util-vserver-pl.git
15 years agoVserver suid wrapper. This enables vsh to run vserver with suid privileges safely...
Sapan Bhatia [Tue, 1 Dec 2009 18:21:57 +0000 (18:21 +0000)]
Vserver suid wrapper. This enables vsh to run vserver with suid privileges safely. As an additional advantage, we should probably be able
to drop suid on vsh.

15 years agoAdding suid wrapper for vserver.
Sapan Bhatia [Tue, 1 Dec 2009 18:13:36 +0000 (18:13 +0000)]
Adding suid wrapper for vserver.

15 years agoBack out of always creating network namespace when starting vserver
Andy Bavier [Mon, 30 Nov 2009 19:30:39 +0000 (19:30 +0000)]
Back out of always creating network namespace when starting vserver

16 years agoRemove obsolete functions
Andy Bavier [Mon, 26 Oct 2009 16:02:27 +0000 (16:02 +0000)]
Remove obsolete functions

16 years agoClean up. Start network namespace per slice by default.
Andy Bavier [Mon, 26 Oct 2009 16:01:03 +0000 (16:01 +0000)]
Clean up.  Start network namespace per slice by default.

16 years agoComment out problematic calls
Andy Bavier [Mon, 31 Aug 2009 20:19:22 +0000 (20:19 +0000)]
Comment out problematic calls

16 years agoHmm, something is broken
Andy Bavier [Mon, 31 Aug 2009 19:49:19 +0000 (19:49 +0000)]
Hmm, something is broken

16 years agoDon't need planetlab.c and netns.c any more
Andy Bavier [Fri, 28 Aug 2009 21:18:17 +0000 (21:18 +0000)]
Don't need planetlab.c and netns.c any more

16 years agoModify taglevel
Andy Bavier [Fri, 28 Aug 2009 15:34:14 +0000 (15:34 +0000)]
Modify taglevel

16 years agoTest checkin
Andy Bavier [Tue, 23 Jun 2009 15:12:44 +0000 (15:12 +0000)]
Test checkin

16 years agoUse cgroup CPU scheduler
Andy Bavier [Tue, 23 Jun 2009 14:54:09 +0000 (14:54 +0000)]
Use cgroup CPU scheduler

16 years agoUse cgroup CPU scheduler
Andy Bavier [Tue, 23 Jun 2009 14:51:59 +0000 (14:51 +0000)]
Use cgroup CPU scheduler

16 years agoEnable IPv4 forwarding by default in a slice
Andy Bavier [Fri, 22 May 2009 16:39:19 +0000 (16:39 +0000)]
Enable IPv4 forwarding by default in a slice

16 years agoNew vsh as a wrapper to util-vserver
Andy Bavier [Fri, 24 Apr 2009 18:57:26 +0000 (18:57 +0000)]
New vsh as a wrapper to util-vserver

16 years agoRewriting util-vserver-pl to wrap util-vserver, as proof-of-concept
Andy Bavier [Fri, 24 Apr 2009 18:09:07 +0000 (18:09 +0000)]
Rewriting util-vserver-pl to wrap util-vserver, as proof-of-concept

16 years agoUpdate to code actually running on Trellis v0.1
Andy Bavier [Wed, 22 Apr 2009 18:12:48 +0000 (18:12 +0000)]
Update to code actually running on Trellis v0.1

16 years agoTrellis branch to support network namespaces
Andy Bavier [Thu, 30 Oct 2008 15:35:58 +0000 (15:35 +0000)]
Trellis branch to support network namespaces

17 years agoTypos...
Sapan Bhatia [Tue, 14 Oct 2008 17:11:05 +0000 (17:11 +0000)]
Typos...

17 years agoif ((mask & space_mask.mask) != mask)
Sapan Bhatia [Tue, 14 Oct 2008 17:04:13 +0000 (17:04 +0000)]
if ((mask & space_mask.mask) != mask)

      return -EINVAL;
Looks like vc_set_space wants vc_space_mask to be present in the flags.

--
M    src/planetlab.c

17 years agoLook for the config file before the FS gets unshared.
Sapan Bhatia [Tue, 14 Oct 2008 16:42:17 +0000 (16:42 +0000)]
Look for the config file before the FS gets unshared.

17 years agobugfix for VINI
Sapan Bhatia [Fri, 10 Oct 2008 14:58:35 +0000 (14:58 +0000)]
bugfix for VINI

17 years agocontd...
Sapan Bhatia [Mon, 6 Oct 2008 23:19:20 +0000 (23:19 +0000)]
contd...

17 years agocontd...
Sapan Bhatia [Mon, 6 Oct 2008 23:16:12 +0000 (23:16 +0000)]
contd...

17 years agocontd...
Sapan Bhatia [Mon, 6 Oct 2008 23:13:51 +0000 (23:13 +0000)]
contd...

17 years agocontd...
Sapan Bhatia [Mon, 6 Oct 2008 23:12:44 +0000 (23:12 +0000)]
contd...

17 years agocontd...
Sapan Bhatia [Mon, 6 Oct 2008 22:57:52 +0000 (22:57 +0000)]
contd...

17 years agouse util-vserver's style of config, not sapan's funky style.
Sapan Bhatia [Mon, 6 Oct 2008 22:56:07 +0000 (22:56 +0000)]
use util-vserver's style of config, not sapan's funky style.

17 years agoheaders for sys_unshare
Sapan Bhatia [Mon, 6 Oct 2008 22:52:42 +0000 (22:52 +0000)]
headers for sys_unshare

17 years agoCall enter_namespace before ctx_migrate.
Sapan Bhatia [Mon, 6 Oct 2008 22:42:33 +0000 (22:42 +0000)]
Call enter_namespace before ctx_migrate.

17 years agoset_namespace has alraedy been called onthe default spaces.
Sapan Bhatia [Mon, 6 Oct 2008 22:26:43 +0000 (22:26 +0000)]
set_namespace has alraedy been called onthe default spaces.

17 years agocall vc_set_namespace after sys_unshare, to poke the new nsproxy into the relevant...
Sapan Bhatia [Mon, 6 Oct 2008 22:22:53 +0000 (22:22 +0000)]
call vc_set_namespace after sys_unshare, to poke the new nsproxy into the relevant context in the kernel.

17 years agoUnshare netns for VINI.
Sapan Bhatia [Mon, 6 Oct 2008 21:38:59 +0000 (21:38 +0000)]
Unshare netns for VINI.

17 years agoUnshare netns for VINI.
Sapan Bhatia [Mon, 6 Oct 2008 21:38:12 +0000 (21:38 +0000)]
Unshare netns for VINI.

17 years agooops
Thierry Parmentelat [Sun, 28 Sep 2008 09:36:46 +0000 (09:36 +0000)]
oops

17 years agofull build on centos
Thierry Parmentelat [Sun, 28 Sep 2008 09:13:26 +0000 (09:13 +0000)]
full build on centos

17 years agothis is needed as well
Thierry Parmentelat [Tue, 23 Sep 2008 20:58:10 +0000 (20:58 +0000)]
this is needed as well

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-14
Thierry Parmentelat [Tue, 23 Sep 2008 19:15:28 +0000 (19:15 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-14
configure/make check the version of libnl and can cope with either 1.1 or 1.0-pre6
as centos does not have any of these, do build vip6-autod on fedora only

17 years agolet's keep it simple - our tag tools do not know how to handle this
Thierry Parmentelat [Tue, 23 Sep 2008 19:09:24 +0000 (19:09 +0000)]
let's keep it simple - our tag tools do not know how to handle this

17 years agotmp hack for assessing centos - package vip6-autod only on fedora as centos has a...
Thierry Parmentelat [Fri, 19 Sep 2008 15:42:17 +0000 (15:42 +0000)]
tmp hack for assessing centos - package vip6-autod only on fedora as centos has a too old libnl

17 years agoSupport both libnl 1.0-pre6 and 1.1.
Daniel Hokka Zakrisson [Fri, 19 Sep 2008 07:58:09 +0000 (07:58 +0000)]
Support both libnl 1.0-pre6 and 1.1.
Disable vip6-autod if the configure script didn't detect a usable libnl.
Remove util-vserver-pl.spec.in, sync the version with configure.ac.

17 years agotemporary - do not package vip6-autod for libnl dep - PLEASE DO NOT TAG
Thierry Parmentelat [Thu, 18 Sep 2008 18:48:13 +0000 (18:48 +0000)]
temporary - do not package vip6-autod for libnl dep - PLEASE DO NOT TAG

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-13
Faiyaz Ahmed [Wed, 17 Sep 2008 17:55:32 +0000 (17:55 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-13
Remove current bw limit checks before issuing tc.

17 years agoRemove check for changes in max/min rates before running set().
Faiyaz Ahmed [Thu, 11 Sep 2008 19:18:34 +0000 (19:18 +0000)]
Remove check for changes in max/min rates before running set().

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-12
Daniel Hokka Zakrisson [Fri, 29 Aug 2008 03:17:12 +0000 (03:17 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-12
libnl 1.1 fixups.

17 years agoUse libnl 1.1 API.
Daniel Hokka Zakrisson [Fri, 29 Aug 2008 02:45:44 +0000 (02:45 +0000)]
Use libnl 1.1 API.

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-11
Thierry Parmentelat [Thu, 28 Aug 2008 09:21:31 +0000 (09:21 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-11
reads /etc/vservers/<name>/personality and behaves accordingly
nicer formatting for byte rates

17 years ago/etc/vservers/<name>/personality
Thierry Parmentelat [Wed, 27 Aug 2008 14:30:13 +0000 (14:30 +0000)]
/etc/vservers/<name>/personality
this is a first draft; it is expected that vserver sartup now reads this file and
performs the appropriate personality setting
Goes with NodeManager-1.7-17

17 years agoMore convenient output of show.
Faiyaz Ahmed [Wed, 20 Aug 2008 20:50:26 +0000 (20:50 +0000)]
More convenient output of show.

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-10
Daniel Hokka Zakrisson [Sat, 16 Aug 2008 23:15:04 +0000 (23:15 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-10
FUSE support.

17 years agoFUSE patch from Jeremy Stribling.
Daniel Hokka Zakrisson [Wed, 13 Aug 2008 15:38:57 +0000 (15:38 +0000)]
FUSE patch from Jeremy Stribling.

17 years agohard == rlim_max
Daniel Hokka Zakrisson [Tue, 12 Aug 2008 16:51:43 +0000 (16:51 +0000)]
hard == rlim_max

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-9
Faiyaz Ahmed [Fri, 1 Aug 2008 18:31:39 +0000 (18:31 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-9
Check running values before issuing set or on.  If same, disregard to save on forks.

17 years agoPush bwmin to 1KBps. Also check running values against arguments before calling tc.
Faiyaz Ahmed [Fri, 1 Aug 2008 16:04:15 +0000 (16:04 +0000)]
Push bwmin to 1KBps.  Also check running values against arguments before calling tc.

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-8
Faiyaz Ahmed [Fri, 25 Jul 2008 16:29:42 +0000 (16:29 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-8
exempt_init shouldn't modify iptables rules.  Instead, only manipulate ipset.  Assume iptables rules are setup properly (now downloaded from nodeconfig/PlanetLabConf for I2 and defaulted to iptables/planetlab-config for all other nodes).

17 years agoRemove iptables rule modification. Assume rule exists (downloaded from conf_files...
Faiyaz Ahmed [Fri, 25 Jul 2008 16:06:43 +0000 (16:06 +0000)]
Remove iptables rule modification.  Assume rule exists (downloaded from conf_files), and check for IPs in I2 hash.  Add if absent.

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-7
Faiyaz Ahmed [Tue, 22 Jul 2008 17:02:03 +0000 (17:02 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-7

Init exempt flows into "mangle" table.

17 years agoMANGLE and mangle are not the same.
Faiyaz Ahmed [Tue, 22 Jul 2008 16:59:36 +0000 (16:59 +0000)]
MANGLE and mangle are not the same.

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-6
Daniel Hokka Zakrisson [Fri, 27 Jun 2008 16:40:56 +0000 (16:40 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-6
Optimized the case where it's already running.

17 years agoFix typo.
Daniel Hokka Zakrisson [Fri, 27 Jun 2008 16:35:59 +0000 (16:35 +0000)]
Fix typo.

17 years agoOptimization in case the context is already running.
Daniel Hokka Zakrisson [Fri, 27 Jun 2008 15:58:54 +0000 (15:58 +0000)]
Optimization in case the context is already running.

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-5
Daniel Hokka Zakrisson [Thu, 26 Jun 2008 16:48:16 +0000 (16:48 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-5
Ignore ESRCH for setname.
Always create the home directory, regardless of configuration settings.

17 years agoIgnore ESRCH.
Daniel Hokka Zakrisson [Thu, 26 Jun 2008 16:40:00 +0000 (16:40 +0000)]
Ignore ESRCH.

17 years agoto create ~/ on non RH distros.
Faiyaz Ahmed [Fri, 20 Jun 2008 15:34:06 +0000 (15:34 +0000)]
to create ~/ on non RH distros.

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-4
Stephen Soltesz [Fri, 9 May 2008 21:30:39 +0000 (21:30 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-4

17 years agoCheck for file existance before blindly spawning them. Also, remove exit if spawn...
Faiyaz Ahmed [Thu, 8 May 2008 21:12:56 +0000 (21:12 +0000)]
Check for file existance before blindly spawning them.  Also, remove exit if spawn fails and try spawning subsequent scripts.

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-3
Stephen Soltesz [Wed, 23 Apr 2008 21:41:16 +0000 (21:41 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-3
Added support for vc_{set|get}_vhi_name() via util-vserver-pl.
Adding a tag to include in the 4.2rc2

17 years agoSet name as ints, not string.
Faiyaz Ahmed [Tue, 22 Apr 2008 18:19:17 +0000 (18:19 +0000)]
Set name as ints, not string.

17 years agoTagging module util-vserver-pl - util-vserver-pl-0.3-2
Faiyaz Ahmed [Wed, 16 Apr 2008 20:38:19 +0000 (20:38 +0000)]
Tagging module util-vserver-pl - util-vserver-pl-0.3-2

* Can write vcVHI_CONTEXT
* CAP_NET_BIND_SERVICE is special, in all cases.
* Check if already mounted before mounting fs in vserver
* Optimized 0.0.0.0 case
* Removed vcached.  DEPRECATED

17 years agoAdded code from NodeManager.tools to close non standard file descriptors. Avoids...
Faiyaz Ahmed [Wed, 16 Apr 2008 18:48:46 +0000 (18:48 +0000)]
Added code from NodeManager.tools to close non standard file descriptors.  Avoids zombies and priv'ed fds from entering context.

17 years agoAdded wrapper functions to call set/getname
Faiyaz Ahmed [Mon, 14 Apr 2008 21:50:03 +0000 (21:50 +0000)]
Added wrapper functions to call set/getname

17 years agoUse an unused field. SYSNAME defaults to Linux which probably means this value may...
Faiyaz Ahmed [Mon, 14 Apr 2008 21:12:33 +0000 (21:12 +0000)]
Use an unused field. SYSNAME defaults to Linux which probably means this value may change over time.  Context is empty and seems safer.

17 years agosyntax error.
Faiyaz Ahmed [Mon, 14 Apr 2008 20:42:42 +0000 (20:42 +0000)]
syntax error.

17 years agoSet slice id as vcVHI_SYSNAME.
Faiyaz Ahmed [Mon, 14 Apr 2008 18:52:38 +0000 (18:52 +0000)]
Set slice id as vcVHI_SYSNAME.

17 years agocross-module change -- cleaning vcached, and vserver pre install script
Thierry Parmentelat [Thu, 10 Apr 2008 14:03:14 +0000 (14:03 +0000)]
cross-module change -- cleaning vcached, and vserver pre install script

17 years agoIf it's busy, assume it's already mounted.
Daniel Hokka Zakrisson [Thu, 20 Mar 2008 19:13:24 +0000 (19:13 +0000)]
If it's busy, assume it's already mounted.

17 years agoStop the guest after creating the user/group in it.
Daniel Hokka Zakrisson [Thu, 28 Feb 2008 18:30:09 +0000 (18:30 +0000)]
Stop the guest after creating the user/group in it.

17 years agoCAP_NET_BIND_SERVICE is special, in all cases.
Daniel Hokka Zakrisson [Tue, 26 Feb 2008 22:51:12 +0000 (22:51 +0000)]
CAP_NET_BIND_SERVICE is special, in all cases.

17 years agoEnable raw sockets using VNET, and allow connections to 127.0.0.1.
Daniel Hokka Zakrisson [Wed, 13 Feb 2008 13:17:36 +0000 (13:17 +0000)]
Enable raw sockets using VNET, and allow connections to 127.0.0.1.

17 years agokill all processes. fixed syntax error. Thanks Daniel.
Faiyaz Ahmed [Mon, 28 Jan 2008 20:43:53 +0000 (20:43 +0000)]
kill all processes.  fixed syntax error.  Thanks Daniel.

17 years agoOptimize the 0.0.0.0 case, and get it working on 2.3 kernels.
Daniel Hokka Zakrisson [Sat, 26 Jan 2008 02:04:34 +0000 (02:04 +0000)]
Optimize the 0.0.0.0 case, and get it working on 2.3 kernels.

17 years agoto avoid people logging in while deleting their slice.
Faiyaz Ahmed [Thu, 24 Jan 2008 19:32:59 +0000 (19:32 +0000)]
to avoid people logging in while deleting their slice.

17 years agoClean up code for setting rlimits
Andy Bavier [Mon, 21 Jan 2008 19:19:07 +0000 (19:19 +0000)]
Clean up code for setting rlimits

17 years agoUpdate CPU token buckets of running vserver
Andy Bavier [Thu, 17 Jan 2008 20:57:51 +0000 (20:57 +0000)]
Update CPU token buckets of running vserver

17 years agoAllow independent setting of CPU reservation and CPU share
Andy Bavier [Wed, 16 Jan 2008 22:07:46 +0000 (22:07 +0000)]
Allow independent setting of CPU reservation and CPU share

17 years agoDisable mount namespaces.
Daniel Hokka Zakrisson [Mon, 14 Jan 2008 17:46:01 +0000 (17:46 +0000)]
Disable mount namespaces.

17 years agoready for tagging
Thierry Parmentelat [Tue, 8 Jan 2008 11:49:43 +0000 (11:49 +0000)]
ready for tagging
reviewed URLs and %{plrelease}

17 years agoGet rid of the context on vuserdel.
Daniel Hokka Zakrisson [Thu, 20 Dec 2007 21:45:00 +0000 (21:45 +0000)]
Get rid of the context on vuserdel.
Set svn:keywords.

17 years agomount /proc before chroot'ing into filesystem.
Faiyaz Ahmed [Fri, 14 Dec 2007 18:50:13 +0000 (18:50 +0000)]
mount /proc before chroot'ing into filesystem.

17 years agofix logging of vserver class into /var/log/nm
Thierry Parmentelat [Wed, 12 Dec 2007 15:13:35 +0000 (15:13 +0000)]
fix logging of vserver class into /var/log/nm

17 years agologging support in vserver.py
Thierry Parmentelat [Wed, 12 Dec 2007 12:09:47 +0000 (12:09 +0000)]
logging support in vserver.py

17 years agoFix indentation and use userspace error values.
Daniel Hokka Zakrisson [Wed, 12 Dec 2007 10:18:04 +0000 (10:18 +0000)]
Fix indentation and use userspace error values.

17 years agovsh needs to be suid.
Daniel Hokka Zakrisson [Tue, 11 Dec 2007 20:05:05 +0000 (20:05 +0000)]
vsh needs to be suid.

17 years agosetrunlevel takes a filename and a runlevel.
Daniel Hokka Zakrisson [Tue, 11 Dec 2007 18:45:22 +0000 (18:45 +0000)]
setrunlevel takes a filename and a runlevel.

17 years ago__do_chroot is also called from chrootcall, which doesn't need to cache it.
Daniel Hokka Zakrisson [Tue, 11 Dec 2007 18:44:37 +0000 (18:44 +0000)]
__do_chroot is also called from chrootcall, which doesn't need to cache it.

17 years agolooks like an obvious typo
Thierry Parmentelat [Tue, 11 Dec 2007 12:20:30 +0000 (12:20 +0000)]
looks like an obvious typo

17 years agoNeed to set the tagging too so disk limits are enforceable.
Daniel Hokka Zakrisson [Wed, 5 Dec 2007 14:17:26 +0000 (14:17 +0000)]
Need to set the tagging too so disk limits are enforceable.

17 years agoProvide util-vserver-python instead.
Daniel Hokka Zakrisson [Fri, 30 Nov 2007 21:03:55 +0000 (21:03 +0000)]
Provide util-vserver-python instead.

17 years agoAdd missing file.
Daniel Hokka Zakrisson [Fri, 30 Nov 2007 19:22:49 +0000 (19:22 +0000)]
Add missing file.
Add generated spec-file so the build can work.

17 years agoSeparate the PlanetLab modifications from util-vserver
Daniel Hokka Zakrisson [Fri, 30 Nov 2007 17:54:32 +0000 (17:54 +0000)]
Separate the PlanetLab modifications from util-vserver