[Vserver] localhost inside a guest
hi, it seems possible to have localhost inside a guest. here is what I did interface/0 dev - lo ip - 127.0.0.1 prefix - 32 but when a daemon binds to a localhost port and the guest has external interface, I'm able to access that service using guest external IP. I just want to verify is this the case or perhaps something's wrong with my service configuration (already checked twice) best, --Alex ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] multiple interfaces and subnets/limit resource question(rlimits)
On Thu, 02 Feb 2006 16:08:40 +0100 "J.Paechnatz" <[EMAIL PROTECTED]> wrote: > I played with the rlimits, rss/as are working fine. but how could I > limit cpu usage, for example 25% of the hosts cpu capacity? the cpu > directive is for cpu time in secondshow much is realistic!? and how > it's measured? - scheduler parameters (http://linux-vserver.org/Scheduler+Parameters) - flags (http://linux-vserver.org/Caps+and+Flags) - mini-howto (http://list.linux-vserver.org/archive/vserver/msg08478.html) scheduler parameter hints * echo sched_prio >>/etc/vservers//flags * editor /etc/vservers//schedule * format: o token fill rate (tokens/interval) o token fill interval (jiffies) o initial tokens o minimum tokens (timeout length) o maximum tokens (burst length) o don't care * cat /proc/virtual/$(cat /etc/vservers//run)/sched corey -- [EMAIL PROTECTED] ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: 2.6.16-rc1-vs2.1.0.9 latest test on parisc
On Thu, Feb 02, 2006 at 08:08:38PM -0600, Michael S. Zick wrote: > On Thu February 2 2006 19:32, Herbert Poetzl wrote: > > On Thu, Feb 02, 2006 at 04:33:16PM -0600, Michael S. Zick wrote: > > > On Thu February 2 2006 14:09, Herbert Poetzl wrote: > > > > On Thu, Feb 02, 2006 at 02:29:38PM -0500, Micah Anderson wrote: > > > > > > > > > > > > > > > > > > really depends on the dietlibc, but I'd assume it > > > > > > is _still_ broken on HPPA, nevertheless the glibc > > > > > > is _not_ a good alternative, although it _might_ > > > > > > work for simple things. > > > > > > > > > > I guess we can find out when Joel sends results of tests? > > > > > > > > possible, well, testme and testfs will not > > > > detect the insecurities introduced by glibc > > > > > > > Are there any tests available to check for these glibc problems? > > > > I don't know of explicit tests, but it should be > > possible to create some, given that somebody wants > > to spend time on it ... > > > > > If not, perhaps a pointer or two into the mail archives on > > > the subject or pointer(s) to a discussion of the problems found? > > > > http://list.linux-vserver.org/archive/vserver/msg09379.html > > (there are others, just goolge for it) > Thanks, now I read what the concerns are. . . > > That message is about the date of glibc-2.3.2 - current is 2.3.6 > > There has been a fair number of changes done between those versions. > Some affecting getpwnam() and friends when used in staticly linked > programs. well, please also check how 'small' the statically linked tools would be when linked against recent glibc (statically of course :) > I think both of the mentioned restrictions can now be enforced. would be good as a last resort when dietlibc is failing (as it is currently the case for parisc) > Let me spend some time on checking that statement before I go too > far out on a limb. please do so, and keep us posted ... thanks, Herbert > Mike > > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: 2.6.16-rc1-vs2.1.0.9 latest test on parisc
On Thu February 2 2006 19:32, Herbert Poetzl wrote: > On Thu, Feb 02, 2006 at 04:33:16PM -0600, Michael S. Zick wrote: > > On Thu February 2 2006 14:09, Herbert Poetzl wrote: > > > On Thu, Feb 02, 2006 at 02:29:38PM -0500, Micah Anderson wrote: > > > > > > > > > > > > > > > really depends on the dietlibc, but I'd assume it > > > > > is _still_ broken on HPPA, nevertheless the glibc > > > > > is _not_ a good alternative, although it _might_ > > > > > work for simple things. > > > > > > > > I guess we can find out when Joel sends results of tests? > > > > > > possible, well, testme and testfs will not > > > detect the insecurities introduced by glibc > > > > > Are there any tests available to check for these glibc problems? > > I don't know of explicit tests, but it should be > possible to create some, given that somebody wants > to spend time on it ... > > > If not, perhaps a pointer or two into the mail archives on > > the subject or pointer(s) to a discussion of the problems found? > > http://list.linux-vserver.org/archive/vserver/msg09379.html > (there are others, just goolge for it) > Thanks, now I read what the concerns are. . . That message is about the date of glibc-2.3.2 - current is 2.3.6 There has been a fair number of changes done between those versions. Some affecting getpwnam() and friends when used in staticly linked programs. I think both of the mentioned restrictions can now be enforced. Let me spend some time on checking that statement before I go too far out on a limb. Mike ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] weird error when creating a new vserver
On Fri, Feb 03, 2006 at 02:28:33AM +0200, Dimitris Zilaskos wrote: > > Hi, > > I have just setup a new box with gentoo and vserver: > > uname -an: > > Linux opteron 2.6.15.1-vs2.1.0.5.1 #531 SMP Tue Jan 31 18:49:53 EET 2006 > i686 Dual Core AMD Opteron(tm) Processor 275 AuthenticAMD GNU/Linux > > equery list vserver: > > [ Searching for package 'vserver' in all categories among: ] > * installed packages > [I--] [ ] sys-cluster/util-vserver-0.30.209-r1 (0) > > In an older Genotoo system the following command works fine but on the > new one fails: > > vserver opteron1 build -m apt-rpm --hostname=opteron1.physics.auth.gr > --interface opteron1=eth0:10.208.123.12/24 -- -d fc4 > /usr/lib/util-vserver/functions: line 206: -n: command not found no immediate idea, but IIRC, 0.30.210-r1 is out there? anyway, you should add a context id to your line above i.e. something like --context 42 best, Herbert > Any ideas ? > > TIA, > > -- > > > Dimitris Zilaskos > > Department of Physics @ Aristotle University of Thessaloniki , Greece > PGP key : http://tassadar.physics.auth.gr/~dzila/pgp_public_key.asc > http://egnatia.ee.auth.gr/~dzila/pgp_public_key.asc > MD5sum : de2bd8f73d545f0e4caf3096894ad83f pgp_public_key.asc > > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Proc problem
On Thu, Feb 02, 2006 at 07:09:06PM +0100, Norbert Klamann (pr) wrote: > Hello all, > i have some trouble with vservers. I use debian sarge and proceeded > verbatim along this instructions > http://linux-vserver.org/Step-by-Step+Guide+2.6 > > including the versions mentioned there. > > Everything goes fine except this step : > > # It's a good point to fix the /proc entries for the guests > /etc/init.d/vprocunhide restart > > > vprocunhide does not exist there > > I tried make install-distribution but no avail. > > > testme.sh works fine > > > I create a vserver based on sarge and clean up the init-scripts as > recommended. > > When I start the server I get the following error: /proc/uptime cannot > be accessed. Usually etc . > > The script exists in the source directory of the alpha-tools but I am > stucked here. Can you help me ? IIRC, after you ./configured and built (make) the tools (util-vserver) you do the 'make install' which installs the binaries and scripts, and writes a short message which informs you to do the distro specific install too 'make install-distribution' which should setup scripts and helpers (sysv) for your distribution (see README for details) after that, whatever path was configured for your install (they are somewhat strange on debian, but check with 'vserver-info - SYSINFO' if you didn't look at the ./configure output), will contain the vprocunhide runlevel script, which just has to be executed once at system startup ... HTH, Herbert > I try no to switch off the PROC in thge kernel options but I have to > admit that I am not shure what I am doing there... > > Thanks for listening > > > > > > -- > Greetings > > Norbert > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: 2.6.16-rc1-vs2.1.0.9 latest test on parisc
On Thu, Feb 02, 2006 at 04:33:16PM -0600, Michael S. Zick wrote: > On Thu February 2 2006 14:09, Herbert Poetzl wrote: > > On Thu, Feb 02, 2006 at 02:29:38PM -0500, Micah Anderson wrote: > > > > > > > > > > > > really depends on the dietlibc, but I'd assume it > > > > is _still_ broken on HPPA, nevertheless the glibc > > > > is _not_ a good alternative, although it _might_ > > > > work for simple things. > > > > > > I guess we can find out when Joel sends results of tests? > > > > possible, well, testme and testfs will not > > detect the insecurities introduced by glibc > > > Are there any tests available to check for these glibc problems? I don't know of explicit tests, but it should be possible to create some, given that somebody wants to spend time on it ... > If not, perhaps a pointer or two into the mail archives on > the subject or pointer(s) to a discussion of the problems found? http://list.linux-vserver.org/archive/vserver/msg09379.html (there are others, just goolge for it) IMHO dietlibc isn't a bad choice after all, although I was initially annoyed by the change, why? - we get smaller binaries - we can easily test on various platforms as diet has excellent support for cross compiling - the resulting code is somewhat efficient, so much simpler to debug than glibc - we get the 'security' of statically linked executables (which means we do not have to worry) - we do not have to struggle with distro specific libc modifications or features (or lack thereof) best, Herbert > Mike > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] weird error when creating a new vserver
Hi, I have just setup a new box with gentoo and vserver: uname -an: Linux opteron 2.6.15.1-vs2.1.0.5.1 #531 SMP Tue Jan 31 18:49:53 EET 2006 i686 Dual Core AMD Opteron(tm) Processor 275 AuthenticAMD GNU/Linux equery list vserver: [ Searching for package 'vserver' in all categories among: ] * installed packages [I--] [ ] sys-cluster/util-vserver-0.30.209-r1 (0) In an older Genotoo system the following command works fine but on the new one fails: vserver opteron1 build -m apt-rpm --hostname=opteron1.physics.auth.gr --interface opteron1=eth0:10.208.123.12/24 -- -d fc4 /usr/lib/util-vserver/functions: line 206: -n: command not found Any ideas ? TIA, -- Dimitris Zilaskos Department of Physics @ Aristotle University of Thessaloniki , Greece PGP key : http://tassadar.physics.auth.gr/~dzila/pgp_public_key.asc http://egnatia.ee.auth.gr/~dzila/pgp_public_key.asc MD5sum : de2bd8f73d545f0e4caf3096894ad83f pgp_public_key.asc ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Proc problem
Hello. > > Everything goes fine except this step : > > # It's a good point to fix the /proc entries for the guests > /etc/init.d/vprocunhide restart > > > vprocunhide does not exist there > That script is to be run on the _host_ (part of "util-vserver" package). Best, Gilles ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] FC4 guest important vixie-cron hint
Hi there, as stated in the HowTo - crond just got updated and replaced the modified /etc/pam.d/crond file. So if you're running vixie-cron (on a FC4 guest) you need again to comment out the "pam_loginuid.so" line as stated: http://linux-vserver.org/VServer+installation+Fedora+Core+4#g6 -- regards 'n greez, Guenther Fuchs (aka "muh" and "powerfox") ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: 2.6.16-rc1-vs2.1.0.9 latest test on parisc
On Thu February 2 2006 14:09, Herbert Poetzl wrote: > On Thu, Feb 02, 2006 at 02:29:38PM -0500, Micah Anderson wrote: > > > > > > > > > really depends on the dietlibc, but I'd assume it > > > is _still_ broken on HPPA, nevertheless the glibc > > > is _not_ a good alternative, although it _might_ > > > work for simple things. > > > > I guess we can find out when Joel sends results of tests? > > possible, well, testme and testfs will not > detect the insecurities introduced by glibc > Are there any tests available to check for these glibc problems? If not, perhaps a pointer or two into the mail archives on the subject or pointer(s) to a discussion of the problems found? Mike ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Proc problem
Hello all, i have some trouble with vservers. I use debian sarge and proceeded verbatim along this instructions http://linux-vserver.org/Step-by-Step+Guide+2.6 including the versions mentioned there. Everything goes fine except this step : # It's a good point to fix the /proc entries for the guests /etc/init.d/vprocunhide restart vprocunhide does not exist there I tried make install-distribution but no avail. testme.sh works fine I create a vserver based on sarge and clean up the init-scripts as recommended. When I start the server I get the following error: /proc/uptime cannot be accessed. Usually etc . The script exists in the source directory of the alpha-tools but I am stucked here. Can you help me ? I try no to switch off the PROC in thge kernel options but I have to admit that I am not shure what I am doing there... Thanks for listening -- Greetings Norbert ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: 2.6.16-rc1-vs2.1.0.9 latest test on parisc
On Thu, Feb 02, 2006 at 02:29:38PM -0500, Micah Anderson wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Herbert Poetzl wrote: > > On Thu, Feb 02, 2006 at 09:33:12AM +0100, Joel Soete wrote: > >>On toh for my private build from upstream src (on going to build latest > >>0.30.210), I disabled use of dietlibc (not yet available for hppa at this > >>time) and all seems to works fine. > > > > > > really depends on the dietlibc, but I'd assume it > > is _still_ broken on HPPA, nevertheless the glibc > > is _not_ a good alternative, although it _might_ > > work for simple things. > > I guess we can find out when Joel sends results of tests? possible, well, testme and testfs will not detect the insecurities introduced by glibc > > PS: I hope that dietlibc on hppa will be fixed soon. > > Have the issues on HPPA been brought to the dietlibc developers? yes, but AFAICT, they were ignored ... best, Herbert > micah > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.2 (GNU/Linux) > > iD8DBQFD4l2h9n4qXRzy1ioRAsKMAKCv8YQr/D/9YQDQc/XOAQO/pJwe2wCggmD+ > sRKaersGBPipGCipwjTdHP0= > =YeQB > -END PGP SIGNATURE- > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] BME and CoW as split patches available?
On Thu, 2006-02-02 at 15:20 +0100, Wilhelm Meier wrote: > is the argument good enough for you to supply the split bme and cow patches > for 2.6.15? 2.6.15? That's like ancient history, man. There's a historic release here; it's for a much older release, but maybe it will apply without much modification needed http://www.13thfloor.at/vserver/s_rel26/v2.01/split-2.6.14.3-vs2.01.tar.gz There's also one against the ageing 2.6.16-rc1: http://vserver.13thfloor.at/Experimental/del-2.6.16-rc1-vs2.1.0.9/ (see 36-bme and 37-cow) (note: Experimental/ URIs not guaranteed to be around next month or week) Try them, see if they work. Sam. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: 2.6.16-rc1-vs2.1.0.9 latest test on parisc
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Herbert Poetzl wrote: > On Thu, Feb 02, 2006 at 09:33:12AM +0100, Joel Soete wrote: >>On toh for my private build from upstream src (on going to build latest >>0.30.210), I disabled use of dietlibc (not yet available for hppa at this >>time) and all seems to works fine. > > > really depends on the dietlibc, but I'd assume it > is _still_ broken on HPPA, nevertheless the glibc > is _not_ a good alternative, although it _might_ > work for simple things. I guess we can find out when Joel sends results of tests? > PS: I hope that dietlibc on hppa will be fixed soon. Have the issues on HPPA been brought to the dietlibc developers? micah -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFD4l2h9n4qXRzy1ioRAsKMAKCv8YQr/D/9YQDQc/XOAQO/pJwe2wCggmD+ sRKaersGBPipGCipwjTdHP0= =YeQB -END PGP SIGNATURE- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Q: Using the vserver list for kernel development.
On Thu, Feb 02, 2006 at 10:55:53AM -0700, Eric W. Biederman wrote: > > I have recently been doing some vserver related kernel development > but have had no luck CC my patches to the vserver list. This > last round because I CC to many interested parties. > > Is the vserver list supposed to be a place where we can post > patches for discussion? IMHO yes, so please if possible, make that happen ... thanks, Herbert > Eric > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: 2.6.16-rc1-vs2.1.0.9 latest test on parisc
On Thu February 2 2006 12:21, Micah Anderson wrote: > > Joel, > - - - snip > > What is "toh"? I would prefer to use dietlibc if possible as it seems to > be required to handle some corner security issues. > (on) The Other Hand Mike > > (But tbh I'm still ignoring what kind of pb am I supposed to encounter) > > I'm sorry, I am not able to parse your acronyms! > ? -ENOACRO ? Mike ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: 2.6.16-rc1-vs2.1.0.9 latest test on parisc
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joel, Please do not hijack threads, it is better to start a new thread with a new subject. If you use an existing thread to talk about something completely different than the thread's subject, it causes a lot of problems with mail and news readers. Also, you cannot just change the subject line to create a new thread. Most news and mail readers use other headers such as References: to track and build the thread of messages by message ID, and changing the subject line does not change the actual threading. Therefore, one should always compose a new (and therefore reference-free) message when changing topics. Joel Soete wrote: > Hello Micah, > > I just read the changelog of your debian's pkg upload (util-vserver > (0.30.209-2) unstable) and btw discover: > o it was re-enable for hppa ;-) > o and it's build with dietlibc (now available also for this arch too) > > So my question is: was it already tested on this arch? No, it was re-enabled after a long period of being disabled, and needs to be tested by someone with that arch. If you can test it, it would be appreciated. > On toh for my private build from upstream src (on going to build latest > 0.30.210), I disabled use of dietlibc (not yet available for hppa at this > time) and all seems to works fine. What is "toh"? I would prefer to use dietlibc if possible as it seems to be required to handle some corner security issues. > (But tbh I'm still ignoring what kind of pb am I supposed to encounter) I'm sorry, I am not able to parse your acronyms! Micah -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFD4k2f9n4qXRzy1ioRAgE+AKCNSjFwgU3YR7xsSM2AfJtPuUPtRwCggTFq bpj4fogMkfkdDx9Uh8gM2Yo= =k4Fm -END PGP SIGNATURE- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Q: Using the vserver list for kernel development.
I have recently been doing some vserver related kernel development but have had no luck CC my patches to the vserver list. This last round because I CC to many interested parties. Is the vserver list supposed to be a place where we can post patches for discussion? Eric ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] multiple interfaces and subnets/limit resource question(rlimits)
hi there... my vserver host has some interfaces connected to some subnets. my vserver guest reside on a specific interface with an ip address of the hosts subnet. example: host server two interfaces: eth7 192.168.80.15 (set via half-static dhcp, behaviour with pure static address is the same) eth7:vt1 192.168.80.8 eth8 192.168.8.122 eth8:dg1 192.168.8.121 I used the name setting for the vserver's to make it more transparent (vt1 for vtest and dg1 for dguard) the routing on the host works as expected. route -n shows the following: Kernel IP Routentabelle ZielRouter Genmask Flags Metric RefUse Iface 192.168.80.00.0.0.0 255.255.255.0 U 0 00 eth7 192.168.8.0 0.0.0.0 255.255.255.0 U 0 00 eth8 0.0.0.0 192.168.8.1 0.0.0.0 UG0 00 eth8 the vservers: vtest: interface eth7:vt1 route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 192.168.80.00.0.0.0 255.255.255.0 U 0 00 eth7 192.168.8.0 0.0.0.0 255.255.255.0 U 0 00 * 0.0.0.0 0.0.0.0 0.0.0.0 UG0 00 * could only reach own subnet. route does not allow changes!? dguard: interface eth8:dg1 Kernel IP Routentabelle ZielRouter Genmask Flags Metric RefUse Iface 192.168.80.00.0.0.0 255.255.255.0 U 0 00 * 192.168.8.0 0.0.0.0 255.255.255.0 U 0 00 eth8 0.0.0.0 192.168.8.1 0.0.0.0 UG0 00 eth8 could not reach .80.0 subnet. rout does not allow changes too!? I read some information about "wrong" behaviour with multiple subnets. as you could the machine has a lot interfaces, only two are setup in the moment, but the others will follow soon. any ideas how to setup routing/interfaces of the vservers correctly? I played with the rlimits, rss/as are working fine. but how could I limit cpu usage, for example 25% of the hosts cpu capacity? the cpu directive is for cpu time in secondshow much is realistic!? and how it's measured? thanks! cu joh. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] tagxid mount option
Herbert Poetzl schrieb: On Thu, Feb 02, 2006 at 07:59:18AM +0100, J.Paechnatz wrote: Herbert Poetzl schrieb: how did you try? (i.e. what filesystem, which partition, what options) /dev/sda1 / ext3 defaults,tagxid,errors=remount-ro 0 1 gives failures on reboot, leaving / unaccessible, I have to boot from cdrom and correct (remove the tagxid option) the fstab. well, that's a problem with your distro basically ... here a short explanation _what_ happens: ...cut-off tons of useful information... wow thanks again. and yes, I know that many folks nowadays have _everything_ on a single partition, which I personally consider _very_ dangerous, and I'm not speaking about the guest partition here ... yep I know. changed. It know has it's own partition and tagxid is working fine! I set disklimits for each vserver residing in an extra context. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] BME and CoW as split patches available?
On Thu, Feb 02, 2006 at 03:20:35PM +0100, Wilhelm Meier wrote: > Am Donnerstag, 2. Februar 2006 13:39 schrieb Herbert Poetzl: > > On Thu, Feb 02, 2006 at 01:29:54PM +0100, Wilhelm Meier wrote: > > > Am Donnerstag, 2. Februar 2006 12:09 schrieb Herbert Poetzl: > > > > > And for kernel 2.6.15? > > > > > > > > nope, not publicly available atm, if you can make > > > > a good argument, we can arrange something though. > > > > > > Well, ... > > > I thought it would be interesting to look if it works together with > > > the new beta OpenVZ-2.6.15 patches and unification of OpenVZ VPSes. > > > Just curious. > > > > well, let us know how it goes ... > > is the argument good enough for you to supply the split bme and cow > patches for 2.6.15? close, but no banana! best, Herbert > > best, > > Herbert > > > > > thx, > > > Wilhelm > > > -- > > > Wilhelm Meier > > > email: [EMAIL PROTECTED] > > > ___ > > > Vserver mailing list > > > Vserver@list.linux-vserver.org > > > http://list.linux-vserver.org/mailman/listinfo/vserver > > -- > -- > Wilhelm Meier > email: [EMAIL PROTECTED] > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] BME and CoW as split patches available?
Am Donnerstag, 2. Februar 2006 13:39 schrieb Herbert Poetzl: > On Thu, Feb 02, 2006 at 01:29:54PM +0100, Wilhelm Meier wrote: > > Am Donnerstag, 2. Februar 2006 12:09 schrieb Herbert Poetzl: > > > > And for kernel 2.6.15? > > > > > > nope, not publicly available atm, if you can make > > > a good argument, we can arrange something though. > > > > Well, ... > > I thought it would be interesting to look if it works together with > > the new beta OpenVZ-2.6.15 patches and unification of OpenVZ VPSes. > > Just curious. > > well, let us know how it goes ... is the argument good enough for you to supply the split bme and cow patches for 2.6.15? > > best, > Herbert > > > thx, > > Wilhelm > > -- > > Wilhelm Meier > > email: [EMAIL PROTECTED] > > ___ > > Vserver mailing list > > Vserver@list.linux-vserver.org > > http://list.linux-vserver.org/mailman/listinfo/vserver -- -- Wilhelm Meier email: [EMAIL PROTECTED] ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] BME and CoW as split patches available?
On Thu, Feb 02, 2006 at 01:29:54PM +0100, Wilhelm Meier wrote: > Am Donnerstag, 2. Februar 2006 12:09 schrieb Herbert Poetzl: > > > > > > And for kernel 2.6.15? > > > > nope, not publicly available atm, if you can make > > a good argument, we can arrange something though. > > Well, ... > I thought it would be interesting to look if it works together with > the new beta OpenVZ-2.6.15 patches and unification of OpenVZ VPSes. > Just curious. well, let us know how it goes ... best, Herbert > thx, > Wilhelm > -- > Wilhelm Meier > email: [EMAIL PROTECTED] > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] vhashify on Debian / CoW links not breaking on chmod/chown?
On Thu, Feb 02, 2006 at 01:02:51PM +0100, Grzegorz Nosek wrote: > 2006/2/1, Herbert Poetzl <[EMAIL PROTECTED]>: > > > - If I modify a file's contents the CoW link is broken properly but > > > after a chmod or chown the link is not broken and I get -EPERM (as the > > > files are marked immutable) - is this expected behaviour? In such a > > > situation the links aren't exactly CoW... > > > > interesting observation, well, strictly speaking > > chmod or chow are no writes, so CoW is not involved, > > but I will look into extending the CoW behaviour > > to those operations in the future ... > > Yeah, I know chown isn't really a write but I thought (or maybe I > felt) that unification shouldn't ever cause an -EPERM error (just > break the link instead). > > It definitely isn't a show stopper for me as I found this behaviour > after unifying a bit too much of the test vservers but it would be a > nice feature to have. I came across this when one of my postinstall > scripts barfed when it tried to sanitise permissions on some files > (just a blind chown/chmod without prior testing). yea, shouldn't be too hard to allow for that ... > BTW, how does the unification react to files owned by different users? > i.e. /some/file is totally identical between two vservers (wrt. > contents, timestamps and access mode) but is owned by different users > (e.g. root:admin on both but on one group admin is gid 7000 and on the > other it is 8000 or whatever). AIUI it won't be unified at all, right? yes, identical files with different inode attributes have to be considered 'different' and (hopefully) will not be unified ... best, Herbert > Best regards, > Grzegorz Nosek > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] vservers don't start after update to 2.01
On Thu, Feb 02, 2006 at 12:52:58PM +0100, Jens Holze wrote: [a lot of stuff zapped here] > > try to configure the tools with the following > > ./configure line instead (after you uninstalled > > the currently installed ones wit e.g. make uninstall) > > > > ./configure --prefix=/usr --sysconfdir=/etc > > --localstatedir=/var --with-vrootdir=/vservers > > > > then please try again ... > > I was busy with some other stuff but today I managed to do that. I > uninstalled the tools and then configured them anew with the dirs you > send me. Then I installed it from ground up BUT it still doesn't work. > Same error message, no change at all. > > > rationale: we found a very strange bug, which > > makes tools configured with --prefix=/ act like > > drunk ... > > Yeah, that description fits. But if even a fully new installation > doesn't fix it what else could I try? hmm, best pay a visit to the IRC channel (#vserver @ irc.oftc.net) so we can try to figure what it is, that makes your config so special :) best, Herbert > Regards, > > Jens > > > HTH, > > Herbert ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] vhashify on Debian / CoW links not breaking on chmod/chown?
2006/2/1, Herbert Poetzl <[EMAIL PROTECTED]>: > > - If I modify a file's contents the CoW link is broken properly but > > after a chmod or chown the link is not broken and I get -EPERM (as the > > files are marked immutable) - is this expected behaviour? In such a > > situation the links aren't exactly CoW... > > interesting observation, well, strictly speaking > chmod or chow are no writes, so CoW is not involved, > but I will look into extending the CoW behaviour > to those operations in the future ... > Yeah, I know chown isn't really a write but I thought (or maybe I felt) that unification shouldn't ever cause an -EPERM error (just break the link instead). It definitely isn't a show stopper for me as I found this behaviour after unifying a bit too much of the test vservers but it would be a nice feature to have. I came across this when one of my postinstall scripts barfed when it tried to sanitise permissions on some files (just a blind chown/chmod without prior testing). BTW, how does the unification react to files owned by different users? i.e. /some/file is totally identical between two vservers (wrt. contents, timestamps and access mode) but is owned by different users (e.g. root:admin on both but on one group admin is gid 7000 and on the other it is 8000 or whatever). AIUI it won't be unified at all, right? Best regards, Grzegorz Nosek ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] vservers don't start after update to 2.01
2006/1/27, Herbert Poetzl <[EMAIL PROTECTED]>: > On Fri, Jan 27, 2006 at 11:15:43AM +0100, Jens Holze wrote: > > 2006/1/25, Herbert Poetzl <[EMAIL PROTECTED]>: > > > On Wed, Jan 25, 2006 at 12:45:55PM +0100, Jens Holze wrote: > > > > 2006/1/13, Jens Holze <[EMAIL PROTECTED]>: > > > > > 2006/1/11, Herbert Poetzl <[EMAIL PROTECTED]>: > > > > > > On Wed, Jan 11, 2006 at 04:03:58PM +0100, Jens Holze wrote: > > > > > > > Hi! > > > > > > > > > > > > > > I updated VServer from 2.00 to 2.01 by patching a new > > > > > > > 2.6.14.4-kernel > > > > > > > and installing the utils (209) from self-build rpms on Fedora > > > > > > > Core 4. > > > > > > > > > > > > maybe the installation of your 'self built' utils is a > > > > > > little incomplete ... I'd try with the source tar, and > > > > > > after a proper configuration (to get your pathes right) > > > > > > do the 'make install' and 'make install-distribution' > > > > > > > > > > I erased the rpms and installed from source (with the prefix=/). > > > > > Everything is in place now, save_ctxinfo in /lib/util-vserver/ . > > > > > > > > > > > > Everything worked prior to that but since then I can't manage to > > > > > > > start > > > > > > > any debian-based Vservers. I thought something with the kernel > > > > > > > went > > > > > > > wrong so I build it anew but that didn't solve anything. > > > > > > > When trying to start a vserver I get: > > > > > > > > > > > > > > // RTNETLINK answers: File exists > > > > > > > > > > > > this means that the 'configured' IP(s) already exists, > > > > > > maybe with a different netmask/prefix, check with > > > > > > 'ip addr ls' and remove the 'offending' IP(s) > > > > > > > > > > > > > > > > Yeah I know, this one is not the problem, I just took existing > > > > > settings and made a new server from it hoping that would eliminate the > > > > > save_ctxinfo problem... > > > > > > > > > > > > // save_ctxinfo: execv(): No such file or directory > > > > > > > > > > > > this very much looks like the save_ctxinfo is failing > > > > > > possible reasons could be: > > > > > > > > > > > > - /lib/util-vserver/save_ctxinfo (or wherever it is > > > > > >on your distro) is not executable or missing > > > > > > - /etc/vservers/.defaults/run.rev is not pointing > > > > > >to a valid directory to store the info > > > > > > - the directory /var/run/vservers.rev is not writeable > > > > > >or does not exist > > > > > > > > > > > > > > > > I thought so but: save_ctxinfo is at the exact location and > > > > > executable... /run.rev is there and pointing to /var/run/vservers.rev > > > > > which exists and is writeable (there are directories inside for the > > > > > fedora vservers which are running!). It must be something special that > > > > > is done in debian vservers which doesn't happen with fedora core > > > > > vservers?! > > > > > Also, I wonder where the vserver starting script looks for this file, > > > > > is it possible that I have to edit any config file? I mean it's in the > > > > > same directory so why doesn't he find it? > > > > > > > > > > > > // An error occured while executing the vserver startup sequence; > > > > > > > when > > > > > > > // there are no other messages, it is very likely that the > > > > > > > init-script > > > > > > > // (/etc/init.d/rc 3) failed. > > > > > > > // > > > > > > > // Common causes are: > > > > > > > // * /etc/rc.d/rc on Fedora Core 1 and RH9 fails always; the > > > > > > > 'apt-rpm' build > > > > > > > // method knows how to deal with this, but on existing > > > > > > > installations, > > > > > > > // appending 'true' to this file will help. > > > > > > > // > > > > > > > // Failed to start vserver 'debian_two' > > > > > > > > > > > > > > The common causes don't really help and I can't think of anything > > > > > > > else. I even build an all new debian vserver but even this one > > > > > > > doesn't > > > > > > > boot. Other (Fedora-based) vservers do work perfectly. Any help > > > > > > > would > > > > > > > be greatly appreciated. > > > > > > > > > > > > yes, well, to explain all kinds of errors in a tool > > > > > > of this complexity is almost impossible ... > > > > > > > > > > Of course it is, it's just that its obviously a different problem as > > > > > far as I get it. > > > > > > > > > > Jens > > > > > > HTH, > > > > > > Herbert > > > > > > > > > > > > > > > > > > > > Jens > > > > > > > ___ > > > > > > > Vserver mailing list > > > > > > > Vserver@list.linux-vserver.org > > > > > > > http://list.linux-vserver.org/mailman/listinfo/vserver > > > > > > > > > > > > > > Hi! > > > > > > > > I had an intense look at the installation since obviously something > > > > must have gone wrong there (as you pointed out, too). I checked for > > > > vprocunhide being in place and executed (which is the case) and then > > > > ran the testme.sh once more where I first got an error with chcontext > > > > in /usr/sbin/chcontext. There should
Re: [Vserver] BME and CoW as split patches available?
Am Donnerstag, 2. Februar 2006 12:09 schrieb Herbert Poetzl: > > > And for kernel 2.6.15? > > nope, not publicly available atm, if you can make > a good argument, we can arrange something though. Well, ... I thought it would be interesting to look if it works together with the new beta OpenVZ-2.6.15 patches and unification of OpenVZ VPSes. Just curious. thx, Wilhelm -- Wilhelm Meier email: [EMAIL PROTECTED] ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] BME and CoW as split patches available?
On Thu, Feb 02, 2006 at 12:07:38PM +0100, Wilhelm Meier wrote: > Hi, > > probably a simple question: are the BME and CoW-link-breaking > extensions available as single patches. > If yes, where? BME against mainline 2.6.16-rc1: http://vserver.13thfloor.at/Experimental/split-2.6.16-rc1-bme0.06.2/ http://vserver.13thfloor.at/Experimental/patch-2.6.16-rc1-bme0.06.2.diff CoW parts against mainline 2.6.16-rc1: http://vserver.13thfloor.at/Experimental/del-2.6.16-rc1-vs2.1.0.9/37_cow.diff note that CoW is _designed_ for link breaking not for 'traditional' copy on write stuff, so it requires a marker (the immutable but unlink combo) to work, and it is just devel grade stuff ... > And for kernel 2.6.15? nope, not publicly available atm, if you can make a good argument, we can arrange something though. best, Herbert > thx, > > Wilhelm > > -- > -- > Wilhelm Meier > email: [EMAIL PROTECTED] > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Re: Can't rename vserver's host name
Guenther Fuchs wrote: Hi there, on Wednesday, February 1, 2006 at 1:28:24 PM there was posted: GH> Whitin the vserver, /etc/hostname file contains "iserv" GH> Any ideas? Palce the hostname on the host in /etc/vservers/[vserver-name]/uts/nodename - this is the file which is used to "create" the hostname on boot. Thanks, this has solved the problem. Regards Gerhard ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] [ANNOUNCE] vserver-inclusion project
On Thu, Feb 02, 2006 at 10:32:00PM +1300, Sam Vilain wrote: > Hey folks, > > Some good news - I am currently working on getting vserver included > upstream. Attached is the plan, and links to the work-in-progress. just for the record, I'm 'officially' supporting the idea and will help Sam whenever my time permits. here a few comments to a 'mainline' merge though: - we should try to make virtualization in the kernel as general as possible, while keeping the overhead as small as feasible - we should strive to allow competitive solutions to utilize the virtualization in a sensible manner (I'd hate to see linux-vserver-only code in mainline) - many things will not be merged in a year or two, so do not expect the vserver patches to go away too soon, but hopefully they will get smaller and smaller (if this succeeds) well, that's it! best, Herbert > Currently I'm of the opinion that I should finish section 1 and get a > minimal userland test suite running before sending it off to LKML for > savaging by the hoards; however what is there already is the minimum > that Linus was after for considering the patch. > > If anyone has any process suggestions or objections, please raise them > on the list now. If you would like to contribute, getting savvy with > something like StGIT (see http://www.procode.org/stgit/) will help us > work together. [Content-Description: It's the plan, Stan.] > The mighty Linux-VServer inclusion branch > = > > The Goal > > > To reshape the Linux-VServer kernel patch into a series of patches > that incrementally add features, for inclusion into the mainstream > Linux 2.6 tree. To do so without requiring the core Linux VServer > team to compromise on their primary objectives or waste time > maintaining the umpteen different kernel versions this process will > create. And finally, to do so without drifting from the core patch so > much it makes lots more work for Herbert. > > The Plan > > > Note that the dependency order of these patches is not strictly > linear; however git is not in a position to apply patch calculus, so > this is probably hard information to extract :) > > All revisions will be committed with Herbert's name as the Author > rather than myself, though technically I am the author of those > revisions, Herbert is the real author of the work. > > Patches, by general category, with a rough expected order: > > 0. features that don't need vserver, but are in the patch anyway > > a. Bind Mount Extensions (mount --bind --ro) > b. Kernel split (already included upstream! and with incorrect > acknowledgement ;)) > > 1. core vserver patch - no features > > a. struct and ps addition; internal API and refcounting > > ** UP TO HERE ** > > b. syscall, and switch > c. /proc visibility > d. debugging > e. history > > 2. isolation features > > a. IPC, semaphore, and signal restrictions > b. proc/array filtering > c. IPv4 chbind > d. FS chroot() barrier > e. general /proc filtering > f. ptrace > g. process admin: alloc_uid, find_user, sys_setpriority > h. printk > i. kthread > > 3. virtualisation features > > a. uts information > b. initpid > c. uptime > d. load average > e. ksyslog > f. vshelper (reboot support) > g. vroot (quota, fs IOCTL, etc) > i. general PID virtualisation > j. ngnet (network stack virtualisation) > > 4. resource tracking features > > a. scheduler tracking hook > b. FS xid counting > c. FS xid tagging > d. ulimit > e. RSS usage > f. IO - async tracking > > 5. resource sharing features > > a. scheduling v1 - TBF and vavavoom > b. FS - immutable linkage invert (immulink) > c. disk scheduler integration > d. RSS limits > e. FS - mad cow > > 6. resource limit features > > a. scheduler > b. rlimits > c. disklimits > > Locations > - > > The GIT repository for this project is at: > > http://utsl.gen.nz/vserver/vserver.git > > The patch stack for this project will be on the "vserver-inclusion" > branch; it is exported to: > > http://utsl.gen.nz/vserver/patches-split/mine/2.6.N+git-vsi/ > > Where 2.6.N was the last release (or release candidate) of Linus' > tree. This patch is NOT against any release you can download as a > tarball :). > > Upstream (13thfloor.at) patches will be on the "vs2.1.x.y" branch, > corresponding to their version number. The "upstream" patch that was > used as a source will be under: > > http://utsl.gen.nz/vserver/patches-split/13thfloor/2.6.N-vs2.1.x.y/ > > And, for sanity checking, the result of my importing of the upstream > quilt patch into stgit and re-exporting the branch via stgit will be > at: > > http://utsl.gen.nz/vserver/patches-split/mine/2.6.N-vs2.1.x.y/ > > The file sizes may be a lot smaller from STGIT; it does not repeat > filename info for each hunk like Quilt does, but if you diff the diffs > you'll hopefully
Re: [Vserver] Re: 2.6.16-rc1-vs2.1.0.9 latest test on parisc
On Thu, Feb 02, 2006 at 09:33:12AM +0100, Joel Soete wrote: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA1 > > > > > > > > Herbert Poetzl wrote: > > > On Wed, Feb 01, 2006 at 01:40:29PM -0500, Micah Anderson wrote: > > > > > > Herbert Poetzl wrote: > > > > > >>>Btw may I ask you to add this -n (i.e. no_color option) to testme. > > >>>That would look like: > > > > > > > > >>no problem, will put it into the next version ... > > > > > >>thanks, > > >>Herbert > > > > > > I thought that the -n (no_color) option was added after I sent a similar > > > patch back in October[1]? > > > > > > > > >> yes, it was, but (if you read your mail again) only > > >> to the testfs.sh script, not the testme.sh one ... > > > > /me hits head with hand. > > > > micah > Hello Micah, > > I just read the changelog of your debian's pkg upload (util-vserver > (0.30.209-2) unstable) and btw discover: > o it was re-enable for hppa ;-) > o and it's build with dietlibc (now available also for this arch too) > > So my question is: was it already tested on this arch? > > (I'm worry because I also play to rebuild dietlibc to run test and many > failed (e.g. stdio test), though). > > On toh for my private build from upstream src (on going to build latest > 0.30.210), I disabled use of dietlibc (not yet available for hppa at this > time) and all seems to works fine. really depends on the dietlibc, but I'd assume it is _still_ broken on HPPA, nevertheless the glibc is _not_ a good alternative, although it _might_ work for simple things. be careful as glibc is neither secure nor reliable when used to create or enter guests ... nevertheless for 'normal' administrative management or in a known secure environment it should work 'as expected'. best, Herbert PS: I hope that dietlibc on hppa will be fixed soon. > (But tbh I'm still ignoring what kind of pb am I supposed to encounter) > > TIA for advise, > Joel > > --- > NOTE! My email address is changing to ... @scarlet.be > Please make the necessary changes in your address book. > > > > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] tagxid mount option
On Thu, Feb 02, 2006 at 07:59:18AM +0100, J.Paechnatz wrote: > Herbert Poetzl schrieb: > > >how did you try? > >(i.e. what filesystem, which partition, what options) > > /dev/sda1 / ext3 > defaults,tagxid,errors=remount-ro 0 1 > > gives failures on reboot, leaving / unaccessible, I have to > boot from cdrom and correct (remove the tagxid option) the fstab. well, that's a problem with your distro basically ... here a short explanation _what_ happens: - the 'root' filesystem is specified in the bootloader (usually with the root=/dev/xy option) - the 'initial' root is probably a initrd or initram disk which loads a few drivers and sets up a few things - when the fstab is examined, either from the ram disk or from the real root system, the filesystem is already mounted, and only a _remount_ with certain options happens - remounting filesystems with the tagxid option is _intentionally_ disabled, because it would leave your filesystem in an unknown state (i.e. some inodes tagged, others untagged) now, why are we so cruel and/or why isn't it documented how to do that with the rootfs, which obviously should be possible? again the reasons are simple: - it isn't trivial to do so, because every distro uses a slightly different init method (in the ramdisk) - it is ill advised to tag the root filesystem of the host, potentially causing administrative data to become tagged, introducing new and unexpected permission issues so, yes it is possible to mount the rootfs tagxid, but no, we do not suggest to do so ... we _always_ strongly advise to have a _separate_ partition (or several of them) for the guests, to ensure that everything works as expected ... and yes, I know that many folks nowadays have _everything_ on a single partition, which I personally consider _very_ dangerous, and I'm not speaking about the guest partition here ... > >>I want to set context disk limits with vdlimit, therefore I need the > >>tagxid mount option, did I get it right? how do I enabled tagxid > >>support? kernel option uid24/gid24 is set. > > > > > >yes, usually it's just a matter of: > > > >mount -o tagxid /dev/some /vservers > > does not work too. gives a german error message, meaning already mounted > or invalid option. well, that has two reasons: - the beforementioned check which does not permit to remount a (mounted) partition with tagxid - your locale setting and your (probably german) installation :) HTHAC, Herbert > cu joh. > > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] BME and CoW as split patches available?
Hi, probably a simple question: are the BME and CoW-link-breaking extensions available as single patches. If yes, where? And for kernel 2.6.15? thx, Wilhelm -- -- Wilhelm Meier email: [EMAIL PROTECTED] ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] [ANNOUNCE] vserver-inclusion project
Hey folks, Some good news - I am currently working on getting vserver included upstream. Attached is the plan, and links to the work-in-progress. Currently I'm of the opinion that I should finish section 1 and get a minimal userland test suite running before sending it off to LKML for savaging by the hoards; however what is there already is the minimum that Linus was after for considering the patch. If anyone has any process suggestions or objections, please raise them on the list now. If you would like to contribute, getting savvy with something like StGIT (see http://www.procode.org/stgit/) will help us work together. The mighty Linux-VServer inclusion branch = The Goal To reshape the Linux-VServer kernel patch into a series of patches that incrementally add features, for inclusion into the mainstream Linux 2.6 tree. To do so without requiring the core Linux VServer team to compromise on their primary objectives or waste time maintaining the umpteen different kernel versions this process will create. And finally, to do so without drifting from the core patch so much it makes lots more work for Herbert. The Plan Note that the dependency order of these patches is not strictly linear; however git is not in a position to apply patch calculus, so this is probably hard information to extract :) All revisions will be committed with Herbert's name as the Author rather than myself, though technically I am the author of those revisions, Herbert is the real author of the work. Patches, by general category, with a rough expected order: 0. features that don't need vserver, but are in the patch anyway a. Bind Mount Extensions (mount --bind --ro) b. Kernel split (already included upstream! and with incorrect acknowledgement ;)) 1. core vserver patch - no features a. struct and ps addition; internal API and refcounting ** UP TO HERE ** b. syscall, and switch c. /proc visibility d. debugging e. history 2. isolation features a. IPC, semaphore, and signal restrictions b. proc/array filtering c. IPv4 chbind d. FS chroot() barrier e. general /proc filtering f. ptrace g. process admin: alloc_uid, find_user, sys_setpriority h. printk i. kthread 3. virtualisation features a. uts information b. initpid c. uptime d. load average e. ksyslog f. vshelper (reboot support) g. vroot (quota, fs IOCTL, etc) i. general PID virtualisation j. ngnet (network stack virtualisation) 4. resource tracking features a. scheduler tracking hook b. FS xid counting c. FS xid tagging d. ulimit e. RSS usage f. IO - async tracking 5. resource sharing features a. scheduling v1 - TBF and vavavoom b. FS - immutable linkage invert (immulink) c. disk scheduler integration d. RSS limits e. FS - mad cow 6. resource limit features a. scheduler b. rlimits c. disklimits Locations - The GIT repository for this project is at: http://utsl.gen.nz/vserver/vserver.git The patch stack for this project will be on the "vserver-inclusion" branch; it is exported to: http://utsl.gen.nz/vserver/patches-split/mine/2.6.N+git-vsi/ Where 2.6.N was the last release (or release candidate) of Linus' tree. This patch is NOT against any release you can download as a tarball :). Upstream (13thfloor.at) patches will be on the "vs2.1.x.y" branch, corresponding to their version number. The "upstream" patch that was used as a source will be under: http://utsl.gen.nz/vserver/patches-split/13thfloor/2.6.N-vs2.1.x.y/ And, for sanity checking, the result of my importing of the upstream quilt patch into stgit and re-exporting the branch via stgit will be at: http://utsl.gen.nz/vserver/patches-split/mine/2.6.N-vs2.1.x.y/ The file sizes may be a lot smaller from STGIT; it does not repeat filename info for each hunk like Quilt does, but if you diff the diffs you'll hopefully see the differences are minor. This file is http://utsl.gen.nz/vserver/patch-plan.txt Acknowledgements / Plug --- Other than the whole VServer crew, thanks go out to Catalyst IT (NZ) Limited for sponsoring my time on this project. http://www.catalyst.net.nz/ signature.asc Description: This is a digitally signed message part ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: 2.6.16-rc1-vs2.1.0.9 latest test on parisc
> -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > > Herbert Poetzl wrote: > > On Wed, Feb 01, 2006 at 01:40:29PM -0500, Micah Anderson wrote: > > > > Herbert Poetzl wrote: > > > >>>Btw may I ask you to add this -n (i.e. no_color option) to testme. > >>>That would look like: > > > > > >>no problem, will put it into the next version ... > > > >>thanks, > >>Herbert > > > > I thought that the -n (no_color) option was added after I sent a similar > > patch back in October[1]? > > > > > >> yes, it was, but (if you read your mail again) only > >> to the testfs.sh script, not the testme.sh one ... > > /me hits head with hand. > > micah Hello Micah, I just read the changelog of your debian's pkg upload (util-vserver (0.30.209-2) unstable) and btw discover: o it was re-enable for hppa ;-) o and it's build with dietlibc (now available also for this arch too) So my question is: was it already tested on this arch? (I'm worry because I also play to rebuild dietlibc to run test and many failed (e.g. stdio test), though). On toh for my private build from upstream src (on going to build latest 0.30.210), I disabled use of dietlibc (not yet available for hppa at this time) and all seems to works fine. (But tbh I'm still ignoring what kind of pb am I supposed to encounter) TIA for advise, Joel --- NOTE! My email address is changing to ... @scarlet.be Please make the necessary changes in your address book. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver