Re: [Vserver] Suddenly, no routing.
On Thu, Oct 13, 2005 at 09:31:08PM -0700, Robin Lee Powell wrote: For no reason I'm aware of, I suddenly can't reach outside IPs from my VServer. The VServer has a non-routeable IP, but it's copied its interface config from the host, so its gateway is a regular net-routeable IP, which the VServer can't ping. aha, why? does ping -I guest ip www.google.com fail? if so, try the 'typical' snat command: iptables -t nat -I POSTROUTING -s guest ip -j SNAT --to host ip It was working a while ago; I have no idea what's going on. something changed :) I'd love tips on debugging this. have a look at, and/or provide a description of your network setup including ip- and routing tables It seems like the VServer's gateway *should* be the host, no, networking _is_ on the host, so the guest's gateway _will_ be the gateway according to the routing on the host ... but I can't figure out how to change it. simple, with the 'route' and/or 'ip route' commands The host and VServer can reach each other just fine. as they are one, not too unexpected ... (see documentation/archived knowledge/networking) best, Herbert Thanks. -Robin -- http://www.digitalkingdom.org/~rlpowell/ *** http://www.lojban.org/ Reason #237 To Learn Lojban: Homonyms: Their Grate! Proud Supporter of the Singularity Institute - http://singinst.org/ ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Suddenly, no routing.
On Fri, Oct 14, 2005 at 09:11:56AM +0200, Herbert Poetzl wrote: On Thu, Oct 13, 2005 at 09:31:08PM -0700, Robin Lee Powell wrote: For no reason I'm aware of, I suddenly can't reach outside IPs from my VServer. The VServer has a non-routeable IP, but it's copied its interface config from the host, so its gateway is a regular net-routeable IP, which the VServer can't ping. aha, why? does ping -I guest ip www.google.com fail? if so, try the 'typical' snat command: iptables -t nat -I POSTROUTING -s guest ip -j SNAT --to host ip Beautiful! Thank you. -Robin -- http://www.digitalkingdom.org/~rlpowell/ *** http://www.lojban.org/ Reason #237 To Learn Lojban: Homonyms: Their Grate! Proud Supporter of the Singularity Institute - http://singinst.org/ ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] unmount nfs with vserver
On Fri, Oct 14, 2005 at 10:42:49AM -0600, [EMAIL PROTECTED] wrote: A while back I posted to the list about mounting nfs filesystem into a vserver. The only suggestion that I could get to work was adding the mount to fstab on host system. IE: cat /usr/local/etc/vservers/unixdev1/fstab none/proc procdefaults0 0 none/tmptmpfs size=64m,mode=1777 0 0 none/dev/ptsdevpts gid=5,mode=620 0 0 # added Sept 14, 2005 - common unix NFS filesystem -sig calnfs01.corporate.net:/nfs_unix_data /unix_data nfs hard,intr,nolock 0 0 The one issue I came across was that I could not find a way to umount the NFS filesystem ssh unixdev1 sudo umount /unix_data umount: /unix_data: must be superuser to umount umount: /unix_data: must be superuser to umount hmm, looks like you are missing one of the context capabilities for secure mount ... #define VXC_SECURE_MOUNT0x0001 #define VXC_SECURE_REMOUNT 0x0002 #define VXC_BINARY_MOUNT0x0004 I thought I would be fine with it that way but it turns out it is a bigger issue than I thought. Any suggestions on how to umount the NFS filesystem? unmounting on the host should work quite fine ... best, Herbert I have access to host and vserver. thanks sig sudo ./vserver-testme.sh Linux-VServer Test [V0.13] Copyright (C) 2003-2005 H.Poetzl chcontext is working. chbind is working. Linux 2.6.12.4-vs2.0 i686/0.30.208/0.30.208 [Ea] (0) VCI: 0002:0001 273 0316 --- [000]# succeeded. [001]# succeeded. [011]# succeeded. [031]# succeeded. [101]# succeeded. [102]# succeeded. [201]# succeeded. [202]# succeeded. sudo vserver-info Versions: Kernel: 2.6.12.4-vs2.0 VS-API: 0x00020001 util-vserver: 0.30.208; Aug 24 2005, 21:26:20 Features: CC: gcc, gcc (GCC) 3.4.3 (CRUX) CXX: g++, g++ (GCC) 3.4.3 (CRUX) CPPFLAGS: '' CFLAGS: '-g -O2 -std=c99 -Wall -pedantic -W -funit-at-a-time' CXXFLAGS: '-g -O2 -ansi -Wall -pedantic -W -fmessage-length=0 - funit-at-a-time' build/host: i686-pc-linux-gnu/i686-pc-linux-gnu Use dietlibc: yes Build C++ programs: yes Build C99 programs: yes Available APIs: compat,v11,v13,fscompat,net,oldproc,olduts ext2fs Source: e2fsprogs syscall(2) invocation: alternative vserver(2) syscall#: 273/glibc Paths: prefix: /usr/local sysconf-Directory: ${prefix}/etc cfg-Directory: ${prefix}/etc/vservers initrd-Directory: $(sysconfdir)/init.d pkgstate-Directory: ${prefix}/var/run/vservers Kernelheaders: /lib/modules/2.6.12.4-vs2.0/build/include vserver-Rootdir: /vservers Assumed 'SYSINFO' as no other option given; try '--help' for more information. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Problem pam update on centos4 et redhat es4
Hello, login via ssh on a vserver does not work anymore after the last new nupdate of pam from Centos4/Redhat ES4: pam-0.77-66.11 After the user is logged on, the session dies with the following message: Oct 14 00:00:01 sedna pam_loginuid[8627]: set_loginuid failed opening loginuid Oct 14 00:00:01 sedna pam_loginuid[8627]: set_loginuid failed Oct 14 00:00:01 sedna crond[8627]: Cannot make/remove an entry for the specified session I found something on the redhat bug lists: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159974 It seems the new pam is using a /proc/pid/loginuid and for security reasons, the vserver is not able to access it. Maybe RedHat will have a solution in the near future? I hope so, but for the moment, anybody knows how to resolve the problem with some config (CAP ?) regards, Jess ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Problem pam update on centos4 et redhat es4
Hi, This appears to be the same problem I was having a couple of days ago: http://list.linux-vserver.org/archive/vserver/msg11023.html Comment out the pam_loginuid.so in /etc/pam.d/* and I believe your problem will go away. jorgy --- [EMAIL PROTECTED] wrote: Hello, login via ssh on a vserver does not work anymore after the last new nupdate of pam from Centos4/Redhat ES4: pam-0.77-66.11 After the user is logged on, the session dies with the following message: Oct 14 00:00:01 sedna pam_loginuid[8627]: set_loginuid failed opening loginuid Oct 14 00:00:01 sedna pam_loginuid[8627]: set_loginuid failed Oct 14 00:00:01 sedna crond[8627]: Cannot make/remove an entry for the specified session I found something on the redhat bug lists: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159974 It seems the new pam is using a /proc/pid/loginuid and for security reasons, the vserver is not able to access it. Maybe RedHat will have a solution in the near future? I hope so, but for the moment, anybody knows how to resolve the problem with some config (CAP ?) regards, Jess ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Problem pam update on centos4 et redhat es4
Thanks a lot, it now works. have a good week-end, Jess Hi, This appears to be the same problem I was having a couple of days ago: http://list.linux-vserver.org/archive/vserver/msg11023.html Comment out the pam_loginuid.so in /etc/pam.d/* and I believe your problem will go away. jorgy --- [EMAIL PROTECTED] wrote: Hello, login via ssh on a vserver does not work anymore after the last new nupdate of pam from Centos4/Redhat ES4: pam-0.77-66.11 After the user is logged on, the session dies with the following message: Oct 14 00:00:01 sedna pam_loginuid[8627]: set_loginuid failed opening loginuid Oct 14 00:00:01 sedna pam_loginuid[8627]: set_loginuid failed Oct 14 00:00:01 sedna crond[8627]: Cannot make/remove an entry for the specified session I found something on the redhat bug lists: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159974 It seems the new pam is using a /proc/pid/loginuid and for security reasons, the vserver is not able to access it. Maybe RedHat will have a solution in the near future? I hope so, but for the moment, anybody knows how to resolve the problem with some config (CAP ?) regards, Jess ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
RE: [Vserver] unmount nfs with vserver
unmounting on the host should work quite fine ... what would be the command(s) to unmount the vserver NFS mount through the host? The nfs mount is not visible on the host. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Done with building guest server on FC4 and now what?
Hi, all. Thank all for the helps that got me to successfully build these two guest servers (FC4 and Debian Sarge). My questions are: 1. I already got FC4 built with yum method, but then within the guest server I could not find yum command anywhere despite having the /etc/yum.repos.d/* in place. The guest server does not have anything beside syslog running. I would like to set it up with openssh, apache as the start. Btw, there is no rpm / yum commands in the guest server, so installing from these two are not possible. The guest server doesn't have gcc or any compilers for that matter. I already got networking to work in the guest server. 2. So what should I do now? Go and download gcc, rpm,yum and install them from source. Once I got these working, I could start installing openssh and apache from rpm or yum, or I just install these two from souces too. What are your recommendations for these matters? Could I share anything else from the hosts? 3. Could somebody outline the steps neccessary to set up the guest server to be useful in some services after one built it? Thank you all for your helps. Steven. ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Done with building guest server on FC4 and now what?
[EMAIL PROTECTED] (Steven Truong) writes: 1. I already got FC4 built with yum method, but then within the guest server I could not find yum command anywhere despite having the /etc/yum.repos.d/* in place. The guest server does not have anything beside syslog running. ... 3. Could somebody outline the steps neccessary to set up the guest server to be useful in some services after one built it? It depends on the wanted functionality; for a webserver, at good start would be | vyum vservername -- install httpd mod_ssl Enrico ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver