From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/787 Path: news.gmane.org!not-for-mail From: Gilles Newsgroups: gmane.comp.sysutils.supervision.general Subject: Debian vserver [REPORT] Date: Mon, 9 May 2005 15:27:09 +0200 Message-ID: <20050509132709.GC31001@harfang.homelinux.org> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="O5XBE6gyVG5Rl6Rj" X-Trace: sea.gmane.org 1115645003 5953 80.91.229.2 (9 May 2005 13:23:23 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Mon, 9 May 2005 13:23:23 +0000 (UTC) Original-X-From: supervision-return-1023-gcsg-supervision=m.gmane.org@list.skarnet.org Mon May 09 15:23:09 2005 Return-path: Original-Received: from antah.skarnet.org ([212.85.147.14]) by ciao.gmane.org with smtp (Exim 4.43) id 1DV8BB-0003Xx-U7 for gcsg-supervision@gmane.org; Mon, 09 May 2005 15:20:14 +0200 Original-Received: (qmail 17796 invoked by uid 76); 9 May 2005 13:27:53 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Archive: Original-Received: (qmail 17790 invoked from network); 9 May 2005 13:27:53 -0000 Original-To: supervision@list.skarnet.org Mail-Followup-To: supervision@list.skarnet.org Content-Disposition: inline X-Operating-System: Tiny Tux X-PGP-Key-Fingerprint: 53B9 972E C2E6 B93C BEAD 7092 09E6 AF46 51D0 5641 User-Agent: Mutt/1.5.9i X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: gilles@harfang.homelinux.org X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on dawn.harfang.homelinux.org X-Spam-Level: X-Spam-Status: No, score=-5.9 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.0.2 X-SA-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100) X-SA-Exim-Scanned: Yes (on localhost) Xref: news.gmane.org gmane.comp.sysutils.supervision.general:787 X-Report-Spam: http://spam.gmane.org/gmane.comp.sysutils.supervision.general:787 --O5XBE6gyVG5Rl6Rj Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello. I've successfully installed the "runit" and "runit-run" packages in the vserver environment. [I've attached the step-by-step procedure I've followed, aiming at a "fairly" minimal vserver; nothing fancy, just to help me remember :-)] Host config: (vanilla) kernel: version 2.6.11.7 vserver patch: http://vserver.13thfloor.at/Experimental/patch-2.6.11.7-vs2.0-pre3.diff "util-vserver" deb package: version 0.30.207-5 I should nevertheless point out the following minor problems: 1. The executable bit (+x) is not set for stages "1", "2" and "3", resulting in a failure to start. Fixed by # chmod a+x /etc/runit/[123] 2. Hardware-related one-time system tasks (in stage "1") should be disabled in a vserver, hence commenting out the line "/etc/init.d/rcS" 3. The "getty" services shouldn't be enabled (doesn't harm but useless, I think), hence: # rm /var/service/getty* 4. Hardware-related shutdown tasks (in stage "3") should be disabled, hence commenting out "/etc/init.d/rc $LAST" So finally restarting the vserver: [Inside the vserver] # ps ax PID TTY STAT TIME COMMAND 1 ? S 0:00 runit 20083 ? Ss 0:00 runsvdir -P /var/service log: ....... 20085 ? Ss 0:00 runsv sshd 20086 ? S 0:00 svlogd /var/log/service/sshd 20096 ? S 0:00 sshd -D -e 20108 ? Ss 0:00 sshd: root@pts/11 20112 pts/11 Ss 0:00 -bash 31623 pts/11 R+ 0:00 ps ax Best regards, Gilles --O5XBE6gyVG5Rl6Rj Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="vs_runit.txt" ----------------------------------------------- Step-by-step install of a "runit"-based vserver ----------------------------------------------- (1) [On the host] Create the vserver # vserver phony build -m debootstrap \ --hostname phony.harfang.homelinux.org \ --netdev dummy0 --interface 192.168.83.100/24 \ --context 100 --initstyle plain -- -d sarge -- --include=less,ssh Start and enter the vserver # vserver phony start # vserver phony enter (2) [Inside "phony"] Start the ssh daemon and set the root password # /etc/init.d/ssh start # passwd (3) In "/etc/inittab", comment out the lines invoking "getty": # nano /etc/inittab (4) # exit (5) [On the host] Update "/etc/hosts" 192.168.83.100 phony.harfang.homelinux.org phony Copy "/etc/apt/sources.list" over to the vserver directory # cp /etc/apt/sources.list /var/lib/vservers/phony/etc/apt (6) # ssh root@phony [Inside "phony"] (7) Update the packages list and remove useless packages # apt-get update # REMOVE_PACKAGES=" pciutils fdutils makedev base-config klogd sysklogd logrotate cron at ppp pppconfig pppoe pppoeconf console-common console-data console-tools telnet netkit-inetd netbase tcpd ifupdown wget ipchains dhcp-client exim4 exim4-base exim4-config exim4-daemon-light cpio nvi " # apt-get --purge remove $REMOVE_PACKAGES (8) Install runit and set up ssh as a supervised service # apt-get install runit Setting up ssh: 1. File "/etc/runit/sshd/run" #!/bin/sh exec 2>&1 exec sshd -D -e 2. File "/etc/runit/sshd/log/run": #!/bin/sh exec svlogd /var/log/service/sshd 3. Logging directory: # mkdir /var/log/service/sshd 4. Start the service # ln -s /etc/runit/sshd /var/service 5. Stop the daemon started through SysV scheme: # /etc/init.d/ssh stop Replace "/sbin/init" # apt-get install runit-run Notes: 1. Executable bit (+x) not set for stages "1", "2" and "3". # chmod a+x /etc/runit/[123] 2. Hardware-related one-time system tasks (in stage "1") should be disabled. Comment out the line "/etc/init.d/rcS" 3. "getty" services shouldn't be enabled # rm /var/service/getty* 4. Hardware-related shutdown tasks (in stage "3") should be disabled. Comment out the line "/etc/init.d/rc $LAST" --O5XBE6gyVG5Rl6Rj--