Skip to content
Commits on Jan 14, 2012
  1. @kolyshkin

    etc/dists/scripts/ do not set up venet0 if no IPs

    kolyshkin committed
    If you configure a CT to only use veth interfaces (no IP addresses are
    configured for venet), still adds net.venet0 to the
    defalt runlevel and sets default route via venet0.
    Solution is not to run init_netconfig() on CT start if there are no IPs,
    but it creates a problem of adding first IP address to a running container --
    in this case routing for venet0 is not configured. This problem is fixed
    by using "have_ips && venet_configured || set_config" for running CT.
    Reported-by: Frank Wassmuth <>
    Signed-off-by: Kir Kolyshkin <>
Commits on Dec 23, 2011
  1. @kolyshkin

    etc/conf/*vswap*: simplify

    kolyshkin committed
    We can only leave PHYSPAGES and SWAPPAGES, and throw away others.
    Note that they can still be set, but it's not obligatory anymore.
    Signed-off-by: Kir Kolyshkin <>
  2. @kolyshkin

    dists/scripts/ fix changing pass on a stopped CT for …

    kolyshkin committed
    …new distros
    vzctl fails to change password in stopped container with opensuse-12.1:
    Container is mounted
    Changing password for test111.
    Can't open /dev/urandom for reading: No such file or directory
    Cannot create salt: No such file or directorychpasswd: errors occurred, 1 passwords not updated
    Container is unmounted
    This happens due to devtmpfs on /dev feature used by suse-12.1 templates,
    so we create /dev/urandom manually.
    Signed-off-by: Kir Kolyshkin <>
Commits on Dec 9, 2011
  1. @kolyshkin

    scripts/vps-download: add config file

    kolyshkin committed
    Signed-off-by: Kir Kolyshkin <>
Commits on Nov 19, 2011
  1. @kolyshkin

    etc/dists/scripts/ set proper file caps for Fedora >= 15

    kolyshkin committed
    New Fedora distros, starting from Fedora 15, are trying to get rid of
    SUID bit for binaries, using file-based capabilities instead. While this
    is all great and welcomed, the problem is neigher tar nor cpio are able
    to carry these caps around, so if we tar/untar the binary all the attributes
    are lost. Yes that includes tar and cpio from Fedora 15, too.
    Possible solution is to use modified tar binary which saves these attributes.
    For a number of reasons, this is not the best course of action for OpenVZ,
    thus I ended up with this hack. is a script which is run right after unpacking the CT
    template. We check that it is Fedora 15 (or 16, up to 19) and set a few
    capabilities here and there.
    The set of capabilities is taken from a freshly installed Fedora 15,
    and I have checked that it is the same in Fedora 16.
    Maybe we need some per-distro configuration file for capabilities,
    something similar to osrelease.conf for capabilities.
    Signed-off-by: Kir Kolyshkin <>
Commits on Oct 6, 2011
  1. @kolyshkin

    vzctl set --ipadd: fix default IPv6 route for Debian

    kolyshkin committed
    I do not understand how it worked at all before this patch.
    Signed-off-by: Kir Kolyshkin <>
Commits on Sep 27, 2011
  1. @kolyshkin

    etc/init.d/vz-redhat: fix IPTABLES_MODULES

    Dmitry Kopytov committed with kolyshkin
    The description of variables in vz.conf says:
     * IPTABLES - IPv4 iptables kernel modules to be enabled in CTs by default.
     * IPTABLES_MODULES - IPv4 iptables kernel modules to be loaded by init.d/vz
    But I found init.d/vz script loads modules enumerated in IPTABLES variable
    instead of IPTABLES_MODULES. Here is a patch.
    [ this is a bug in commit d284c8a]
Commits on Sep 26, 2011
  1. @kolyshkin

    vzctl set --ipadd: if no netmask is specified, set it to /32

    kolyshkin committed
    Before introducing netmasks support, vzctl always set netmask
    for IPv4 address to /32. Now it become configurable, but default
    was somehow set to /24. Fix it.
    Reported-by: William Taylor <>
    Signed-off-by: Kir Kolyshkin <>
Commits on Sep 22, 2011
  1. @kolyshkin

    etc/dists/scripts/ try to fix /etc/mtab harder

    kolyshkin committed
    In case vzctl-3.0.28 or (i.e. the one with commit e324b0a
    but without commit bfe59a2) was used on a container with quotaugidlimit,
    the CT might end up with an incorrect /etc/mtab file having simfs in fs field.
    The fix introduced later is correct, but it's not checking for the broken
    case like the one above. This case is fixed by this patch, which just blindly
    symlinks /etc/mtab -> /proc/mounts, in a hope that kernel will provide correct
    flags and fs field (and all modern stable OpenVZ kernels do).
    Now, in case it's an old kernel (no usrquota/grpquota flags for /), we create
    /etc/mtab as a file, putting the correct info there.
    Should fix
    For big picture, see
    PS Note there's no need to have this kludge in other scripts
    (i.e. {gentoo,arch,slackware} because those were never
    modified to have simfs in fs field.
    Reported-by: Maxim Shchelokov <>
    Signed-off-by: Kir Kolyshkin <>
Commits on Sep 20, 2011
  1. @kolyshkin

    etc/dists/scripts/ try harder to remove all IPs

    kolyshkin committed
    Two improvements:
    (1) Try to down venet0 aliases before downing the venet0 itself. This results
    in no venet0:X left (in down state but with an IP address).
    (2) Use 'ifconfig $dev down' instead of 'ifdown $dev' because the latter
    needs a configuration in /etc/network/interfaces while the former doesn't
    (there might be some corner cases then we want to remove an address but
    it has no record in /etc/network/interfaces).
    The only address not removed after this is I guess it's harmless
    (and the interface is down anyway).
    Signed-off-by: Kir Kolyshkin <>
  2. @kolyshkin

    etc/dists/scripts/ fix removing too much IPv6 addresses

    kolyshkin committed
    Commit 7b139a9 introduced IPv6 support for Debian. IPv6 address removal
    was performed like this:
    	grep -v $ip $${CFGFILE}
    So, if you want to remove an address like 10:29::1, addresses like
    10:29::10, 10:29::145 etc. will also be removed (just checked, it
    indeed happens). This is definitely not what we want here.
    Adding -w helps. Alternatively, we can add a space before and a slash
    after, but -w works good enough.
    While at it, add -F since we do look for a fixed string not a regex.
    Signed-off-by: Kir Kolyshkin <>
Commits on Sep 19, 2011
  1. @kolyshkin

    etc/dists/scripts/ fix the generated file header

    kolyshkin committed
    Minor cleanups:
    (1) Do not exceed 80 columns width
    (2) Add a few empty lines here and there, just for clarity.
    Signed-off-by: Kir Kolyshkin <>
  2. @kolyshkin

    etc/dists/scripts/ fix IPDELALL case

    kolyshkin committed
    Apparently commit 5d58b00 was incorrect -- it was not removing
    'address x.x.x.x' and 'netmask y.y.y.y' lines for IPv4 addresses.
    Use 'remove_debian_interface' function for correct IP removal.
    This is a copy-paste from
    Signed-off-by: Kir Kolyshkin <>
  3. @kolyshkin

    etc/dists/scripts/ hide a false error message

    kolyshkin committed
    In cases where are no IPs assigned to a container, we have the following
    error message from the script:
    	grep: ifcfg-venet0:*: No such file or directory
    Since it's pretty normal (i.e. not an error at all), hide it.
    Signed-off-by: Kir Kolyshkin <>
  4. @kolyshkin

    etc/dists/scripts/* add case for IPDELALL

    kolyshkin committed
    IPDELALL case should now be handled in *, since
    after recent commit bc2afdd vzctl no longer calls
    * script on set $CTID --ipdel all command.
    Most cases are handled well I guess. Well Slackware is always a mess.
    Signed-off-by: Kir Kolyshkin <>
  5. @kolyshkin

    etc/dists/scripts/ always restart networking

    kolyshkin committed
    Apparently /sbin/ifup -a is not working because "iface venet0"
    is not "auto".
    Specifically, here's the extract from ifup man page (Debian 6):
    	-a, --all
                  If  given  to  ifup, affect all interfaces marked auto.
    So I see no better way than to always restart networking.
    Signed-off-by: Kir Kolyshkin <>
  6. @kolyshkin

    etc/dists/scripts/ a fix for IPv6 case

    kolyshkin committed
    In case of IPv6 address $_NETMASK can be empty, so we need to quote
    arguments, otherwise their positions will be shifted and we will end
    up having value of $IFNUM as $_MASK and empty $IFNUM. Bad bad bad.
    Signed-off-by: Kir Kolyshkin <>
  7. @kolyshkin

    etc/dists/scripts/functions: do not declare a few locals at one line

    kolyshkin committed
    Page warns against declaring a few
    local variables in one line, saying all but the first one will be globals.
    Signed-off-by: Kir Kolyshkin <>
  8. @kolyshkin

    etc/dists/scripts/functions: quote $N arguments

    kolyshkin committed
    It was observed that dash is handling positional arguments in a way
    different from what bash does. Specifically, if $N contains spaces it
    must be quoted. Do that.
    There was no specific bug found because of this, so it's "just in case"
    Signed-off-by: Kir Kolyshkin <>
  9. @kolyshkin

    Fixed a bad typo

    kolyshkin committed
    It is supposed to be _IPV6ADDR, neither _IPV6_ADDR nor IPV6_ADDR.
    Shame shame shame shame.
    Signed-off-by: Kir Kolyshkin <>
  10. @kolyshkin

    etc/dists/scripts/ minor optimization

    kolyshkin committed
    There's no need to remove the line from the file we have just removed.
    While at it, get rid of extra ; at the end of return statement.
    Signed-off-by: Kir Kolyshkin <>
Commits on Sep 16, 2011
  1. @kolyshkin

    etc/conf: add vswap configs for 2GB and 4GB RAM

    kolyshkin committed
    Signed-off-by: Kir Kolyshkin <>
  2. @kolyshkin

    etc/conf/ve-vswap-1g.conf-sample: added as alias to 1024m

    kolyshkin committed
    Just an alias, so you can say --config vswap-1g instead of vswap-1024m
    Signed-off-by: Kir Kolyshkin <>
  3. @kolyshkin

    etc/conf/ve-vswap-*sample: set dcachesize to half of kmemsize

    kolyshkin committed
    Otherwise all the kernel memory could be eaten up by dcache,
    as shown in bug #1949.
    Reported-by: Thomas Menari <>
    Signed-off-by: Kir Kolyshkin <>
  4. @kolyshkin

    etc/vz.conf: fix a typo in a comment

    kolyshkin committed
    APR -> ARP
    Reported-by: Thorsten Schifferdecker <>
    Signed-off-by: Kir Kolyshkin <>
  5. @kolyshkin

    etc/init.d/vz-redhat: fix modules loading wrt dash

    kolyshkin committed
    Apparently different shells have different quoting rules.
    Quote $1 in load_modules() to be on the safe side.
    Reported-by: Jean-Baptiste Rouault <>
    Reported-by: Ola Lundqvist <>
    Signed-off-by: Kir Kolyshkin <>
  6. @pva @kolyshkin

    etc/init.d/ fix service stop

    pva committed with kolyshkin
    vzeventd does not create pid file. Drop its mentioning from init script
    to fix /etc/init.d/vzeventd stop.
  7. @kolyshkin

    etc/dists/scripts/ fix

    kolyshkin committed
    Commit 7ff74dc is not that bad except for the fact that grep, unlike sed,
    exits with code 1 if the pattern is not found. This makes the script error
    out, which is very unfortunate.
    Go back to using sed. Note this is not a complete patch revert -- we still
    achieve what we wanted in commit 7ff74dc.
    Reported-by: Scott Dowdle <>
    Signed-off-by: Kir Kolyshkin <>
  8. @kolyshkin

    Fix networking for Ubuntu-6.06

    kolyshkin committed
    This is an addition to commit e08d12d.
    Reported-by: Harald Kapper <>
    Signed-off-by: Kir Kolyshkin <>
Commits on Sep 5, 2011
  1. @kolyshkin

    Fix default route disappearing in Debian-based containers

    kolyshkin committed
    Let's take a Debian 6 CT with a network setup similar to this:
    	cat /etc/network/interfaces
    	# Auto generated lo interface
    	auto lo
    	iface lo inet loopback
    	# Auto generated venet0 interface
    	auto venet0
    	iface venet0 inet manual
    		up ifconfig venet0 up
    		up ifconfig venet0 0
    		up route add default dev venet0
    		down route del default dev venet0
    		down ifconfig venet0 down
    	iface venet0 inet6 manual
    	auto venet0:0
    	iface venet0:0 inet static
    The thing is, when venet0 is going up, default route is added:
    	default dev venet0  scope link
    But then venet0:0 is brought up, default route is replaced by a net route:
 dev venet0  proto kernel  scope link  src
    Apparently it happens in the kernel, and the workaround is assign a 'local'
    (i.e. 'scope host') address to venet0. This is exactly what the patch does.
    Should fix bug #1971
    Reported-by: Dietmar Maurer <>
    Signed-off-by: Kir Kolyshkin <>
Commits on Aug 22, 2011
  1. @kolyshkin

    etc/init.d/vz*: mount cgroups

    kolyshkin committed
    Newer RHEL6-based kernels provides some information in
    but it needs to be mounted. Make sure init script takes care about this.
    Signed-off-by: Kir Kolyshkin <>
Commits on Aug 21, 2011
  1. @kolyshkin

    etc/dists/scripts/{set_*,postcreate}.sh: de-bash-ify

    kolyshkin committed
    There is nothing bash-specific in these scripts, so make them executed
    by /bin/sh.
    Well, the true story is these scripts are read by vzctl and executed by
    running /bin/bash and then /bin/sh inside a container, when writing the
    'functions' file and then the script contents to shell's stdin. So,
    these '#!/bin/whatever' does not really matter, and if bash is available
    it will be used since it is tried first, before /bin/sh.
    Nevertheless, dash should handle these scripts just fine, too, in case
    someone cares.
    Signed-off-by: Kir Kolyshkin <>
  2. @tim-seoss @kolyshkin

    etc/dists/scripts/ randomize /etc/cron.d entries, too

    tim-seoss committed with kolyshkin
    Apparently modern cron daemons are not limited by /etc/crontab, there
    can also be some stuff at /etc/cron.d which we should also randomize.
    [ fix 'return 0' on no file found]
    Signed-off-by: Kir Kolyshkin <>
  3. @kolyshkin

    etc/dists/scripts/deb*: de-bash-ify

    kolyshkin committed
    Most of this is written in pure shell, so let's make it runnable
    by dash and busybox sh.
    Slightly checked on Debian 6 with dash using set --ipadd/--ipdel commands.
    Signed-off-by: Kir Kolyshkin <>
  4. @kolyshkin

    etc/dists/scripts/functions: remove bashisms

    kolyshkin committed
    Interestingly, all this stuff is pure shell, except for
    'function' keyword before function declarations. So let it
    be pure /bin/sh. Slightly tested with dash and busybox sh.
    While at it, also remove an unneeded semicolon.
    Reported-by: Sam Trenholme <>
    Signed-off-by: Kir Kolyshkin <>
Something went wrong with that request. Please try again.