Re: [Vserver] V_xxxx not running ?
On Mon, 25 Jul 2005 18:12:01 -0500, Enrico Scholz wrote --=-=-= Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable [EMAIL PROTECTED] (Beno=EEt des Ligneris) writes: Chasing each and every config file of services started on your host (apache:443, SSH, mySQL, postgreSQL, etc.) ssh should never be started through v_ssh as every shell inherits the network restrictions else.So it will be impossible to do administrative tasks like (re)starting vservers. This was lost from the 2.4 kernel version of the vserver. root in context 0 was allowed to reset its iproot. - Jacques Gelinas [EMAIL PROTECTED] dav_ufs: Access your home directory using WebDav http://www.solucorp.qc.ca/miscprj/dav_ufs.hc ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
On Wed, Jul 27, 2005 at 10:37:48AM -0500, Jacques Gelinas wrote: On Mon, 25 Jul 2005 18:12:01 -0500, Enrico Scholz wrote --=-=-= Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable [EMAIL PROTECTED] (Beno=EEt des Ligneris) writes: Chasing each and every config file of services started on your host (apache:443, SSH, mySQL, postgreSQL, etc.) ssh should never be started through v_ssh as every shell inherits the network restrictions else.So it will be impossible to do administrative tasks like (re)starting vservers. This was lost from the 2.4 kernel version of the vserver. root in context 0 was allowed to reset its iproot. well, not lost :) but it was changed, yes ... best, Herbert - Jacques Gelinas [EMAIL PROTECTED] dav_ufs: Access your home directory using WebDav http://www.solucorp.qc.ca/miscprj/dav_ufs.hc ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
On Wed, 27 Jul 2005 19:49:03 -0500, Herbert Poetzl wrote On Wed, Jul 27, 2005 at 10:37:48AM -0500, Jacques Gelinas wrote: On Mon, 25 Jul 2005 18:12:01 -0500, Enrico Scholz wrote This was lost from the 2.4 kernel version of the vserver. root in context 0 was allowed to reset its iproot. well, not lost :) but it was changed, yes ... What was the reason ? - Jacques Gelinas [EMAIL PROTECTED] dav_ufs: Access your home directory using WebDav http://www.solucorp.qc.ca/miscprj/dav_ufs.hc ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
On Wed, Jul 27, 2005 at 03:52:43PM -0500, Jacques Gelinas wrote: On Wed, 27 Jul 2005 19:49:03 -0500, Herbert Poetzl wrote On Wed, Jul 27, 2005 at 10:37:48AM -0500, Jacques Gelinas wrote: On Mon, 25 Jul 2005 18:12:01 -0500, Enrico Scholz wrote This was lost from the 2.4 kernel version of the vserver. root in context 0 was allowed to reset its iproot. well, not lost :) but it was changed, yes ... What was the reason ? we switched to network context, with similar properties like the process contexts (which are also not allowed to migrate into eachother) maybe in the future, when the 'admin' context becomes a flag, we will allow to migrate between contexts (but there is really no demand for that atm) HTH, Herbert - Jacques Gelinas [EMAIL PROTECTED] dav_ufs: Access your home directory using WebDav http://www.solucorp.qc.ca/miscprj/dav_ufs.hc ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
On Mon, Jul 25, 2005 at 03:54:05PM +0930, Darryl Ross wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Benoît des Ligneris wrote: Hello, Well, I think that this is a useful tool for the vserver project. We are using v_portmap as well as some others v_* scripts. After having installed several vserver hosts I think it is much more easy to modify the services than to go after every application and modify one or several configuration file. Also, it is easy to check the existing services running on a given host and to create the v_* scripts in order to make sure that no port conflict will occur between the vservers and the host. This is a general solution to this kind of problem whereas fixing each application individually can be, IMHO, a pain... Then I would suggest that perhaps you are running too many services on the host? My philosophy is to keep the host as minimal as possible and run everything inside a guest (generally one guest per service). The only two services I run on my hosts are sshd and ntpd. Every other service that I might want to run on the host can be run inside a guest. I run sshd on all my machines on a non-standard port ( for hosts and 222 for guests) as a way of stopping my logs from filling up with door-knock attempts which also solves the port conflict issue. good points and excellent suggestions! thanks, Herbert Regards Darryl -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFC5IWE/XQ6DbmPjokRAqs6AJ9Nr6tZfvzS9sMuPxhjh256gy270ACfUDMg J4L9YzUCCdOdtdnd1Jegbs8= =JFu7 -END PGP SIGNATURE- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
Hello, Well, it certainly _was_ true at some point, especially when I was testing the vserver on my laptop ; I don't think this is the case now. We simply experiment that some programs have to be run on the host and don't allow to change port/restrict IP/etc. The v_* tools are, IMHO, a generic way to circumvent this kind of problem. This is especially true for portmap (i.e. : you need NFS on your host and you provide NFS we unfsd3 on a vserver, etc.) and there is no possibility to specify this in a config file (as far I know!). The same can be true for other programs : openSLP ?, Also, this can really help the newcommers to the vserver technology. I agree with you that, most of the time, you need those tools when you are using vservers on a regular host. However, it is really easy to use these tools and, in the process, understand how the vservers and the host share certain ressources. Chasing each and every config file of services started on your host (apache:443, SSH, mySQL, postgreSQL, etc.) can be a not very productive task especially during a test... Just my .01$ Ben Darryl Ross wrote: Benoît des Ligneris wrote: Hello, Well, I think that this is a useful tool for the vserver project. We are using v_portmap as well as some others v_* scripts. After having installed several vserver hosts I think it is much more easy to modify the services than to go after every application and modify one or several configuration file. Also, it is easy to check the existing services running on a given host and to create the v_* scripts in order to make sure that no port conflict will occur between the vservers and the host. This is a general solution to this kind of problem whereas fixing each application individually can be, IMHO, a pain... Then I would suggest that perhaps you are running too many services on the host? My philosophy is to keep the host as minimal as possible and run everything inside a guest (generally one guest per service). The only two services I run on my hosts are sshd and ntpd. Every other service that I might want to run on the host can be run inside a guest. I run sshd on all my machines on a non-standard port ( for hosts and 222 for guests) as a way of stopping my logs from filling up with door-knock attempts which also solves the port conflict issue. Regards Darryl -- Benoit des Ligneris Ph. D. President de Revolution Linuxhttp://www.revolutionlinux.com/ OSCAR http://oscar.openclustergroup.org/ EduLinuxhttp://www.edulinux.org/ Toutes les opinions et les prises de position exprimées dans ce courriel sont celles de son auteur et ne répresentent pas nécessairement celles de Révolution Linux Any views and opinions expressed in this email are solely those of the author and do not necessarily represent those of Revolution Linux ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
[EMAIL PROTECTED] (Benoît des Ligneris) writes: Chasing each and every config file of services started on your host (apache:443, SSH, mySQL, postgreSQL, etc.) ssh should never be started through v_ssh as every shell inherits the network restrictions else.So it will be impossible to do administrative tasks like (re)starting vservers. Enrico pgpKB5Z23p1jG.pgp Description: PGP signature ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
RE: [Vserver] V_xxxx not running ?
Also, it is easy to check the existing services running on a given host and to create the v_* scripts in order to make sure that no port conflict will occur between the vservers and the host. This is a general solution to this kind of problem whereas fixing each application individually can be, IMHO, a pain... Then I would suggest that perhaps you are running too many services on the host? My philosophy is to keep the host as minimal as possible and run everything inside a guest (generally one guest per service). The only two services I run on my hosts are sshd and ntpd. Every other service that I might want to run on the host can be run inside a guest. good points and excellent suggestions! thanks, Herbert Is this the official direction of the linux-vserver project? Regarding the post from about a month ago relating linux-vserver and the Solaris containers, it seems there is a huge potential for a tool that allows running virtual machines on a workstation. I ask if this is the official direction because if so, the tools will be engineered with this in mind. However, if the official direction is to allow running on stripped down hosts (ala Xen) and also general purpose workstations (ala Solaris containers) the tools will be designed more flexibly. This is just my $0.02 and food for thought. About every 12 - 18 months I switch from Windows to Linux on my desktop and this fall, when its due to happen again I plan on experimenting with a Solaris containers type of setup on my workstation. -- Matthew Nuzum [EMAIL PROTECTED] www.followers.net - Makers of Elite Content Management System View samples of Elite CMS in action by visiting http://www.followers.net/portfolio/ ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
[EMAIL PROTECTED] (Herbert Poetzl) writes: I will fix it, although the v_* scripts will disappear soon. and be replaced by? nothing ;) I do not see much sense in these scripts. Most affected applications (httpd, named, sendmail, ssh, xinetd) can be configured with native methods to listen on a limited set of interfaces. 'portmap' is the only daemon where v_portmap might be useful, but it is not used very much today resp. only by programs which can run in the host only. And the missing reports about the broken startup order in v_portmap tells me, that this script is unused. ;) Enrico pgppyQ8ihXjgS.pgp Description: PGP signature ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
Hello, Well, I think that this is a useful tool for the vserver project. We are using v_portmap as well as some others v_* scripts. After having installed several vserver hosts I think it is much more easy to modify the services than to go after every application and modify one or several configuration file. Also, it is easy to check the existing services running on a given host and to create the v_* scripts in order to make sure that no port conflict will occur between the vservers and the host. This is a general solution to this kind of problem whereas fixing each application individually can be, IMHO, a pain... Ben Enrico Scholz a écrit : [EMAIL PROTECTED] (Herbert Poetzl) writes: I will fix it, although the v_* scripts will disappear soon. and be replaced by? nothing ;) I do not see much sense in these scripts. Most affected applications (httpd, named, sendmail, ssh, xinetd) can be configured with native methods to listen on a limited set of interfaces. 'portmap' is the only daemon where v_portmap might be useful, but it is not used very much today resp. only by programs which can run in the host only. And the missing reports about the broken startup order in v_portmap tells me, that this script is unused. ;) Enrico ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver -- Benoît des Ligneris Ph. D. Président / C.E.O. Revolution Linux http://www.revolutionlinux.com/ Toutes les opinions et les prises de position exprimées dans ce courriel sont celles de son auteur et ne représentent pas nécessairement celles de Révolution Linux. Any views and opinions expressed in this email are solely those of the author and do not necessarily represent those of Revolution Linux. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
[EMAIL PROTECTED] (Brian Ipsen) writes: After upgrading to v2.0-rc8.1 and installing utils 0.30.208 I get this error dusing startup of my server: Starting v_httpd: exec --ip eth0 /etc/init.d/httpd start oops... some legacy scripts (inclusive vsysvwrapper) were not updated to a new naming convention (it should be $_CHBIND but not $CHBIND in the script). I will fix it, although the v_* scripts will disappear soon. Enrico pgpNEKsYOQSP3.pgp Description: PGP signature ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
On Sat, Jul 23, 2005 at 10:49:11AM +0200, Enrico Scholz wrote: [EMAIL PROTECTED] (Brian Ipsen) writes: After upgrading to v2.0-rc8.1 and installing utils 0.30.208 I get this error dusing startup of my server: Starting v_httpd: exec --ip eth0 /etc/init.d/httpd start oops... some legacy scripts (inclusive vsysvwrapper) were not updated to a new naming convention (it should be $_CHBIND but not $CHBIND in the script). I will fix it, although the v_* scripts will disappear soon. and be replaced by? btw, excellent work the 0.30.208 release! I will provide a few updates to the kernel headers and the alternative syscall macros tomorrow ... best, Herbert Enrico ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] V_xxxx not running ?
Hi, After upgrading to v2.0-rc8.1 and installing utils 0.30.208 I get this error dusing startup of my server: Starting v_httpd: exec --ip eth0 /etc/init.d/httpd start /usr/lib/util-vserver/vsysvwrapper: line 44: exec: --: invalid option Any idea what is going wrong ?? Regards, /Brian ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
On Fri, Jul 22, 2005 at 04:01:41PM +0200, Brian Ipsen wrote: Hi, After upgrading to v2.0-rc8.1 and installing utils 0.30.208 I get this error dusing startup of my server: Starting v_httpd: exec --ip eth0 /etc/init.d/httpd start /usr/lib/util-vserver/vsysvwrapper: line 44: exec: --: invalid option Any idea what is going wrong ?? sounds like a bug in 0.30.208, IIRC, the v_* helpers were considered for removal or so .. maybe they have been removed and your old ones do not work with the new tools ... didn't get to check it yet but will do so soon ... HTH, Herbert Regards, /Brian ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
RE: [Vserver] V_xxxx not running ?
Hi, After upgrading to v2.0-rc8.1 and installing utils 0.30.208 I get this error dusing startup of my server: Starting v_httpd: exec --ip eth0 /etc/init.d/httpd start /usr/lib/util-vserver/vsysvwrapper: line 44: exec: --: invalid option Any idea what is going wrong ?? sounds like a bug in 0.30.208, IIRC, the v_* helpers were considered for removal or so .. maybe they have been removed and your old ones do not work with the new tools ... didn't get to check it yet but will do so soon ... I haven't considered that option myself - I'm so used to having the wrapper scripts ;-) In general, I think it could be a good idea to have a chapter in the INSTALL file regarding upgrading from previous versions (especially if there are changes, which requires reverting back to to old init.d script and removing the wrapper scipts)... Regards, Brian ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] V_xxxx not running ?
On Fri, Jul 22, 2005 at 07:31:25PM +0200, Brian Ipsen wrote: Hi, After upgrading to v2.0-rc8.1 and installing utils 0.30.208 I get this error dusing startup of my server: Starting v_httpd: exec --ip eth0 /etc/init.d/httpd start /usr/lib/util-vserver/vsysvwrapper: line 44: exec: --: invalid option Any idea what is going wrong ?? sounds like a bug in 0.30.208, IIRC, the v_* helpers were considered for removal or so .. maybe they have been removed and your old ones do not work with the new tools ... didn't get to check it yet but will do so soon ... I haven't considered that option myself - I'm so used to having the wrapper scripts ;-) In general, I think it could be a good idea to have a chapter in the INSTALL file regarding upgrading from previous versions (especially if there are changes, which requires reverting back to to old init.d script and removing the wrapper scipts)... well, while I consider it an excellent idea to remove the v_ssh wrapper (as it just causes trouble anyway) I consider the other v_* wrappers or the idea of a general wrappertool (which might work for all kind of scripts and tools) a good idea ... best, Herbert Regards, Brian ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
