Hi Einar
Oliver: I am somewhat amazed that your setup works. I would think
Portage would get very upset, or at least confused, when packages that
aren't marked as updated are, dependencies should be broken etc. But two
years running is quite stable. Is it just /var and parts of /etc that
are
This might be offtopic but perhaps useful.
I have multiple guests that share the same root directly. All
configuration and runtime relevant dirs (var and parts of etc( are
mounted from a per guest partition.
Works with no hasle here for over 2 years now
Oliver
--
Diese Nachricht wurde
Hi Folks,
Today I ran into a problem with newtwork devices on vlans.
My box has one physikal interface (eth0) which hosts two vlans (vlan3 +
vlan4). The basic vlan interfaces are created on system bootup and
have each one ip assigned.
In the vserver-config I used the default syntax with vlan3
Hi Folks,
I used the chance to upgrade my boxes and ran into one big issue now:
I use nagios to monitor my disks, the setup is done like follows:
* I have one partition per vserver guest
* the partition is mounted into the guest via the guests fstab
(/dev/drbd/www1 /data ext3 defaults 0 0)
Hi Folks,
I upgraded my box from
Kernel: 2.6.15.4-vs2.1.1-rc6-gentoo
VS-API: 0x00020001
util-vserver: 0.30.210; Feb 17 2006, 22:32:37
to
Kernel: 2.6.20-vs2.2.0-gentoo
VS-API: 0x00020200
Hi Hollow,
2.2.0 is in portage since Apr 2nd ..
okok - my portage was 7 days old
@Hollow - whats about new stages and the new baselayout - I saw your
planet dev post from November 06 which reads about almost done.
http://people.linux-vserver.org/~hollow/stages/
thx
Oliver
--
Hi Asier,
Networking firewall are not my strong points, so perhaps this could
sound a silly question.
There are only silly answers...
I've five linux VServers, each with it's own _real_ IP address (not
192.168.x.y, 10.x, etc). Each one has it's own services but I'd like to
close access
Hi Bruno,
Sorry Oliver, but local traffic DOES cross iptables (INPUT and OUTPUT rules,
not sure about pre/post-routing), but crossing is done with interface 'lo'
instead of 'eth*' or whatever other interface.
sorry you are totally right - fingers were faster then neurons :(
Oliver
--
Hi Oliver,
i'm trying to restrict access from one vserver to another vserver
running on the same machine. one is running on dummy0, the other one on
dummy1. i tried firehol and shorewall, but it just doesn't work. it
seems that all firewall rules are just ignored. what's so special with
the
Hi Bruno,
All traffic does go through iptables, even local one!
Local traffic will leave through the OUTPUT chain and come in through the
INPUT chain, using lo interface.
In most cases though iptables is configured to accept all traffic that goes
through lo...
Hmm , guess I was wrong
Hi Phreak/Hollow,
today I wanted to do some updates on my servers and recogniced that
gentoo folks deleted the 2005.1 profiles tree with the vserver profile
in it.
As 2006.x does not contain the vserver profile I am a bit stuck.
Might you please push a usable profile to the actuall portage
Hi Folks,
I postet a similar mail to the list about a year ago but didnt find time
to deal with the issue - so it pops up now again :)
My Problem: I have my guests root on a read-only partition, var is
another partition and tmp is a ramdisk. I have the /dev tree on the
readonly partition at the
Hi Herbert,
yes, because the bind mount probably doesn't exist
when the tools try to write to /dev/null
Hmmm, anyway
IMHO a more secure solution would be to bind mount
the /dev/log only and keep the entire /dev read only
as that is more secure than having them on var
AFAIK its not
Hi Alejandro,
LibClamAV Error: wrote 0 instead of 512
(/tmp/clamav-67ea3a8be7a9faa9/main.ndb)
cli_untgz: no space left on device
In my /etc/vservers/virtual1/fstab I have this line related to /tmp:
none /tmp tmpfs size=16m, mode 1777 0 0
The /tmp is a memory based
Hi John,
I am running a qmail server as gentoo guest too and didnt have any
problems...
Did you set the spamassassin Use-Flag on QMS?
Perhaps you should try it manual by unpacking the qms package and run
configure by hand.
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public
Chuck wrote:
I have searched everywhere I can think of and can only find stage3 files dated
march 2006. That will require an entire rebuild to bring it to spec!
is it a bad idea to use a default stage3
AFAIK since the last update of the baselayout it is not necessary to use
a special stage -
Sounds good - I am currently building an up-to-date version based on the
latest image (unpacked Hollows stage3 and running gcc update procedure)
I guess the image will be ready in around 6 to 8 hours and I can offer
it for download for using it as a template...
Oliver
John Alberts wrote:
Hi Chuck
http://jackass.homelinux.org/jackass/mirror.html
i686
thank you however i cannot access any of the mirrors listed.
at least this one is working for me
ftp://jackass.mojope.com/jackass/vserver
only one answered an ftp client and it required a login other than anonymous
Oli
--
Hi Folks,
bougth an AMD 64 X2 and ran into a problem. When I want to build the
fritzcapi module (AVM Fritzcard driver) I get an error (see below).
System is a gentoo with 2.6.17 kernel patchset.
Any ideas
Oliver
make[1]: Entering directory `/usr/src/linux-2.6.17-vserver-2.1.1-rc31'
CC [M]
Hi Chuck,
you can find all rc* kernels in our overlay at
http://overlays.gentoo.org/proj/vps
Tip: emerge layman - this is a tool for managing overlays - its very
helpul ;)
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Hi Guys,
this is mainly for hollow et al - what is the latest ebuild you will
consider good for production of the 2.1 series ?
I am currently running 2.6.15.4-vs2.1.1-rc6-gentoo and want to upgrade
due to the latest kernel bugs
Oliver
--
Diese Nachricht wurde digital unterschrieben
Hi Christian,
question as missleading - I know the overlay but I wonder if there is
some categorization about quite stable / bleeding edge in the rcs or
if it is ok to take always the latest one.
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key:
Hi Christian
Nope there is no categorization or rating in the svn-repo. I also wouldn't
use
the _rc's on a stable machine, since from time to time there's some bugs in
them that need to be fixed.
So - what do you suggest for using 2.1 on gentoo?
I run the 2.1 for over a year now without
Hi Henrik,
all IP config is (normally) done within the interfaces/nr/ directory
via ip/prefix. So, I guess changing all these files will do the job...
I dont know a Tool but some lines of bash code should do.
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key:
Hi Oliver,
try vnamespace -e xid mount
xid is the context id that you can obtain by vserver-stat
Take care that the adressing of mountpoints is a bit tricky because it
is inside the namespace but not in the chroot - so you have e.g.
/vserver/foo/tmp
Oliver
--
Diese Nachricht wurde
Hi Folks,
after a portage sync I recognized that all ebuilds except an old kernel
2.6.15, tools 2.0.1 has gone.
What happend ? Is this related to the bugseries?
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat:
Hi Martin
so complicated to get right. I have been fighting
with the process for about a week now.
I spend some more together with Herbert debugging even issues in kernel
code of some filesystems drivers - sometimes using OSS is not only fun
(I learned mich about kernel and stuff in this
Hallo Martin,
I dealt with this issue a year ago and its running fine with my setup -
I really suggest using the Solution 1) proposed on the wiki, if this
is a possible setup for you.
If you need any help, we can meet at the IRC for an interactitve discussion
Oliver
--
Diese Nachricht wurde
Hi Folks,
there was a disussion some time ago here on multiple IPs assigned to one
vServer. I now have the need to assign a 32 Address net to one guest -
anybody here did some tests on this or can give me a go/nogo for this ?
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's
Hi Manish,
Has anybody done any work or study on security of vserver. What are the
possible security downsides and possible areas of attack on vserver both
from other vservers on the same host and from external agent. Any pointers
on this would be very helpful. Thanks,
I havent done a study,
Hi Folks,
this might be a strange question for some of you as it is more an
academical interesst, but I hope you can help me out ;)
Q: Is there a way to prevent that a superuser on the host system can
* see process of a guest
* enter a guest
* receive any other valuable info from the guest
Hi Mike, Serge,
So, is there any way to do this ? I guess that SELinux/GR will offer
some pointers to forbid root these actions, but are there any easier
ways ??
Sounds like SELinux is the tool of choice for that.
And if your concern is with the host's admins, not with exploited root
apps
hi Dominique
I'm dealing with failover intensively too. In any case of failover
(automated or manual) I have to check that configuration is exactly
replicated and up-to-date on all nodes (usually four or five nodes),
else I disable failover. So I used to check versionning information
Hi Steph,
are there any known issues running the vmware-server on a 2.6 kernel
with applied vserver-patches?
As VMWare has a totally differnt concept and is quite a normal
application I dont thnik so.
I run a vm-workstation here on a recent vserver-patched kernel without
any problems
Hi Chuck,
my only other option is to do policy routing which i don't think our
switch/router ios is right for.. at least then i could target the entier /24
for port 80 requests and translate them to something like 7080 before it gets
to the machine and then back out again. messy at best i
Hi Chuck,
iptable -t nat -I PREROUTING -d 192.168.168.0/24 --dport 80 -j DNAT --to
target:port Should work without reasonable impact on the load...
hmm.. ok im no iptables whiz but i will try this syntax... i have to eliminate
nat since they are all public ip addresses.. i suspect maybe
Hi Youri,
I'm trying to get a simple Proftpd-mysql server running in one of my
guests, and was wondering how I could enable passive ftp connections.
Has this got something to do with guest capabilities or do I have to
resort to some iptables fiddling on the host?
And would the solution be to
Hi Boris,
this is more or less expected behaviour...
vServer does not really run an own linux inside the compartments but
only does process separation.
What init-type are you running - I guess that if you use fakeinit, at
least the init-process will reside in the namespace.
To circumvent the
Hi Chris,
as all guest use the original kernel more or less directly, there is
almost no performance loss and even no networking latency.
But you might run into problems regardig proper rights that X needs on
the kernel to run the grafics card - I am not that deep in the stuff to
give you
Talking to myself ;)
Hollow: Downgrading to vservers-sources-2.1.1-rc6 did the job - so
something between is broken (yes its an unstable branch I know)
Oliver
Oliver Welter wrote:
Hi Folks,
I just upgrade a gentoo box to current 2.1.1 patchset on 2.6.15 and get
following problem
Hi Daniel,
Use vhashify instead? It is totally independent from your guests'
distribution.
/usr/lib/util-vserver/vhashify -nv www1
Initializing exclude-list for /vservers/wwwtemplate (www1)
Can not determine packagemanagement style
failed to determine configfiles
Seems not to work either...
Hi Enrico
eergh - it seems that vunify does not support gentoo guest. Anyone
here can help me out ?
Implementing the 'get-conffiles' operation for the 'gentoo' case in
'scripts/vpkg' should help. I do not know gentoo enough to develop it
myself.
As gentoo hast no binary packages and the
Hi Folks,
I just upgrade a gentoo box to current 2.1.1 patchset on 2.6.15 and get
following problem:
Fireing up a freshly build vserver results in a hanging shell, vps ax shows:
1736 0 MAIN pts/0Ss 0:00 -bash
1763 0 MAIN pts/0S+ 0:00
Hi Folks,
just wanna ask whats about our Logo-Contest ?
So far I didnt vote - so Ill do:
I prefer the Text with Checkmark Versions 3 to 10.
I like 3 regarding the Font-setting but would suggest moving the v
into the S and color it blue like in 10. :)
Oliver
--
Diese Nachricht wurde digital
Hi Folks,
eergh - it seems that vunify does not support gentoo guest. Anyone here
can help me out ?
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat: http://www.ldv.ei.tum.de/page72
smime.p7s
Description: S/MIME
. Oliver Welter - microBLUE - http://www.microblue.de
Tel: 08131/80525 - Fax: 08131/80526 - Post: Loestr. 15; 85221 Dachau
webbasierte Anwendungen - Servertechnik - Groupware - PCs und Netzwerke
--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--
smime.p7s
Description: S/MIME
Hi Chris,
I downgraded to 1.11 and its running all fine now...so I guess there is
a bug in the 1.20 release.
Hrm. Never heard of such an error (an never encountered one ..). Which
commands did you exactly run ?
(AFAIR there was some magic needed, but not sure)
Basically syslog-ng and sshd
that 1.20 didnt.
If anyone is interested I can provide the used guest for testing
Oliver
Oliver Welter wrote:
Hi Chris,
I downgraded to 1.11 and its running all fine now...so I guess there is
a bug in the 1.20 release.
Hrm. Never heard of such an error (an never encountered one ..). Which
Hello Holger,
FYI, I have just updated the wiki about the DRBD mount problem:
http://linux-vserver.org/advanced+DRBD+mount+issues (Solution 4)
Hope this is useful for some of you as well.
uhh - this is a even more ugly hack than Solution 3 ;)
But nevertheless - if it works...
Oliver
--
Stay away from server4free. I've used both their dedicated
server and vservers, and the latter product was awful. Service
was nonexistent, and I was threatened with a suit when I demanded
termination because of sever4free/server4u were defaulting
on their part of the contract.
I just can tell
me a private mail and talk to me on
the IRC too if you want
Oliver
Oliver Welter wrote:
Hi Evert,
I just linked /usr/sbin/vserver to /etc/ha.d/resource.d and put into my
haressources file: vserver::mail
Works for me (gentoo, too ;)
Oliver
Hi Evert,
My setup has all (currently 6) vservers on 1 DRBD-partition (which is on 2
physical nodes), so I guess the symlinking would do in my situation?
In this case, using the gentoo startup script would be the favourite
idea - but dont forget to enable the guest for autostart ;)
Using
Hi Evert,
I just linked /usr/sbin/vserver to /etc/ha.d/resource.d and put into my
haressources file: vserver::mail
Works for me (gentoo, too ;)
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat:
Hi Folks,
I encounter several problems regarding routing with a vServer host that
has mutliple networks.
I have a host which occupies three networks, my guest has IPs only in
two of them resulting in the problem, that guest is unable to ping the
third network under certain circumstances.
Hi Hollow, Hi Folks :)
Today, I tried to update a very old gentoo guest, that was build with
the old baselayout with use-flag from portage overlay.
What I did, was to unemerge the old baselayout and emerge the new
baselayout-vserver instead.
On the first glance it seemed to work, but having
Hi Folks,
I played around with vServer and Firewalls with netfilter/iptables
My goal was to achieve a per vServer configuration that can be
maintained easily. A first approach is the set of scripts you can
download here http://www.oliwel.de/vFirewall.tgz
It is a basic init-script that
Hi Folks,
would be nice to have a central webpage with all logos or at least links
to all logos.
I had a look on the most logos send to the ML, but cant remember all of
them and it is a hard issue to look for all the links in the archives..
So, perhaps we can setup a wiki page or so...
Hi Folks,
anyway who can point me to an idea how to use screen inside a guest ?
When calling screen, it complains about the nonexisting /dev/pts/0...
Can I safely create the device or will this be a security issue ??
Guest (and Host) is Gentoo, 2.6.15vs2.1 with recent utils
regards
Oliver
--
eyck wrote:
afair, you have to ssh into the box to use screen.
vserver name enter and issuing a screen command does not work.
it's not that it doesn't work, it's that it easier and safer to tell
people 'just ssh into your guest' instead of explaining how to make it
work.
As I dont have SSH
Hi Guys,
sorry for the hints - but dont make too much noise ,)
seems to be not that easy...
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat: http://www.ldv.ei.tum.de/page72
smime.p7s
Description: S/MIME Cryptographic
Hi Herbert,
Hi Christian,
you have to start 'thinking' in namespaces and avoid leftovers
and unwanted 'copies' or duplicate mounts ...
I do !!
But as mentioned in my OP
1) The mount is done inside the namespace of the guest - it is not
visible outside in the root and is not copied into later
Hi Grzegorz
It might be a problem that the mount inside the namespavce is not
cleanly freed when the startup/shutdown of the guest fails/hangs
somewhere, but this is only a wild guess :(
If you stop your guest in an unclean way (e.g. vwait times out), the
namespace stays there (or at least it
Hi Herbert,
Hi Christian,
you have to start 'thinking' in namespaces and avoid leftovers
and unwanted 'copies' or duplicate mounts ...
I do !!
But as mentioned in my OP
1) The mount is done inside the namespace of the guest - it is not
visible outside in the root and is not copied into later
Hi Folks,
I am running some vservers and use one block device per server (in fact
a drbd device, see http://linux-vserver.org/advanced+DRBD+mount+issues,
Solution 1).
Now I run into problems with UNmounting...
If I want to unmount one corresponding block device and get an error,
that
hi Alberto,
cool work :)
May I add a suggestion..
The checkmarks look so ordered - perhaps it gives a better impression
to variate size and position of the checkmarks instead making this kind
of matrix...
Sorry I am not an artist :)
Oli
--
Diese Nachricht wurde digital unterschrieben
Hi Folks,
I have some problems with vlans and vservers..
I have a box that has one physical Interface that hosts two VLANs, both
are official Addresses and reachable from the Internet.
The main host hast conectivity on both networks .
1) What should I but in interfaces/0/dev ? eth0 or vlan1
Hi Stefan,
IIUC you can access the vServer from the host system, so the SSH is
working ?
Can you ping the vServer from outside ?
Perhaps you have a problem with DNS resolution or so and cause a timeout
on the connection because the guest tries a lookup on the connecting host...
Try shutting
Hi,
Can anyone explain,how to move vservers from one linux to other linux machine?Without installing vserver related kernel and tools is it possible to start my vserver on new linux machine?
You must install vServer Kernel and Tools on both machines
How to copy my vserver within the
Hi Hollow,
I think I found an issue using vserver-new on gentoo...
I tried to create a new Guest from a stage3 tarball - it failed for some
stupid reasons and the script decided to remove the already created
directories - unfortunatley it also removed the /dev filesystem inside
the new
Hi,
I run my vServer with DRBD - this means you can only have one actve
mount at a time, but in case of failover it takes less than a minute to
remount the backup node...
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Hi,
I think that this problem is related to the nonexisting 127.0.0.1
address. If I remeber correctly than nagios try to ping this address and
cant reach it
I think that I simply commented this check out in the scripts
Oliver
Evert Meulie wrote:
(cross-post from:
Hi Hollow, Hi List,
I have several problems with my gentoo guests :(
1) I build a new guest from scratch using vserver-new with a stage3
tarball from your website, afterwards I did an emerge -u world.
Running etc-update tries to replaced /etc/inittab with a version taht
contains tty entries
Hi Chuck,
1) I build a new guest from scratch using vserver-new with a stage3
tarball from your website, afterwards I did an emerge -u world.
Running etc-update tries to replaced /etc/inittab with a version taht
contains tty entries - no good ida I think...
did you first run emerge metadata
Hi,
I have successfully installed VServer on a Gentoo-box here, using
http://www.gentoo.org/doc/en/vserver-howto.xml for guidance.
This went fine, but now I'm wondering how to contact my virtual server
via SSH... I have emerge-d openssh, but when I try to connect to the IP
of the virtual
Hi Listpeople,
I have a question on cleanup in case of an unclean startup.
I do some checks on the vserver environment in the pre-start Script.
When they fail I kill the startup process with an exit call - is there
anything I ave to cleanup (contexts, init prcess, etc) or is this done
by the
Hi Guenther,
Now the prob: There should be set up _one_ host with also internal
_and_ external IP (on eth0) which should externally use a different gw
and also which should not change anything on the base setup. But if I
activate _any_ external IP on eth0 the (previous) default route for
eth1
Hi Guenther,
Interesting approach, but this breaks the thought of a dual-homed
proxy I guess. Thank's anyway for thinking 'bout.
What I would really love is a hack to get the networking done on a
per-context basis but I guess this is a which for x.mas in 20 years
;-)
Not really - If I
Hi Chuck,
1. Can I somehow set things up so a guest can execute a pre-defined command
script on the host? This would allow nagios to do things like re-start a
guest if it is not responding.
There are some ways to do so:
1) The root Server can access the filesystem of the guest, so you can
Hi All,
I am running into a problem with a read-only filesystem regarding dev.
My root server has a read-only mount for the base-installation with a
writable partition for var and temp, for dev I use devfs, so the ro
mount is no problem.
Now I try to do the same inside the vServer Guest,
Hi List,
I have a stupid problem and cant track it down :(
I have a host system running, that owns IP in two networks (realized via
VLANs if it matters)
So I have:
eth0.1 - 10.0.0.10 (NetA)
eth0.2 - 192.168.0.10 (NetB)
The setup on the host ist running, means I can ping hosts in both
Hi Helmut,
well, you can certainly do that, and I guess most apps
will handle that perfectly well, unfortunately there
are certain apps which tend to allocate huge amounts
of virtual memory, just in case they'll need it later
on, and those will be really suprised, once they reach
the RSS limit
Hi Bene,
thanatos ~ # cat /proc/virtual/23760/sched
Token: 9430
FillRate: 20
Interval: 57
TokensMin: 3000
TokensMax: 9430
PrioBias: 0
VaVaVoom: 0
cpu 0: 4632928 32 925413
cat sched
Token: 0
Hi,
I have setup a host with the Token Scheduler
(http://linux-vserver.org/Scheduler+Parameters) - is it possible to
monitor the buckets ??
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat:
Hi,
sorry if this is a stupid question but I cant find an answer
I have a maschine with 3 GB physikal RAM
What must I put into the rlimits/ directory to allow the vServer to
use a maximum of 1.5GB ???
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key:
Hi List,
today my host crashed du to some bad conditions...and I found a very
stupid issue
I run gentoo (host and guest) with 2.6 kernel and recent tools.
The vServers are guarded by a heartbeat installation.
Now my hardware crahed, the external server-watchdog rebootet the
maschine and
Hi Bastian,
I followed this Howto http://gentoo.home.xnull.de/doc/en/vshandbook/
OS : gentoo
util-vserver: 0.30.207
vserver-sources : 2.0_rc6
my error:
---
[EMAIL PROTECTED]:~ # vserver gentoo-template start
Hi Folks,
I have a problem with ntp running on a vServer Kernel - I dont know if
vServer is the Problem but I dont have another idea...
Im running gentoo with kernel 2.6.11.7-grsec2.1.5-vs2.0pre1 and 0.30.205
tools.
I run openntpd, in the debug log I see
reply from 62.94.26.10: offset
consider two guests 'adjusting' the hardware clock
according to their idea of time? would it make sense
to have guests which differer a few seconds? would
it make sense to have 50+ ntpds running, one on each
guest? probably not, that is why wall time is not
virtualized and has to be handled on
Hi All,
it seems that some ntp related libs were messedup - I unmerge all of
them and installed the net-misc/ntp package which seems to work...
Thanks anyway to all..
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat:
Hi Werner,
I now need to do a full backup as this is a new server. Obviously I will do
incremental backups in the near future but not now :-)
When you issue the rsync command form the source machine you can try a
nice so it will not eat all your cpu.
For other solutions dig the archives of
Hi Guys,
simple question - I have an Apache running inside a vServer and now must
add a new IP Adress to it. So i edited thte interface section in the
configs as usual.
Is there a way to commit these changes / activate the new IP Adresse
without restarting the vServer ?
Oliver
--
Diese
Hi List,
I read through the lists but wanst abel to find an answer...
I have one maschine that is running up to five vservers.
Now I want to achive that in times of heavy load the individual Servers
get a minimum percentage of CPU time. So for example I will force that
my very important
Hi List,
anybody here has some idea on how to unify gentoo guest servers ?
Might it be a good idea to write a script that scans the servers, does
md5-checksumms and than links similar files together ?
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key:
Hi List,
as I have resolved all my technical difficulties I have a performance
question:
Scenario: I run virtual Webservers which share a single root but need
their own var, webtree and etc trees.
For Testing I setup this up like this:
/vserver/base - contains the root
/vserver/www1...X -
Hi List,
I have a little problem with vserver Start-up scriots...
I am running Gentoo Host/Guest with 2.6.9 kernel and vserver-tools 0.30.196
1) I have a vServer called wwwmain - I added a script wwwmain.sh in
/etc/vservers/ but it seems that this is never executed..
2) I want to create a
Hi Folks,
serious problem:
I read about the new BufferOverflow in the kernel's ELF Loader - it
seems that an unprivileged attacker can start process in the kernels
context..
Is it possible to gain root inside a vServer ?
Is it possible to break out of a vServer with this Bug ?
Oliver
--
Diese
Hello Herbert,
serious problem:
I read about the new BufferOverflow in the kernel's ELF Loader - it
seems that an unprivileged attacker can start process in the kernels
context..
details?
- which issue?
- what kernels are affected?
- how does the 'exploit' look like?
I reffered to the
yup, but better upgrade to 2.6.11.9-vs2.0-rc1 ;)
As I use this on *very* vital production machines - anyone here who can
tell me if its working ;)
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat:
yup, usually (on non gentoo systems) it's simply done
by default (i.e. disabling all but minimal services)
but the gentoo recursive? service system makes it a
little trickier ...
but I remember folks who have done it ...
There is a special eBuild vor vServer that patches the base-layout - see
yeah I actually used the Gentoo vserver-specific baselayout to build my
vserver image in the first place?! Is there a way I can check whether I got
the right baselayout installed in my vserver?
have you set the use-flag ?
have you configured your port_overlay correctly ?
Hmm, I dont know what
1 - 100 of 143 matches
Mail list logo