Needs fixing: as of 2003 Jan 26 Paul Sladen (This is kernel side stuff considered, not userspace) ------------------------------------------- PS Tools. ps wants to read the System.map, so it looks for: $PS_SYSTEM_MAP /boot/System.map-`uname -r` /boot/System.map /lib/modules/`uname -r`/System.map /usr/src/linux/System.map fix: could we fake this under `/proc' and then link to it? ------------------------------------------- Nmap. nmap needs help finding the default Interface and IP. Failed to lookup device subnet/netmask: SIOCGIFADDR: eth0: Cannot assign requested address Failed to lookup device subnet/netmask: eth0: no IPv4 address assigned I cannot figure out what source address to use for device eth0:foobar, does it even exist? nmap works fine *if* you do: % nmap -e eth0:foobar -S 1.2.3.4 target.to.scan.com ------------------------------------------- Ping. Ping generates raw IP packets but leaves the kernel to put the headers on. This can probably be fixed by doing selection in `ip_route' rather than the UDP / TCP functions. ------------------------------------------- Init. init tries to bind to the console, it knows about: /dev/console /dev/tty* fix: We need to write a fake `console' driver that can pipe to a file. ------------------------------------------- Quotaing. Quota calls `ioctl()s' on the `/dev/partition' to get sizes. It also calls `sys_quotactl()'. fix: Provide a fake `root device' and proxy `sys_quotactl()' through to userspace. Herbert Po"etzl has done the fake `/dev/root'. [ http://www.13thfloor.at/VServer/ ] Q: how does `df' figure out the size of the disk/ CTX-quota? ------------------------------------------- lsof. lsof (List open files) tries to stat all the mounted partitions. It gets these from `/proc/mounts' instead of `/etc/mtab' which we already fake. lsof: WARNING: can't stat() ext2 file system /vservers Output information may be incomplete. lsof: WARNING: can't stat() proc file system /vservers/hutch/proc Output information may be incomplete. lsof: WARNING: can't stat() devpts file system /vservers/hutch/dev/pts Output information may be incomplete. lsof: WARNING: can't stat() proc file system /vservers/muse/proc Output information may be incomplete. lsof: WARNING: can't stat() devpts file system /vservers/muse/dev/pts Output information may be incomplete. (Note: This doesn't stop it working). fix: fake `/proc/mounts' so that stuff below the current chroot() is not shown. ------------------------------------------- reboot kernel sys_reboot() replacement for rebootmgr/vreboot If we start a vserver with fakeinit, it would normally expect to shut itself down by called the kernel again. fix: hook the kernel call and pass it back to userspace to kill the context Mark Lawrence and Paul Sladen have patches: [ http://www.paul.sladen.org/vserver/sys_reboot/ ] ------------------------------------------- Others: -*- -*- -*- -*- -*- -*- -*- -*- -*- -*- -*- bind(0.0.0.0) Jacques has two solutions, I prefer the second, should be here RSN(tm) fix: anything is just not nice. ------------------------------------------- private loopback device: (networking) Currently the "lo" device looks like a piece of shared ethernet. eg. all vserver can dump other vserver private loopback communications. fix: allow the kernel to route stuff to `dev_loopback' but then pipe it to `current->dev_loopback' instead of global loopback. ------------------------------------------- UDP mangling: Only TCP mangling was being done to force the source address, this showed up when querying bind through localhost. fix: Mark Lawrence patched the `net/ipv4/udp.c' a la TCP alternative: do it at the lower IP level instead of seperately, see ping above ------------------------------------------- SSH X Forwarding: SSHd tries to create the X socket on the `127.0.0.1' which gets broken by our current mangling. This should go away once we fix this. The the mean time with pretty recent OpenSSHd's you can: echo "X11UseLocalhost no" >> /etc/ssh/sshd_config ------------------------------------------- private filesystem loopback devices: If we want to be able to mount floppy-disk images or ISOs within a vserver I think we need to provide seperate loopback(s) per vserver? (?) ------------------------------------------- NFS (network filesystem) This don't work. Userspace NFS client /might/ work. (or will it?) ------------------------------------------- Midnight Commander/ terminals MC causes a segv under vservers; The easist workaround for this is: $ export TERM=xterm $ mc Thread at: http://www.paul.sladen.org/vserver/archives/200301/0060.html Try: apt-get install ncurses-term or `reportbug libncurses5' :-) w3m crashes out with: > stat64("/dev/vc/0", 0xbffff9d0) = -1 ENOENT (No such file or directory) > stat64("/dev/tty0", 0xbffff9d0) = -1 ENOENT (No such file or directory) MC crashes out with: (eg, same thing...) > getdents64(0x4, 0x80f4158, 0x1000, 0x4) = 0 > close(4) = 0 > rt_sigaction(SIGWINCH, {0x8075028, [], SA_RESTART|0x4000000}, {SIG_DFL}, 8) = 0 > stat64("/dev/vc/0", 0xbffffa10) = -1 ENOENT (No such file or directory) > stat64("/dev/tty0", 0xbffffa10) = -1 ENOENT (No such file or directory) > --- SIGSEGV (Segmentation fault) --- MC good run (TERM=xterm): > getdents64(0x4, 0x80f4580, 0x1000, 0xa) = 0 > close(4) = 0 > rt_sigaction(SIGWINCH, {0x8075028, [], SA_RESTART|0x4000000}, {SIG_DFL}, 8) = 0 > write(1, "\33[?1001s\33[?1000h", 16) = 16 > time(NULL) = 1043624513 > time(NULL) = 1043624513 ------------------------------------------- Binfmt_Misc Seperate per-context (write-only /proc) to only Java and CLR/mono to run nicely -------------------------------------------