Re: [Vserver] Networking: inside and out
2006/5/24, Roderick A. Anderson [EMAIL PROTECTED]: I've ( thanks to everyone ) got a working Linux-Vserver and one guest. The current issues are I can't get httpd or sshd to start in the guest. This system is being migrated to L-V so has sshd and apache ( two VirtualHosts ) running currently. I have modified sshd_config, httpd.conf, and ssl.conf to listen only on the IPs and ports the host is using and modified the guest's files to listen on its IPs and ports. The guest was build using this variation on the FC5 page. vserver test build -m yum --context 34 --hostname=test.example.com --interface test1=eth0:nn.nnn.nnn.34/25 -- -d fc5 Yes it is a half a Class-C network. ( All incriminating values have been changed to protect the guilty -- me. ) The error I'm getting is: Starting httpd: (99)Cannot assign requested address: make_sock: could not bind to address nn.nnn.nnn.34:80 no listening sockets available, shutting down Unable to open logs Any pointers? Open file limits? Missing CAP_NET_BIND or some other capabilities? Maybe a strace will be useful (should show you what is the exact error). Does ip addr show (or ifconfig -a) on the guest show the proper IP address? ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Networking: inside and out
Grzegorz Nosek wrote: snip / Open file limits? Missing CAP_NET_BIND or some other capabilities? Maybe a strace will be useful (should show you what is the exact error). Does ip addr show (or ifconfig -a) on the guest show the proper IP address? Possibility on the file limits. I'll research. CAP_NET_BIND? Dang! I didn't think this was a special capability. ( Probably need some scripts that do common things -- like set up a guest for httpd, database, etc. ) I'll run the strace ( didn't think of that ) later but now I have a new(?) issue. After trying nodev in interfaces I wasn't getting the binding to eth0. I just checked again and Found the problem!!! A conflict ( I still have to find why ) with port 443 on the host and guest. Man I hate retro-fitting. As soon as I get one checked out the host becomes the 'host' only. Thanks, once again, to all for suggestions. Rod -- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Networking: inside and out
2006/5/24, Roderick A. Anderson [EMAIL PROTECTED]: Grzegorz Nosek wrote: snip / Open file limits? Missing CAP_NET_BIND or some other capabilities? Maybe a strace will be useful (should show you what is the exact error). Does ip addr show (or ifconfig -a) on the guest show the proper IP address? Possibility on the file limits. I'll research. CAP_NET_BIND? Dang! I didn't think this was a special capability. ( Probably need some scripts that do common things -- like set up a guest for httpd, database, etc. ) You need CAP_NET_BIND if you want your guest to bind to ports 1024. I'll run the strace ( didn't think of that ) later but now I have a new(?) issue. After trying nodev in interfaces I wasn't getting the binding to eth0. I just checked again and If you use nodev, make sure the IP address is assigned to the device before you start the guest. Found the problem!!! A conflict ( I still have to find why ) with port 443 on the host and guest. Hmm Listen directive in the host's apache configuration file? Man I hate retro-fitting. As soon as I get one checked out the host becomes the 'host' only. Thanks, once again, to all for suggestions. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Networking: inside and out
Grzegorz Nosek wrote: 2006/5/24, Roderick A. Anderson [EMAIL PROTECTED]: Grzegorz Nosek wrote: snip / Open file limits? Missing CAP_NET_BIND or some other capabilities? Maybe a strace will be useful (should show you what is the exact error). Does ip addr show (or ifconfig -a) on the guest show the proper IP address? Possibility on the file limits. I'll research. CAP_NET_BIND? Dang! I didn't think this was a special capability. ( Probably need some scripts that do common things -- like set up a guest for httpd, database, etc. ) You need CAP_NET_BIND if you want your guest to bind to ports 1024. CAP_NET_BIND_SERVICE is given to guests by default. -- Daniel Hokka Zakrisson GPG id: 06723412 GPG fingerprint: A455 4DF3 990A 431F FECA 7947 6136 DDA2 0672 3412 ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
