* Alternate method of running swapon? @ 2020-01-08 18:09 Jeffrey Walton 2020-01-08 18:23 ` Valentin Vidić ` (2 more replies) 0 siblings, 3 replies; 9+ messages in thread From: Jeffrey Walton @ 2020-01-08 18:09 UTC (permalink / raw) To: kernelnewbies Hi Everyone, I work with an open source project. We have a VM but it is low-end. The machine suffers OOM kills. We don't have access to /etc/fstab. Everything is an upsell with the VPS provider. I'm trying to setup a swapfile during startup using Systemd but: # swapon /swapfile swapon: /swapfile: swapon failed: Operation not permitted This may be useful: # command -v swapon /sbin/swapon # file /sbin/swapo swapoff swapon # file /sbin/swapon /sbin/swapon: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=a4891bc4dcfc533c61d76aa3e69870ab35d90c89, stripped My question is, is there a way to sidestep the restriction? Is it possible to ask the kernel to use the swapfile without using the command? Thanks in advance. _______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Alternate method of running swapon? 2020-01-08 18:09 Alternate method of running swapon? Jeffrey Walton @ 2020-01-08 18:23 ` Valentin Vidić 2020-01-08 18:33 ` Jeffrey Walton 2020-01-08 18:26 ` Bernd Petrovitsch 2020-01-08 18:31 ` Greg KH 2 siblings, 1 reply; 9+ messages in thread From: Valentin Vidić @ 2020-01-08 18:23 UTC (permalink / raw) To: kernelnewbies On Wed, Jan 08, 2020 at 01:09:23PM -0500, Jeffrey Walton wrote: > Hi Everyone, > > I work with an open source project. We have a VM but it is low-end. > The machine suffers OOM kills. We don't have access to /etc/fstab. > Everything is an upsell with the VPS provider. > > I'm trying to setup a swapfile during startup using Systemd but: > > # swapon /swapfile > swapon: /swapfile: swapon failed: Operation not permitted > > This may be useful: > > # command -v swapon > /sbin/swapon > # file /sbin/swapo > swapoff swapon > # file /sbin/swapon > /sbin/swapon: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), > dynamically linked (uses shared libs), for GNU/Linux 2.6.32, > BuildID[sha1]=a4891bc4dcfc533c61d76aa3e69870ab35d90c89, stripped > > My question is, is there a way to sidestep the restriction? Is it > possible to ask the kernel to use the swapfile without using the > command? You can try running for more details: # strace swapon /swapfile but the swap functionality is probably disabled in the kernel itself. -- Valentin _______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Alternate method of running swapon? 2020-01-08 18:23 ` Valentin Vidić @ 2020-01-08 18:33 ` Jeffrey Walton 2020-01-08 18:42 ` Valentin Vidić 0 siblings, 1 reply; 9+ messages in thread From: Jeffrey Walton @ 2020-01-08 18:33 UTC (permalink / raw) To: Valentin Vidić; +Cc: kernelnewbies On Wed, Jan 8, 2020 at 1:23 PM Valentin Vidić <vvidic@valentin-vidic.from.hr> wrote: > > On Wed, Jan 08, 2020 at 01:09:23PM -0500, Jeffrey Walton wrote: > > Hi Everyone, > > > > I work with an open source project. We have a VM but it is low-end. > > The machine suffers OOM kills. We don't have access to /etc/fstab. > > Everything is an upsell with the VPS provider. > > > > I'm trying to setup a swapfile during startup using Systemd but: > > > > # swapon /swapfile > > swapon: /swapfile: swapon failed: Operation not permitted > > > > This may be useful: > > > > # command -v swapon > > /sbin/swapon > > # file /sbin/swapo > > swapoff swapon > > # file /sbin/swapon > > /sbin/swapon: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), > > dynamically linked (uses shared libs), for GNU/Linux 2.6.32, > > BuildID[sha1]=a4891bc4dcfc533c61d76aa3e69870ab35d90c89, stripped > > > > My question is, is there a way to sidestep the restriction? Is it > > possible to ask the kernel to use the swapfile without using the > > command? > > You can try running for more details: > > # strace swapon /swapfile > > but the swap functionality is probably disabled in the kernel itself. Thanks Valentin. Here is the full Pastebin: https://pastebin.com/hHAv5T0N . I believe this is the relevant part from the Pastebin: readlink("/swapfile", 0x7ffefb4c0810, 4096) = -1 EINVAL (Invalid argument) stat("/swapfile", {st_mode=S_IFREG|0600, st_size=2147483648, ...}) = 0 open("/swapfile", O_RDONLY) = 3 read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 65536) = 65536 close(3) = 0 swapon("/swapfile", 0) = -1 EPERM (Operation not permitted) open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=2502, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fdbd8207000 read(3, "# Locale name alias data base.\n#"..., 4096) = 2502 read(3, "", 4096) = 0 close(3) = 0 munmap(0x7fdbd8207000, 4096) = 0 open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/util-linux.mo", O_RDONLY) = -1 ENOENT (No such file or directory) ... Jeff _______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Alternate method of running swapon? 2020-01-08 18:33 ` Jeffrey Walton @ 2020-01-08 18:42 ` Valentin Vidić 2020-01-08 20:08 ` Jeffrey Walton 0 siblings, 1 reply; 9+ messages in thread From: Valentin Vidić @ 2020-01-08 18:42 UTC (permalink / raw) To: kernelnewbies On Wed, Jan 08, 2020 at 01:33:21PM -0500, Jeffrey Walton wrote: > I believe this is the relevant part from the Pastebin: > > readlink("/swapfile", 0x7ffefb4c0810, 4096) = -1 EINVAL (Invalid argument) > stat("/swapfile", {st_mode=S_IFREG|0600, st_size=2147483648, ...}) = 0 > open("/swapfile", O_RDONLY) = 3 > read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., > 65536) = 65536 > close(3) = 0 > swapon("/swapfile", 0) = -1 EPERM (Operation not permitted) Yes, the swapon call fails with this error. You can check the kernel name with uname -a, but it probably runs a custom build and you can't reboot with a different one to enable swap functionality. -- Valentin _______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Alternate method of running swapon? 2020-01-08 18:42 ` Valentin Vidić @ 2020-01-08 20:08 ` Jeffrey Walton 2020-01-08 20:28 ` Valentin Vidić 0 siblings, 1 reply; 9+ messages in thread From: Jeffrey Walton @ 2020-01-08 20:08 UTC (permalink / raw) To: Valentin Vidić; +Cc: kernelnewbies On Wed, Jan 8, 2020 at 1:43 PM Valentin Vidić <vvidic@valentin-vidic.from.hr> wrote: > > On Wed, Jan 08, 2020 at 01:33:21PM -0500, Jeffrey Walton wrote: > > I believe this is the relevant part from the Pastebin: > > > > readlink("/swapfile", 0x7ffefb4c0810, 4096) = -1 EINVAL (Invalid argument) > > stat("/swapfile", {st_mode=S_IFREG|0600, st_size=2147483648, ...}) = 0 > > open("/swapfile", O_RDONLY) = 3 > > read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., > > 65536) = 65536 > > close(3) = 0 > > swapon("/swapfile", 0) = -1 EPERM (Operation not permitted) > > Yes, the swapon call fails with this error. You can check the kernel > name with uname -a, but it probably runs a custom build and you can't > reboot with a different one to enable swap functionality. It looks like this is coming from the OpenVZ folks. They feel a swapfile would negatively impact performance, so it is disabled. (I'm not sure how a DoS is considered a good result, given an OOM kill just about always knocks out MySQL). Jeff _______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Alternate method of running swapon? 2020-01-08 20:08 ` Jeffrey Walton @ 2020-01-08 20:28 ` Valentin Vidić 0 siblings, 0 replies; 9+ messages in thread From: Valentin Vidić @ 2020-01-08 20:28 UTC (permalink / raw) To: kernelnewbies On Wed, Jan 08, 2020 at 03:08:42PM -0500, Jeffrey Walton wrote: > It looks like this is coming from the OpenVZ folks. They feel a > swapfile would negatively impact performance, so it is disabled. Yep, since this is not a full VM but rather a container, there is not much to do other than buying a bigger VPS. > (I'm not sure how a DoS is considered a good result, given an OOM kill > just about always knocks out MySQL). Swap in a way converts memory access into disk IO. And since a lot of disk IO can harm all services running on the host, for the operator it is safer to OOM kill one process and save all the others :) -- Valentin _______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Alternate method of running swapon? 2020-01-08 18:09 Alternate method of running swapon? Jeffrey Walton 2020-01-08 18:23 ` Valentin Vidić @ 2020-01-08 18:26 ` Bernd Petrovitsch 2020-01-08 22:23 ` Jeffrey Walton 2020-01-08 18:31 ` Greg KH 2 siblings, 1 reply; 9+ messages in thread From: Bernd Petrovitsch @ 2020-01-08 18:26 UTC (permalink / raw) To: noloader; +Cc: kernelnewbies [-- Attachment #1: Type: text/plain, Size: 1646 bytes --] Hi all! On 08/01/2020 19:09, Jeffrey Walton wrote: [...] > I work with an open source project. We have a VM but it is low-end. > The machine suffers OOM kills. We don't have access to /etc/fstab. Apparently you run too many (or too fat) programs;-) > Everything is an upsell with the VPS provider. > > I'm trying to setup a swapfile during startup using Systemd but: > > # swapon /swapfile > swapon: /swapfile: swapon failed: Operation not permitted > > This may be useful: [... nope ....] > My question is, is there a way to sidestep the restriction? Is it > possible to ask the kernel to use the swapfile without using the > command? The swapon (and swapoff) command basically calls the swapon() syscall (and swapoff() syscall, respectively) and their manual page say the caller needs CAP_SYS_ADMIN capability which usually means being "root". Does it work in a root-shell? The man page says further under errors: ---- snip ---- EPERM: The caller does not have the CAP_SYS_ADMIN capability. Alternatively, the maximum number of swap files are already in use; see NOTES below. ---- snip ---- The notes below just talk about the maximum numbers of swapfile depending on the kernel version and activates features. If the kernel is built/provided by the VPS provider, there may be further limitations .... MfG, Bernd PS: I'm not guessing why .... -- "I dislike type abstraction if it has no real reason. And saving on typing is not a good reason - if your typing speed is the main issue when you're coding, you're doing something seriously wrong." - Linus Torvalds [-- Attachment #2: pEpkey.asc --] [-- Type: application/pgp-keys, Size: 2513 bytes --] [-- Attachment #3: Type: text/plain, Size: 170 bytes --] _______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Alternate method of running swapon? 2020-01-08 18:26 ` Bernd Petrovitsch @ 2020-01-08 22:23 ` Jeffrey Walton 0 siblings, 0 replies; 9+ messages in thread From: Jeffrey Walton @ 2020-01-08 22:23 UTC (permalink / raw) To: kernelnewbies On Wed, Jan 8, 2020 at 1:26 PM Bernd Petrovitsch <bernd@petrovitsch.priv.at> wrote: > > Hi all! > > On 08/01/2020 19:09, Jeffrey Walton wrote: > [...] > > I work with an open source project. We have a VM but it is low-end. > > The machine suffers OOM kills. We don't have access to /etc/fstab. > > Apparently you run too many (or too fat) programs;-) > > > Everything is an upsell with the VPS provider. > > > > I'm trying to setup a swapfile during startup using Systemd but: > > > > # swapon /swapfile > > swapon: /swapfile: swapon failed: Operation not permitted > > > > This may be useful: > [... nope ....] > > > My question is, is there a way to sidestep the restriction? Is it > > possible to ask the kernel to use the swapfile without using the > > command? > > The swapon (and swapoff) command basically calls the swapon() > syscall (and swapoff() syscall, respectively) and their manual > page say the caller needs CAP_SYS_ADMIN capability which usually > means being "root". > > Does it work in a root-shell? No, it does not work in a root shell. The output is capsh is below. The man page for capsh(1) does not tell me how to interpret it. Does cap_sys_admin under "current" mean I have it? Or does lack of cap_sys_admin in "bounding" mean I lack it? Jeff # capsh --print Current: = cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_chroot,cap_sys_ptrace,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_setfcap+eip Bounding set =cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_chroot,cap_sys_ptrace,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap Securebits: 00/0x0/1'b0 secure-noroot: no (unlocked) secure-no-suid-fixup: no (unlocked) secure-keep-caps: no (unlocked) uid=0(root) gid=0(root) groups=0(root) _______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Alternate method of running swapon? 2020-01-08 18:09 Alternate method of running swapon? Jeffrey Walton 2020-01-08 18:23 ` Valentin Vidić 2020-01-08 18:26 ` Bernd Petrovitsch @ 2020-01-08 18:31 ` Greg KH 2 siblings, 0 replies; 9+ messages in thread From: Greg KH @ 2020-01-08 18:31 UTC (permalink / raw) To: Jeffrey Walton; +Cc: kernelnewbies On Wed, Jan 08, 2020 at 01:09:23PM -0500, Jeffrey Walton wrote: > Hi Everyone, > > I work with an open source project. We have a VM but it is low-end. > The machine suffers OOM kills. We don't have access to /etc/fstab. > Everything is an upsell with the VPS provider. > > I'm trying to setup a swapfile during startup using Systemd but: > > # swapon /swapfile > swapon: /swapfile: swapon failed: Operation not permitted > > This may be useful: > > # command -v swapon > /sbin/swapon > # file /sbin/swapo > swapoff swapon > # file /sbin/swapon > /sbin/swapon: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), > dynamically linked (uses shared libs), for GNU/Linux 2.6.32, > BuildID[sha1]=a4891bc4dcfc533c61d76aa3e69870ab35d90c89, stripped > > My question is, is there a way to sidestep the restriction? Is it > possible to ask the kernel to use the swapfile without using the > command? Odds are the VPS provider is blocking it in the kernel they provide to you. You can always just try to write your own program that does the same syscalls that 'swapon' does, but I doubt that works. Perhaps spring for a bigger vm? greg k-h _______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2020-01-08 22:25 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2020-01-08 18:09 Alternate method of running swapon? Jeffrey Walton 2020-01-08 18:23 ` Valentin Vidić 2020-01-08 18:33 ` Jeffrey Walton 2020-01-08 18:42 ` Valentin Vidić 2020-01-08 20:08 ` Jeffrey Walton 2020-01-08 20:28 ` Valentin Vidić 2020-01-08 18:26 ` Bernd Petrovitsch 2020-01-08 22:23 ` Jeffrey Walton 2020-01-08 18:31 ` Greg KH
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).