-A list of files which will be made visibly by vprocunhide. Wildcards are
+A list of files which will be made visible by vprocunhide. Wildcards are
allowed and anything ending in '/' will be processed recursively. When this file exists,
it overrides the defaults in SYSDEFAULTDIR/vprocunhide-files. The entries there must be
absolute filenames inclusive the leading '/proc'.
@@ -163,7 +299,7 @@ skipped.
handler
@@ -225,6 +361,53 @@ filesystem.
+
+ /etc/vservers/.defaults/files
+
+ This directory contains some files which will be copied to the guests during build.
+
+ -
+ hosts
+
+ The default /etc/hosts file.
+
+ -
+ krb.conf
+
+ The default /etc/krb.conf file.
+
+ -
+ krb.realms
+
+ The default /etc/krb.realms file.
+
+ -
+ krb5.conf
+
+ The default /etc/krb5.conf file.
+
+ -
+ ldap.conf
+
+ The default /etc/ldap.conf file.
+
+ -
+ localtime
+
+ The default /etc/localtime file.
+
+ -
+ nsswitch.conf
+
+ The default /etc/nsswitch.conf file.
+
+ -
+ resolv.conf
+
+ The default /etc/resolv.conf file.
+
+
+
/etc/vservers/.defaults/init
@@ -236,6 +419,20 @@ filesystem.
+
+ /etc/vservers/.defaults/interfaces
+
+
+
@@ -366,9 +563,16 @@ The configuration directory for the vserver vserver-name.
bcapabilities
-[experimental; name is subject of possible change] Contains the system capabilities. See
-
lib/bcaps-v13.c
+Contains the system capabilities. See
+
lib/bcaps-v13.c
for possible values.
+
+
+
+ cache
+
+
+Path of the storage area for cached information about this vserver.
@@ -383,8 +587,7 @@ only; for 2.6 use bcapabilities.
ccapabilities
-[experimental; name is subject of possible change] Contains the
-context capabilities. See
lib/ccaps-v13.c
+Contains the context capabilities. See
lib/ccaps-v13.c
for possible values.
@@ -399,54 +602,9 @@ Contains the context which shall be used for the vserver.
flags
-
-
- - fakeinit
- -
-
-The new process will believe it is process number 1. Useful to run a
-real /sbin/init in a vserver. Warning: this flag should not be used
-unless you know what you are doing. Often, it is better to use the
-'plain' initstyle.
-
-
- - lock
- -
-
-The new process is trapped and can't use chcontext anymore.
-
-
- - nproc
- -
-
-Limit the number of process in the vserver according to
-ulimit setting. Normally, ulimit is a per user thing.
-With this flag, it becomes a per vserver thing.
-
-
- - private
- -
-
-No one can join this security context once created.
-
-
- - sched
- -
-
-The new process and its children will share a common
-
-
- - ulimit
- -
-
-Apply the current ulimit to the whole context
-
-
-
-
fstab
@@ -483,6 +641,39 @@ will be assumed as this name.
Overrides the global
nonamespace flag and enables
namespace usage for the current vserver.
+
+
+
+ namespace-cleanup
+
+
+Overrides the global
nonamespace-cleanup flag and enables
+namespace cleanup for the current vserver.
+
+
+
+ namespace-cleanup-skip
+
+
+
+
+ ncapabilities
+
+
+Contains the network capabilities. See
lib/ncaps-net.c
+for possible values.
+
+
+
+ nflags
+
+
@@ -524,7 +715,7 @@ the vserver is stopped, this can be a dangling symlink.
schedule
-[experimental; name is subject of possible change] Contains the
+[deprecated; use
sched instead] Contains the
scheduler parameters, one per line.
The Hard CPU limit uses a mechanism called a Token Bucket. the
@@ -535,9 +726,12 @@ a running process consumes one token from the bucket, unless the
bucket is empty. If the bucket is empty the process is put in the
hold queue. When the bucket has been refilled to at least M tokens,
all on hold processes are rescheduled.
+
+See the
Linux
+VServer Wiki for more information about this file.
-
+
shell
@@ -549,7 +743,7 @@ Contains the pathname of the shell which will be used by the "vserver
vdir
-Path of the vserver root directory
+Path of the vserver root directory.
@@ -613,6 +807,14 @@ the current vserver can be started. At shutdown, the current vserver
will be stopped before its dependencies. Content of this file are
vserver ids (one name per line).
+
+
+ environment
+
+
+The environment to set when starting the guest. Contains one VAR=VAL
+pair per line.
+
killseq
@@ -680,7 +882,7 @@ from/to at startup via initscript.
/etc/vservers/vserver-name/apps/vshelper
- -
+
-
action
@@ -721,7 +923,7 @@ the vs_reboot() function in the kernel for more details.
The timeout in seconds which is used when synchronising vserver
-startup/shutdown with the vshelper. When no set, 30 seconds will be
+startup/shutdown with the vshelper. When not set, 30 seconds will be
assumed.
@@ -743,7 +945,7 @@ skipped.
handler
@@ -825,6 +1027,74 @@ filesystem.
+
-
+ /etc/vservers/vserver-name/cpuset
+
+
+ -
+ cpu_exclusive
+
+ Is the CPU assignment exclusive?
+
+ -
+ cpus
+
+ The list of CPUs in this cpuset
+
+ -
+ mems
+
+ The list of Memory Nodes in this cpuset
+
+ -
+ mems_exclusive
+
+ Is the memory node assignment exclusive?
+
+ -
+ name
+
+ The name of the cpuset for this vserver
+
+ -
+ nocreate
+
+ When this file exists, the cpuset will be assumed to exist already
+
+
+
+
-
+ /etc/vservers/vserver-name/dlimits
+
+
+ -
+ /etc/vservers/vserver-name/dlimits/dlimit
+
+
+ -
+ directory
+
+ The directory to which the limit should be applied
+
+ -
+ inodes_total
+
+ The amount of inodes this vserver should be limited to
+
+ -
+ reserved
+
+ How much space (percentage-wise) should be reserved for the root user
+
+ -
+ space_total
+
+ The amount of space this vserver should be limited to (measured in blocks of 1024 bytes)
+
+
+
+
+
-
/etc/vservers/vserver-name/interfaces
@@ -844,6 +1114,16 @@ filesystem.
The default network mask.
+
-
+ novlandev
+
+
+When this file exists, the steps which setup and destroy a VLAN
+interface will be skipped. This overrides the global
+
vlandev setting for
+this vserver.
+
+
-
prefix
@@ -854,6 +1134,14 @@ filesystem.
The default scope of the network interfaces.
+
-
+ vlandev
+
+
+When this file exists, the steps which setup and destroy a VLAN
+interface will be executed for all interfaces of this vserver.
+
+
-
/etc/vservers/vserver-name/interfaces/iface
@@ -906,6 +1194,16 @@ a labeled interface is known as an "alias" also (e.g. 'eth0:foo').
When this file exists, the interface will be assumed to exist
already. This can be used to assign primary interfaces which are
created by the host or another vserver.
+
+
+ -
+ novlandev
+
+
+When this file exists, the steps which setup and destroy a VLAN
+interface will be skipped. This will override the global
+
vlandev and the per-guest
+
vlandev.
-
@@ -918,6 +1216,14 @@ created by the host or another vserver.
The scope of the network interface.
+ -
+ vlandev
+
+
+When this file exists, the steps which setup and destroy a VLAN
+interface will be executed.
+
+
@@ -927,7 +1233,8 @@ created by the host or another vserver.
A directory with resource limits. Possible resources are cpu, fsize,
-data, stack, core, rss, nproc, nofile, memlock, as and locks. This
+data, stack, core, rss, nproc, nofile, memlock, as, locks, msgqueue,
+nsock, openfd, anon, shmem, semary, nsems and dentry. This
configuration will be honored for kernel 2.6 only.
@@ -943,7 +1250,7 @@ in the first line. The special keyword 'inf' is recognized.
resource.hard
-A file which contains the hard- of the given resource in the first
+A file which contains the hard-limit of the given resource in the first
line. The special keyword 'inf' is recognized.
@@ -951,7 +1258,7 @@ line. The special keyword 'inf' is recognized.
resource.min
-A file which contains the guaranted minimum of the given resource in
+A file which contains the guaranteed minimum of the given resource in
the first line. The special keyword 'inf' is recognized.
@@ -959,12 +1266,125 @@ the first line. The special keyword 'inf' is recognized.
resource.soft
-A file which contains the soft- of the given resource in the first
+A file which contains the soft-limit of the given resource in the first
line. The special keyword 'inf' is recognized.
+
+ /etc/vservers/vserver-name/sched
+
+
+ -
+ fill-rate
+
+
+
+ -
+ fill-rate2
+
+ Amount of tokens to add each
interval2 when advancing idle time
+
+ -
+ idle-time
+
+ When this file exists, advancing idle time is activated
+
+ -
+ interval
+
+ The interval between refills of the bucket
+
+ -
+ interval2
+
+ The interval between refills of the bucket when advancing idle time
+
+ -
+ priority-bias
+
+ Bias added to priorities calculated within the guest (result is clamped to -20/+19)
+
+ -
+ tokens
+
+ The initial amount of tokens to put in the bucket
+
+ -
+ tokens-max
+
+ The bucket's size
+
+ -
+ tokens-min
+
+ The minimum amount of tokens required to unhold the context
+
+ -
+ /etc/vservers/vserver-name/sched/cpu-id
+
+ This directory contains per-CPU and/or per-bucket specific settings. Remember to set the
cpu-id file. All CPUs inherit the global settings.
+
+ -
+ bucket-id
+
+ The bucket to apply these settings to
+
+ -
+ cpu-id
+
+ The CPU to apply these settings to
+
+ -
+ fill-rate
+
+
+
+ -
+ fill-rate2
+
+ Amount of tokens to add each
interval2 when advancing idle time
+
+ -
+ idle-time
+
+ When this file exists, advancing idle time is activated
+
+ -
+ interval
+
+ The interval between refills of the bucket
+
+ -
+ interval2
+
+ The interval between refills of the bucket when advancing idle time
+
+ -
+ priority-bias
+
+ Bias added to priorities calculated within the guest (result is clamped to -20/+19)
+
+ -
+ tokens
+
+ The initial amount of tokens to put in the bucket
+
+ -
+ tokens-max
+
+ The bucket's size
+
+ -
+ tokens-min
+
+ The minimum amount of tokens required to unhold the context
+
+
+
+
+
/etc/vservers/vserver-name/scripts
@@ -976,6 +1396,15 @@ environment variable must be set by one of the in-shellcontext scripts
(the non-executable ones).