Re: [Libcg-devel] [PATCH 1/4] This patch adds cgsnapshot tool
On Fri, Sep 17, 2010 at 3:22 PM, Ivana Hutarova Varekova
wrote:
> CHANGELOGS:
> CHANGELOG v3
> * white/blacklist is cached
> * incorporate jsafraneks feedback
>
> CHANGELOG v2
> * add whitelist which describe the set of variables which can be dealt
> by
> cgsnapshot without any problem (the values which with which have cgsnapshot
> the problems are there with TODO comment and the reason) without -s option
> the skipped variables are output with the warning text
> * add the possibility to set the whitelist file
> * add the possibility to redirect the output
>
> CHANGELOG v1
> * more verbose comments
> * tune the variable names/description/usage in display_controller_data
> function
> * remove unnecesary .stat exception
>
> SYNOPSIS:
> cgsnapshot [-h] [-s] [-w] [--whitelist-file file] [-f output_file]
> [controller] [...]
> Generate the configuration file from the current hierarchie(s) of
> control groups
> -h, --help Display this help
> -s, --silent Ignore all warnings
> -w, --whitelist Display only variables from whitelist (default
> /etc/cgsnapshot_whitelist.conf)
> --whitelist-file file Set the whitelist configuration file
> -f, --file Redirect the output to output_file
> the output have the same format as cgconfig.conf file (the values are
> in commas)
>
> there is also whitelist, which contains all controllers which are dealt
> without any problem (there are several TODOS like devices and so on) if
>
> EXAMPLE:
> $ /home/varekova/bg/libcgroup/20100719/libcg/src/tools/cgsnapshot -n
> # Configuration file generated by cgsnapshot
> mount {
> cpuset = /cgroup/cpuset;
> cpu = /cgroup/devices;
> cpuacct = /cgroup/memoryd;
> memory = /cgroup/memory;
> devices = /cgroup/devices;
> freezer = /cgroup/freezer;
> net_cls = /cgroup/net_cls;
> }
>
> group daemons {
> perm {
> admin {
> uid = root;
> gid = root;
> }
> task {
> uid = root;
> gid = root;
> }
> }
> cpuset {
> cpuset.memory_spread_slab="0";
> cpuset.memory_spread_page="0";
> cpuset.memory_migrate="0";
> cpuset.sched_relax_domain_level="-1";
> cpuset.sched_load_balance="1";
> cpuset.mem_hardwall="0";
> cpuset.mem_exclusive="0";
> cpuset.cpu_exclusive="0";
> }
> }
>
> Signed-off-by: Ivana Hutarova Varekova
> ---
>
> src/tools/Makefile.am | 5
> src/tools/cgsnapshot.c | 722
>
> 2 files changed, 726 insertions(+), 1 deletions(-)
> create mode 100644 src/tools/cgsnapshot.c
>
> diff --git a/src/tools/Makefile.am b/src/tools/Makefile.am
> index f755037..92a0078 100644
> --- a/src/tools/Makefile.am
> +++ b/src/tools/Makefile.am
> @@ -3,7 +3,8 @@ LDADD = $(top_builddir)/src/.libs/libcgroup.la
>
> if WITH_TOOLS
>
> -bin_PROGRAMS = cgexec cgclassify cgcreate cgset cgget cgdelete lssubsys
> lscgroup
> +bin_PROGRAMS = cgexec cgclassify cgcreate cgset cgget cgdelete lssubsys\
> + lscgroup cgsnapshot
>
> sbin_PROGRAMS = cgconfigparser cgclear
>
> @@ -27,6 +28,8 @@ lssubsys_SOURCES = lssubsys.c
>
> lscgroup_SOURCES = tools-common.c lscgroup.c
>
> +cgsnapshot_SOURCES = cgsnapshot.c
> +
> install-exec-hook:
> chmod u+s $(DESTDIR)$(bindir)/cgexec
>
> diff --git a/src/tools/cgsnapshot.c b/src/tools/cgsnapshot.c
> new file mode 100644
> index 000..9c60126
> --- /dev/null
> +++ b/src/tools/cgsnapshot.c
> @@ -0,0 +1,722 @@
> +/* " Copyright (C) 2010 Red Hat, Inc. All Rights Reserved.
> + * " Written by Ivana Hutarova Varekova
> + *
> + * This program is free software; you can redistribute it and/or modify it
> + * under the terms of version 2.1 of the GNU Lesser General Public License
> + * as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it would be useful, but
> + * WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
> + */
> +
> +#include
> +#include
> +#include
> +#include
> +#include
> +#include
> +
> +#include
> +#include
> +#include
> +#include
> +#include
> +#include
> +
> +enum flag{
> + FL_LIST = 1,
> + FL_SILENT = 2, /* do-not show any warning/error output */
> + FL_WHITELIST = 4, /* use the whitelist to parse the variables */
> + FL_OUTPUT = 8, /* output should be redirect to the given
> file */
> +};
> +
> +#define WHITELIST_CONF "/etc/cgsnapshot_whitelist.conf"
> +
> +struct listt {
A better name please. listt does not tell us anything. possibly, you
can
Re: [Libcg-devel] [PATCH 2/4] adds cgsnapshot man page
On Fri, Sep 17, 2010 at 3:22 PM, Ivana Hutarova Varekova wrote: > CHANGELOG v1 > * fix jsafranek comments > > > This patch adds cgsnapshot man page > > > Signed-off-by: Ivana Hutarova Varekova > --- > > doc/man/Makefile.am | 2 +- > doc/man/cgsnapshot.1 | 65 > ++ > 2 files changed, 66 insertions(+), 1 deletions(-) > create mode 100644 doc/man/cgsnapshot.1 > > diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am > index 42323fd..26338d8 100644 > --- a/doc/man/Makefile.am > +++ b/doc/man/Makefile.am > @@ -1,6 +1,6 @@ > man_MANS = cgclassify.1 cgconfig.conf.5 cgconfigparser.8 cgexec.1 > cgred.conf.5 \ > cgrules.conf.5 cgrulesengd.8 cgcreate.1 cgset.1 cgclear.1 cgget.1 \ > - cgdelete.1 lssubsys.1 lscgroup.1 > + cgdelete.1 lssubsys.1 lscgroup.1 cgsnapshot.1 > > EXTRA_DIST = $(man_MANS) > > diff --git a/doc/man/cgsnapshot.1 b/doc/man/cgsnapshot.1 > new file mode 100644 > index 000..9dbf8b4 > --- /dev/null > +++ b/doc/man/cgsnapshot.1 > @@ -0,0 +1,65 @@ > +.\" Copyright (C) 2010 Red Hat, Inc. All Rights Reserved. > +.\" Written by Ivana Varekova > + > +.TH CGSNAPSHOT 1 2010-07-28 "Linux" "libcgroup Manual" > +.SH NAME > + > +cgsnapshot \- generate the configuration file for given controllers > + > +.SH SYNOPSIS > +\fBcgsnapshot\fR [\fB-h\fR] [\fB-s\fR] [\fB-w\fR] [\fB--whitelist-file\fR > \fIfile\fR] [\fB-f\fR \fIoutput_file\fR] [\fBcontroller\fR] [...] > + > +.SH DESCRIPTION > + > +\fBcgsnapshot\fR > +generates the configuration file for given controllers. "cgconfig compatible configuration file" somewhere there as well? > +If no controller is set, then > +cgsnapshot shows all mounted hierarchies. > +The output is in the same format as > +.B cgconfig.conf > +configuration file. > + > +.TP > +.B -h, --help > +display this help and exit > + > +.TP > +.B -s, --silent > +Ignore all warnings > + > +.TP > +.B -w, --whitelist > +Display only variables from whitelist. > +The default location of the whitelist is > +.B /etc/cgsnapshot_whitelist.conf. > + > +.TP > +.B --whitelist-file file > +Set the whitelist configuration file > + > +.TP > +.B -f, --file > +Redirect the output to output_file > + > + > +.TP > +.B controller > +defines controller whose hierarchies will be > +output > + > +.SH FILES > +.LP > +.PD .1v > +.TP 20 > +.B /etc/cgsnapshot_whitelist.conf > +.TP > +default location of the whitelist. > +.LP > +.PD .1v > +.TP 20 > +.B /etc/cgconfig.conf > +.TP > +default libcgroup configuration file. > + > +.SH SEE ALSO > +cgconfig.conf (5) > > > -- > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > ___ > Libcg-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/libcg-devel > -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Libcg-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libcg-devel
Re: [Libcg-devel] [PATCH 3/4] the default cgsnapshot configuration file
On Fri, Sep 17, 2010 at 3:22 PM, Ivana Hutarova Varekova wrote: > CHANGELOG v1 > * fix balbair commnets: remove devices.(deny/allow) > Balbir :-) > the default cgsnapshot configuration file > contains all variables from 2.6.34 > I am going to ask you to drop this file. Probably just a blacklist with what is missing as opposed to what is there. > > Signed-off-by: Ivana Hutarova Varekova > --- > > samples/Makefile.am | 3 ++ > samples/cgsnapshot_whitelist.conf | 47 > + > 2 files changed, 49 insertions(+), 1 deletions(-) > create mode 100644 samples/cgsnapshot_whitelist.conf > > diff --git a/samples/Makefile.am b/samples/Makefile.am > index 5e28c6f..9c1ec02 100644 > --- a/samples/Makefile.am > +++ b/samples/Makefile.am > @@ -1 +1,2 @@ > -EXTRA_DIST = cgconfig.conf cgred.conf cgrules.conf cgconfig.sysconfig > +EXTRA_DIST = cgconfig.conf cgred.conf cgrules.conf cgconfig.sysconfig \ > + cgsnapshot_whitelist.conf > diff --git a/samples/cgsnapshot_whitelist.conf > b/samples/cgsnapshot_whitelist.conf > new file mode 100644 > index 000..4cdac1e > --- /dev/null > +++ b/samples/cgsnapshot_whitelist.conf > @@ -0,0 +1,47 @@ > +#memory > +memory.memsw.failcnt=Y > +memory.memsw.limit_in_bytes=Y > +memory.memsw.max_usage_in_bytes=Y > +memory.swappiness=Y > +memory.use_hierarchy=Y > +memory.failcnt=Y > +memory.soft_limit_in_bytes=Y > +memory.limit_in_bytes=Y > +memory.max_usage_in_bytes=Y > +memory.force_empty=N -TODO > +memory.move_charge_at_immigrate=Y > + > +#cpu > +cpu.rt_runtime_us=Y > +cpu.shares=N - TODO > +cpu.rt_period_us=Y > + > +#cpuacct > +cpuacct.usage=Y > + > +#devices > +devices.deny=N - TODO > +devices.allow=N - TODO > + > +#cpuset > +cpuset.memory_spread_slab=Y > +cpuset.memory_spread_page=Y > +cpuset.memory_migrate=Y > +cpuset.sched_relax_domain_level=Y > +cpuset.sched_load_balance=Y > +cpuset.mem_hardwall=Y > +cpuset.mem_exclusive=Y > +cpuset.cpu_exclusive=Y > +cpuset.mems=Y > +cpuset.cpus=Y > + > +#ns > + > +#freezer > +freezer.state=Y > + > +#net_cls > +net_cls.classid=Y > + > +#blkio > +blkio.weight=Y > \ No newline at end of file > > > -- > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > ___ > Libcg-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/libcg-devel > -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Libcg-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libcg-devel
Re: [Libcg-devel] [PATCH 1/4] This patch adds cgsnapshot tool
> > OK, the patch is fine. I am though wondering if it is possible to > split this patch up into smaller pieces. > BTW, what sort of testing has been done. did you try a file which does a = but no Y or N? What about something like cpu.shares=Y cpu.shares=N in the same file? What happens if the order is reversed? Sorry, I have not gotten a chance to run it yet Dhaval -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Libcg-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libcg-devel
Re: [Libcg-devel] sysdefault group ?
On Thu, Sep 23, 2010 at 2:52 PM, Tommaso Cucinotta wrote: > Il 23/09/2010 12:37, Balbir Singh ha scritto: >> * Tommaso Cucinotta [2010-09-23 12:26:26]: >> >> >>> Il 23/09/2010 12:01, Balbir Singh ha scritto: >>> There is a simple way to disable this Create /etc/sysconfig/cgconfig and add the following CREATE_DEFAULT=no >>> also, it doesn't work: >>> >>> sudo ./cgconfigparser -l /etc/cgconfig.conf >>> >> No it does not work that way, here are the steps >> >> 1. after creating and updating /etc/sysconfig/cgconfig >> 2. Use the cgconfig script to do the loading >> > well, the overall effect does not change too much :-) ... > > $ sudo /etc/init.d/cgconfig start > Starting cgconfig service: error at line number 46 at > CREATE_DEFAULT:syntax error > Failed to parse file /etc/cgconfig.conf > Loading configuration file /etc/cgconfig.conf failed > Failed to parse config file > * Failed to parse /etc/cgconfig.conf > > ... and on the 46th line I have of course: > > CREATE_DEFAULT=no > > T. > -- I don't recall how to turn it off though for a quick hack you can jsut open uip /etc/init.d/cgconfig and turn off the CREATE_DEFAULT variable for now. Jan though is the right perseon for this and I am copying him. Dhaval -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Libcg-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libcg-devel
Re: [Libcg-devel] [PATCH] This patch adds cgsnapshot tool
On Fri, Sep 24, 2010 at 12:16 PM, Ivana Hutarova Varekova
wrote:
> CHANGELOGS:
> fixes the typos in the previous version
>
> CHANGELOG v4
> * incorporate dhaval feedback:
> * whitelist -> blacklist
> * add cgroup_free_cgroup
>
> CHANGELOG v3
> * white/blacklist is cached
> * incorporate jsafraneks feedback
>
> CHANGELOG v2
> * add whitelist which describe the set of variables which can be dealt
> by
> cgsnapshot without any problem (the values which with which have cgsnapshot
> the problems are there with TODO comment and the reason) without -s option
> the skipped variables are output with the warning text
> * add the possibility to set the whitelist file
> * add the possibility to redirect the output
>
> CHANGELOG v1
> * more verbose comments
> * tune the variable names/description/usage in display_controller_data
> function
> * remove unnecesary .stat exception
>
> SYNOPSIS:
> cgsnapshot [-h] [-s] [-b] [--blacklist-file file] [-f output_file]
> [controller] [...]
> Generate the configuration file from the current hierarchie(s) of
> control groups
> -h, --help Display this help
> -s, --silent Ignore all warnings
> -b, --blacklist Display only variables from whitelist (default
> /etc/cgsnapshot_blacklist.conf)
> --blacklist-file file Set the whitelist configuration file
> -f, --file Redirect the output to output_file
> the output have the same format as cgconfig.conf file (the values are
> in commas)
>
> there is also whitelist, which contains all controllers which are dealt
> without any problem (there are several TODOS like devices and so on) if
>
> EXAMPLE:
> $ /home/varekova/bg/libcgroup/20100719/libcg/src/tools/cgsnapshot -n
> # Configuration file generated by cgsnapshot
> mount {
> cpuset = /cgroup/cpuset;
> cpu = /cgroup/devices;
> cpuacct = /cgroup/memoryd;
> memory = /cgroup/memory;
> devices = /cgroup/devices;
> freezer = /cgroup/freezer;
> net_cls = /cgroup/net_cls;
> }
>
> group daemons {
> perm {
> admin {
> uid = root;
> gid = root;
> }
> task {
> uid = root;
> gid = root;
> }
> }
> cpuset {
> cpuset.memory_spread_slab="0";
> cpuset.memory_spread_page="0";
> cpuset.memory_migrate="0";
> cpuset.sched_relax_domain_level="-1";
> cpuset.sched_load_balance="1";
> cpuset.mem_hardwall="0";
> cpuset.mem_exclusive="0";
> cpuset.cpu_exclusive="0";
> }
> }
>
> Signed-off-by: Ivana Hutarova Varekova
Can you give some testing details? Also, have you tried some of the
questions I asked you in the previous review round?
> ---
>
> src/tools/Makefile.am | 5
> src/tools/cgsnapshot.c | 724
>
> 2 files changed, 728 insertions(+), 1 deletions(-)
> create mode 100644 src/tools/cgsnapshot.c
>
> diff --git a/src/tools/Makefile.am b/src/tools/Makefile.am
> index f755037..92a0078 100644
> --- a/src/tools/Makefile.am
> +++ b/src/tools/Makefile.am
> @@ -3,7 +3,8 @@ LDADD = $(top_builddir)/src/.libs/libcgroup.la
>
> if WITH_TOOLS
>
> -bin_PROGRAMS = cgexec cgclassify cgcreate cgset cgget cgdelete lssubsys
> lscgroup
> +bin_PROGRAMS = cgexec cgclassify cgcreate cgset cgget cgdelete lssubsys\
> + lscgroup cgsnapshot
>
> sbin_PROGRAMS = cgconfigparser cgclear
>
> @@ -27,6 +28,8 @@ lssubsys_SOURCES = lssubsys.c
>
> lscgroup_SOURCES = tools-common.c lscgroup.c
>
> +cgsnapshot_SOURCES = cgsnapshot.c
> +
> install-exec-hook:
> chmod u+s $(DESTDIR)$(bindir)/cgexec
>
> diff --git a/src/tools/cgsnapshot.c b/src/tools/cgsnapshot.c
> new file mode 100644
> index 000..0b2b5b7
> --- /dev/null
> +++ b/src/tools/cgsnapshot.c
> @@ -0,0 +1,724 @@
> +/* " Copyright (C) 2010 Red Hat, Inc. All Rights Reserved.
> + * " Written by Ivana Hutarova Varekova
> + *
> + * This program is free software; you can redistribute it and/or modify it
> + * under the terms of version 2.1 of the GNU Lesser General Public License
> + * as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it would be useful, but
> + * WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
> + */
> +
> +#include
> +#include
> +#include
> +#include
> +#include
> +#include
> +
> +#include
> +#include
> +#include
> +#include
> +#include
> +#include
> +
> +enum flag{
> + FL_LIST = 1,
> + FL_SILENT = 2, /* do-not show any warning/error output */
> + FL_BLACKLIST =
Re: [Libcg-devel] [PATCH 2/4] adds cgsnapshot man page
On Fri, Sep 24, 2010 at 11:37 AM, Ivana Hutarova Varekova wrote: > CHANGELOG v2 > * incorporate dhavalś feedback > whitelist -> blacklist > > CHANGELOG v1 > * fix jsafranek comments > > > This patch adds cgsnapshot man page > > > Signed-off-by: Ivana Hutarova Varekova > --- > > doc/man/Makefile.am | 2 +- > doc/man/cgsnapshot.1 | 66 > ++ > 2 files changed, 67 insertions(+), 1 deletions(-) > create mode 100644 doc/man/cgsnapshot.1 > > diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am > index 42323fd..26338d8 100644 > --- a/doc/man/Makefile.am > +++ b/doc/man/Makefile.am > @@ -1,6 +1,6 @@ > man_MANS = cgclassify.1 cgconfig.conf.5 cgconfigparser.8 cgexec.1 > cgred.conf.5 \ > cgrules.conf.5 cgrulesengd.8 cgcreate.1 cgset.1 cgclear.1 cgget.1 \ > - cgdelete.1 lssubsys.1 lscgroup.1 > + cgdelete.1 lssubsys.1 lscgroup.1 cgsnapshot.1 > > EXTRA_DIST = $(man_MANS) > > diff --git a/doc/man/cgsnapshot.1 b/doc/man/cgsnapshot.1 > new file mode 100644 > index 000..2565e83 > --- /dev/null > +++ b/doc/man/cgsnapshot.1 > @@ -0,0 +1,66 @@ > +.\" Copyright (C) 2010 Red Hat, Inc. All Rights Reserved. > +.\" Written by Ivana Varekova > + > +.TH CGSNAPSHOT 1 2010-07-28 "Linux" "libcgroup Manual" > +.SH NAME > + > +cgsnapshot \- generate the configuration file for given controllers > + > +.SH SYNOPSIS > +\fBcgsnapshot\fR [\fB-h\fR] [\fB-s\fR] [\fB-b\fR] [\fB--blacklist-file\fR > \fIfile\fR] [\fB-f\fR \fIoutput_file\fR] [\fBcontroller\fR] [...] > + > +.SH DESCRIPTION > + > +\fBcgsnapshot\fR > +generates the cgconfig compatible configuration file > +for given controllers. > +If no controller is set, then > +cgsnapshot shows all mounted hierarchies. > +The output is in the same format as > +.B cgconfig.conf > +configuration file. redundant sentence? cgconfigparser compatible configuration file is more generic. > + > +.TP > +.B -h, --help > +display this help and exit > + > +.TP > +.B -s, --silent > +Ignore all warnings > + > +.TP > +.B -b, --blacklist > +Display only variables from blacklist. > +The default location of the blacklist is > +.B /etc/cgsnapshot_blacklist.conf. > + > +.TP > +.B --blacklist-file file > +Set the blacklist configuration file > + > +.TP > +.B -f, --file > +Redirect the output to output_file > + > + > +.TP > +.B controller > +defines controller whose hierarchies will be > +output > + > +.SH FILES > +.LP > +.PD .1v > +.TP 20 > +.B /etc/cgsnapshot_blacklist.conf > +.TP > +default location of the blacklist. > +.LP > +.PD .1v > +.TP 20 > +.B /etc/cgconfig.conf > +.TP > +default libcgroup configuration file. > + > +.SH SEE ALSO > +cgconfig.conf (5) > > -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ Libcg-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libcg-devel
Re: [Libcg-devel] [PATCH] This patch adds cgsnapshot tool
On Mon, Sep 27, 2010 at 12:41 PM, Jan Safranek wrote: > On 09/27/2010 08:47 AM, Ivana Hutarova Varekova wrote: >> >> On 09/24/2010 01:53 PM, [email protected] wrote: >>> >>> OK, I am not happy with this patch. I want to change the mechanism >>> like this. So, you have a file maybe, cgsnapshot_blacklist so >>> $cat cgsnapshot_blacklist >>> devices.allow >>> devices.deny >>> >>> Now, this is *just* the blacklist. Now, parse this file, as opposed to >>> devices.allow=Y or devices.allow=N which does not make it really >>> obvious which one is the blacklist entry and which is not. Also makes >>> your parsing code much more straightforward. >>> >>> Next, you can reuse this same code to parse a file which just has teh >>> list of variables you want to read. Of course there are priority >>> issues, does the blacklist get priority or does the whitelist get it, >>> but we can figure it out later on. >>> >>> Dhaval >>> >> So your suggestionn is to have the option like: >> >> -b, --blacklist Display only variables from blacklist (default >> /etc/cgsnapshot_blacklist.conf) >> --blacklist-file file Set the blacklist configuration file >> >> which will have the list of variables which are problematic now, or >> forbidden from some reason. >> but you mention in the last paragraph the reuse of this code to the list >> of variables which are should >> be printed. So do you want to have there some options like >> -l, --variablelist >> --variablelist-file >> Do you agree with this options? >> Ivana > > If I can propose something, I'd like to have these options: > -b --blacklist=file Ignore the parameters mentioned in the file > -w --whitelist=file Show only the parameters mentioned in the file > > The semantics should be the same as in hosts.allow and hosts.deny: > - parameter is shown if it is on the whitelist > - otherwise, the parameter is hidden if it is on blacklist > - otherwise (i.e. it's not on any list), it is shown (let's call these > parameters as 'gray'). > > A Warning should be shown for these gray parameters. There should be also an > option to hide gray parameters, so only those explicitly mentioned on > whitelist would be shown (-B, --blacklist-default?). > > When there is no -w or -b, the lists are taken from > /etc/cgsnapshot.{white,black}list. If there is no such file, the appropriate > list is empty. User could erase these default lists using e.g. '-b > /dev/null' (=no extra code needed) or '-i' as '--ignore-default-lists'. > I am not so sure I want a default blacklist. But I can see where you are coming from, and do not have a strong objection to it. > As an extra feature, I'd like to have possibility to have more than one -b > and -w option, IMHO it wouldn't require too much code. > The question still remains on how to prioritize values between these files? > And as Christmas wish, I'd love to use regular expressions in these files > :). Like blacklisting cpuset.* and whitelisting just cpuset.cpus and > cpuset.mems. > :-) Dhaval -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Libcg-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libcg-devel
Re: [Libcg-devel] [PATCH 0/4] adds cgsnapshot tool
On Mon, Oct 4, 2010 at 2:18 PM, Ivana Hutarova Varekova wrote: > The patchset has four patches: > 1/ cgsnapshot tool itself. This tool contains the option to ignore some > variables (blacklist) > or output only the chosen variables (whitelist). > 2/ the man page for cgsnapshot tool > 3/ the cgsnapshot_blacklist.conf configuration file. It is the list of all > variables from 2.6.34. > which need some special logic which is not implement in cgsnapshot yet. > 4/ the cgsnapshot_whitelist.conf configuration file which contains all > variables from 2.6.34 > > tests: > The patch were tested on several configuration files: > * use the original configuration file (*.orig file) > * generate the cgsnapshot one (*.gen file) - with the default black and > white list > * cgclean all > * use the cgsnapshot generated configuration (*.gen file) > * compare the results > tested configuration files are attached. > ENOATTACH :-) > > TODOs: > * there are 4 variables which can't be handled by cgsnapshot, now switched > off in blacklist, > there should be add the logic for them > * add the variables which are on the last kernel to lists and find out > whether they are parsed well > * add an option which will combine the groups which have the same name and > permissions > * remove the permission tag if there are root permissions only > * try to sort the groups to have unified output > * add the possibility to use meta-characters like cpuset.* in blacklist and > whitelist > * add the possibility to use more -b and -w files > > Ivana Hutarova Varekova > -- Virtualization is moving to the mainstream and overtaking non-virtualized environment for deploying applications. Does it make network security easier or more difficult to achieve? Read this whitepaper to separate the two and get a better understanding. http://p.sf.net/sfu/hp-phase2-d2d ___ Libcg-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libcg-devel
