Debian vserver [REPORT]

Debian vserver [REPORT]

[Gilles]

[-- Attachment #1: Type: text/plain, Size: 1486 bytes --]

Hello.

I've successfully installed the "runit" and "runit-run"
packages in the vserver environment.

[I've attached the step-by-step procedure I've followed,
aiming at a "fairly" minimal vserver; nothing fancy, just
to help me remember :-)]

Host config:
 (vanilla) kernel: version 2.6.11.7
 vserver patch:
   http://vserver.13thfloor.at/Experimental/patch-2.6.11.7-vs2.0-pre3.diff
 "util-vserver" deb package: version 0.30.207-5

I should nevertheless point out the following minor
problems:

1. The executable bit (+x) is not set for stages "1", "2"
   and "3", resulting in a failure to start. Fixed by
   # chmod a+x /etc/runit/[123]
2. Hardware-related one-time system tasks (in stage "1")
   should be disabled in a vserver, hence commenting out
   the line "/etc/init.d/rcS"
3. The "getty" services shouldn't be enabled (doesn't harm
   but useless, I think), hence:
   # rm /var/service/getty*
4. Hardware-related shutdown tasks (in stage "3") should be
   disabled, hence commenting out "/etc/init.d/rc $LAST"


So finally restarting the vserver:
[Inside the vserver]

# ps ax
  PID TTY      STAT   TIME COMMAND
    1 ?        S      0:00 runit
20083 ?        Ss     0:00 runsvdir -P /var/service log: .......
20085 ?        Ss     0:00 runsv sshd
20086 ?        S      0:00 svlogd /var/log/service/sshd
20096 ?        S      0:00 sshd -D -e
20108 ?        Ss     0:00 sshd: root@pts/11
20112 pts/11   Ss     0:00 -bash
31623 pts/11   R+     0:00 ps ax


Best regards,
Gilles

[-- Attachment #2: vs_runit.txt --]
[-- Type: text/plain, Size: 2262 bytes --]

-----------------------------------------------
Step-by-step install of a "runit"-based vserver
-----------------------------------------------

(1)
[On the host]

Create the vserver

# vserver phony build -m debootstrap \
   --hostname phony.harfang.homelinux.org \
   --netdev dummy0 --interface 192.168.83.100/24 \
   --context 100 --initstyle plain -- -d sarge -- --include=less,ssh

Start and enter the vserver

# vserver phony start
# vserver phony enter

(2)
[Inside "phony"]

Start the ssh daemon and set the root password

# /etc/init.d/ssh start
# passwd

(3)
In "/etc/inittab", comment out the lines invoking "getty":
# nano /etc/inittab

(4)
# exit

(5)
[On the host]

Update "/etc/hosts"
  192.168.83.100  phony.harfang.homelinux.org     phony

Copy "/etc/apt/sources.list" over to the vserver directory
# cp /etc/apt/sources.list /var/lib/vservers/phony/etc/apt

(6)
# ssh root@phony

[Inside "phony"]

(7)
Update the packages list and remove useless packages

# apt-get update
# REMOVE_PACKAGES="
    pciutils fdutils
    makedev base-config klogd sysklogd
    logrotate cron at
    ppp pppconfig pppoe pppoeconf
    console-common console-data console-tools
    telnet netkit-inetd netbase tcpd ifupdown wget ipchains dhcp-client
    exim4 exim4-base exim4-config exim4-daemon-light
    cpio nvi
  "
# apt-get --purge remove $REMOVE_PACKAGES

(8)
Install runit and set up ssh as a supervised service

# apt-get install runit

Setting up ssh:

 1. File "/etc/runit/sshd/run"
  #!/bin/sh

  exec 2>&1
  exec sshd -D -e

 2. File "/etc/runit/sshd/log/run":
  #!/bin/sh

  exec svlogd /var/log/service/sshd

 3. Logging directory:
# mkdir /var/log/service/sshd

 4. Start the service
# ln -s /etc/runit/sshd /var/service

 5. Stop the daemon started through SysV scheme:
# /etc/init.d/ssh stop

Replace "/sbin/init"
# apt-get install runit-run

Notes:
1. Executable bit (+x) not set for stages "1", "2" and "3".
   # chmod a+x /etc/runit/[123]
2. Hardware-related one-time system tasks (in stage "1") should be disabled.
   Comment out the line "/etc/init.d/rcS"
3. "getty" services shouldn't be enabled
   # rm /var/service/getty*
4. Hardware-related shutdown tasks (in stage "3") should be disabled.
   Comment out the line "/etc/init.d/rc $LAST"

Re: Debian vserver [REPORT]

[Gilles]

Hi.

> 
> I should nevertheless point out the following minor
> problems:
> 

I forgot to mention the following warning, printed at
vserver startup:

- runit: warning: unable to open /dev/console: file does not exist

Is it possible to avoid it?


Best,
Gilles

Re: Debian vserver [REPORT]

[Gerrit Pape]

[-- Attachment #1: Type: text/plain, Size: 496 bytes --]

Hi Gilles, thanks for this report.

On Tue, May 10, 2005 at 03:29:06PM +0200, Gilles wrote:
> I forgot to mention the following warning, printed at
> vserver startup:
> 
> - runit: warning: unable to open /dev/console: file does not exist
> 
> Is it possible to avoid it?

I'm not familiar with the vserver environment, and don't know whether
it's possible to have it providing the /dev/console device.  To make
runit not print this warning you would need to change the source.

Regards, Gerrit.

[-- Attachment #2: diff --]
[-- Type: text/plain, Size: 451 bytes --]

Index: src/runit.c
===================================================================
RCS file: /cvs/runit/src/runit.c,v
retrieving revision 1.12
diff -u -r1.12 runit.c
--- src/runit.c	26 Jun 2004 14:28:12 -0000	1.12
+++ src/runit.c	15 May 2005 10:44:45 -0000
@@ -114,8 +114,6 @@
 	  dup2(ttyfd, 0);
 	  if (ttyfd > 2) close(ttyfd);
 	}
-	else
-	  strerr_warn2(WARNING, "unable to open /dev/console: ", &strerr_sys);
       }
       else
 	setsid();