Cloudlinux 6.2. cPanel 11.32. Cagefs

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • mike
    Junior Member
    Forum Explorer
    • Mar 2021
    • 11

    #1

    Cloudlinux 6.2. cPanel 11.32. Cagefs

    Hello!

    After clean install of cloudlinux 6.2 in xenpv and cPanel 11.32 ive found such problem. I dunno who develops the cPanel plugin for LVE, so asking here:

    Problem: cPanel and WHM interfaces shows max memory multiplied by 4.

    Example:
    #cat /etc/container/ve.cfg
    <lveconfig>
    <system>
    <ubc enabled="false"></ubc>
    </system>
    <defaults>
    <cpu limit=" 25"></cpu>
    <ncpu limit="1"></ncpu>
    <io limit=" 25"></io>
    <mem limit="262144"></mem>
    <other maxentryprocs=" 20"></other>
    </defaults>
    </lveconfig>

    @ Users cPanel and WHM plugin default max memory limit shows as 1Gb.
    If ill input 256Mb in WHM plugin, then at ve.cfg would be 64Mb.

    Fix is simple, edit /usr/local/cpanel/Cpanel/LVEInfo.pm.
    Remove bitwise operations "<< 2" fr om sections:

    sub _mem_limit {
    return $lve[LMEM_INDEX] << 2 if (@lve);
    return $def[LMEM_INDEX] << 2;
    }

    sub round_mem_lim it {
    return RoundMemK( $lve[LMEM_INDEX] << 2 ) if (@lve);
    return RoundMemK( $def[LMEM_INDEX] << 2 );
    }

    Who can fix it?

    ==== CageFS ====
    Problem: Unable to set max UID or set Regexp for enabled users.

    Weve got LDAP auth for service users (uid users =>20000) and all of them are logging to cagefs, thats no a good idea. Using cagefs/users.disabled allowed only by cagefsctl, runnin ldapsearch -x -b ou..dc.. and then cagefsctl --disable $user by cron not a good idea, imho. New created users in LDAP automaticly logged into cagefs. So.. are you planning to create parameter max-uid, or create regexp for enabled users/uids, whichd enter into cagefs. Itd we very nice if you implement it.

    Outputs:
    # uname -a
    Linux hostname 2.6.32-320.4.1.lve1.1.7.el6.x86_64 #1 SMP Mon May 21 11:39:07 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux

    # yum list installed cagefs*
    cagefs.x86_64 3.5-1.el6.cloudlinux @cloudlinux-x86_64-server-6
    cagefs-safebin.x86_64 3.5-1.el6.cloudlinux @cloudlinux-x86_64-server-6

    --
    WBR.
  • iseletsk
    Senior Member
    • Dec 2017
    • 1199

    #2
    ve.cfg keeps memory in 4k pages, not in megabytes.

    Comment

    • mike
      Junior Member
      Forum Explorer
      • Mar 2021
      • 11

      #3
      > Igor Seletskiy wrote:
      > ve.cfg keeps memory in 4k pages, not in megabytes.

      Thanks, i didn find it in documentation.
      And what about CageFS?

      Comment

      • iseletsk
        Senior Member
        • Dec 2017
        • 1199

        #4
        CageFS -- you have two options:
        Enable cagefs for users one by one, like
        cagefsctl --disable-all
        cagefsctl --enable USERNAME
        (for each user that you want to be enabled)

        or use:
        cagefsctl --enable-all
        but put users that you don want to be in cagefs/lve into particular group. This will only work for PAM (ssh/cron jobs), and by default we ignore users in wheel group

        Comment

        • mike
          Junior Member
          Forum Explorer
          • Mar 2021
          • 11

          #5
          > Igor Seletskiy wrote:
          > but put users that you don want to be in cagefs/lve into particular group. This will only work for PAM (ssh/cron jobs), and by default we ignore users in wheel group

          Only one group can be putted there or may be theres any delimiter for list of groups?

          Comment

          • iseletsk
            Senior Member
            • Dec 2017
            • 1199

            #6
            Only one group. You can create a special group, and add users that shouldn be in CageFS in there.

            Comment

            Working...