verification failed. ) = 31 exit_group(255) = ? I guess is why I can't ssh as a normal user. Note that this is an install as found in the Gentoo guide, http://dev.gentoo.org/~hollow/vserver/guide/. HTH! TIA! -Arjen ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Ssh from and to vservers and host
On 27/4/05 7:54 pm, Herbert Poetzl [EMAIL PROTECTED] wrote: I guess you found the full output by now, I send it to you directly (too big for the list) but for the interested readers, what does the following give (inside the vserver) ls -la /dev/tty $ ls -al /dev/tty* crw-rw 1 root tty 5, 0 Mar 4 14:39 /dev/tty crw--- 1 root tty 4, 0 Mar 4 14:39 /dev/tty0 crw-rw 1 root tty 4, 1 Mar 4 14:39 /dev/tty1 crw-rw 1 root tty 4, 10 Mar 4 14:39 /dev/tty10 crw-rw 1 root tty 4, 11 Mar 4 14:39 /dev/tty11 crw--- 1 root root 4, 12 Apr 27 19:20 /dev/tty12 crw-rw 1 root tty 4, 13 Mar 4 14:39 /dev/tty13 crw-rw 1 root tty 4, 14 Mar 4 14:39 /dev/tty14 crw-rw 1 root tty 4, 15 Mar 4 14:39 /dev/tty15 crw-rw 1 root tty 4, 16 Mar 4 14:39 /dev/tty16 crw-rw 1 root tty 4, 17 Mar 4 14:39 /dev/tty17 crw-rw 1 root tty 4, 18 Mar 4 14:39 /dev/tty18 crw-rw 1 root tty 4, 19 Mar 4 14:39 /dev/tty19 crw-rw 1 root tty 4, 2 Mar 4 14:39 /dev/tty2 crw-rw 1 root tty 4, 20 Mar 4 14:39 /dev/tty20 and on the host: showattr /vservers/name/dev/tty # showattr /vservers/midget/dev/tty ui- /vservers/midget/dev/tty HTH, -Arjen ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Debian vserver on gentoo host
Hi list, First of, this is for fun and learning, so do not break your head about this ;) I'm trying to setup a debian vserver on a gentoo host. After some googling (where did I read this before:) I found the debian-newvserver.sh script, a script that debootstraps a debian vserver on a given dir. I guess there are people here that know this script ;P. I changed it to install a debian-amd64 sarge system (at least I tried to..). But the script breaks while excuting the (/usr/lib64/debootstrap/scripts/)sarge install script, it breaks doing the (dpkg) extract part, note I added the DBG ;) Bla bla, I: Validating wget I: Validating whiptail I: Validating zlib1g I: Validating zlib1g I: Validating zlib1g DBG: extract required I: Extracting base-files... tar: ./lib: Cannot mkdir: Permission denied tar: Error exit delayed from previous errors debian-newvserver.sh.1: error: debootstrap failure. Cannot continue. # ls -al total 1 drwxr-xr-x 34 root root 856 Feb 18 15:59 . d- 7 root root 280 Apr 27 20:42 .. drwxr-xr-x 2 root root 48 Feb 18 15:59 bin drwxr-xr-x 2 root root 48 Feb 18 15:59 boot drwxr-xr-x 2 root root 48 Feb 18 15:59 dev drwxr-xr-x 4 root root 248 Feb 18 15:59 etc drwxrwsr-x 2 root 50 48 Feb 18 15:59 home drwxr-xr-x 2 root root 48 Feb 18 15:59 mnt drwxr-xr-x 2 root root 48 Feb 18 15:59 proc drwxr-xr-x 2 root root 48 Feb 18 15:59 root drwxr-xr-x 2 root root 48 Feb 18 15:59 sbin drwxr-xr-x 2 root root 48 Apr 26 23:52 test drwxrwxrwt 2 root root 48 Feb 18 15:59 tmp drwxr-xr-x 11 root root 264 Feb 18 15:59 usr drwxr-xr-x 11 root root 264 Feb 18 15:59 var # mkdir lib mkdir: cannot create directory `lib': Permission denied # rmdir test # mkdir test # mkdir lib mkdir: cannot create directory `lib': Permission denied # ls -al ./lib ls: ./lib: Permission denied # ls -al total 1 drwxr-xr-x 34 root root 856 Apr 27 21:17 . d- 7 root root 280 Apr 27 20:42 .. drwxr-xr-x 2 root root 48 Feb 18 15:59 bin drwxr-xr-x 2 root root 48 Feb 18 15:59 boot drwxr-xr-x 2 root root 48 Feb 18 15:59 dev drwxr-xr-x 4 root root 248 Feb 18 15:59 etc drwxrwsr-x 2 root 50 48 Feb 18 15:59 home drwxr-xr-x 2 root root 48 Feb 18 15:59 mnt drwxr-xr-x 2 root root 48 Feb 18 15:59 proc drwxr-xr-x 2 root root 48 Feb 18 15:59 root drwxr-xr-x 2 root root 48 Feb 18 15:59 sbin drwxr-xr-x 2 root root 48 Apr 27 21:17 test drwxrwxrwt 2 root root 48 Feb 18 15:59 tmp drwxr-xr-x 11 root root 264 Feb 18 15:59 usr drwxr-xr-x 11 root root 264 Feb 18 15:59 var # Is it me, my system or does dpkg play tricks on me ;)? I've been playing with this and done it multiple times, umounting the partition helped getting rid of this error (I also assumed it tried to create ./lib in the vserver root dir) and I could mkdir ./lib by hand in the vserver root dir. Although the error didn't change while ./lib existed, I would have expected a already exists error, but it kept repeating whats above. Its along time since I've setup or used a debian system since i started emerging my software ;), so I'm not sure whats going on here. There are quiet some pitfalls here I guess, so my obvious question, has anyone done this and willing to share experiences? If not what do you think could be going on here? Cheers, -Arjen Oh just thought of this, would it be a problem trying to do this using reiserfs like I do, I don't think so but you never know ;) ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Ssh from and to vservers and host
On Wed, Apr 27, 2005 at 08:05:20PM +0200, Arjen wrote: On 27/4/05 7:54 pm, Herbert Poetzl [EMAIL PROTECTED] wrote: I guess you found the full output by now, I send it to you directly (too big for the list) but for the interested readers, what does the following give (inside the vserver) ls -la /dev/tty $ ls -al /dev/tty* crw-rw 1 root tty 5, 0 Mar 4 14:39 /dev/tty crw--- 1 root tty 4, 0 Mar 4 14:39 /dev/tty0 crw-rw 1 root tty 4, 1 Mar 4 14:39 /dev/tty1 crw-rw 1 root tty 4, 10 Mar 4 14:39 /dev/tty10 crw-rw 1 root tty 4, 11 Mar 4 14:39 /dev/tty11 crw--- 1 root root 4, 12 Apr 27 19:20 /dev/tty12 crw-rw 1 root tty 4, 13 Mar 4 14:39 /dev/tty13 crw-rw 1 root tty 4, 14 Mar 4 14:39 /dev/tty14 crw-rw 1 root tty 4, 15 Mar 4 14:39 /dev/tty15 crw-rw 1 root tty 4, 16 Mar 4 14:39 /dev/tty16 crw-rw 1 root tty 4, 17 Mar 4 14:39 /dev/tty17 crw-rw 1 root tty 4, 18 Mar 4 14:39 /dev/tty18 crw-rw 1 root tty 4, 19 Mar 4 14:39 /dev/tty19 crw-rw 1 root tty 4, 2 Mar 4 14:39 /dev/tty2 crw-rw 1 root tty 4, 20 Mar 4 14:39 /dev/tty20 interesting, how did all this stuff get into your guest? don't remember what the issue was (because you removed the context) but check if whatever fails is in the tty group and/or if you really want /dev/tty to have thise permissions and/or if you really want/need /dev/tty at all ... HTH, Herbert and on the host: showattr /vservers/name/dev/tty # showattr /vservers/midget/dev/tty ui- /vservers/midget/dev/tty HTH, -Arjen ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Ssh from and to vservers and host
On 27/4/05 10:13 pm, Herbert Poetzl [EMAIL PROTECTED] wrote: On Wed, Apr 27, 2005 at 08:05:20PM +0200, Arjen wrote: On 27/4/05 7:54 pm, Herbert Poetzl [EMAIL PROTECTED] wrote: I guess you found the full output by now, I send it to you directly (too big for the list) but for the interested readers, what does the following give (inside the vserver) ls -la /dev/tty $ ls -al /dev/tty* crw-rw 1 root tty 5, 0 Mar 4 14:39 /dev/tty crw--- 1 root tty 4, 0 Mar 4 14:39 /dev/tty0 crw-rw 1 root tty 4, 1 Mar 4 14:39 /dev/tty1 crw-rw 1 root tty 4, 10 Mar 4 14:39 /dev/tty10 crw-rw 1 root tty 4, 11 Mar 4 14:39 /dev/tty11 crw--- 1 root root 4, 12 Apr 27 19:20 /dev/tty12 crw-rw 1 root tty 4, 13 Mar 4 14:39 /dev/tty13 crw-rw 1 root tty 4, 14 Mar 4 14:39 /dev/tty14 crw-rw 1 root tty 4, 15 Mar 4 14:39 /dev/tty15 crw-rw 1 root tty 4, 16 Mar 4 14:39 /dev/tty16 crw-rw 1 root tty 4, 17 Mar 4 14:39 /dev/tty17 crw-rw 1 root tty 4, 18 Mar 4 14:39 /dev/tty18 crw-rw 1 root tty 4, 19 Mar 4 14:39 /dev/tty19 crw-rw 1 root tty 4, 2 Mar 4 14:39 /dev/tty2 crw-rw 1 root tty 4, 20 Mar 4 14:39 /dev/tty20 interesting, how did all this stuff get into your guest? Following http://dev.gentoo.org/~hollow/vserver/guide/ don't remember what the issue was (because you removed the context) but check if whatever fails is in the tty group and/or if you really want /dev/tty to have thise permissions and/or if you really want/need /dev/tty at all ... Sorry about that, he issue was, Last lines of: strace ssh germ: open(/etc/ssh/ssh_known_hosts, O_RDONLY) = -1 ENOENT (No such file or directory) open(/dev/tty, O_RDWR)= -1 EACCES (Permission denied) open(/dev/tty, O_RDWR)= -1 EACCES (Permission denied) write(2, Host key verification failed.\r\n, 31Host key verification failed. ) = 31 exit_group(255) = ? All my vservers are like this, unlike the host, which is correct I guess: crw-rw-rw- 1 root tty 5, 0 Apr 22 03:11 /dev/tty lrwxrwxrwx 1 root root4 Apr 22 03:11 /dev/tty0 - vc/0 lrwxrwxrwx 1 root root4 Apr 22 03:11 /dev/tty1 - vc/1 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty10 - vc/10 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty11 - vc/11 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty12 - vc/12 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty13 - vc/13 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty14 - vc/14 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty15 - vc/15 etc I'm not sure whats causing this .. I even think I installed host and vservers from the same tarball, could it be that some ebuild uses the (gentoo) vserver use-flag to do this somewhere during install of a vserver? Confused! -Arjen HTH, Herbert and on the host: showattr /vservers/name/dev/tty # showattr /vservers/midget/dev/tty ui- /vservers/midget/dev/tty HTH, -Arjen ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Oracle 10g... any Production Environments on VServer?
Herbert Poetzl wrote: yeah, well, that's the beauty of proprietary services ... btw, postgresql is a very fine alternative to oracle, and this is not just hogwash told by folks who never used oracle before ... but of course YMMV Sadly, Postgres is missing these important features; - bitmap indexes - OLAP query re-writing Without those, our database would run like cold treacle. Sam. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Ssh from and to vservers and host
On Wed, Apr 27, 2005 at 10:57:31PM +0200, Arjen wrote: On 27/4/05 10:13 pm, Herbert Poetzl [EMAIL PROTECTED] wrote: On Wed, Apr 27, 2005 at 08:05:20PM +0200, Arjen wrote: On 27/4/05 7:54 pm, Herbert Poetzl [EMAIL PROTECTED] wrote: I guess you found the full output by now, I send it to you directly (too big for the list) but for the interested readers, what does the following give (inside the vserver) ls -la /dev/tty $ ls -al /dev/tty* crw-rw 1 root tty 5, 0 Mar 4 14:39 /dev/tty crw--- 1 root tty 4, 0 Mar 4 14:39 /dev/tty0 crw-rw 1 root tty 4, 1 Mar 4 14:39 /dev/tty1 crw-rw 1 root tty 4, 10 Mar 4 14:39 /dev/tty10 crw-rw 1 root tty 4, 11 Mar 4 14:39 /dev/tty11 crw--- 1 root root 4, 12 Apr 27 19:20 /dev/tty12 crw-rw 1 root tty 4, 13 Mar 4 14:39 /dev/tty13 crw-rw 1 root tty 4, 14 Mar 4 14:39 /dev/tty14 crw-rw 1 root tty 4, 15 Mar 4 14:39 /dev/tty15 crw-rw 1 root tty 4, 16 Mar 4 14:39 /dev/tty16 crw-rw 1 root tty 4, 17 Mar 4 14:39 /dev/tty17 crw-rw 1 root tty 4, 18 Mar 4 14:39 /dev/tty18 crw-rw 1 root tty 4, 19 Mar 4 14:39 /dev/tty19 crw-rw 1 root tty 4, 2 Mar 4 14:39 /dev/tty2 crw-rw 1 root tty 4, 20 Mar 4 14:39 /dev/tty20 interesting, how did all this stuff get into your guest? Following http://dev.gentoo.org/~hollow/vserver/guide/ don't remember what the issue was (because you removed the context) but check if whatever fails is in the tty group and/or if you really want /dev/tty to have thise permissions and/or if you really want/need /dev/tty at all ... Sorry about that, he issue was, Last lines of: strace ssh germ: open(/etc/ssh/ssh_known_hosts, O_RDONLY) = -1 ENOENT (No such file or directory) open(/dev/tty, O_RDWR)= -1 EACCES (Permission denied) open(/dev/tty, O_RDWR)= -1 EACCES (Permission denied) check that your use is in the tty group, as your last list showed crw-rw 1 root tty 5, 0 Apr 22 03:11 /dev/tty write(2, Host key verification failed.\r\n, 31Host key verification failed. ) = 31 exit_group(255) = ? All my vservers are like this, unlike the host, which is correct I guess: crw-rw-rw- 1 root tty 5, 0 Apr 22 03:11 /dev/tty lrwxrwxrwx 1 root root4 Apr 22 03:11 /dev/tty0 - vc/0 lrwxrwxrwx 1 root root4 Apr 22 03:11 /dev/tty1 - vc/1 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty10 - vc/10 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty11 - vc/11 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty12 - vc/12 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty13 - vc/13 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty14 - vc/14 lrwxrwxrwx 1 root root5 Apr 22 03:11 /dev/tty15 - vc/15 etc well, a vserver guest's /dev should not contain more than the following entries (if it does, then the server is insecure and should not be used ...) full log= null ptmx pts/ random urandom zero and maybe entries for hdv1, tty, console HTH, Herbert PS: I'm on irc ... I'm not sure whats causing this .. I even think I installed host and vservers from the same tarball, could it be that some ebuild uses the (gentoo) vserver use-flag to do this somewhere during install of a vserver? Confused! -Arjen HTH, Herbert and on the host: showattr /vservers/name/dev/tty # showattr /vservers/midget/dev/tty ui- /vservers/midget/dev/tty HTH, -Arjen ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] kill: (1) - No such process
On Thu, Apr 28, 2005 at 12:15:04AM +0200, Gilles wrote: Hello. I've started (and stopped) the vserver *once*, now I can't start it anymore, the error is as before: - vcontext: vc_create_context(): File exists unusual .. but I would conclude that 'somehow' your vserver does something with the init on your host so I would suggest to look for things like ... - devices inside the vserver which should not be there - pipes/fifos leading out of the vserver # ls -al /var/lib/vservers/phony/dev total 1 drwxr-xr-x 3 root root 264 Apr 26 11:46 . drwxr-xr-x 20 root root 504 Apr 26 11:46 .. crw-rw-rw- 1 root root 1, 7 Apr 20 18:46 full prw--- 1 root root0 Apr 27 18:54 initctl crw-rw-rw- 1 root root 1, 3 Apr 20 18:46 null crw-rw-rw- 1 root root 5, 2 Apr 20 18:46 ptmx drwxr-xr-x 2 root root 48 Apr 20 18:46 pts crw-r--r-- 1 root root 1, 8 Apr 20 18:46 random crw-rw-rw- 1 root root 5, 0 Apr 20 18:46 tty crw-r--r-- 1 root root 1, 9 Apr 27 18:53 urandom crw-rw-rw- 1 root root 1, 5 Apr 20 18:46 zero Something wrong with that? Indeed there is one pipe; should it be there or not? How does one know whether it leads to some forbidden place? well, just for a test, I'd remove the initctl ... it should be auto created inside the vserver by init 99% of such strange issues are caused by bad vserver guest setups ... The vserver was built with the debootstrap method; after which I deleted quite some supposedly not indispensable packages. I'm in fact trying to get the cleanest possible setup so that I can use vserver-copy to clone it afterwards. [There used to be a link, somewhere on the vserver pages, to a repository of ready-to-use vservers but it was a dangling link. It would be interesting (?) to have such a repository with general-purpose setups...] well, they come and go, probably because of the amount of data transferred for a single image ... best, Herbert Best regards, Gilles ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Oracle 10g... any Production Environments on VServer?
On Thu, Apr 28, 2005 at 09:48:23AM +1200, Sam Vilain wrote: Herbert Poetzl wrote: yeah, well, that's the beauty of proprietary services ... btw, postgresql is a very fine alternative to oracle, and this is not just hogwash told by folks who never used oracle before ... but of course YMMV Sadly, Postgres is missing these important features; - bitmap indexes - OLAP query re-writing I have absolutely no idea what you are talking about ... but: New Enterprise Features in 7.4 * Hash aggregation in memory to make data warehousing and OLAP queries up to 20 times faster; (they are now at 8.0.1 or later ...) Without those, our database would run like cold treacle. well, there are a bunch of SQL 'features' not present in Oracle either ... so it really depends on the requirements best, Herbert Sam. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Oracle 10g... any Production Environments on VServer?
Herbert Poetzl wrote: Sadly, Postgres is missing these important features; - bitmap indexes - OLAP query re-writing I have absolutely no idea what you are talking about ... but: New Enterprise Features in 7.4 * Hash aggregation in memory to make data warehousing and OLAP queries up to 20 times faster; (they are now at 8.0.1 or later ...) Well, given you asked, and NO THIS ISN'T A FLAMEWAR INVITATION LURKERS :) Bitmap indexes are a simple concept, and last time I checked there were Pg patches for them (using Pg's pluggable index system), but they weren't standard. Looking now, all I see is the occasional question on their mailing list followed by a few clueless replies ('do you mean this...?'). All they are is a B-Tree on the distinct *values* of a column, and then a very long bitmap for each value, one bit for each row in the table, with 1's in the rows where that value is held. A low CPU overhead compression scheme makes these fairly efficient. It means that if you're joining together lots of query conditions on columns with discrete values, it can be reduced to bitwise operations on these very long bitmaps; on a modern CPU the actual expanded bitmap might only actually end up in L1, and the CPU can crank through them at 1.6GHz * 64 * 4 (or however many ALUs your CPU has); still usually limited by IO capability of course. For data mining applications, this saves a *lot* of time, sometimes multiple orders of magnitude. And that's still simple. The OLAP query re-writing is even funkier. OLAP is a generic term for a large range of technologies, so there seems to be some things in there labelled for OLAP. There are lots of tricks that solve the goal of OLAP, no doubt most of which I am ignorant of. But in particular, one thing that Oracle does really nicely is the way you can make a view materialized - ie, the computed view is kept around, rather than being generated as needed. Then, when you perform queries on the original table that Oracle figures out could use the computed view to avoid looking at the original table (or improve speed by using an index, perhaps), then it transparently re-writes the query to instead use the materialized view (assuming you know how to flick all the relevant switches that only advanced Oracle DBAs can reach). The upshot of that is that you can take virtually any regularly repeated query, or hopefully a wide range of common queries, and manually help the database along by telling it what to pre-calculate. And you don't even have to 're-run' the queries when the source data changes - it has support for minimally updating just the bits that changed. Oracle certainly has a significant feature lead on Pg for data mining. Without those, our database would run like cold treacle. well, there are a bunch of SQL 'features' not present in Oracle either ... so it really depends on the requirements Absolutely. I think Oracle stinks as a general purpose application server back-end. It's buggy as a VW convention, heavy as a lead elephant and as snappy as old celery for small transactions. Sam. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Starting vserver kills my X session
Paul S. Gumerman wrote: You might try recompiling the tools without dietlib. That's what I had to do to make things work in x86_64. Until you do that, or use the patch that Herbert supplied, you will have problems. The patches (dietlibc-0.28-syscall.patch and dietlibc-0.28-vserver.patch) don't seem to do anything that would help with the init killing X-keyboard. Other than that I have no problems with using plain dietlibc on amd64... Michal Ludvig -- * Personal homepage: http://www.logix.cz/michal ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Starting vserver kills my X session
Benedikt Boehm wrote: We discovered that /dev/console inside your vserver is evil WRT init. You can either remove /dev/console or rebuild init with /dev/null as console Removed /dev/console in the vserver but no luck. Also tried to mknod /dev/console as the same device as /dev/tty but neither that helped... Michal Ludvig -- * Personal homepage: http://www.logix.cz/michal ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] kill: (1) - No such process
# ls -al /var/lib/vservers/phony/dev total 1 drwxr-xr-x 3 root root 264 Apr 26 11:46 . drwxr-xr-x 20 root root 504 Apr 26 11:46 .. crw-rw-rw- 1 root root 1, 7 Apr 20 18:46 full prw--- 1 root root0 Apr 27 18:54 initctl crw-rw-rw- 1 root root 1, 3 Apr 20 18:46 null crw-rw-rw- 1 root root 5, 2 Apr 20 18:46 ptmx drwxr-xr-x 2 root root 48 Apr 20 18:46 pts crw-r--r-- 1 root root 1, 8 Apr 20 18:46 random crw-rw-rw- 1 root root 5, 0 Apr 20 18:46 tty crw-r--r-- 1 root root 1, 9 Apr 27 18:53 urandom crw-rw-rw- 1 root root 1, 5 Apr 20 18:46 zero Something wrong with that? Indeed there is one pipe; should it be there or not? How does one know whether it leads to some forbidden place? well, just for a test, I'd remove the initctl ... it should be auto created inside the vserver by init Yes, it was created anew. Same behaviour: 1. vserver not running: no defunct processes. 2. start vserver: still no defunct processes. 3. stop vserver: every application closed becomes defunct. 4. impossible to start the vserver again: vcontext: vc_create_context(): File exists. And init is hung (have to reset the computer). Ideas? Thanks and best regards. Gilles ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] kill: (1) - No such process
On Thu, Apr 28, 2005 at 02:53:29AM +0200, Gilles wrote: # ls -al /var/lib/vservers/phony/dev total 1 drwxr-xr-x 3 root root 264 Apr 26 11:46 . drwxr-xr-x 20 root root 504 Apr 26 11:46 .. crw-rw-rw- 1 root root 1, 7 Apr 20 18:46 full prw--- 1 root root0 Apr 27 18:54 initctl crw-rw-rw- 1 root root 1, 3 Apr 20 18:46 null crw-rw-rw- 1 root root 5, 2 Apr 20 18:46 ptmx drwxr-xr-x 2 root root 48 Apr 20 18:46 pts crw-r--r-- 1 root root 1, 8 Apr 20 18:46 random crw-rw-rw- 1 root root 5, 0 Apr 20 18:46 tty crw-r--r-- 1 root root 1, 9 Apr 27 18:53 urandom crw-rw-rw- 1 root root 1, 5 Apr 20 18:46 zero Something wrong with that? Indeed there is one pipe; should it be there or not? How does one know whether it leads to some forbidden place? well, just for a test, I'd remove the initctl ... it should be auto created inside the vserver by init Yes, it was created anew. Same behaviour: 1. vserver not running: no defunct processes. 2. start vserver: still no defunct processes. 3. stop vserver: every application closed becomes defunct. 4. impossible to start the vserver again: vcontext: vc_create_context(): File exists. And init is hung (have to reset the computer). Ideas? well, next step is to trace the entire vserver startup with --debug and strace -fF to figure ... a) what is started and/or executed b) what might reach the init on the host it might also pose useful to turn on the linux-vserver debugging (especially the syscall command switch) best, Herbert Thanks and best regards. Gilles ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Oracle 10g... any Production Environments on VServer?
On Thu, Apr 28, 2005 at 11:40:16AM +1200, Sam Vilain wrote: Herbert Poetzl wrote: Sadly, Postgres is missing these important features; - bitmap indexes - OLAP query re-writing I have absolutely no idea what you are talking about ... but: New Enterprise Features in 7.4 * Hash aggregation in memory to make data warehousing and OLAP queries up to 20 times faster; (they are now at 8.0.1 or later ...) Well, given you asked, and NO THIS ISN'T A FLAMEWAR INVITATION LURKERS :) hehe, actually I have an oracle question to the expert! how do you do simple 'sequence' types without adding an on insert trigger? but I guess this _is_ already very off-topic, so I'd suggest we continue this thread in private ;) Bitmap indexes are a simple concept, and last time I checked there were Pg patches for them (using Pg's pluggable index system), but they weren't standard. Looking now, all I see is the occasional question on their mailing list followed by a few clueless replies ('do you mean this...?'). All they are is a B-Tree on the distinct *values* of a column, and then a very long bitmap for each value, one bit for each row in the table, with 1's in the rows where that value is held. A low CPU overhead compression scheme makes these fairly efficient. It means that if you're joining together lots of query conditions on columns with discrete values, it can be reduced to bitwise operations on these very long bitmaps; on a modern CPU the actual expanded bitmap might only actually end up in L1, and the CPU can crank through them at 1.6GHz * 64 * 4 (or however many ALUs your CPU has); still usually limited by IO capability of course. For data mining applications, this saves a *lot* of time, sometimes multiple orders of magnitude. And that's still simple. The OLAP query re-writing is even funkier. OLAP is a generic term for a large range of technologies, so there seems to be some things in there labelled for OLAP. There are lots of tricks that solve the goal of OLAP, no doubt most of which I am ignorant of. But in particular, one thing that Oracle does really nicely is the way you can make a view materialized - ie, the computed view is kept around, rather than being generated as needed. Then, when you perform queries on the original table that Oracle figures out could use the computed view to avoid looking at the original table (or improve speed by using an index, perhaps), then it transparently re-writes the query to instead use the materialized view (assuming you know how to flick all the relevant switches that only advanced Oracle DBAs can reach). The upshot of that is that you can take virtually any regularly repeated query, or hopefully a wide range of common queries, and manually help the database along by telling it what to pre-calculate. And you don't even have to 're-run' the queries when the source data changes - it has support for minimally updating just the bits that changed. Oracle certainly has a significant feature lead on Pg for data mining. Without those, our database would run like cold treacle. well, there are a bunch of SQL 'features' not present in Oracle either ... so it really depends on the requirements Absolutely. I think Oracle stinks as a general purpose application server back-end. It's buggy as a VW convention, heavy as a lead elephant and as snappy as old celery for small transactions. thanks for the informative explanations! best, Herbert Sam. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver