git://git.onelab.eu
/
util-vserver-pl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
set default values correctly
[util-vserver-pl.git]
/
scripts
/
vuseradd
diff --git
a/scripts/vuseradd
b/scripts/vuseradd
index
2c9dfb3
..
9ace75c
100755
(executable)
--- a/
scripts/vuseradd
+++ b/
scripts/vuseradd
@@
-78,36
+78,50
@@
if [ ! -d $__CONFDIR/$NAME ] ; then
fi
$_VSERVER $NAME build -m skeleton --context $USERID \
fi
$_VSERVER $NAME build -m skeleton --context $USERID \
- --interface nodev:0.0.0.0/0 \
- --flags persistent,~info_init,sched_hard
+ --interface nodev:`hostname -i` \
+ --interface nodev:127.0.0.1 \
+ --flags persistent,~info_init
RETVAL=$?
DIR=$__CONFDIR/$NAME
if [ $RETVAL -ne 0 ] ; then
echo "Error $RETVAL building $DIR"
rm -rf $DIR $__DEFAULT_VSERVERDIR/$NAME
fi
RETVAL=$?
DIR=$__CONFDIR/$NAME
if [ $RETVAL -ne 0 ] ; then
echo "Error $RETVAL building $DIR"
rm -rf $DIR $__DEFAULT_VSERVERDIR/$NAME
fi
- mkdir -p $DIR/apps/init $DIR/rlimits $DIR/sched $DIR/
dlimits
/0
+ mkdir -p $DIR/apps/init $DIR/rlimits $DIR/sched $DIR/
cgroup $DIR/dlimits/0 $DIR/sysctl
/0
echo default > $DIR/apps/init/mark
echo default > $DIR/apps/init/mark
- echo 1000 > $DIR/rlimits/nproc
+ echo 1000 > $DIR/rlimits/nproc
.hard
# Set persistent for the network context
# Set persistent for the network context
- echo persistent > $DIR/nflags
+ echo persistent,lback_allow > $DIR/nflags
+
+ # Set default capabilities
+ echo "CAP_NET_RAW" > $DIR/bcapabilities
+ echo "" > $DIR/ccapabilities
# Set up the scheduler
# Set up the scheduler
- echo 100
0
> $DIR/sched/interval
+ echo 100 > $DIR/sched/interval
echo 1000 > $DIR/sched/interval2
echo 0 > $DIR/sched/fill-rate
echo 1000 > $DIR/sched/interval2
echo 0 > $DIR/sched/fill-rate
- echo
32
> $DIR/sched/fill-rate2
+ echo
1
> $DIR/sched/fill-rate2
touch $DIR/sched/idle-time
echo 100 > $DIR/sched/tokens
echo 50 > $DIR/sched/tokens-min
echo 100 > $DIR/sched/tokens-max
touch $DIR/sched/idle-time
echo 100 > $DIR/sched/tokens
echo 50 > $DIR/sched/tokens-min
echo 100 > $DIR/sched/tokens-max
- # Set up disk limits (unlimited)
+ echo 1024 > $DIR/cgroup/cpu.shares
+
+ # Set up disk limits (10 GB)
echo `$_READLINK $DIR/vdir` > $DIR/dlimits/0/directory
echo 2 > $DIR/dlimits/0/reserved
echo -1 > $DIR/dlimits/0/inodes_total
echo `$_READLINK $DIR/vdir` > $DIR/dlimits/0/directory
echo 2 > $DIR/dlimits/0/reserved
echo -1 > $DIR/dlimits/0/inodes_total
- echo -1 > $DIR/dlimits/0/space_total
+ echo 10000000 > $DIR/dlimits/0/space_total
+
+ # Set up sysctl variables
+ echo net.ipv4.ip_forward > $DIR/sysctl/0/setting
+ echo 1 > $DIR/sysctl/0/value
+
+ # Add spaces directory
+ mkdir -p $DIR/spaces
# Remove the basically empty guest directory
rm -rf $__DEFAULT_VSERVERDIR/$NAME
# Remove the basically empty guest directory
rm -rf $__DEFAULT_VSERVERDIR/$NAME
@@
-153,14
+167,20
@@
if [ -d "$__DEFAULT_VSERVERDIR/$NAME" ] ; then
chmod 755 "$__DEFAULT_VSERVERDIR/$NAME"
# Add user in vserver
chmod 755 "$__DEFAULT_VSERVERDIR/$NAME"
# Add user in vserver
- $_VSERVER ----insecure $NAME suexec root sh -c \
- "groupadd -g $GROUPID $GROUPNAME ; useradd -u $USERID -g $GROUPID -p '' $NAME"
+ $_VSERVER $NAME start --rescue sh -c \
+ "groupadd -g $GROUPID $GROUPNAME ; useradd -m -u $USERID -g $GROUPID -p '' $NAME"
+
+ # Stop the guest (since it's persistent)
+ $_VSERVER $NAME stop
# Add an unrestricted entry to /etc/sudoers file
if [ -f "$__DEFAULT_VSERVERDIR/$NAME/etc/sudoers" ] && \
! grep -q "^$NAME" "$__DEFAULT_VSERVERDIR/$NAME/etc/sudoers" ; then
echo "$NAME ALL=(ALL) ALL" >> "$__DEFAULT_VSERVERDIR/$NAME/etc/sudoers"
fi
# Add an unrestricted entry to /etc/sudoers file
if [ -f "$__DEFAULT_VSERVERDIR/$NAME/etc/sudoers" ] && \
! grep -q "^$NAME" "$__DEFAULT_VSERVERDIR/$NAME/etc/sudoers" ; then
echo "$NAME ALL=(ALL) ALL" >> "$__DEFAULT_VSERVERDIR/$NAME/etc/sudoers"
fi
+
+ cp -a /dev/fuse $__DEFAULT_VSERVERDIR/$NAME/dev/
+
fi
exit 0
fi
exit 0