On Wed, Mar 17, 2004 at 10:57:27AM +0100, Thomas Guettler wrote: > Hi, Hi Thomas!
> I am new to vserver. I read the very good introduction > at: > http://dns.solucorp.qc.ca/miscprj/s_context.hc?dp=0&full=1&prjstate=1&nodoc=0 > > Versions: > vserver: 2.4.25-vs1.3.8 > util-vserver-0.29.3 > vproc-0.01 > > ~~~~~~~~~~~~~~~~~~~~~~~ > First Problem: > edison:~ # chcontext bash > New security context is 49152 > edison:~ # ps > Error: /proc must be mounted > To mount /proc at boot you need an /etc/fstab line like: > /proc /proc proc defaults > In the meantime, mount /proc /proc -t proc > edison:~ # ls /proc/ > . .. 1 1309 1317 mounts self > > With the help of google I found that vproc is needed. > for file /proc/*; > do echo $file; > vproc -e $file && echo OK || echo FAILED; > done vproc /proc/[a-z]* should do nicely (but is not secure) > vproc does return 0 if failed. Should be easy to fix. vproc was an experimental tool, and should by now be replaced by setattr (from util-vserver), enrico, please confirm ... > Now it works. I think the error "/proc must be mounted" is > frequent and should be in the FAQ. > It would be nice to have a list of proc entries which > should be visible. Or make the entries without security > risc always visible by default. yeah, what proc entries are required on your system? the thing is, we haven't got too much feedback about which entries are required on distro XY, so we still do not know which entries are mandatory, and which are optional, we know for sure that /proc/{*info,stat,uptime,loadavg} doesn't hurt and is a good start ... /proc/{sysrq-trigger,ide,scsi,bus} is evil ;) > ~~~~~~~~~~~~~~~~~~~~~~ > Other-Stuff: > > - Would be nice if you could download the mailarchiv as mbox. good idea, Martin any chance to do that? > - Typo (Utils): > vserver-copy > # Copyright (C) 2003 Mark Lawrence <[EMAIL PROTECTED]>, > # **2203**,2004 Enrico Scholz > > - Typo (Utils): > man vps > that enables ps to show you *the* all the processes > > - How can I list the current status with vproc (hidden/visible)? showattr (counterpart to setattr) should do that > - What should be used: setattr or vproc? whenever feasible, use the mainline tools (in that case util-vserver) if you require functionality not present yet in the tools, you ahve to use experimental stuff like vproc ... > - Utils: Why is S_FLAG sched not the default? hmm, good question ... tradition? > - Utils: I think it would be better if > the config file /etc/vservers/foo.conf created by "vserver foo build" > does not contain "if $PROD". those config files use the legacy format, and will go away over time ... have a glimpse at the future ... http://www.linux-vserver.org/index.php?page=alpha+util-vserver > - Utils: > vserver: if test "$UTIL_VSERVER_AVOID_COPY" > I think this is needed very often. I would split > the build process in a copy and a sett permissons > action. > I prevere to copy the root of a vserver myself, since > it should not be the one of the host. > > - General: It is sad that there are several FAQs and > a wiki. It is easier for newbies if there is one central > documentation. you are going to write one? 8-) > - A link from > http://www.linux-vserver.org/index.php?page=Linux-VServer > Links to the wiki-mailinglist. There the link to the archive is broken. hmm, just verified both links beside the [MailingList] and they seemed to work for me, please elaborate ... > Thank you very much for this software! thank you for using it! > Thomas best, Herbert _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
