[Vserver] Odd exim issue?
Hi all! Using VS 1.9.5 with GRSec on a Debian box and have come across an interesting issue with Exim/Exim's sendmail wrapper... If I su - from root to a user, I can send mail out with mailx, php's mail() function etc etc all fine. However, if I log into the vserver from outside as the user, when I try to do the same operation, I get: 2005-07-01 14:40:16 setrlimit(RLIMIT_NOFILE) failed: Operation not permitted 2005-07-01 14:40:16 setrlimit(RLIMIT_NPROC) failed: Operation not permitted 2005-07-01 14:40:16 unable to set gid=65533 or uid=0 (euid=0): forcing real = effective Can't send mail: sendmail process failed with error code 1 Can anyone help me sort out what's going on here? I have GRSec set to medium security level and have got setGID protection on, but I believe that only affects files? I really need Exim to work for all cases, not just for odd cases. If anyone has seen this or similar before, please help me! :) Google has not been my friend on the issue... Many thanks Gary -- / Gary Wilson, aka dragon/dragonlord/dragonv480\ .'(_.--. e: [EMAIL PROTECTED] MSN: dragonv480 .--._)`. _ | Skype:dragonv480 ICQ:342070475 AIM:dragonv480 | _ `.( `--' w: http://volvo480.northernscum.org.uk `--' ).' \w: http://www.northernscum.org.uk / ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Odd exim issue?
On Fri, Jul 01, 2005 at 02:43:33PM +0100, Gaz Wilson wrote: Hi all! Using VS 1.9.5 with GRSec on a Debian box and have come across an interesting issue with Exim/Exim's sendmail wrapper... what about 2.0-rc4 without grsec? If I su - from root to a user, I can send mail out with mailx, php's mail() function etc etc all fine. However, if I log into the vserver from outside as the user, when I try to do the same operation, I get: 2005-07-01 14:40:16 setrlimit(RLIMIT_NOFILE) failed: Operation not permitted 2005-07-01 14:40:16 setrlimit(RLIMIT_NPROC) failed: Operation not permitted depending on the setup, changing rlimits is not permitted 2005-07-01 14:40:16 unable to set gid=65533 or uid=0 (euid=0): forcing real = effective no idea, probably grsec related Can't send mail: sendmail process failed with error code 1 Can anyone help me sort out what's going on here? I have GRSec set to medium security level and have got setGID protection on, but I believe that only affects files? I really need Exim to work for all cases, not just for odd cases. If anyone has seen this or similar before, please help me! :) Google has not been my friend on the issue... Many thanks best, Herbert Gary -- / Gary Wilson, aka dragon/dragonlord/dragonv480\ .'(_.--. e: [EMAIL PROTECTED] MSN: dragonv480 .--._)`. _ | Skype:dragonv480 ICQ:342070475 AIM:dragonv480 | _ `.( `--' w: http://volvo480.northernscum.org.uk `--' ).' \w: http://www.northernscum.org.uk / ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Limiting a vserver's ressources
Hi, I do run 15 vservers on a AMD Athlon(tm) XP 3000+ with 1gig of RAM. Last night I tried to backup my system remotely using rsync and the system load did temporarly go up to 60 (and higher). Consequently my system was not available for several hours. Therefore I would like to know how I can restrict the ressources a vserver is allowed to use (e.g. ram etc.). Thanks. Best regards, Werner ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
RE: [Vserver] Limiting a vserver's ressources
I tried to backup my system remotely using rsync and the system load did temporarly go up to 60 (and higher). Consequently my system was not available for several hours. Therefore I would like to know how I can restrict the ressources a vserver is allowed to use (e.g. ram etc.). I know this doesn't answer your question; I don't use that feature myself. I do use rsync for my backups, and what I've noticed is that the first time I do a backup it uses a lot of system resources, especially I/O, which causes a high server load. After that, rsync doesn't take too long and there's not much additional load. You may not need the limiting features unless you will be doing a full backup every day, and if you are, don't use rsync. -- Matthew Nuzum [EMAIL PROTECTED] www.followers.net - Makers of Elite Content Management System View samples of Elite CMS in action by visiting http://www.followers.net/portfolio/ ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Limiting a vserver's ressources
Hi, I know this doesn't answer your question; I don't use that feature myself. I do use rsync for my backups, and what I've noticed is that the first time I do a backup it uses a lot of system resources, especially I/O, which causes a high server load. After that, rsync doesn't take too long and there's not much additional load. my rsync (4 million files) run did take very long and stopped the machine from responding. You may not need the limiting features unless you will be doing a full backup every day, and if you are, don't use rsync. I now need to do a full backup as this is a new server. Obviously I will do incremental backups in the near future but not now :-) Thanks. Bye, Werner. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Limiting a vserver's ressources
Hi Werner, I now need to do a full backup as this is a new server. Obviously I will do incremental backups in the near future but not now :-) When you issue the rsync command form the source machine you can try a nice so it will not eat all your cpu. For other solutions dig the archives of the list - there are actually two approaches. 1: set the ulimit for the server to limit mem/cpu usage 2: use the vsched options (there was a thread on the list some weeks ago, http://list.linux-vserver.org/archive/vserver/msg09262.html or google for vsched ) Oliver -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72 smime.p7s Description: S/MIME Cryptographic Signature ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver