[Vserver] Socket access
Hello, is it possible to access a daemon on the hostsystem which has its socket inside a vserver? For Example: an Update script is running on the host, which gets activated, when it's socket gets a write signal (I actualy don't know how I should describe it better). MFG Chris ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] compiling failure v2.1.0-pre6 on 2.6.13
Hello, Giving a try to vserver I test the bleding edge patch, I see a supsucious warngin: CC fs/dquot.o fs/dquot.c: In function 'new_dqhash': fs/dquot.c:474: warning: implicit declaration of function 'dprintk' And it end by an error: CC init/version.o LD init/built-in.o LD .tmp_vmlinux1 fs/built-in.o: In function `new_dqhash': : undefined reference to `dprintk' fs/built-in.o: In function `destroy_dqhash': : undefined reference to `dprintk' make[1]: *** [.tmp_vmlinux1] Error 1 make[1]: Leaving directory `/usr/src/linux-2.6.13' make: *** [stamp-build] Error 2 On a Debian sid, gcc-4.0 (GCC) 4.0.2 20050821 vanilla 2.6.13 + patch-2.6.13-vs2.1.0-pre6 Regards. -- Daniel 'NebuchadnezzaR' Dehennin Récupérer ma clef GPG: gpg --keyserver pgp.mit.edu --recv-keys 0x2A408F69 ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] compiling failure v2.1.0-pre6 on 2.6.13
Le 4392 Septembre 1993, Daniel Dehennin a tapoté: Hello, Giving a try to vserver I test the bleding edge patch, I see a supsucious warngin: CC fs/dquot.o fs/dquot.c: In function 'new_dqhash': fs/dquot.c:474: warning: implicit declaration of function 'dprintk' And it end by an error: CC init/version.o LD init/built-in.o LD .tmp_vmlinux1 fs/built-in.o: In function `new_dqhash': : undefined reference to `dprintk' fs/built-in.o: In function `destroy_dqhash': : undefined reference to `dprintk' make[1]: *** [.tmp_vmlinux1] Error 1 make[1]: Leaving directory `/usr/src/linux-2.6.13' make: *** [stamp-build] Error 2 Well the dprintk is undefined so I remove the 2 lines in dquot.c and it's ok now. -- Daniel 'NebuchadnezzaR' Dehennin Récupérer ma clef GPG: gpg --keyserver pgp.mit.edu --recv-keys 0x2A408F69 ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Socket access
On Sat, Sep 10, 2005 at 02:11:23PM +0200, Christopher Westerfield wrote: Hello, Hi Chris! please, next time, avoid thread hijacking, if possible :) (http://en.wikipedia.org/wiki/Thread_Hijacking) is it possible to access a daemon on the hostsystem which has its socket inside a vserver? depends on how you do it .. but basically you can put a daemon on the host inside the network context of a guest, which in turn would allow to reach it quite fine ... For Example: an Update script is running on the host, which gets activated, when it's socket gets a write signal (I actualy don't know how I should describe it better). yes, that should work, the ancient reboot system was based on a pipe between host and guest, which might be simpler alternative in your case ... best, Herbert MFG Chris ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Proc Security in V2.0
On Fri, Sep 09, 2005 at 11:29:32PM +0200, Tor Rune Skoglund wrote: Hi there, Quote http://linux-vserver.org/Proc-Security: Default flagging As of now stable defaults to all proc entries visible everywhere, development and experimental versions default to all proc entries only visible in context 0. thanks, updated that ... It seems like this is still valid for vs2.0 stable, although I would expect it to change to all proc entries hidden. (from the 2.0 patches) config VSERVER_PROC_SECURE boolEnable Proc Security depends on PROC_FS default y help This configures ProcFS security to initially hide non-process entries for all contexts except the main and spectator context (i.e. for all guests), which is a secure default. so we now default to enable the proc security, hiding most entries by default ... At least that would be the logic of having the vprocunhide utility and the default limiting settings in vprocunhide-files (?) At least all proc entries are visible by default on my first vs2.0 Might I be missing something here? well, what patch/kernel? (testme.sh) and more improtant what kernel config? This is a Gentoo host and vserver, using the portage ebuilds for sources and the vserver-new command to make the first vserver. Util-vserver is 208. maybe the gentoo default is wrong? Hollow? best, Herbert Best regards, Tor Rune Skoglund ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] compiling failure v2.1.0-pre6 on 2.6.13
On Sat, Sep 10, 2005 at 05:40:00PM +0200, Daniel 'NebuchadnezzaR' Dehennin wrote: Le 4392 Septembre 1993, Daniel Dehennin a tapoté: Hello, Giving a try to vserver I test the bleding edge patch, I see a supsucious warngin: CC fs/dquot.o fs/dquot.c: In function 'new_dqhash': fs/dquot.c:474: warning: implicit declaration of function 'dprintk' And it end by an error: CC init/version.o LD init/built-in.o LD .tmp_vmlinux1 fs/built-in.o: In function `new_dqhash': : undefined reference to `dprintk' fs/built-in.o: In function `destroy_dqhash': : undefined reference to `dprintk' make[1]: *** [.tmp_vmlinux1] Error 1 make[1]: Leaving directory `/usr/src/linux-2.6.13' make: *** [stamp-build] Error 2 Well the dprintk is undefined so I remove the 2 lines in dquot.c and it's ok now. yep, missed that one, thanks for spotting! best, Herbert -- Daniel 'NebuchadnezzaR' Dehennin Récupérer ma clef GPG: gpg --keyserver pgp.mit.edu --recv-keys 0x2A408F69 ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Proc Security in V2.0
Lørdag 10 september 2005 19:18, skrev Herbert Poetzl: On Fri, Sep 09, 2005 at 11:29:32PM +0200, Tor Rune Skoglund wrote: Default flagging As of now stable defaults to all proc entries visible everywhere, development and experimental versions default to all proc entries only visible in context 0. config VSERVER_PROC_SECURE so we now default to enable the proc security, hiding most entries by default ... Yes, that might have been it. I emerged the 2.6.13 vs2.0 kernel sources, recompiled the kernel, and now it works as expected. Silly me, I didn't save the old .config and cannot tell whether PROC_SECURE was the missing link or not. It's a bit strange though - I _thing_ did check that before the kernel compile, but we'll never know for sure... Other pecularities are: - I always get A timeout occured while waiting for the vserver to finish and it was killed by sending a SIGKILL signal. Please investigate the reasons and/or increase the timeout in apps/vshelper/sync-timeout. on vserver xxx stop. I'm not sure how to debug this. Increasing the timeout didn't help, and I didn't expect it to either - There seems to be problem with the gentoo init.d and/or util-vserver's start-vservers script: (I have edited the init script to see what actually was executed) linuxserver ~ # /etc/init.d/vservers start * Starting vservers of type 'default' ... /usr/lib/util-vserver/start-vservers -m default -j 1 --all --start [ ok ] linuxserver ~ # vserver-stat CTX PROCVSZRSS userTIME sysTIMEUPTIME NAME 0 100 1.9G 0.9G 17m11s21 4m12s17 3h24m27 root server 100 3 6.9M 2.7M 0m01s46 0m01s56 0m50s72 templategentoo linuxserver ~ # /etc/init.d/vservers stop * Stopping all vservers ... /usr/lib/util-vserver/start-vservers -j 1 --all --stop [ ok ] linuxserver ~ # vserver-stat CTX PROCVSZRSS userTIME sysTIMEUPTIME NAME 0 100 1.9G 0.9G 17m11s49 4m12s37 3h24m48 root server 100 3 6.9M 2.7M 0m01s46 0m01s56 1m11s72 templategentoo linuxserver ~ # Vserver still running after start-vserver --all --stop. Removing STOP_ALL in /etc/conf.d/vservers so that it just stops all vserver with mark 'default' did help, but anyway I think --all --stop should work on marked vservers also. Anyway, thanks for the help. Best regards, Tor Rune Skoglund ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Proc Security in V2.0
On Sat, Sep 10, 2005 at 08:06:48PM +0200, Tor Rune Skoglund wrote: Lørdag 10 september 2005 19:18, skrev Herbert Poetzl: On Fri, Sep 09, 2005 at 11:29:32PM +0200, Tor Rune Skoglund wrote: Default flagging As of now stable defaults to all proc entries visible everywhere, development and experimental versions default to all proc entries only visible in context 0. config VSERVER_PROC_SECURE so we now default to enable the proc security, hiding most entries by default ... Yes, that might have been it. I emerged the 2.6.13 vs2.0 kernel sources, recompiled the kernel, and now it works as expected. Silly me, I didn't save the old .config and cannot tell whether PROC_SECURE was the missing link or not. It's a bit strange though - I _thing_ did check that before the kernel compile, but we'll never know for sure... Other pecularities are: - I always get A timeout occured while waiting for the vserver to finish and it was killed by sending a SIGKILL signal. Please investigate the reasons and/or increase the timeout in apps/vshelper/sync-timeout. on vserver xxx stop. I'm not sure how to debug this. Increasing the timeout didn't help, and I didn't expect it to either well, for some reason the guest has still programs running after a shutdown, best check with 'vps auxwww' and look for processes inside your guest (while waiting for the timeout to occur) - There seems to be problem with the gentoo init.d and/or util-vserver's start-vservers script: (I have edited the init script to see what actually was executed) linuxserver ~ # /etc/init.d/vservers start * Starting vservers of type 'default' ... /usr/lib/util-vserver/start-vservers -m default -j 1 --all --start [ ok ] linuxserver ~ # vserver-stat CTX PROCVSZRSS userTIME sysTIMEUPTIME NAME 0 100 1.9G 0.9G 17m11s21 4m12s17 3h24m27 root server 100 3 6.9M 2.7M 0m01s46 0m01s56 0m50s72 templategentoo linuxserver ~ # /etc/init.d/vservers stop * Stopping all vservers ... /usr/lib/util-vserver/start-vservers -j 1 --all --stop [ ok ] linuxserver ~ # vserver-stat CTX PROCVSZRSS userTIME sysTIMEUPTIME NAME 0 100 1.9G 0.9G 17m11s49 4m12s37 3h24m48 root server 100 3 6.9M 2.7M 0m01s46 0m01s56 1m11s72 templategentoo linuxserver ~ # Vserver still running after start-vserver --all --stop. Removing STOP_ALL in /etc/conf.d/vservers so that it just stops all vserver with mark 'default' did help, but anyway I think --all --stop should work on marked vservers also. did you already file a bugreport on savannah? best, Herbert Anyway, thanks for the help. Best regards, Tor Rune Skoglund ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver