From f76d87c78ade79c700b6dd48aeb6b8bbef60cf34 Mon Sep 17 00:00:00 2001 From: rhatto Date: Fri, 13 Apr 2007 21:46:27 +0000 Subject: created 0.6 branch git-svn-id: svn+slack://slack.fluxo.info/var/svn/simplepkg@341 04377dda-e619-0410-9926-eae83683ac58 --- .../vserver-legacy/vserver-legacy.s/skel.conf | 70 ++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 branches/0.6/templates/vserver-legacy/vserver-legacy.s/skel.conf (limited to 'branches/0.6/templates/vserver-legacy/vserver-legacy.s/skel.conf') diff --git a/branches/0.6/templates/vserver-legacy/vserver-legacy.s/skel.conf b/branches/0.6/templates/vserver-legacy/vserver-legacy.s/skel.conf new file mode 100644 index 0000000..73985d3 --- /dev/null +++ b/branches/0.6/templates/vserver-legacy/vserver-legacy.s/skel.conf @@ -0,0 +1,70 @@ +if [ "" = "" ] ; then +PROFILE=prod +fi +# Select the IP number assigned to the virtual server +# This IP must be one IP of the server, either an interface +# or an IP alias +# A vserver may have more than one IP. Separate them with spaces. +# do not forget double quotes. +# Some examples: +# IPROOT="1.2.3.4 2.3.4.5" +# IPROOT="eth0:1.2.3.4 eth1:2.3.4.5" +# If the device is not specified, IPROOTDEV is used +case $PROFILE in +prod) +#IPROOT=143.106.35.156 +IPROOT="eth0:192.168.0.1" +# The netmask and broadcast are computed by default from IPROOTDEV +#IPROOTMASK= +#IPROOTBCAST= +# You can define on which device the IP alias will be done +# The IP alias will be set when the server is started and unset +# when the server is stopped +#IPROOTDEV=eth0 +# You can set a different host name for the vserver +# If empty, the host name of the main server is used +S_HOSTNAME=skel +;; +backup) +IPROOT=1.2.3.4 +#IPROOTMASK= +#IPROOTBCAST= +#IPROOTDEV=eth0 +S_HOSTNAME= +;; +esac +# Uncomment the onboot line if you want to enable this +# virtual server at boot time +#ONBOOT=yes +# You can set a different NIS domain for the vserver +# If empty, the current on is kept +# Set it to "none" to have no NIS domain set +S_DOMAINNAME= +# You can set the priority level (nice) of all process in the vserver +# Even root won't be able to raise it +S_NICE= +# You can set various flags for the new security context +# lock: Prevent the vserver from setting new security context +# sched: Merge scheduler priority of all processes in the vserver +# so that it acts a like a single one. +# nproc: Limit the number of processes in the vserver according to ulimit +# (instead of a per user limit, this becomes a per vserver limit) +# private: No other process can join this security context. Even root +# Do not forget the quotes around the flags +S_FLAGS="lock nproc" +# You can set various ulimit flags and they will be inherited by the +# vserver. You enter here various command line argument of ulimit +# ULIMIT="-HS -u 200" +# The example above, combined with the nproc S_FLAGS will limit the +# vserver to a maximum of 200 processes +ULIMIT="-HS -u 1000" +# You can set various capabilities. By default, the vserver are run +# with a limited set, so you can let root run in a vserver and not +# worry about it. He can't take over the machine. In some cases +# you can to give a little more capabilities (such as CAP_NET_RAW) +# S_CAPS="CAP_NET_RAW" +S_CAPS="CAP_SETGID" +# Select an unused context (this is optional) +# The default is to allocate a free context on the fly +# In general you don't need to force a context +#S_CONTEXT= -- cgit v1.2.3