fi
$_VSERVER $NAME build -m skeleton --context $USERID \
- --interface nodev:0.0.0.0/0 \
- --flags persistent,~info_init,sched_hard
+ --interface nodev:`hostname -i` \
+ --interface nodev:127.0.0.1 \
+ --flags persistent,~info_init
RETVAL=$?
DIR=$__CONFDIR/$NAME
if [ $RETVAL -ne 0 ] ; then
echo "Error $RETVAL building $DIR"
rm -rf $DIR $__DEFAULT_VSERVERDIR/$NAME
fi
- mkdir -p $DIR/apps/init $DIR/rlimits $DIR/sched $DIR/dlimits/0
+ mkdir -p $DIR/apps/init $DIR/rlimits $DIR/sched $DIR/cgroup $DIR/dlimits/0 $DIR/sysctl/0
echo default > $DIR/apps/init/mark
echo 1000 > $DIR/rlimits/nproc.hard
# Set persistent for the network context
- echo persistent > $DIR/nflags
+ echo persistent,lback_allow > $DIR/nflags
+
+ # Set default capabilities
+ echo "CAP_NET_RAW" > $DIR/bcapabilities
+ touch $DIR/ccapabilities
# Set up the scheduler
echo 100 > $DIR/sched/interval
echo 50 > $DIR/sched/tokens-min
echo 100 > $DIR/sched/tokens-max
- # Set up disk limits (unlimited)
+ echo 1024 > $DIR/cgroup/cpu.shares
+
+ # Set up disk limits (10 GB)
echo `$_READLINK $DIR/vdir` > $DIR/dlimits/0/directory
echo 2 > $DIR/dlimits/0/reserved
echo -1 > $DIR/dlimits/0/inodes_total
- echo -1 > $DIR/dlimits/0/space_total
-
- # Disable mount namespaces
- touch $DIR/nonamespace
+ echo 10000000 > $DIR/dlimits/0/space_total
+
+ # Set up sysctl variables
+ echo net.ipv4.ip_forward > $DIR/sysctl/0/setting
+ echo 1 > $DIR/sysctl/0/value
+
+ # Add spaces directory
+ mkdir -p $DIR/spaces
# Remove the basically empty guest directory
rm -rf $__DEFAULT_VSERVERDIR/$NAME
git://git.onelab.eu / util-vserver-pl.git / blobdiff