From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Wed 17 Mar 2004 - 10:29:02 GMT
On Wed, Mar 17, 2004 at 10:57:27AM +0100, Thomas Guettler wrote:
> Hi,
Hi Thomas!
> I am new to vserver. I read the very good introduction
> at:
> http://dns.solucorp.qc.ca/miscprj/s_context.hc?dp=0&full=1&prjstate=1&nodoc=0
>
> Versions:
> vserver: 2.4.25-vs1.3.8
> util-vserver-0.29.3
> vproc-0.01
>
> ~~~~~~~~~~~~~~~~~~~~~~~
> First Problem:
> edison:~ # chcontext bash
> New security context is 49152
> edison:~ # ps
> Error: /proc must be mounted
> To mount /proc at boot you need an /etc/fstab line like:
> /proc /proc proc defaults
> In the meantime, mount /proc /proc -t proc
> edison:~ # ls /proc/
> . .. 1 1309 1317 mounts self
>
> With the help of google I found that vproc is needed.
> for file /proc/*;
> do echo $file;
> vproc -e $file && echo OK || echo FAILED;
> done
vproc /proc/[a-z]* should do nicely (but is not secure)
> vproc does return 0 if failed. Should be easy to fix.
vproc was an experimental tool, and should by now be
replaced by setattr (from util-vserver), enrico, please
confirm ...
> Now it works. I think the error "/proc must be mounted" is
> frequent and should be in the FAQ.
> It would be nice to have a list of proc entries which
> should be visible. Or make the entries without security
> risc always visible by default.
yeah, what proc entries are required on your system?
the thing is, we haven't got too much feedback about
which entries are required on distro XY, so we still
do not know which entries are mandatory, and which are
optional, we know for sure that
/proc/{*info,stat,uptime,loadavg} doesn't hurt and
is a good start ...
/proc/{sysrq-trigger,ide,scsi,bus} is evil ;)
> ~~~~~~~~~~~~~~~~~~~~~~
> Other-Stuff:
>
> - Would be nice if you could download the mailarchiv as mbox.
good idea, Martin any chance to do that?
> - Typo (Utils):
> vserver-copy
> # Copyright (C) 2003 Mark Lawrence <nomad_at_null.net>,
> # **2203**,2004 Enrico Scholz
>
> - Typo (Utils):
> man vps
> that enables ps to show you *the* all the processes
>
> - How can I list the current status with vproc (hidden/visible)?
showattr (counterpart to setattr) should do that
> - What should be used: setattr or vproc?
whenever feasible, use the mainline tools (in that
case util-vserver) if you require functionality not
present yet in the tools, you ahve to use experimental
stuff like vproc ...
> - Utils: Why is S_FLAG sched not the default?
hmm, good question ... tradition?
> - Utils: I think it would be better if
> the config file /etc/vservers/foo.conf created by "vserver foo build"
> does not contain "if $PROD".
those config files use the legacy format, and will
go away over time ... have a glimpse at the future ...
http://www.linux-vserver.org/index.php?page=alpha+util-vserver
> - Utils:
> vserver: if test "$UTIL_VSERVER_AVOID_COPY"
> I think this is needed very often. I would split
> the build process in a copy and a sett permissons
> action.
> I prevere to copy the root of a vserver myself, since
> it should not be the one of the host.
>
> - General: It is sad that there are several FAQs and
> a wiki. It is easier for newbies if there is one central
> documentation.
you are going to write one? 8-)
> - A link from
> http://www.linux-vserver.org/index.php?page=Linux-VServer
> Links to the wiki-mailinglist. There the link to the archive is broken.
hmm, just verified both links beside the [MailingList]
and they seemed to work for me, please elaborate ...
> Thank you very much for this software!
thank you for using it!
> Thomas
best,
Herbert
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver