From: Jacques Gelinas (jack_at_solucorp.qc.ca)
Date: Wed 26 Nov 2003 - 15:05:23 GMT
On Mon, 24 Nov 2003 14:34:03 -0500, Bert De Vuyst wrote
> After looking at the code of tool vrpm (part of vserver and util-vserver), I
> have some questions.
> 1. The location of /vservers is hardcoded in this tool.
> I think it's at better idea use the option VSERVERS_ROOT=/vservers in this
> script and to use $VSERVERS_ROOT inside the script.
> In case of the vserver package by Jacques, the next lines
> if [ -f /etc/vservers.conf ] ; then
> source /etc/vservers.conf
> would be a usefull idea to set the $VSERVERS_ROOT.
I will fix that
> 2. In case the vserver is not running, the script starts a new security
> context. Correct me if I'm wrong, but I think it's not a good idea.
> Why? Some people have a backup of there vservers on a spare machine in case
> there serverhardware fails. If they run vrpm on the spare machine, vrpm will
> startup the vservers to update the packages. This can cause a problem as the
> IP-address of the vserver is in use by the vserver running on the master
> server, and you end up running 2 vservers using the same IP-address.
> I think it would be beter to use chroot to run rpm in case the vserver is
Starting a new security context does not assign IPs. So it has no impact on
other copies of the vserver running elsewhere.
The idea of using a security context is to make sure that scripts executed
during the RPM update can't access or break the root server.
Jacques Gelinas <jack_at_solucorp.qc.ca>
vserver: run general purpose virtual servers on one box, full speed!
Vserver mailing list