About this list Date view Thread view Subject view Author view Attachment view

From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Sun 18 Jan 2004 - 17:53:39 GMT

On Sun, Jan 18, 2004 at 12:00:00AM +0000, Andreas Vogt wrote:
> Hello alltogether,
> I used to run four virtual servers on a SuSE 8.1 system,
> all vservers same dist.
> The kernel was a vanilla 2.4.20 patched with freeswan and
> patch-2.4.20ctx-17
> userspace utilities were vserver-0.22-1
> I used the fakeinit flag and I hadn't to change any scripts like
> Roland Moriz (his mail from 25.Jun 2003 on vserver development list).
> It just worked (after disabling some services like "network" in runlevel
> 3).
> My configs didn't define S_CONTEXT, it was just commented out, so vserver
> found it itself.
> Now I udated my kernel for security reasons to 2.4.24.
> Vserver patch is
> 2.4.24-vs1.24.diff ( I also tried vs1.22),
> and vserver-0.29-2mdk
> First I got message
> 'Can't set the new security context
> : invalid argument'
> so I chenged configs and set a fix S_CONTEXT number for all my vservers.
> Then
> vserver v1 start
> complained about
> 'Usage: init 01234.....'
> I wonder, as the old vserver script seemed to do quite the same on
> fakeinit (running /sbin/init).
> Well, I changed that on line 500 to
> STARTCMD="/sbin/init 3",
> but now I get
> init: No such process
> I also can't get it running by
> vserver v1 exec telinit 3
> or
> vserver v1 exec /etc/rc.d/rc 3
> After starting my vserver, IP-Alias is set up, but nothing else.
> Then I do
> vserver v1 rcsshd start
> or similar for all services. But that's not very nice and I fear a reboot
> process :-(
> I googled around and found some info, that fakeinit doesn't seem to work
> with fixed security contex. But vserver-0.29 always complains about
> invalid argument, if I comment out "S_CONTEXT".
> I also tried to use util-vserver (0.27-1mdk), but I have to build my own
> rpm.
> After doing so, rpm doesn't install ist, comlaining about dependencies:
> /usr/bin/shellmod is needed by util-vserver-0.27.1mdk
> (I can't see a required section in sepc file nor any obviously definition
> - and suse doesn't provide linuxconf and shellmod).
> Well, I can install it using --nodeps, a really bad idea!
> But even then,
> vserver v1 start
> complains about unknown parameter in ULIMIT ("-H -u 1000").
> So neither util-vserver nor vserver seem to be properly tested!?

wrong, but you managed to walk an unfortunate path,
let me explain that to you:

a) the vserver patches (from early ctx-X up to vs1.24)
   do not support fakeinit and static contexts
   (this is a bug fixed in vs1.3.1)

   you can verify that for any vserver tool/kernel
   patch with the folowing script:

b) the vserver 0.29 tools seem broken in more than
   one way, I tried to fix them, but didn't succeed
   and Jack seems not to care, or have time to do it.

> How can I achieve a proper init run of my SuSE-vservers using fakeinit?

either switch back to dynamic context allocation
(which means: don't use tagctx, per context quota
or per context disk limits), or use a development
release (1.3.6 will be released soon)

> Can anybody help me? What changed so much, that fakeinit now doesn't work?
> (the vservers didn't change!!!!)

as I explained, nothing changed, that is the problem ;)


> Bye and thanks in advance
> Anders
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
Vserver mailing list

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sun 18 Jan 2004 - 17:54:59 GMT by hypermail 2.1.3