From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Fri 28 Jan 2005 - 19:08:43 GMT
On Fri, Jan 28, 2005 at 05:57:08PM +0100, Werner Schalk wrote:
> Hi guys,
*oh boy* ...
> I am trying to get my vserver running on Gentoo and when I try
> to start it I get the following error message:
most of them are because your 'gentoo-template'
is broken in several aspects ...
> # vserver --verbose gentoo-template start
> ipv4root is now 10.0.5.1
> ipv4root is now 10.0.5.1
> New security context is 49153
you should not use dynamic contexts, switch to
static ones ...
> * Checking all filesystems...
> /dev/hda1: clean, 36/24576 files, 11275/98248 blocks
hum, how is it possible that the guest does filesystem
checking? looks like you forget to cleanup the /dev
directory, it should only contain:
$ ls /dev/
full log= null ptmx pts/ random tty urandom zero
> [ ok ]
> * Mounting local filesystems...
> mount: permission denied
mounting inside the guest is forbidden for security
resons (this might change in the future, but no need
to 'mount' anything IMHO)
> * Some local filesystem failed to mount
> [ !! ]
>
> grep: /proc/filesystems: No such file or directory
> grep: /proc/filesystems: No such file or directory
> * Activating (possibly) more swap...
activating swap from inside a guest is a bad idea
> [ ok ]
> grep: /proc/cpuinfo: No such file or directory
> * Setting system clock to hardware clock [UTC]...
> * Failed to set system clock to hardware clock
of course, messing with the hardware clock is not
allowed inside a guest, what use would it have?
> [ !! ]
>
> * ERROR: Problem starting needed services.
> * "syslog-ng" was not started.
> * Bringing eth0 up (10.0.5.1)...
> SIOCSIFADDR: Permission denied
> SIOCSIFFLAGS: Permission denied
> SIOCSIFBRDADDR: Permission denied
> SIOCSIFFLAGS: Permission denied
> SIOCSIFNETMASK: Permission denied
bringing up/down interfaces is done on the host,
this is no job for a guest. all required ips have
been assigned and the chbind has been configured
> [ !! ]
>
> * ERROR: Problem starting needed services.
> * "sshd" was not started.
> * ERROR: Problem starting needed services.
> * "vixie-cron" was not started.
> Error: /proc must be mounted
> To mount /proc at boot you need an /etc/fstab line like:
> /proc /proc proc defaults
> In the meantime, mount /proc /proc -t proc
this means that you are on 2.6.x and did 'forget'
to run the vprocunhide script which configures the
procfs in a secure way ...
(see http://linux-vserver.org/Proc-Security
for details)
> How can I make /proc available in the vserver environment? Can somebody
> provide with a sample configuration file for Gentoo and where to put that
> file?
probably gentoo folks will provide that ...
> Thanks.
HTH,
Herbert
> Bye,
> Werner.
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver