[Vserver] Re-use of an existing chroot disk to implement some vserver ; -)

2005-12-28 Thread Joel Soete 

Hello all,

For those who could have some interest,
here are just some notes I took for remind of an implementation of a 
linux-vserver on a parisc-linux boxe(s).
(only tested on 32bit up kernel on a c110 and d380 models, though).

This particular execise was to re-use existing chrooted disk(s) already 
debbootstrap, fully populated and customized (i.e. I didn't
want to loose that job ;-) ).

(take care to use it at your own risks ;-) )

0/ References
0.1/ the reference used are:


0.2/ more details learning:


1/ Kernel sources:
1.1/ parisc-linux sources:

(to be sure I also grab some subsequent small patches but not taged before next 
merge :-( )

1.2/ vanilla patch 2.6.14.4:


1.3/ developement linux-vserver patches:
as announced 


+ a fix


This would results in 2 rejected hunk:
* this very small ack should fix a rejected one:
(due to the diff between parisc tree and vanilla one)
--- arch/parisc/kernel/syscall_table.S.orig 2005-09-24 10:40:28.0 
+0200
+++ arch/parisc/kernel/syscall_table.S  2005-12-22 12:26:18.0 +0100
@@ -368,7 +368,7 @@
ENTRY_COMP(mbind)   /* 260 */
ENTRY_COMP(get_mempolicy)
ENTRY_COMP(set_mempolicy)
-   ENTRY_SAME(ni_syscall)  /* 263: reserved for vserver */
+   ENTRY_DIFF(vserver)
ENTRY_SAME(add_key)
ENTRY_SAME(request_key) /* 265 */
ENTRY_SAME(keyctl)
<>

* the second should be get rid (already applied in p-l tree ;-) )

1.4/ build and install as usual the kernel and its modules:
# make oldconfig ; make vmlinux ; make modules ; make install

1.5/ install this kernel and reboot the system with this one.

2/ verser tools: utils-verser

2.1/ grab latest src:


2.2/ build tools tip:

2.2.a/ as for hppa the vserver syscall nr is 263 (and not the default 273) 
either use:
CPPFLAGS="-D__NR_vserver=263" set in the environment
(as recommended  but I 
didn't test it, sorry)

or apply this small hunk:
diff -NaurX /usr/src/dontdiff util-vserver-0.30.209.Orig/lib/syscall-fallback.h
util-vserver-0.30.209.build/lib/syscall-fallback.h--- 
util-vserver-0.30.209.Orig/lib/syscall-fallback.h   2005-10-28
18:09:27.0 +0200
+++ util-vserver-0.30.209.build/lib/syscall-fallback.h  2005-12-11 
12:33:45.0 +0100
@@ -45,7 +45,7 @@
 #elif  defined(__mips__) && (_MIPS_SIM == _MIPS_SIM_NABI32)
 #define __NR_vserver   236
 #elif  defined(__hppa__)
-#define __NR_vserver   *
+#define __NR_vserver   263
 #elif  defined(__powerpc__)
 #define __NR_vserver   257
 #elif  defined(__s390__)
<>

2.2.b/ configure tools as per debian pkg spec:
CFLAGS="-Wall -g  -O2" ./configure \
--build hppa-linux-gnu \
--prefix=/usr --enable-release \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--sysconfdir=/etc \
--disable-dietlibc \
--localstatedir=/var \
--with-vrootdir=/var/lib/vservers

(this get rid of dietlibc which is afaik not available for hppa, though)

2.3/ install tools:
# make
# make install
and as per 'make install' advise:
# make install-distribution

# mkdir /var/lock/subsys


2.4/ install util vserver startup script

# update-rc.d vprocunhide defaults 25 15
# update-rc.d vservers-legacy defaults 90 02
# update-rc.d rebootmgr defaults 30 10
# update-rc.d vservers-default defaults 90 02

and set barrier (assuming it's a new install)
# setattr --barrier /var/lib/vservers

3/ test:
follow here advise of test in above 0/ reference.

4/ Create the vserver skeleton:
# vserver --verbose DebSid build  -m skeleton --hostname hplvsrvr --netdev eth0 
--interface 192.168.248.145/24

(see 0.2/ for details)

5/ Change the existing chroot disk utilization into a vserver:

5.1/ the original mount points were obviously:
#/dev/sdl3  /chroot/bootext3defaults,errors=continue
0   2
#/dev/sdl6  /chroot/var ext3defaults,errors=continue
0   2
#/dev/sdl7  /chroot/tmp ext3defaults,errors=continue
0   2
#/dev/sdl8  /chroot/homeext3defaults,errors=continue
0   2
#/dev/sdl9  /chroot/Develop ext3defaults,errors=continue
0   2

which had to be unmounted (as well as eventual proc and devpts)

5.2/ Backup the related vserver vdirbase

# cd /var/lib/vservers/
# mv DebSid DebSid.Orig
# mkdir DebSid

5.3/ change the mount point of the host fstab

Re: [Vserver] vserver on sparc

2005-12-28 Thread Joel Soete 



Immo 'FaUl' Wehrenberg wrote:

Hi,
I installed Linux-2.6.14.4-vs2.1.0 on a Sun Ultra-Enterprise-2 Workstation
with two UltraSparcII-Processors.


What did you install as util-vserver: debian pkg or your own local build?


Works quite fine (testme.sh:)
Linux-VServer Test [V0.14] Copyright (C) 2003-2005 H.Poetzl
chcontext is working.
chbind is working.
Linux 2.6.14.4-vs2.1.0 sparc64/0.30.209/0.30.209 [Ea] (0)
VCI:  0002:0001 267 03000116
---
[000]# succeeded.
[001]# succeeded.
[011]# succeeded.
[031]# succeeded.
[101]# succeeded.
[102]# succeeded.
[201]# succeeded.
[202]# succeeded.
---
[L01]# succeeded.
[D01]# succeeded.
[L02]# succeeded.
[D02]# succeeded.
[L03]# succeeded.
[D03]# succeeded.
[L11]# succeeded.
[D11]# succeeded.
[L12]# succeeded.
[D12]# succeeded.
[L21]# succeeded.
[D21]# succeeded.
[L22]# succeeded.
[D22]# succeeded.
[L31]# succeeded.
[D31]# succeeded.

and testfs.sh:

Linux-VServer FS Test [V0.10] Copyright (C) 2005 H.Poetzl
Linux 2.6.14.4-vs2.1.0 sparc64/0.30.209
VCI:  0002:0001 267 03000116 (ugid24)
---
testing ext2 filesystem ...
[000]# succeeded.
xattr related tests ...
[101]# succeeded.
[102]# succeeded.
[103]# succeeded.
[104]# succeeded.
[106]# succeeded.
[108]# succeeded.
[109]# succeeded.
[112]# succeeded.
[113]# succeeded.
[114]# succeeded.
[115]# succeeded.
[116]# succeeded.
[117]# succeeded.
[118]# succeeded.
[119]# succeeded.
[121]# succeeded.
[122]# succeeded.
[123]# succeeded.
[124]# succeeded.
[199]# succeeded.
---
testing ext3 filesystem ...
[000]# succeeded.
xattr related tests ...
[101]# succeeded.
[102]# succeeded.
[103]# succeeded.
[104]# succeeded.
[106]# succeeded.
[108]# succeeded.
[109]# succeeded.
[112]# succeeded.
[113]# succeeded.
[114]# succeeded.
[115]# succeeded.
[116]# succeeded.
[117]# succeeded.
[118]# succeeded.
[119]# succeeded.
[121]# succeeded.
[122]# succeeded.
[123]# succeeded.
[124]# succeeded.
[199]# succeeded.
---
testing xfs filesystem ...
[000]# succeeded.
xattr related tests ...
[101]# failed.
---
testing reiser filesystem ...
[000]# succeeded.
xattr related tests ...
[101]# failed.
---
testing jfs filesystem ...
[000]# succeeded.
xattr related tests ...
[101]# failed.


XFS, reiser and jfs failes because there is neither reiserfs nor jfs nor 
xfs-support in the kernel.


So far so well, i created a vserver with

| vserver chaosweb build --interface [...] -m debootstrap -- -d sarge
 which worked quite well, but i experience some errors with starting the
vserver:

| weltzentrale:~#  vserver --debug chaosweb start 
failes with:


| + shift
| + true
| + case "$1" in
| + shift
| + break
| + OPTION_ALL=($OPTION_SILENT $OPTION_VERBOSE $OPTION_DEBUG $OPTION_DEFAULTTTY)
| + SELF=("$0" "[EMAIL PROTECTED]")
| + vserver=chaosweb
| + cmd=start
| + test start '!=' build
| + allow_legacy=
| + case "$vserver" in
| + VSERVER_DIR=/etc/vservers/chaosweb
| + allow_legacy=1
| + test -n 1
| + do_legacy=
| + test '!' -e /etc/vservers/chaosweb/legacy
| + test -d /etc/vservers/chaosweb -o '!' -e /etc/vservers/chaosweb.conf
| + test -z ''
| + test -d /etc/vservers/chaosweb
| + test -e /etc/vservers/chaosweb/name
| + read VSERVER_NAME
| + test start '!=' start -o -n ''
| + isAvoidNamespace /etc/vservers/chaosweb
| + local cfgdir
| + /usr/sbin/vserver-info - FEATURE namespace
| ++ /usr/sbin/vserver-info /etc/vservers/chaosweb CFGDIR
| + cfgdir=/etc/vservers/chaosweb
| + test '!' -e /etc/vservers/chaosweb/namespace
| + return 1
| + exec /usr/sbin/vnamespace --new -- /usr/sbin/vserver nonamespace 
--debug chaosweb start
| wait(): No child processes

Any ideas?
 

mmm, i trust that you didn't missed to set this barrier:
# setattr --barrier /var/lib/vservers

but on my parisc boxes I usualy forgoten to:
/etc/init.d/vprocunhide start

Hth,
Joel
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

[Vserver] Hidden mount - how?

2005-12-28 Thread Guenther Fuchs 
Hi there,

as recommended in amavis configuration I have used an tmpfs mount to
mount memory as tmp for amavisd-new by adding following line to fstab:

| none/var/amavis/tmp tmpfs   size=250m,mode=1777 0 0

For various reasons (and also for other mounts) I'd like to "hide"
this (and other) mount(s) visibility inside the guest - how can this
done? Any ideas?

-- 
regards,

Guenther Fuchs

___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] Hidden mount - how?

2005-12-28 Thread Herbert Poetzl 
On Wed, Dec 28, 2005 at 04:00:24PM +0100, Guenther Fuchs wrote:
> Hi there,
> 
> as recommended in amavis configuration I have used an tmpfs mount to
> mount memory as tmp for amavisd-new by adding following line to fstab:
> 
> | none/var/amavis/tmp tmpfs   size=250m,mode=1777 0 0
> 
> For various reasons (and also for other mounts) I'd like to "hide"
> this (and other) mount(s) visibility inside the guest - how can this
> done? Any ideas?

'define' hide ...

if you want to have mount not show it, just
remove the entry from the mtab (or mount it
with -n) if you want to hide that fact from
/proc/mounts then it's getting trickier ...
(i.e. you will have to patch the kernel)

HTH,
Herbert

> -- 
> regards,
> 
> Guenther Fuchs
> 
> ___
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] Hidden mount - how?

2005-12-28 Thread Guenther Fuchs 
Hi there,

on Wednesday, December 28, 2005 at 16:38 there was posted:

HP> 'define' hide ...

As you defined: "Not visible" to the mount command.

HP> if you want to have mount not show it, just remove the entry from
HP> the mtab (or mount it with -n)

How can this be done by specifying it in the config "fstab"? Sorry for
stupid questioning, never fiddled on that ...

HP> if you want to hide that fact from /proc/mounts then it's getting
HP> trickier ...

That's not necessary for me as /proc/mounts hide original path's from
the host server ;-)

-- 
regards,

Guenther Fuchs

___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] Hidden mount - how?

2005-12-28 Thread Herbert Poetzl 
On Wed, Dec 28, 2005 at 04:44:46PM +0100, Guenther Fuchs wrote:
> Hi there,
> 
> on Wednesday, December 28, 2005 at 16:38 there was posted:
> 
> HP> 'define' hide ...
> 
> As you defined: "Not visible" to the mount command.
> 
> HP> if you want to have mount not show it, just remove the entry from
> HP> the mtab (or mount it with -n)
> 
> How can this be done by specifying it in the config "fstab"? Sorry for
> stupid questioning, never fiddled on that ...

I think you can not do that with fstab (because there
is no option mount would understand), but as I said,
you can either do the mount with the -n command or
'just' modify the mtab file ...

latter can be done with sed, awk, echo, vi ...
by hand, on startup, in the init scripts ...

> HP> if you want to hide that fact from /proc/mounts then it's getting
> HP> trickier ...
> 
> That's not necessary for me as /proc/mounts hide original path's from
> the host server ;-)

yes, that's the default (hide_mount)
but it will show mounts inside the guest server ...

best,
Herbert

> -- 
> regards,
> 
> Guenther Fuchs
> 
> ___
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] Hidden mount - how?

2005-12-28 Thread Guenther Fuchs 
Hi there,

on Wednesday, December 28, 2005 at 17:03 there was posted:

HP> I think you can not do that with fstab
...
HP> 'just' modify the mtab file ...

Okay, have to fiddle init-scripts then ...

>> HP> if you want to hide that fact from /proc/mounts then it's getting
>> HP> trickier ...
>> That's not necessary for me as /proc/mounts hide original path's from
>> the host server ;-)
HP> yes, that's the default (hide_mount)
HP> but it will show mounts inside the guest server ...

It would be fine for me as well if the original (host) path would be
hidden from mtab on mount as well ...

Okay, will fiddle the scripts now.

Thx for looking into anyway!

-- 
regards,

Guenther Fuchs

___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] Re-use of an existing chroot disk to implement some vserver ; -)

2005-12-28 Thread Michael S. Zick 
On Wed December 28 2005 05:43, Joel Soete wrote:
> Hello all,
> 
> For those who could have some interest,
> here are just some notes I took for remind of an implementation of a 
> linux-vserver on a parisc-linux boxe(s).
> (only tested on 32bit up kernel on a c110 and d380 models, though).
> 
> This particular execise was to re-use existing chrooted disk(s) already 
> debbootstrap, fully populated and customized (i.e. I didn't
> want to loose that job ;-) ).
> 
> (take care to use it at your own risks ;-) )
> 
> 0/ References
> 0.1/ the reference used are:
> 
> 
> 0.2/ more details learning:
> 
> 
Joel, Group
Just posted an update of step_step.html 
It is still not complete, but getting closer.

Mike
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] Step by Step Guide to a nano-vserver

2005-12-28 Thread Michael S. Zick 
Joel and Group,
Today's update is available.

Baby-01 now does proper networking,
only the directions where wrong.

All links remain the same - see below.

Mike
On Fri December 23 2005 10:23, Michael S. Zick wrote:
> Group,
> This morning's update is available.
> 
> Also available on-line at:
> 
> 
> Still don't have networking setup in the baby
> vserver correctly.
> 
> Considerations of restricting file access added.
> 
> The download links remain the same.
> 
> 
> The binary image of the loop file:
> 
> 
> Should run on any linux-2.6.14-vs-2.0.1/x686 system.
> Just unpack her and follow the "waking baby" section
> of the directions.
> Should look as if you had started your real machine
> with the command line option: init=/bin/bash
> 
> Now, on to inventing her first clone.
> 
> Enjoy,
> Mike
> ___
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
> 
> 
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver