freeVSD - Frequently Asked Questions ==================================== For more information on freeVSD refer to the other freeVSD documentation listed as follows: NEWS list of developments in the current version as well as past versions of freeVSD README essential information about freeVSD INSTALL generic installation notes user-guide.txt details on the installation and administration of freeVSD and virtual servers security.txt notes about freeVSD security issues protocol.txt detailed information on the freeVSD protocol HOWTOquotas.txt a brief HOWTO on enabling quotas in freeVSD HOWTOmod_bind.txt a brief HOWTO on the 'mod_bind' module in freeVSD General freeVSD Questions ========================= Q1. What hardware requirements are needed to run freeVSD? A1. You will need the following to run freeVSD: -Clean installation of Red Hat 6.1 or 6.2 -x86 Pentium processor -500MB of free hard disk space after installation -One or more server IP addresses -64MB of memory ------------------------------------------------------------------------------ Q2. What services can you run on a virtual server? A2. You can run all the services that are available on a Linux server. These include the following: -HTTP -DBMS -DNS -SSH -SMTP -Telnet -POP3 -FTP -chrtFTP ------------------------------------------------------------------------------ Q3. What is the main advantage of freeVSD over traditional web-hosting solutions? A3. With freeVSD, you can have multiple virtual servers within a single host server. Each virtual server contains all the services including HTTP, DBMS, FTP, SSH and others that are available to the host server. This provides more efficient management of resources where users can handle their own configurations and the ISP benefiting from reduced support overheads. ------------------------------------------------------------------------------ Q4. How is security maintained in freeVSD? A4. Virtual servers are seperated and protected from eachother through the 'chroot' function. Therefore, a user of a virtual server cannot access the file system of an adjacent virtual server. freeVSD has a system of user levels built-in where priviledges are controlled. The root user (who manages all virtual servers) can assign the 'admin' privilege to another user in order to administer a single virtual server. In turn, access control privileges can be assigned by the 'admin' user to subordinate users. ------------------------------------------------------------------------------- Q5. What is the maximum number of virtual servers that can run on a Linux box? A5. Approximately 250 with one virtual servers per partition. However, Linux imposes a limit of 255 mounted partitions for each running virtual servers. The final five partitions are likely to be used by your system disk, and the mounting of hard disks for hosting the virtual servers. The pseudo filesystem /proc must be mounted to map the partitions with the virtual servers. ------------------------------------------------------------------------------ Q6. What interfaces can be used to configure freeVSD? A6. freeVSD provides command line tools for the ISP and the virtual server administrator. A free PHP-based web interface is also available for download from the freeVSD site (see www.freevsd.org). A suite of Windows tools for managing virtual servers in freeVSD has been developed. Please see our site www.freevsd.org for more information. ------------------------------------------------------------------------------- Q7. Can you use freeVSD with Red Hat 7.0? A7. RPMs for Red Hat 7.0 are available, but should be considered Beta code at present. ------------------------------------------------------------------------------- Q8. Does my virtual server need a valid IP address? A8. Yes. Your virtual server must have a valid unique Internet IP address in order to connect it with the outside world. Troubleshooting Questions ========================= Q1. I try to create a virtual server using vsdadm vs_create localhost ... and I get the error: "connection to localhost could not be established: Connection refused". A1. Ensure '/etc/inetd.conf' contains the line: vsd stream tcp nowait root /usr/sbin/vsd vsd Send a SIGHUP to inetd, in case you missed this step earlier: $ killall -HUP inetd If it still doesn't work then check /var/log/messages for possible errors reported by inetd. ------------------------------------------------------------------------------- Q2. Running vsd-vsbatch.pl returns the following error: "error: -ERR Could not set quota stats". A2. You have tried to create a virtual server with a disk quota limit, however you haven't re-compiled your kernel for user/group quota support. Please refer to the document HOWTOquotas.txt for more details on quota limits in virtual servers. ------------------------------------------------------------------------------- Q3. When I run 'vsboot --start', I get the error: "SIOCSIFFLAGS: Cannot assign requested address". A3. You are trying to start a virtual server that is already running. 'vsboot' is trying to set an IP alias on the network interface, but the alias already exists. Either ensure your virtual server is stopped prior to starting it, or use `vsboot --restart' instead. ------------------------------------------------------------------------------- Q4. I run 'vsboot --start' and get the following errors: "/etc/rc: rm: command not found" and "/etc/rc: su: command not found". A4. This is because you haven't installed the freevsd-pkgs RPM. First install the freevsd-pkgs RPM, then delete all virtual servers and re-generate the skel. ------------------------------------------------------------------------------- Q5. How do I enable Apache's suexec wrapper? A5. By default Apache is installed with the suexec wrapper disabled. The administrator should disable the suexec wrapper by setting the appropriate permissions. Prior to creating the skel, fix the permissions with: $ chmod 4711 /usr/sbin/suexec If you have already created the skel, use: $ chmod 4711 /path/to/skel/usr/sbin/suexec ------------------------------------------------------------------------------- Q6. Apache listens on port 8080 for web traffic. How can I get it to listen on port 80 ? A6. It is set to listen on 8080 for security reasons. To get it to start on port 80, you need to modify `rc' and `rc.vsd', located in /usr/share/freevsd/skel-repo/etc. Add the following lines to rc, just before the `exit 0'. # Start Apache web server (as root) httpd_enable="YES" if [ "${httpd_enable}" = "YES" ]; then echo -n 'starting web server: ' if [ -x "/bin/httpd" ]; then httpd_path="/bin/httpd"; fi if [ -x "/usr/sbin/httpd" ]; then httpd_path="/usr/sbin/httpd"; fi if [ -x "/usr/libexec/httpd" ]; then httpd_path="/usr/libexec/httpd"; fi ${httpd_path} -D SSL & echo 'httpd' fi Then comment out the following lines in rc.vsd: # Start Apache web server if [ "${httpd_enable}" = "YES" ]; then echo -n 'starting web server: ' if [ -x "/bin/httpd" ]; then httpd_path="/bin/httpd"; fi if [ -x "/usr/sbin/httpd" ]; then httpd_path="/usr/sbin/httpd"; fi if [ -x "/usr/libexec/httpd" ]; then httpd_path="/usr/libexec/httpd"; fi su - web -c "${httpd_path} -D SSL" & echo 'httpd' fi Once you have updated the code, delete your virtual servers, re-construct the skel (using vsd-genskel.pl) and re-create your virtual servers. ------------------------------------------------------------------------------- Q7. How do I use MySQL within a virtual server? A7. First, install MySQL onto the hosting server. Then you need to edit the virtual server startup scripts to support the automatic starting of the server. Edit /usr/share/freevsd/skel-repo/etc/rc.vsd and add the following lines: # Start MySQL server if [ "${mysql_enable}" = "YES" ]; then if [ -d "/var/lib/mysql" ]; then echo -n 'starting mysql server: ' /usr/bin/safe_mysqld --bind-address=`hostname` & >/dev/null 2>&1 echo 'mysql' fi fi Then add the following lines to the following file: /usr/share/freevsd/skel-repo/etc/rc.conf. # Set to YES to enable MySQL mysql_enable="NO" Finally, rebuild your skel and re-create your virtual server? ------------------------------------------------------------------------------- Q8. How do I use PostgreSQL within a virtual server? A8. First, install PostgreSQL onto the hosting server. Edit the /usr/share/freevsd/skel-repo/etc/rc.vsd by adding the following lines: # Start PostgreSQL server if [ "${postgresql_enable}" = "YES" ]; then if [ -d "/var/lib/postgres" ]; then echo -n 'starting postgresql server: ' (postmaster -D /var/lib/postgres -p ${postgresql_port} -B 256 2>&1 | logger -p local5.notice) & echo 'postgres' fi fi Add the following to /usr/share/freevsd/skel-repo/etc/rc.conf: # Set to YES to enable PostgreSQL postgresql_enable="NO" postgresql_port=NONE Finally, rebuild your skel and re-create your virtual servers. Each virtual server that wants a PostgreSQL database must be given a unique port number, by editing /etc/rc.conf in the virtual server *after* it has been created. PostgreSQL generates shared memory mappings based on it's port number. Two PostgreSQL databases cannot run on the same server and port because their shared memory key ids will conflict with eachother. ------------------------------------------------------------------------------- Q9. When I install in any directory outside of /root in a created virtual server I get the following error message: "Numerical result out of range"? A9. In a standard freeVSD installation the 'admin' user can only write to the following directories: /root, /home/httpd and /usr/local. This prevents the admin user from damaging essential system files and also simplifies backup requirements. This does mean however that some types of installation (ie RPM) can be problematic and must be carried out at the host server level before being incorporated into the skel. If all your virtual server users can be trusted withe system, there is no reason why 'admin' users cannot be awarded greater access by modifying the skel. ------------------------------------------------------------------------------- Q10. I am getting the following error when I try to add a domain: "cannot determine whether I am primary or secondary". A10. The primary/secondary name server entries under the section in vsd.conf are specified incorrectly. It is likely that you have indicated the IP address of your name servers. This is not currently supported and a valid hostname should be supplied instead. If your network does not have a name server the PrimaryNS entry in the section of the vsd.conf file should refer to the local machine name, i.e. 'localhost'.