-
bcapabilities
[experimental; name is subject of possible change] Contains the system capabilities. See
lib/bcaps-v13.c
for possible values.
-
capabilities
Contains per line a capability. This file is used for the 2.4 kernel
only; for 2.6 use
bcapabilities.
-
ccapabilities
[experimental; name is subject of possible change] Contains the
context capabilities. See
lib/ccaps-v13.c
for possible values.
-
context
Contains the context which shall be used for the vserver.
-
flags
- fakeinit
-
The new process will believe it is process number 1. Useful to run a
real /sbin/init in a vserver. Warning: this flag should not be used
unless you know what you are doing. Often, it is better to use the
'plain' initstyle.
- lock
-
The new process is trapped and can't use chcontext anymore.
- nproc
-
Limit the number of process in the vserver according to
ulimit setting. Normally, ulimit is a per user thing.
With this flag, it becomes a per vserver thing.
- private
-
No one can join this security context once created.
- sched
-
The new process and its children will share a common
- ulimit
-
Apply the current ulimit to the whole context
-
fstab
The fstab file for the vserver. Entries in this file will be mounted
within the network context of the host. Use the
fstab.remote file when you want that the
mounting happens in the network context of the vserver. In most cases
the 'fstab' file should be used.
-
fstab.remote
The fstab file for the vserver. Entries in this file will be mounted
within the network context of the host; this means that mount will be
called as
chbind <options> mount ...
. See
fstab also.
-
name
Contains the name of the vserver. When not given, the basename of the directory
will be assumed as this name.
-
namespace
Overrides the global
nonamespace flag and enables
namespace usage for the current vserver.
-
nice
The nice-level on which the vserver will be started.
-
nonamespace
Disables namespace usage for the current vserver.
In this mode the /vservers directory must have
the 'barrier' attribute. Else, common chroot(2) exploits are possible.
-
personality
Used to set the personality of the vserver. First line in the file
is the personality-type followed by flags (one item per line). See
/usr/include/linux/personality.h for possible
values.
-
run
Points to a file which will contain the XID of the running vserver. When
the vserver is stopped, this can be a dangling symlink.
-
schedule
[experimental; name is subject of possible change] Contains the
scheduler parameters, one per line.
The Hard CPU limit uses a mechanism called a Token Bucket. the
concept is simple: you have a bucket of a certain size which is
filled with a specified amount R of tokens each interval T until the
maximum is reached (excess tokens are spilled). At each timer tick,
a running process consumes one token from the bucket, unless the
bucket is empty. If the bucket is empty the process is put in the
hold queue. When the bucket has been refilled to at least M tokens,
all on hold processes are rescheduled.
-
shell
Contains the pathname of the shell which will be used by the "vserver
... enter" command.
-
vdir
Path of the vserver root directory
-
/etc/vservers/vserver-name/apps
-
/etc/vservers/vserver-name/interfaces
-
bcast
The default broadcast address.
-
dev
The default network device.
-
mask
The default network mask.
-
prefix
The default network prefix-length.
-
scope
The default scope of the network interfaces.
-
/etc/vservers/vserver-name/interfaces/iface
'iface' is an arbitrary name for the interface; the value itself is
not important but may be interesting regarding interface-creation and
usage with chbind
. Both happens in alphabetical order and
numbers like '00' are good names for these directories.
-
bcast
The broadcast address.
-
dev
The network device.
-
disabled
When this file exists, this interface will be ignored.
-
ip
The ip which will be assigned to this interface.
-
mask
The network mask.
-
name
When this file exists, the interface will be named with the text in
this file. Without such an entry, the IP will not be shown by
ifconfig
but by ip addr ls
only. Such
a labeled interface is known as an "alias" also (e.g. 'eth0:foo').
-
nodev
When this file exists, the interface will be assumed to exist
already. This can be used to assign primary interfaces which are
created by the host or another vserver.
-
prefix
The network prefix-length.
-
scope
The scope of the network interface.
-
/etc/vservers/vserver-name/rlimits
A directory with resource limits. Possible resources are cpu, fsize,
data, stack, core, rss, nproc, nofile, memlock, as and locks. This
configuration will be honored for kernel 2.6 only.
-
resource
A file which contains the hard- and soft-limit of the given resource
in the first line. The special keyword 'inf' is recognized.
-
resource.hard
A file which contains the hard- of the given resource in the first
line. The special keyword 'inf' is recognized.
-
resource.min
A file which contains the guaranted minimum of the given resource in
the first line. The special keyword 'inf' is recognized.
-
resource.soft
A file which contains the soft- of the given resource in the first
line. The special keyword 'inf' is recognized.
-
/etc/vservers/vserver-name/scripts
A directory for scripts. By default, when one of these scripts will be
executed, the execution of defaultscripts (within .../.defaults/scripts)
will be skipped. To execute them nevertheless, the $DONT_SKIP_DEFAULTS
environment variable must be set by one of the in-shellcontext scripts
(the non-executable ones).
-
post-start
The scriptlet which will be executed after the vserver has been
started. Before executing the script, the vserver root directory
will be made the working directory.
-
post-stop
The scriptlet which will be executed after the vserver has been
stopped, but before the directories will be umounted and the the
interfaces disabled. Before executing the script, the vserver root
directory will be made the working directory.
-
postpost-stop
The scriptlet which will be executed after the vserver has been stopped
completely. Before executing the script, the vserver root directory
will be made the working directory.
-
pre-start
The scriptlet which will be executed after network-interfaces were
enabled and the directories mounted, but before the vserver itself has
been started. Before executing the script, the vserver root directory
will be made the working directory.
-
pre-stop
The scriptlet which will be executed before the vserver will be
stopped. Before executing the script, the vserver root directory
will be made the working directory.
-
prepre-start
The scriptlet which will be executed before the network-interfaces are
enabled and the directories are mounted. Before executing the script,
the configuration directory will be made the working directory.
-
/etc/vservers/vserver-name/scripts/post-start.d
Repository of post-start like scripts. Before executing these scripts,
the vserver root directory will be made the working directory.
-
/etc/vservers/vserver-name/scripts/post-stop.d
Repository of post-stop like scripts. Before executing the script, the
vserver root directory will be made the working directory.
-
/etc/vservers/vserver-name/scripts/postpost-stop.d
Repository of postpost-stop like scripts. Before executing the script,
the vserver root directory will be made the working directory.
-
script
See postpost-stop.
-
/etc/vservers/vserver-name/scripts/pre-start.d
Repository of pre-start like scripts. Before executing these scripts,
the vserver root directory will be made the working directory.
-
/etc/vservers/vserver-name/scripts/pre-stop.d
Repository of pre-stop like scripts. Before executing the script, the
vserver root directory will be made the working directory.
-
/etc/vservers/vserver-name/scripts/prepre-start.d
Repository of prepre-start like scripts. Before executing the script,
the configuration directory will be made the working directory.
-
/etc/vservers/vserver-name/ulimits
A directory with ulimits. Possible resources are cpu, data, fsize,
locks, memlock, nofile, nproc, rss and/or stack. This configuration
will be honored for kernel 2.4 only.
-
resource
A file which contains the hard- and soft-limit of the given resource
in the first line. The special keyword 'inf' is recognized.
-
resource.hard
A file which contains the hard- of the given resource in the first
line. The special keyword 'inf' is recognized.
-
resource.soft
A file which contains the soft- of the given resource in the first
line. The special keyword 'inf' is recognized.
-
/etc/vservers/vserver-name/uts
-
context
The context-name of the vserver. This file is listed for completeness
only; the 'context' name is used and set internally by the util-vserver
tools and can *not* be modified.
-
domainname
The NIS domainname of the vserver
-
machine
The machine-type of the vserver
-
nodename
The node-/hostname of the vserver
-
release
The OS-release of the vserver
-
sysname
The sysname of the vserver
-
version
The OS-version of the vserver