How Can Secure /tmp /var/tmp In OpenVZ VPS ?
Mar 15, 2007
recently I got a VPS from cheapvps.co.uk and so far so good. Im getting used to the VPS enviroment. I tried to follow several guides about how to secure with noexec and nosuid the /tmp and /var/tmp and it did not work.
in http : / / www . webhostingtalk .com/showthread.php?t=474681&highlight=tmp points it must be done from the hosting. Same is said in http : // kb . swsoft . com/article_130_648_en.html.
I asked the hosting to do it and they told me as I got an Unmanaged VPS they cant do it for me.
Do anyone know how can be done ? I dont want to use tmpfs as it uses main memory.
View 1 Replies
ADVERTISEMENT
Aug 27, 2008
I have recently picked up a CentOS5 server running on an OpenVZ box. Going thru various guides, I have seen repeatedly the importance of securing the /tmp partition. However, I am running into trouble when I try to follow the usual commands [1][2]
For example:
# mount -o nosuid,noexec /media/tmpFS /tmp
mount: /media/tmpFS is not a block device (maybe try `-o loop'?)
If I check for the presence of loop, it is missing:
# ls -ltr /dev/loop*
ls: /dev/loop*: No such file or directory
If I try and create loop using /sbin/makedev loop and re-execute the mount command, I get a new error
mount: no permission to look at loop
The nearest I have found so far is this thread [3], which suggests using
mount -t tmpfs tmpfs /tmp
I believe the above will not persist across a reboot, so that defeat's the purpose.
Can you advise on how to mount /tmp in noexec,nosuid mode within the VPS environment?
View 0 Replies
View Related
Dec 10, 2008
[openvz ]How to make for kernel of openvz to recognize 4GB of ram?
How to make for kernel of openvz to recognize 4GB of ram?
# uname -a
Linux xxxxxxxxxxx 2.6.18-92.1.13.el5.028stab059.3 #1 SMP Wed Oct 15 17:48:55 MSD 2008 i686 i686 i386 GNU/Linux
View 4 Replies
View Related
Feb 18, 2009
Can anybody advise, or provide somewhere which advises on the pros/cons of OpenVZ and Xen virtualisation platforms?
View 14 Replies
View Related
May 18, 2009
Well which one?
Also if possible say why you prefer either OpenVZ or Xen.
View 14 Replies
View Related
Sep 17, 2008
I am being told that when a VPS in openvz hits the maximum ram assigned to it that openvz disables that vps.
Isn't the ram limit a hard limit that simply restricts the available ram to that container to XX ram?
Is this normal?
View 12 Replies
View Related
Oct 8, 2008
We are looking for a VPS to house a scala framework running on a JVM, from what I can gleen Xen would be the best route for us or is it possible that openVZ with enough dedicated ram would suffice, does anyone have a view on this?
View 6 Replies
View Related
Oct 31, 2009
How I can see how much guaranteed memory I have ? And how I can see how much guaranteed memory I have used ?
Additional how I can see how much bustable memory I have used or how much total memory my VPS is using.
View 14 Replies
View Related
Feb 17, 2009
Just how it actually works? I have a pretty good knowledge about Xen and Linux KVM (somewhat about VMware as well). Prior to joining WHT, I rarely heard about Virtuozzo and OpenVZ.
I'm just interested in RAM usage actually. I also read on some threads that you can oversell storage and net bandwidth as well? That just seems a little weird to me.
I also used a fairly good amount of Solaris Zones as well.
Example, if I have a 8GB box and I leave some, say 512MB, reserved for CT0. 8192-512=7680 (I know the ACTUAL RAM amount will NOT be 8192), that leaves 7680MB use for CTs. So technically in OpenVZ if you dice out dedicated 512MB VEs... you end up with 15 right?
So you are able to sell more than 15 VPSs on a 8GB server box? If also set all burstable RAM to 1GB for all VEs.
In Xen, when you set dedicated RAM it is taken away from dom0, period. That's all there is to it, no oversell (Xen 3.3+ you can use ballooning to overcommit RAM, I know).
Within CT in VZ, user is able to check beancounters to see the guaranteed/burstable RAM. Technically you can't lie to the users.
I researched around... when oversell in VZ and the RAM gets maxed out... VZ will try to slow/stop/kill processes in order to keep the guests happy, to me that's just dangerous. Why needs to kill processes for RAM saturation?
Anyone can shed some lights for me? Or point me to an article(s). It can be technical, I should be able to grasp.
View 5 Replies
View Related
Apr 25, 2009
I am trying to create some vps using openvz but after creating the vps with the Centos basic template 304mb i can't ping the ip and i can't view the centos welcome page in my browser (using ip and not domain, so i don't need to change there anything yet) and the most important is that i can't connect to the vps using ssh
I aks for many good users about my problem but i don' found a solution yet.
I ask my DC about ip's and they told me that the ip's are routed in my server.
I follow this instructions:
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 50G 2.8G 44G 6% /
/dev/sda3 198M 21M 168M 11% /boot
/dev/sda5 408G 2.4G 385G 1% /vz
tmpfs 1012M 0 1012M 0% /dev/shm
I follow this:
I disable selinux by editing /etc/sysconfig/selinux and changing the line to selinux=disabled
and then run:
I just login using ssh as root and run the folllowing commands.
Did i have to move to another directory to run them or ?
setenforce 0
wget[url]
Next i open /etc/grub.conf
vi /etc/grub.conf
and change default=1 to default=0
Then i add the ip's at the pool and create a plan and then create a vps without any errors but nothing.
I try with my DC resolvers or the 4.2.2.1 4.2.2.2 but nothing.
I alo add at the settings the gateway with no results at all.
After all i can't ping the ip that the vps got from the pool even ping it and not possible to connect to it using the ssh Sad
View 14 Replies
View Related
Apr 17, 2009
When you're creating VPS container, you can ssh with that IP and login with your username and password correct? But, what is the problem when I successfully created a VPS, and when trying ssh into it, I can't. Ok, here we go. I want to create a 2nd vps and will be using it as my DNS server. I enter a set of IPs into HyperVM's IPpool. First IP: x.x.x.178 Last IP: x.x.x.182 Resolv Entries (space Separated) : Gateway (IP): x.x.x.x.177 NetMask: 255.255.255.248
Then I created a vps resource plan. And then I created a VPS and it use the first IP from above. I want to connect to SSH and want to make it as my DNS server but seems the IP are not responding, it wasn't even live. So, what is the problem here? Where I did wrong? Just to let you know, I successfully created 1 VPS before that and it works without any hiccups. Got even whm/cpanel installed as well on it. The thing that I suspected is that my DC pulled the IPs off me and assigned them to other server. Waiting for their reply on this though.
View 14 Replies
View Related
Aug 21, 2008
What does OpenVZ / w HyperVM
Can I distribute VPS through?
View 5 Replies
View Related
Aug 30, 2008
When i using openvz to create VPS, and RHEL4 needed yum installed.
I don't know how to install yum on it.
View 1 Replies
View Related
Feb 12, 2008
i have dedicated server. i want install hypervm on this server my work is sell vps.
of your seems xen is better or openvz for my work?
server is :
Intel 2.13Ghz Quad-Core Xeon X3210 Dell PowerEdge 840, 1066MHz, 2x4 MB L2 Cache
4GB DDR2 RAM
2x250GB HDD
View 6 Replies
View Related
Nov 2, 2007
I'm trying to convince someone into a project. He's not sure if OpenVZ is well known.
Do you know of it?
View 14 Replies
View Related
Jul 26, 2008
i am looking to get away from hostgators extremely overloaded servers and get a vps. I have been admining linux servers for a while although never as a web server, but think i can handle that aspect. I have done a huge amount of research but dont know which way to go. One of the things thats rough is the control panels, i like cpanel and have only used cpanel but many charge alot for it. I have been considering an xl-256 plan from vpsland.com. they are east coast (i am in NJ, west coast is out) and their xl plan is xen with swap. But its $15 for cpanel and that is too much, i was thinking of trying directadmin for $6. Is directadmin any good? I need spamassasin and that stuff of course. To me its crazy that openvz has no swap and the server will crash if you reach max ram like at vpslink.com. I really liked vpslink.com's phone support but the west coast thing is rough. I have been looking at http://www.ubiquityservers.com/vps/new-york.php these guys but its virtuozzo, but cpanel is cheap only $5 a month. bodhost.com seemed cheap at $8 for cpanel. then i found this which sounds great! especially since its close but i emailed them to ask if its xen or openvz and havent heard back in almost 12 hours which scares me for support. i like phone support but vpslink.com again was on the west coast. their cpanel was cheap though at $8. plus i dont know if i want managed ro not then i remembered this site, and remembered i had gotten alot of help hear before so i figured it be best to hear others experience and favorites, etc.
View 7 Replies
View Related
Sep 23, 2007
I am aiming to offer VPS based on OpenVZ. Have some questions, please help to answer
- in OpenVZ, is there any monitor script, that will release an email to say one VPS is down? Or will I need to use external monitoring?
- can I do the backup / restore of full VPS within OpenVZ? Can customers do it themselves?
- how hard to change the VPS configuration? For example, upgrading from 256MB RAM to 512MB RAM, or adding more CPU, space...?
- how about the IP control in OpenVZ? Let's say each VPS will have 2 IPs, so to prevent customers adding more IPs, I will need to setup VLAN, is that correct? How hard is it in OpenVZ?
- how about the ideal hardware for running OpenVZ? Saying SATA, or SCSI disks, how many RAM... for example
View 14 Replies
View Related
Aug 30, 2008
All these are free but which is best. What are the pros and cons? Have been using Virtuozzo and I love it but thinking about offering cheaper solutions with GPL software.
View 11 Replies
View Related
Oct 28, 2008
Which one do you prefer more and why?
Virtuozzo is very expensive while OpenVZ is free and it is somehow another Virtuozzo, but made simpler?
View 11 Replies
View Related
Jun 27, 2008
On a recent Xen VPS trial, I noticed two kernel versions. "2.6.9-42.0.2.EL.xs148xenU" was being used, but 2.6.18X was installed (source & headers). While trying to set up OpenVPN, I noticed my modules.dep was missing. I could be wrong, but I was under the impression that I needed the Kern source in order to make the module dependencies. At any rate, I can't find the kernel versions in question and was wondering where / if they're provided for Xen users. (By the way, I was running CentOS 5)
View 5 Replies
View Related
Jul 22, 2007
If I restart VPS (vzctl stop 1002 | vzctl start 1002 ) I can't join from ssh - not working, but remaining services start correctly: ftp, cpanel, etc.
View 9 Replies
View Related
Jun 3, 2009
How do you create OS Templates on open VZ? We want to create on with CentOS + Webmin and one with cPanel. Anyone done this before?
View 5 Replies
View Related
Oct 18, 2009
Did you try vCpanel for openVZ?
it's a web-based control panel, not-free, it costs about $3/vps
Site: http://vcpanel.net/
any one have any review for it?
View 10 Replies
View Related
Jul 13, 2008
I'm running my own OpenVZ server with a few VPS's running on it and have a small network issue.
I can't ping any VE from the HN. All the other networking is working ok (strangely I can ping the HN from the VE) apart from this. It's a simple setup with one network card connected to the internet.
OpenVZ the latest stable version running on CentOS 5.2
I'm pretty sure it's not a firewall problem but is something to do with arp or routing and one of the settings in sysctl.conf
Has anyone else seen this?
View 6 Replies
View Related
Nov 28, 2007
I am looking at a VPS of one friend, using OpenVZ. It has 256MB RAM, but it always goes down, and the host asks my friend to upgrade to larger RAM. I have read that if UBC setting is too low, the VPS could not use all allocated RAM, not sure if it's correctly or not, but is there anyway to check?
This is some info ...
View 5 Replies
View Related
Aug 12, 2007
I am trying to run the OpenVZ PAE kernel with 8 gigs of ram to back the server, however the server keeps suffering from hangings.
It starts 2 or 3 vpses fine, but once it hits 4 or so, it hangs without a kernel panic or any other proper error message.
The kernel version is 2.6.18-8.1.8.el5.028stab039.1PAE but it also does it on 2.6.18-ovz028stab039.1-enterprise
Anybody have the same problem and come up with a solution? Node is running CentOS 5.
View 3 Replies
View Related
Aug 1, 2009
We've run into a few problems with migrating to a new nodes from our previous one. Both are on the same network while one is Centos 32bit the newer one is 64bit. The VPS's will keep the same IPs so there won't be donwtime.
I use the command:
vzmigrate -r no --keep-dst --online -v xxx.xxx.xxx.xxx VPSID
However it comes back with errors:
Error: undump failed: Invalid argument
Restoring failed:
Error: iptables-restore exited with 2
Error: Most probably some iptables modules are not loaded
Error: rst_restore_net: -22
Stopping container ...
Container start failed
Container was stopped
Container is unmounted
Error: Failed to undump container
Resuming...
arpsend: xxx.xxx.xxx.xxx (VPS's IP) is detected on another computer : 00:00:00:00:00:00 (MAC address of old node)
vps-net_add WARNING: arpsend -c 1 -w 1 -D -e xxx.xxx.xxx.xxx (VPS's IP) bond0 FAILED
arpsend: xxx.xxx.xxx.xxx (VPS's IP)8 is detected on another computer : 00:00:00:00:00:00 (MAC address of old node) ...
View 1 Replies
View Related
Sep 13, 2007
I'm making an online puzzle game and I'm wondering which virtualization would handle it the best: OpenVZ or Xen and why.
View 7 Replies
View Related
Apr 2, 2009
As a provider of Virtual Private Servers im looking at ways to expand our business, I love the fact that we can offer our clients such a good service with the low price we presently charge but as a "Client" or "Potential Client" what would your views be on Virtuozzo?
Is it worth our business cutting our already low profits and going with Virtuozzo as our VPS Control Panel?
This is something we are very interested in doing and we feel it would be a big jump from the very low-end budget HyperVM/OpenVZ Approach.
Your Views on the Virtuozzo Vs HvM/OvZ would be very helpfull.
Would you rather buy a low priced Virtozzo VPS or an even lower priced HyperVM powered VPS? Im quite lost as to wether the financial investment would be worth it, I don't see how it wouldnt be as HyperVM is very buggy and really doesnt give a full sense of security in my personal opinion.
View 14 Replies
View Related
Feb 8, 2009
Which is best and the pro's and con's
View 3 Replies
View Related