Re: [Vserver] is there any "getting started with vserver" documentation anywhere?

On Wed, 5 Nov 2003, Alexander Goeres wrote: > > I once tried to make the vservers run on a SuSE disto but after serveral > weekends gave up. That's basically due to my lack of ability to compile a > vanilla kernel on SuSE so that all the modules it has with its standard > kernel work. The .config

Re: [Vserver] Copy a vserver to different partition?

On Wed, 5 Nov 2003, Roderick A. Anderson wrote: > > I've been all over the wiki and web site looking for a solution but I'm > getting no place slowly. > > We had a hard drive fail but was able to move the /vservers/* into a > working drive before replacing the bad drive. As this is a live system

Re: [Vserver] ssh X11 forwarding (after vserver xxx enter)

On Tue, 11 Nov 2003, Thomas Gebhardt wrote: > > COOKIE=`xauth list $DISPLAY` > > vserver foo enter > > xauth add $COOKIE > > doesn't seem to work for me. As far as I can see, there is no way > to write from a vserver process to a socket on the master server. > That's part of the vserver concept, i

Re: [Vserver] Unsharing disk space

On Tue, 11 Nov 2003, Roderick A. Anderson wrote: > FYW, I have tried these three methods and got errors and/or the process > aborted. > Well I have returned to one of my near an dear topics - copying vservers. > > I have been all over this, back to messages posted in Jun, then those this > month.

Re: [Vserver] Re: [Linux-privs-discuss] Capabilities & capability tools in Linux

On Tue, 11 Nov 2003, Linas Vepstas wrote: > Well, yes, that was my point. I'm getting the feeling that its implemented > incorrectly, that there should have been a pair of bits: LOWERPCAP and > RAISEPCAP, instead of SETPCAP. Seems to me that LOWERPCAP, by allowing > one process to take away the c

RE: [Vserver] XMas Wishlist

On Sun, 16 Nov 2003, ian douglas wrote: > how about "from the very beginning" documentation? ie: explain things for > people that need more stepped instructions than "patch the kernel" (ie: > explain how to apply a .diff file etc.), which OS's vserver has been tested > on, etc. We should point th

re: [Vserver] chroot(safe) issues

On Wed, 26 Nov 2003, Jacques Gelinas wrote: > On Wed, 26 Nov 2003 02:55:02 -0500, Enrico Scholz wrote > > > Please not that the current 'chmod 000' hack is not affected by this > > attacks since it is a fixed barrier which can not be bypassed. > > > > Therefore, it will not make sense to hope on a

[Vserver] util-vserver: compile problem with dietlibc

dietlibc doesn't define uint64_t if __STRICT_ANSI__ is set, and -std=c99 defines __STRICT_ANSI__. To compile it, I had to add -U __STRICT_ANSI__ after -std=c99 in the Makefile. I'll test it after finishing my civnet-game. -- ¤ Bill of Spammer-Rights ¤ 1. We have the right to assassinate yo

Re: [Vserver] Demo...

On Wed, 7 Jan 2004, Dariush Pietrzak wrote: > And another thing - can anyone share success stories about running X inside > vserver? It would be nice to show off machine running different X server on > different terminals, every one would be different dist and different X > generation (4.2,4.3,3.3

Re: [Vserver] Demo...

On Wed, 7 Jan 2004, Dariush Pietrzak wrote: > > Without testing: What about running xdm inside the vserver and X outside, > > either with -query or with a chooser to select the (v)server? > Hmm, I'm not sure what that would accomplish - you would have to install X > to master machine, the one tha

Re: [Vserver] Demo...

On Thu, 8 Jan 2004, Dariush Pietrzak wrote: > On Wed, 7 Jan 2004, Bodo Eggert wrote: [X outside vserver was considered to be insecure, I told X is insecure anyway] > Hmm, this is supposed to be a 'demo', not a public kiosk. ACK, therefore there is no need to jail the X-Server

RE: [Vserver] CAP processor usage and Vserver

On Thu, 12 Feb 2004, Val A. Quimno wrote: > How can I unsubscribe to this mailing list? > > UNSCRIBE >From the headers of each mail: List-Unsubscribe: , -- ¤ Bill of Spammer-Rights ¤ 1. We have the right t

Re: [Vserver] util-vserver tools - 16 ip address limit

On Thu, 26 Feb 2004, Kevin Gray wrote: > > #define NB_IPV4ROOT 64 > > struct vc_ip_mask_pair ips[64]; Wouldn't it be better to use ips[NB_IPV4ROOT] etc. instead of immediate values? Just my ¢¢ -- "You, you, and you . . . Panic. The rest of you, come with me." -U.S. Marine Corps G

Re: [Vserver] POLL: Number of IP Addresses in Each Vserver

On Fri, 27 Feb 2004, Herbert Poetzl wrote: > On Fri, Feb 27, 2004 at 08:26:53PM +0100, Thomas Gelf wrote: > > Am Fre, den 27.02.2004 schrieb Herbert Poetzl um 17:50: > - missing: ping doesn't work like on linux server xy >this can be secured by: >- checking every raw packet via some pac

Re: [Vserver] Support with chroot problem

On Wed, 3 Mar 2004 [EMAIL PROTECTED] wrote: [util-vserver and suse/gcc 3.3.1] > I observerd the same on SuSE9.0. Therefore, i just used the binaries > built in a Suse8.2 environment hoping that this > works as well. So far it does. > But of course i am interested in a 'clean' solution, i.e. > the

Re: [Vserver] "Can't chroot Operation not permitted" and other stuff

On Wed, 17 Mar 2004, Thomas Guettler wrote: > - How can I display the capabilities of /proc/self/status > in a humanreadable form? reducecap --show > - Would be nice if you get the missing capability in > the error message: "Missing Capability CAP_SYS_CHROOT" > instead of "Operation not pe

Re: [Vserver] Tiny system for template...

On Fri, 2 Apr 2004, Dariush Pietrzak wrote: > > Hm... my debain-base is less 100Mb. > that's very cool, but I would prefer something closer to 5-10M. > /dev/log with syslog-ng sounds a bit more efficient. What about using busybox, compiled with the dietlibc? -- I always tell customers/clients th

Re: [Vserver] Mysql server on linux-vserver.org down?

On Fri, 16 Jul 2004, Herbert Poetzl wrote: > hmm, yeah, is my fault, I tried to mend the broken > mysql with a cron script which restarts it once > a day Maybe you should take a look at runsv from "runit". -- Funny quotes: 27. If people from Poland are called Poles, why aren't people from Hollan

Re: [Vserver] Should complain if wrong ip is written?

On Tue, 17 Aug 2004, Ola Lundqvist wrote: > I have got a wishlist request on vserver package. > > See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=253518 > > Do you think util-vserver should behave like this? /etc/hostname is system-dependend; SuSE has /etc/HOSTNAME and my debian has "host

Re: [Vserver] Should complain if wrong ip is written?

On Wed, 18 Aug 2004, Bodo Eggert wrote: > A sane thing would be creating a $vserver/etc/vconfig with something like: > > hostname $hostname > ips $ips[*] > etchosts $hostname $ips[*] > x-userdefined we want to pass a user-definedvalue to the vserver

Re: [Vserver] problems with apache and php in a vserver

On Tue, 5 Oct 2004, Eric Jorgensen wrote: > If I start up apache without php, it works just fine. > However, if I > install the RPM for php (4.2.2-17) it segfaults. http://portal.suse.com/sdb/en/2004/05/fhassel_php4_91.html HTH -- Top 100 things you don't want the sysadmin to say: 62. I didn't

Re: [Vserver] packaging review for new Debian packages

On Mon, 27 Dec 2004, Stephen Frost wrote: > * Enrico Scholz ([EMAIL PROTECTED]) wrote: > > * execve(2) is more efficiently than execvp(3) > > Is there something in here that actually would notice from such a > change? Seriously, is there *really* some benefit here for an end user > or is this ju

Re: [Vserver] vserver patch for 2.6.11?

On Tue, 8 Mar 2005, Eugen Leitl wrote: > Another question: I'm about to buy memory for a couple of servers, to run > VServers. What's the memory footprint of a typical VServer (running, let's > say, postfix/apache/openvpn)? 100 MBytes, twice that? HTTP-Server, router, News- and Web-Proxy, running

Re: [RE:] Re: [Vserver] Linux Vserver - Feature Question

On Thu, 31 Mar 2005, Herbert Poetzl wrote: > On Thu, Mar 31, 2005 at 09:26:31AM +0200, [EMAIL PROTECTED] wrote: > hmm, so you would like to artificially slow down the > I/O transfer of a vserver, and make the transaction > somewhat longer than necessary? I guess more like not slowing down the hos

Re: [Vserver] Vservers and Rootkits

On Thu, 28 Apr 2005, Roderick A. Anderson wrote: > I have a vserver that has all the indicators that is is a victim of a root > kit ( SucKIT ). In my readings so far I see that SucKIT is is loaded > through /dev/kmem ( ie. it doesn't need a kernel sith support for loadable > kernel modules --

Re: [Vserver] stty: standard input: Inappropriate ioctl for device

On Mon, 2 May 2005, Rik van den Eijnden wrote: > On startup of my vserver I get the message: > stty: standard input: Inappropriate ioctl for device > > Everything is running as expected, but why am I getting this message? Ignore this message, it's printed because SuSE can't set the console for p

Re: [Vserver] Extra root security

On Thu, 12 May 2005, Gaz Wilson wrote: > > Does anyone have an opinion as to whether disabling root's password > within a vserver is worthwhile? Noone logs into a vserver as root > via ssh, only from the master using vserver enter, so there's no point > in having a root password, so it can be di

Re: [Vserver] MySQL inside a vserver - permission denied?

On Mon, 16 May 2005, Werner Schalk wrote: > ok my problem seems to be solved. It was a simple permission problem (I used > "cp" to copy a vserver but did not preserve the permissons). Thanks a lot > again to all the people that helped me. To copy a directory structure with permissions, use (cd

Re: [Vserver] /dev/console

On Mon, 16 May 2005, Gilles wrote: > But, just in case, how can one provide new devices? > Is it just a matter of running > > mknod /vservers/phony/dev/console c 5 1 Yes, but from the outside. -- "Never tell the Platoon Sergeant you have nothing to do." -Unknown Marine Recruit ___

Re: [Vserver] building from savannah CVS

On Wed, 18 May 2005, Michal Ludvig wrote: > #!/bin/sh set -e - and - > rm -rf autom4te*.cache > aclocal -I . -I m4 || exit 1 [...] remove these "|| exit 1" -- Teamwork is essential, it gives them someone else to shoot at. ___

Re: [Vserver] building from savannah CVS

On Thu, 19 May 2005, Michal Ludvig wrote: > Bodo Eggert wrote: > > set -e > Good hint, but does it work with non-bash as well? I just tested it with the solaris /bin/sh, and it worked as expected. -- Funny quotes: 10. Nothing is fool proof to a t

Re: [Vserver] CAP_SYS_ADMIN, how unsecure it is within vserver

On Sat, 28 May 2005, gary ng wrote: > I am testing out vserver(1.2.10 on 2.4, not ready for > 2.6 yet because of stability issue unrelated to > vserver) and I am wondering what is the impact of > giving CAP_SYS_ADMIN to it. > > Without it, I cannot mount within vserver but I see > mount as a legi

Re: [Vserver] Suse and Yast inside VServer

On Sat, 18 Jun 2005, Oliver Dietz wrote: > Hi @all, > > i want to use Suse 9.x inside a vserver. At > http://www.marlow.dk/site.php/tech/vserver is a Suse image available, but > without Yast - and a Yast is the main reason why to use Suse. You should get it running by installing the rpms. Howe

Re: [Vserver] alpha and dietlibc

On Thu, 23 Jun 2005, James Boddington wrote: > diff -urN dietlibc-0.29-orig/include/signal.h dietlibc-0.29/include/signal.h > --- dietlibc-0.29-orig/include/signal.h Tue Mar 15 18:51:22 2005 > +++ dietlibc-0.29/include/signal.h Thu Jun 23 15:46:02 2005 Did you CC [EMAIL PROTECTED] -- Bug? T

Re: [Vserver] Re: NXServer inside of VServer?

On Sat, 25 Jun 2005, Martin Honermeyer wrote: > * Deleted everything from /tmp. > * Tried to login again => same problem, window closes after a few seconds > * looked at the user's .xsession-errors file: > _IceTransmkdir: ERROR: Owner of /tmp/.ICE-unix must be set to root [...] > Note: I have to

Re: [Vserver] Slackware

On Fri, 8 Jul 2005, Martin Archanco wrote: > In the linux-vserver view this. > > inetd/xinetd > You can't bind inetd to a interface, replace it with xinetd. This is wrong, you _can_ bind inetd to interfaces. Example: ---/etc/inetd--- 127.0.0.1: swat stream tcp nowait.400 root /usr/sbin/

Re: [Vserver] Slackware

On Fri, 8 Jul 2005, Martin Archanco wrote: > The line is NACK two lines: > 127.0.0.1: > ftp stream tcp nowait root /usr/sbin/tcpd proftpd inetd will ignore bogus lines -- "Religion is an insult to human dignity. With or without it, you'd have good people doing good things and evil people

Re: [Vserver] PDA Webinterface

On Wed, 10 Aug 2005, Jan-Marc Pilawa wrote: > > On Tue, Aug 09, 2005 at 08:06:41PM +0200, Dennis Paulisch wrote: > > >Hi, i am currently work on a webinterface for Linux > > >vServer to administrate via PDA. See the Screenshots on: > > >http://www.serversupportforum.de/forum/showthr

Re: [Vserver] rlimit for memory usage

On Fri, 26 Aug 2005, Helmut Wollmersdorfer wrote: > Oliver Welter wrote: > My plan was, to give this context 20% CPU 'soft' (400 x 20% = 100 MHz), > 128 MB RSS rlimit, and 500 MB VM rlimit. But if OOM can kill some vital > processes, this would need watching the services and restart them by > h

Re: [Vserver] x with nvidia module in vserver?

On Tue, 4 Oct 2005, Torsten Becker wrote: > I try to run a complete workstation in a vserver including a x-server. > This is no problem since I do not try to use the hardware acceleration > with the nvidia kernel module. > I have set several capabilities for the vserver: That's enough to make

Re: [Vserver] X11 vserver

On Wed, 5 Oct 2005, hellekin wrote: > I followed the previous thread on X11 with attention as I'm trying the same > thing: I'd like my host to remain as small as possible while providing users > with an X11 interface. > > I started with adding CAP_SYS_RAWIO in the bcapabilities file and copying >

Re: [Vserver] ./testme.sh: line 115: which: command not found

On Fri, 7 Oct 2005, Herbert Poetzl wrote: > hmm, always assumed that the 'which' command is > part of every distro ... but hey, live and learn, > maybe somebody has a workaround to avoid 'which'? > > patches are welcome ... perl -i~ -pe 's/which/type -p/g' *.sh -- Funny quotes: 26. If you take

Re: [Vserver] Can't bind-mount host->guest

On Sun, 30 Oct 2005, Jun OKAJIMA wrote: > I also have same question. > How to do a mount to vserver namespace? I don't know about the vserver mechanism (I'm currently not running one), but according to LKML, you can change namespace by chrooting to /proc/$PID/root. I asume it will be possible to

[Vserver] util-vserver: make install tries to compile

If I run 'make install', the make script tries to compile a file. Off cause this can't work out, since I transfered the pre-built directory from the machine with my compiler to my server, where I want to install. This is very annoying, especially since compiling as non-user should be avoided for

Re: [Vserver] util-vserver: make install tries to compile

On Wed, 23 Nov 2005, Herbert Poetzl wrote: > On Wed, Nov 23, 2005 at 09:06:09PM +0100, Bodo Eggert wrote: > > If I run 'make install', the make script tries to compile a file. Off > > cause this can't work out, since I transfered the pre-built directory from >

Re: [Vserver] util-vserver: make install tries to compile

On Thu, 24 Nov 2005, Enrico Scholz wrote: > [EMAIL PROTECTED] (Bodo Eggert) writes: > > If I run 'make install', the make script tries to compile a > > file. > > Can not reproduce that It turned out to be a dependency on the dietlibc objects. If they don't e

[Vserver] [Bug] sendfile64 stopped working in host server after upgrading from vanilla

After I upgraded from vanilla 2.6.11.10 to 2.6.14.2-vs2.1.0-rc7, the sendfile function in the host server stopped delivering the whole file. After reverting to the old kernel, it works correctly again. -- $ echo -e 'GET http://be10/images/___.jpg HTTP/1.0\r\n\r' | netcat be10 80 | w

Re: [Vserver] [Bug] sendfile64 stopped working in host server after upgrading from vanilla

On Sat, 3 Dec 2005, Alejandro Mery wrote: > Bodo Eggert wrote: > >After I upgraded from vanilla 2.6.11.10 to 2.6.14.2-vs2.1.0-rc7, the > >sendfile function in the host server stopped delivering the whole file. > >After reverting to the old kernel, it works correctly again.

Re: [Vserver] testme.sh results and minor problem 2.6.14.2 / vs2.1.0-rc8 on x86_64 arch

On Tue, 6 Dec 2005, Grzegorz Nosek wrote: > I'd love to see future releases announced here too (esp. with a short > list of changes). > > Right now to know the changes I'll need to apply the rc8 and rc9 > patches to two vanilla trees and diff them afterwards (a diff of two > diffs is ugly and unr

Re: [Vserver] Hostname confusion inside vserver

On Tue, 20 Dec 2005, Stéphane GAUTIER wrote: > Why scripts of creation: vserver build does not modify information > /etc/hostname and /etc/hosts in the vserver? Because these names are distribution-dependant. -- For every action, there is an equal and opposite criticism. (in boot camp)

Re: [Vserver] Virtualizing /proc/version

On Wed, 4 Jan 2006, Herbert Poetzl wrote: > On Wed, Jan 04, 2006 at 06:42:29PM +0100, Enrico Scholz wrote: > > Herbert Poetzl <[EMAIL PROTECTED]> writes: > > >> it would be nice when /proc/version could be virtualized > > >> (e.g. using values from VCMD_set_vhi_name). Currently, it > > >> reveals

Re: [Vserver] Assigning a virtual console to a given vserver

On Sun, 8 Jan 2006, Bruno wrote: > I would like to assign a virtual console to one or more vservers running on > my > box. > > e.g. > vc0 - vc6 for host system > vc7 for first vserver > vc8 for second vserver > none for third vserver > ... [...] > Is this possible? You need the console de

Re: [Vserver] Getting the namespace of processes

On Mon, 9 Jan 2006, Wilhelm Meier wrote: > Hi, > > I want to extract the namespace-attribute of a specific/all process(es). Some > time ago there was a discussion about this topic, but I think the essence was > that there are no tools to get this information. Or am I wrong? > > Is it possible

Re: [Vserver] Logo design

On Thu, 19 Jan 2006, Roman Barczy?ski wrote: > On 2006-01-19 17:58, Herbert Poetzl wrote: > > okay I _know_ I should not spend any time on that > > but I couldn't help to try some things myself > > (based on the IMHO excellent checkmark idea) > > heh, same to /me but, oh, well... my final version

Re: [Vserver] Logo design

On Fri, 20 Jan 2006, Herbert Poetzl wrote: > On Thu, Jan 19, 2006 at 09:24:54PM +0100, Bodo Eggert wrote: > > On Thu, 19 Jan 2006, Roman Barczy?ski wrote: > > > On 2006-01-19 17:58, Herbert Poetzl wrote: > > > > > > okay I _know_ I should not spend any time on

Re: [Vserver] How to discover the "real" IP Address?

On Fri, 7 Jul 2006, Boniforti Flavio wrote: > Hello list, > I've got a question (and I'm a newbie, too!): as I'm logged as "root" > on one of several Virtual Servers on a machine (each Virtual Server > having its own IP address), how can I check and discover the "real" > hosts IP Address and hostn