OpenVZ Forum


Home » Mailing lists » Users » OpenVZ template confusion
OpenVZ template confusion [message #29743] Wed, 23 April 2008 20:47 Go to next message
Sean Whitney is currently offline  Sean Whitney
Messages: 3
Registered: April 2008
Junior Member
Background:

I have 2 server the HN on one is Ubuntu the other is RH5.  I have  
created a usable ubuntu template for our environment by modifying a  
ubuntu template from the Openvz webpage.  Within the template I have  
included our developer's accounts, to include ssh keys.  I created  
this template on our ubuntu server and it works great, I can create a  
new VE, and login using my ssh keys as soon as it's started.

I copied this template to our RH5 server and it mostly works as  
expected all I had to change the /etc/ssh/sshd_config to only allow  
ipv4 binding to port 22.  However, my user accounts in the ubuntu VE  
are foobar.

For example, within the ubuntu template  the uids for alice, bob, and  
carol are 1000, 1001 and 1002, respectively.  These same users have  
accounts on the RH5 HN server, but their uid are 500, 501, and 502 .   
When I create the new VE, alice's home directory is owned by uid 501,  
bob's is owned by uid 502, but carol's is correctly owned by uid 1002.

My assumption is when the "vzctl create" command is used somehow tar  
is "correcting" the file ownership in the VE to align with the HN.


So,

1) Is it reasonable to "precreate" these accounts within the custom  
image for our internal use or should I forgo this idea.
2) Is there some step, that I have missed that ensures that user  
directories are created with the right UID/GID?
3) Is this a configuration issue somewhere that I have fubarred?
4) Is this a bug?



Sean
=======================================
Sean Whitney
PMB #120, 16505A SE First Street
Vancouver, WA  98684
T. 360.607.7945
F. 815.364.0687
aim: seanmwhitney
email: sean@visionary-networks.com
=======================================
Re: OpenVZ template confusion [message #29758 is a reply to message #29743] Thu, 24 April 2008 07:13 Go to previous messageGo to next message
vaverin is currently offline  vaverin
Messages: 708
Registered: September 2005
Senior Member
Hi Sean,

Could you please explain why you want to have UID/GID inside VE be equal to ones on host node?

I would note that it is quite normal that the same users have different UID's on the different nodes, however ususally it do not lead to any troubles.

Thank you,
Vasily Averin
Re: OpenVZ template confusion [message #29774 is a reply to message #29743] Thu, 24 April 2008 08:29 Go to previous messageGo to next message
Christian Hofstaedtle is currently offline  Christian Hofstaedtle
Messages: 4
Registered: March 2008
Junior Member
Sean,

> For example, within the ubuntu template  the uids for alice, bob, and  
> carol are 1000, 1001 and 1002, respectively.  These same users have  
> accounts on the RH5 HN server, but their uid are 500, 501, and 502 .   
> When I create the new VE, alice's home directory is owned by uid 501,  
> bob's is owned by uid 502, but carol's is correctly owned by uid 1002.
> 
> My assumption is when the "vzctl create" command is used somehow tar  
> is "correcting" the file ownership in the VE to align with the HN.


You probably want to use --numeric-owner when creating your template
tar.gz. I'm doing something along this:

cd /vz/private/42; tar cfz /vz/template/cache/debian-4.0-test.tar.gz . \ 
 --numeric-owner

Christian
Re: Re: OpenVZ template confusion [message #29787 is a reply to message #29758] Thu, 24 April 2008 15:47 Go to previous messageGo to next message
Sean Whitney is currently offline  Sean Whitney
Messages: 3
Registered: April 2008
Junior Member
I don't.

When I use vzctl create <VEID> and it untar's the template file, it is  
changing the UID/GID of the home directories in the tar file from the  
original UID/GID, to the UID/GID that the same individuals have on the  
HN.

If I peek inside the template file my UID is 1001.

On the HN my uid is 501.

When I create the VE, my UID inside the VE is now 501, screwing up all  
kinds of permissions.



Sean
=======================================
Sean Whitney
PMB #120, 16505A SE First Street
Vancouver, WA  98684
T. 360.607.7945
F. 815.364.0687
aim: seanmwhitney
email: sean@visionary-networks.com
=======================================





On Apr 24, 2008, at 12:13 AM, vaverin wrote:

>
>
> Hi Sean,
>
> Could you please explain why you want to have UID/GID inside VE be  
> equal to ones on host node?
>
> I would note that it is quite normal that the same users have  
> different UID's on the different nodes, however ususally it do not  
> lead to any troubles.
>
> Thank you,
> Vasily Averin
Re: Re: OpenVZ template confusion [message #29809 is a reply to message #29787] Fri, 25 April 2008 08:03 Go to previous messageGo to next message
kir is currently offline  kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia
Senior Member

Sean Whitney wrote:
> I don't.
>
> When I use vzctl create <VEID> and it untar's the template file, it is 
> changing the UID/GID of the home directories in the tar file from the 
> original UID/GID, to the UID/GID that the same individuals have on the 
> HN.
>
> If I peek inside the template file my UID is 1001.
>
> On the HN my uid is 501.
>
> When I create the VE, my UID inside the VE is now 501, screwing up all 
> kinds of permissions.

Can you check your tarball is correct? Maybe you have to use 
--numeric-owner option to tar when packing it.
[Resolved]Re: Re: OpenVZ template confusion [message #29833 is a reply to message #29809] Fri, 25 April 2008 17:12 Go to previous messageGo to next message
Sean Whitney is currently offline  Sean Whitney
Messages: 3
Registered: April 2008
Junior Member
Yes, using the --numeric-owner when creating the tarball, fixe the  
issue.  It would be nice if that was included in the wiki,  
somewhere.......




Sean
=======================================
Sean Whitney
PMB #120, 16505A SE First Street
Vancouver, WA  98684
T. 360.607.7945
F. 815.364.0687
aim: seanmwhitney
email: sean@visionary-networks.com
=======================================





On Apr 25, 2008, at 1:03 AM, Kir Kolyshkin wrote:

> Sean Whitney wrote:
>> I don't.
>>
>> When I use vzctl create <VEID> and it untar's the template file, it  
>> is changing the UID/GID of the home directories in the tar file  
>> from the original UID/GID, to the UID/GID that the same individuals  
>> have on the HN.
>>
>> If I peek inside the template file my UID is 1001.
>>
>> On the HN my uid is 501.
>>
>> When I create the VE, my UID inside the VE is now 501, screwing up  
>> all kinds of permissions.
>
> Can you check your tarball is correct? Maybe you have to use -- 
> numeric-owner option to tar when packing it.
Re: [Resolved]Re: Re: OpenVZ template confusion [message #29985 is a reply to message #29833] Sun, 04 May 2008 14:48 Go to previous messageGo to next message
kir is currently offline  kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia
Senior Member

Sean Whitney wrote:
> Yes, using the --numeric-owner when creating the tarball, fixe the 
> issue.  It would be nice if that was included in the wiki, 
> somewhere.......
Since it's wiki, you are very welcome to add this info yourself. :)

Not that I am saying that I won't add this myself, but that'd be nice if 
you can contribute a little, too.
Re: [Resolved]Re: Re: OpenVZ template confusion [message #29987 is a reply to message #29833] Sun, 04 May 2008 15:03 Go to previous message
rmello is currently offline  rmello
Messages: 15
Registered: October 2007
Junior Member
On Fri, Apr 25, 2008 at 11:12 AM, Sean Whitney
<sean@visionary-networks.com> wrote:
> Yes, using the --numeric-owner when creating the tarball, fixe the issue.
> It would be nice if that was included in the wiki, somewhere.......

I've seen a similar problem with my debian-exim user's UID getting
screwed up when moving the template to a new server. Good to know I
have to use --numeric-owner for tar.

Thanks,

Roberto

-- 
http://blog.divisiblebyfour.org/
Previous Topic: Problems with Debian sid VE
Next Topic: VLAN bug with 2.6.24
Goto Forum:
  


Current Time: Tue Mar 19 05:31:17 GMT 2024

Total time taken to generate the page: 0.02374 seconds