#StackBounty: #linux #sleep Unable to wake up linux from sleep

Bounty: 50

I can’t restore my linux mint 18.3 from sleep mode. Last messages on screen (at same second):

[19.....] Disabling non-boot CPUs
[19.....] smpboot: CPU 1 is now offline
[19.....] smpboot: CPU 2 is now offline
[19.....] smpboot: CPU 3 is now offline

After this messages, system frezes: keyboard (even “magic sysrq” and numlock indicator) does not work, no any disk activity or more messages on terminal. Only one solution which work – hard reset.


Get this bounty!!!

#StackBounty: #linux #ftp #proftpd proftpd kills session with 421 timeout error message

Bounty: 100

Problem

Connections on a Proftpd 1.3.6 (updated from 1.3.1 with same issue) are killed while transferring data with message:

421 No transfer timeout (3600 seconds): closing control connection

The time after logging in until getting the error varies, it can be from 5 seconds to some minutes. We examined the logs (excerpts listed below) and cannot find a clear reason for the behavior. The error may occur if only one user is connected and also if concurrent sessions from the same user are open.

Wireshark shows that the “421: No transfer timeout” is sent from the server as a reply to the client.

Proftpd is running on a rather old virtual openSuse system on an ESXi 4.1. Only the ftpusr account is used for FTP transfers.

Thanks for your help in advance.


Log excerpts

FTP client log:

{snip}
150 Opening ASCII mode data connection for xyz_XML_Interface-Rawdata_20171124_16
1300_43864.tmp (597 bytes)
226 Transfer complete
ftp: 611 bytes received in 0.00Seconds 611000.00Kbytes/sec.
200 PORT command successful
150 Opening ASCII mode data connection for xyz_XML_Interface-Rawdata_20171209_06
5800_63895.tmp (443 bytes)
226 Transfer complete
ftp: 456 bytes received in 0.00Seconds 456.00Kbytes/sec.
200 PORT command successful
150 Opening ASCII mode data connection for xyz_XML_Interface-Rawdata_20171230_09
2000_93119.tmp (277 bytes)
226 Transfer complete
ftp: 288 bytes received in 0.00Seconds 288000.00Kbytes/sec.
421 No transfer timeout (3600 seconds): closing control connection
Connection closed by remote host.
ftp> mget *
Not connected.

Proftpd debug output:

The following log has been taken from the screen output when starting proftpd with proftpd -d 5 -c /etc/proftpd.conf -n:

{snip}
2018-02-07 16:25:11,407 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): dispatching PRE_CMD command 'PORT 10,1,70,112,229,162' to mod_core
2018-02-07 16:25:11,407 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): dispatching PRE_CMD command 'PORT 10,1,70,112,229,162' to mod_core
2018-02-07 16:25:11,407 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): dispatching CMD command 'PORT 10,1,70,112,229,162' to mod_core
2018-02-07 16:25:11,407 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): dispatching LOG_CMD command 'PORT 10,1,70,112,229,162' to mod_log
2018-02-07 16:25:11,454 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): dispatching PRE_CMD command 'RETR xyz_XML_Interface-Rawdata_20171129_064100_50277.tmp' to mod_core
2018-02-07 16:25:11,454 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): dispatching PRE_CMD command 'RETR xyz_XML_Interface-Rawdata_20171129_064100_50277.tmp' to mod_core
2018-02-07 16:25:11,454 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): dispatching PRE_CMD command 'RETR xyz_XML_Interface-Rawdata_20171129_064100_50277.tmp' to mod_auth
2018-02-07 16:25:11,454 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): dispatching PRE_CMD command 'RETR xyz_XML_Interface-Rawdata_20171129_064100_50277.tmp' to mod_xfer
2018-02-07 16:25:11,454 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): dispatching CMD command 'RETR xyz_XML_Interface-Rawdata_20171129_064100_50277.tmp' to mod_xfer
2018-02-07 16:25:11,505 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): active data connection opened - local  : 10.15.87.17:20
2018-02-07 16:25:11,505 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): active data connection opened - remote : 10.1.70.112:58786
2018-02-07 17:38:29,580 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): Data transfer stall timeout: 3600 seconds
2018-02-07 16:25:11,566 Oracle2db proftpd[15663] 10.15.87.17 (10.1.70.112[10.1.70.112]): notice: user ftpusr: aborting transfer: Data connection closed

Wireshark screenshot:

Logged requests and responses


Configuration

proftpd.conf:

# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName                      "3.0 Linux-FTP"
ServerType standalone
DefaultServer                   on
RequireValidShell off
ExtendedLog /var/log/ftp.log
UseReverseDNS off
IdentLookups off
TimeoutLogin 120
TimeoutIdle 3600
TimeoutNoTransfer 3600
TimeoutStalled 3600
MaxClientsPerHost 2 "Two clients by hostname max"
MaxClientsPerUser 5 "Only one connection per user allowed"
MaxClients 4 "Too many users, please try again later"
MaxHostsPerUser 5 "Only one host per user allowed"
MaxLoginAttempts 2 "You've reached the max. login attempts"
UseSendfile off

# Port 21 is the standard FTP port.
Port                            21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances                    30

# Set the user and group under which the server will run.
User                            ftpusr
Group                           ftpusers

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot /home/ftpusr/xml-export
# DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite          on

<Directory /home/ftpusr/xml-export>
Umask 022 022
</Directory>


Get this bounty!!!

#StackBounty: #linux #networking #openvpn #iptables #raspberry-pi Using Raspberry PI as OpenVPN router for Asterisk

Bounty: 100

So, I’ve been banging my head with this for quite some time.

I have the following configuration:

  • OpenVPN server, IP 1.2.3.1
  • Asterisk server, connected to OpenVPN server, IP 1.2.3.3
  • Raspberry PI, local interface 192.168.0.17, connected to OpenVPN IP 1.2.3.6
  • IP Telephone in the same local network as Raspberry PI, local ip 192.168.0.81

Networks are configured as follows:

  • Local connection on raspberry is eth0
  • Raspberry has additional virtual interface eth0:1 with ip 192.168.0.91
  • OpenVPN connection on raspberry is tun0
  • Telephone has local ip 192.168.0.81 and gateway set to 192.168.0.91 (raspberry)

On the raspberry, iptables is as follows:

#Empty all routing tables
sudo iptables -t nat -F
sudo iptables -F

#Masquerade all traffic leaving tun0 as if coming from 1.2.3.6
sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

#redirect all traffic coming from eth0:1 to tun0
sudo iptables -A FORWARD -i eth0:1 -o tun0 -j ACCEPT

#redirect all traffic coming from tun0 to eth0:1
sudo iptables -A FORWARD -i tun0 -o eth0:1 -j ACCEPT

#Modify all packets coming to tun0 to forward then to the IP telephone
sudo iptables -t nat -A PREROUTING -i tun0 -j DNAT --to-destination 192.168.0.81

So, I can call and I can receive calls (I have another laptop that is connected directly to VPN server and uses Zoiper for test). I can call the telephone and from telephone and audio from telephone to laptop works, but there is no incoming audio on the telephone whatsoever.

What am I doing wrong?


Get this bounty!!!

#StackBounty: #linux #debian #apt #dependencies How to fix this apt mess?

Bounty: 100

I’m using PureOS, which is basically Debian with some small tweaks. I tried installing firefox on it, but ended with a complete mess. If I now try to do a basic upgrade, I get this:

$ sudo apt update && sudo apt upgrade
Ign:1 http://deb.debian.org/debian stretch InRelease
Get:2 http://deb.debian.org/debian stretch-updates InRelease [91.0 kB]              
Get:3 http://deb.opera.com/opera stable InRelease [2592 B]                          
Get:4 http://security.debian.org stretch/updates InRelease [63.0 kB]                
Hit:5 http://deb.debian.org/debian stretch Release                                  
Get:6 https://repo.skype.com/deb stable InRelease [4486 B]                          
Get:7 http://deb.opera.com/opera stable/non-free amd64 Packages [1835 B]            
Get:8 http://packages.microsoft.com/repos/vscode stable InRelease [2801 B]          
Get:9 http://repository.spotify.com stable InRelease [3302 B]                       
Get:10 http://repo.puri.sm/pureos green InRelease [9427 B]                          
Get:12 http://security.debian.org stretch/updates/main Sources [110 kB]             
Get:13 http://security.debian.org stretch/updates/contrib Sources [1384 B]          
Get:14 http://security.debian.org stretch/updates/main amd64 Packages [271 kB]      
Get:15 https://repo.skype.com/deb stable/main amd64 Packages [2251 B]               
Get:16 http://security.debian.org stretch/updates/main Translation-en [120 kB]      
Get:17 http://security.debian.org stretch/updates/contrib amd64 Packages [1776 B]   
Get:18 http://security.debian.org stretch/updates/contrib Translation-en [1759 B]   
Get:19 https://download.sublimetext.com apt/stable/ InRelease [2562 B]              
Get:20 http://packages.microsoft.com/repos/vscode stable/main amd64 Packages [39.6 kB]
Ign:21 https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease                       
Get:22 http://repo.puri.sm/pureos green/main amd64 Packages [6286 kB]               
Get:23 https://mega.nz/linux/MEGAsync/Debian_9.0 ./ Release [976 B]                 
Get:26 http://repo.puri.sm/pureos green/main Translation-en [5583 kB]               
Hit:24 https://packagecloud.io/slacktechnologies/slack/debian jessie InRelease      
Get:27 http://repo.puri.sm/pureos green/main amd64 DEP-11 Metadata [2202 kB]        
Get:28 http://repo.puri.sm/pureos green/main DEP-11 64x64 Icons [6768 kB]
Fetched 21.6 MB in 4s (5487 kB/s)                                     
Reading package lists... Done
Building dependency tree       
Reading state information... Done
59 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree       
Reading state information... Done
You might want to run 'apt --fix-broken install' to correct these.
The following packages have unmet dependencies:
 iceweasel : Depends: firefox-esr but it is not installed
E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).

So I tried to suggestion:

$ sudo apt --fix-broken install
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Correcting dependencies... Done
The following additional packages will be installed:
  firefox-esr
Suggested packages:
  fonts-stix | otf-stix fonts-lmodern mozplugger
The following NEW packages will be installed:
  firefox-esr
0 upgraded, 1 newly installed, 0 to remove and 59 not upgraded.
2 not fully installed or removed.
Need to get 0 B/46.5 MB of archives.
After this operation, 114 MB of additional disk space will be used.
Do you want to continue? [Y/n] 
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
    LANGUAGE = "en_US",
    LC_ALL = (unset),
    LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
(Reading database ... 227765 files and directories currently installed.)
Preparing to unpack .../firefox-esr_52.6.0esr-1~deb9u1_amd64.deb ...
dpkg-divert: error: 'diversion of /usr/bin/firefox to /usr/bin/firefox.real by firefox-esr' clashes with 'diversion of /usr/bin/firefox to /usr/bin/firefox.real by purebrowser'
dpkg: error processing archive /var/cache/apt/archives/firefox-esr_52.6.0esr-1~deb9u1_amd64.deb (--unpack):
 new firefox-esr package pre-installation script subprocess returned error exit status 2
Errors were encountered while processing:
 /var/cache/apt/archives/firefox-esr_52.6.0esr-1~deb9u1_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

And now I’m kinda stuck.

Does anybody know what I can do to clean this mess? All tips are welcome!

[EDIT]

I’ve tried to remove firefox in many ways:

$ sudo apt -y remove firefox
[sudo] password for hielke: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Package 'firefox' is not installed, so not removed
You might want to run 'apt --fix-broken install' to correct these.
The following packages have unmet dependencies:
 iceweasel : Depends: firefox-esr but it is not going to be installed
E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).

I’ve also tried the following variations, but all gave similar results:

sudo apt purge firefox
sudo apt purge firefox-esr
sudo apt purge iceweasel
sudo apt purge purebrowser


Get this bounty!!!

#StackBounty: #windows #linux #disk-encryption #truecrypt #boot Full disk encryption on dual boot system (Truecrypt/Veracrypt)

Bounty: 100

I am looking to run my laptop system with a dual boot configuration (Fedora + Windows) with full disk encryption.

I have a laptop that I will be bringing with me while traveling, both domestically and abroad. For obvious reasons, I would like to encrypt the hard disk. The system in question has one 128GB SSD with both Fedora 27 and Windows 7 installed on it in a dual boot configuration.

In this configuration, the hard drive is partitioned as follows:

  • sda1 (500MB): Windows Bootloader (System Reserved)
  • sda2 (73.8GB): Windows System (C:)
  • sda3 (250MB): Grub Bootloader (/boot)
  • sda4 (39.8GB): Linux System (/)
  • sda5 (5GB): Linux Swap (/swap)

The boot process proceeds as follows:

 UEFI
  |
  V
 Grub -> Fedora
  |
  V 
 WinBootloader -> Windows 7

In an ideal world, I would like to introduce a third boot loader, loaded before Grub, that handles the decryption of the system partitions. This way all the system partitions, including Grub, can be decrypted using one password.

Some notes:

  • While I described a fully installed and configured system, I can format and reinstall if necessary
  • Dual booting is a necessity as I need Fedora for work and Windows for CAD programs.
  • Platform-specific applications aside, personal user data (files, meta, etc) will be virtually identical under both OS’s as everything is synced with cloud services
  • I would like to avoid using closed-source solutions (i.e. Bitlocker)
  • I would prefer to encrypt both OS’s using one solution rather than having an independent solution for each
  • Hardware encryption using BIOS/UEFI is not acceptable as I don’t want to risk losing data if my motherboard dies
  • The Vera/Truecrypt system volume encryption wizard (under Windows, it isn’t available under Linux) claims not to support system volume encryption on systems with more than one bootloader
  • Vera/Truecrypt are the potential solutions I’ve found, but if there are better ones I am happy to learn

The Question(s):

Is what I am attempting possible? If it is, what are some resources that might help me implement it? Regardless of whether it is or isn’t possible, is there a better solution?


Get this bounty!!!

#StackBounty: #linux #router #repository #tcpdump ipkg can't install tcpdump

Bounty: 50

I have the new Asus Blue Cave router with a USB drive mounted at /mnt/DRIVE. I installed ipkg via a GUI-based install of their Download Manager. I am trying to ipkg install tcpdump.

I have mount -o loop /mnt/DRIVE/opt /opt after installing ipkg.

# find / -name ipkg.conf:

/tmp/mnt/DRIVE/asusware.mipsbig/etc/ipkg.conf
/tmp/mnt/DRIVE/opt/etc/ipkg.conf

I have added a new repository with tcpdump package.

# cat /tmp/mnt/DRIVE/asusware.mipsbig/etc/ipkg.conf:

#Uncomment the following line for native packages feed (if any)
#src/gz optware.asus http://dlcdnet.asus.com/pub/ASUS/wireless/ASUSWRT
src/gz optware.asus http://nw-dlcdnet.asus.com/asusware/mipsbig/stable
src grc http://www.cobb.uk.net/openwrt/
dest /opt /
#option verbose-wget

ipkg list shows tcpdump as an installable package, but ipkg install tcpdump cannot find the package.

ipkg print_architecture:

arch all 1
arch noarch 1
arch mipsbig 10
Successfully terminated.

How do I debug ipkg install tcpdump or, alternatively, because you know my architecture, can you point me to a binary?

Thanks!


Get this bounty!!!

#StackBounty: #linux #router #repository #tcpdump ipkg can't install tcpdump

Bounty: 50

I have the new Asus Blue Cave router with a USB drive mounted at /mnt/DRIVE. I installed ipkg via a GUI-based install of their Download Manager. I am trying to ipkg install tcpdump.

I have mount -o loop /mnt/DRIVE/opt /opt after installing ipkg.

# find / -name ipkg.conf:

/tmp/mnt/DRIVE/asusware.mipsbig/etc/ipkg.conf
/tmp/mnt/DRIVE/opt/etc/ipkg.conf

I have added a new repository with tcpdump package.

# cat /tmp/mnt/DRIVE/asusware.mipsbig/etc/ipkg.conf:

#Uncomment the following line for native packages feed (if any)
#src/gz optware.asus http://dlcdnet.asus.com/pub/ASUS/wireless/ASUSWRT
src/gz optware.asus http://nw-dlcdnet.asus.com/asusware/mipsbig/stable
src grc http://www.cobb.uk.net/openwrt/
dest /opt /
#option verbose-wget

ipkg list shows tcpdump as an installable package, but ipkg install tcpdump cannot find the package.

ipkg print_architecture:

arch all 1
arch noarch 1
arch mipsbig 10
Successfully terminated.

How do I debug ipkg install tcpdump or, alternatively, because you know my architecture, can you point me to a binary?

Thanks!


Get this bounty!!!

#StackBounty: #linux #router #repository #tcpdump ipkg can't install tcpdump

Bounty: 50

I have the new Asus Blue Cave router with a USB drive mounted at /mnt/DRIVE. I installed ipkg via a GUI-based install of their Download Manager. I am trying to ipkg install tcpdump.

I have mount -o loop /mnt/DRIVE/opt /opt after installing ipkg.

# find / -name ipkg.conf:

/tmp/mnt/DRIVE/asusware.mipsbig/etc/ipkg.conf
/tmp/mnt/DRIVE/opt/etc/ipkg.conf

I have added a new repository with tcpdump package.

# cat /tmp/mnt/DRIVE/asusware.mipsbig/etc/ipkg.conf:

#Uncomment the following line for native packages feed (if any)
#src/gz optware.asus http://dlcdnet.asus.com/pub/ASUS/wireless/ASUSWRT
src/gz optware.asus http://nw-dlcdnet.asus.com/asusware/mipsbig/stable
src grc http://www.cobb.uk.net/openwrt/
dest /opt /
#option verbose-wget

ipkg list shows tcpdump as an installable package, but ipkg install tcpdump cannot find the package.

ipkg print_architecture:

arch all 1
arch noarch 1
arch mipsbig 10
Successfully terminated.

How do I debug ipkg install tcpdump or, alternatively, because you know my architecture, can you point me to a binary?

Thanks!


Get this bounty!!!

#StackBounty: #linux #router #repository #tcpdump ipkg can't install tcpdump

Bounty: 50

I have the new Asus Blue Cave router with a USB drive mounted at /mnt/DRIVE. I installed ipkg via a GUI-based install of their Download Manager. I am trying to ipkg install tcpdump.

I have mount -o loop /mnt/DRIVE/opt /opt after installing ipkg.

# find / -name ipkg.conf:

/tmp/mnt/DRIVE/asusware.mipsbig/etc/ipkg.conf
/tmp/mnt/DRIVE/opt/etc/ipkg.conf

I have added a new repository with tcpdump package.

# cat /tmp/mnt/DRIVE/asusware.mipsbig/etc/ipkg.conf:

#Uncomment the following line for native packages feed (if any)
#src/gz optware.asus http://dlcdnet.asus.com/pub/ASUS/wireless/ASUSWRT
src/gz optware.asus http://nw-dlcdnet.asus.com/asusware/mipsbig/stable
src grc http://www.cobb.uk.net/openwrt/
dest /opt /
#option verbose-wget

ipkg list shows tcpdump as an installable package, but ipkg install tcpdump cannot find the package.

ipkg print_architecture:

arch all 1
arch noarch 1
arch mipsbig 10
Successfully terminated.

How do I debug ipkg install tcpdump or, alternatively, because you know my architecture, can you point me to a binary?

Thanks!


Get this bounty!!!

#StackBounty: #linux #virtual-machine #kvm What's with the big over-committed memory for a kvm VM?

Bounty: 50

Is it normal for a kvm virtual machine to get more memory allocated? I’m afraid that when there is not much memory left the ‘over-committed’ memory can be an ‘uncontrolled factor’ that could cause a terrible out-of-memory killing.

I made a kvm vm using libvirt and saw weird symptoms, it gets much more virtual memory than I set it to. the ‘SZ’ part of ‘ps’ command starts with a small amount, less than 1GiB. but it can grow much bigger later with time past. and even when the ‘SZ’ says a small number, the output of ‘numastat ‘ always says a big number. – I gave 1 GiB of RAM to the VM, and numastat says 1.5+ –

root@peta-0001-02:~#   ps -elfww | sed -ne '1p; /qemu-system/p'
F S UID        PID  PPID  C PRI  NI ADDR SZ WCHAN  STIME TTY          TIME CMD
6 S oneadmin 26811     1  1  80   0 - 812801 poll_s 15:42 ?       00:00:12 /usr/bin/qemu-system-x86_64 -name one-35 -S -machine pc-i440fx-xenial,accel=kvm,usb=off,mem-merge=off -m 1024 -realtime mlock=on -smp 2,sockets=2,cores=1,threads=1 -object memory-backend-file,id=ram-node0,prealloc=yes,mem-path=/dev/hugepages/libvirt/qemu,share=no,size=1073741824,host-nodes=0,policy=bind -numa node,nodeid=0,cpus=0-1,memdev=ram-node0 -uuid df4830f6-5a0d-42d0-b04a-192115d2512e -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-one-35/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot strict=on -device usb-ehci,id=usb1,bus=pci.0,addr=0x5 -device nec-usb-xhci,id=usb2,bus=pci.0,addr=0x6 -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -device virtio-scsi-pci,id=scsi0,num_queues=2,bus=pci.0,addr=0x4 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x7 -drive file=/var/lib/one//datastores/104/35/disk.0,format=raw,if=none,id=drive-scsi0-0-0-0,cache=none,discard=unmap -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1 -drive file=/var/lib/one//datastores/104/35/disk.1,format=raw,if=none,id=drive-ide0-0-0,readonly=on -device ide-cd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=30 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=02:00:c0:a8:04:0c,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,path=/var/lib/libvirt/qemu/channel/target/domain-one-35/org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0 -vnc 0.0.0.0:35,password -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -msg timestamp=on
0 S root     31260 27986  0  80   0 -  3755 pipe_w 15:53 pts/0    00:00:00 sed -ne 1p; /qemu-system/p
root@peta-0001-02:~#  numastat 26811

Per-node process memory usage (in MBs) for PID 26811 (qemu-system-x86)
                           Node 0           Total
                  --------------- ---------------
Huge                      1024.00         1024.00
Heap                        21.88           21.88
Stack                        0.13            0.13
Private                    628.00          628.00
----------------  --------------- ---------------
Total                     1674.01         1674.01


things were the same even when I had the memballoon feature disabled. -Yes, I use libvirt-

<devices>   <memballoon model='none'/> </devices>


not using hugepages doesn’t really make a big difference.

root@peta-0001-02:~#  ps -elfww | sed -ne '1p; /qemu-system/p'
F S UID        PID  PPID  C PRI  NI ADDR SZ WCHAN  STIME TTY          TIME CMD
6 S oneadmin  3800     1  1  80   0 - 1021714 poll_s 14:44 ?      00:00:13 /usr/bin/qemu-system-x86_64 -name one-35 -S -machine pc-i440fx-xenial,accel=kvm,usb=off,mem-merge=off -m 1024 -realtime mlock=on -smp 2,sockets=2,cores=1,threads=1 -uuid 530a2e87-6426-497a-b7bb-4e0d49ed1e26 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-one-35/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot strict=on -device usb-ehci,id=usb1,bus=pci.0,addr=0x5 -device nec-usb-xhci,id=usb2,bus=pci.0,addr=0x6 -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -device virtio-scsi-pci,id=scsi0,num_queues=2,bus=pci.0,addr=0x4 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x7 -drive file=/var/lib/one//datastores/104/35/disk.0,format=raw,if=none,id=drive-scsi0-0-0-0,cache=none,discard=unmap -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1 -drive file=/var/lib/one//datastores/104/35/disk.1,format=raw,if=none,id=drive-ide0-0-0,readonly=on -device ide-cd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=30 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=02:00:c0:a8:04:0c,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,path=/var/lib/libvirt/qemu/channel/target/domain-one-35/org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0 -vnc 0.0.0.0:35,password -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 -msg timestamp=on
0 S root     11005 27986  0  80   0 -  3755 pipe_w 15:02 pts/0    00:00:00 sed -ne 1p; /qemu-system/p


root@peta-0001-02:~#  numastat 3800

Per-node process memory usage (in MBs) for PID 3800 (qemu-system-x86)
                           Node 0           Total
                  --------------- ---------------
Huge                         0.00            0.00
Heap                        21.76           21.76
Stack                        0.13            0.13
Private                   1701.06         1701.06
----------------  --------------- ---------------
Total                     1722.95         1722.95


The test environment was an ubuntu box.

root@peta-0001-02:~#  uname -a
Linux peta-0001-02 4.10.0-42-generic #46~16.04.1-Ubuntu SMP Mon Dec 4 15:57:59 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

root@peta-0001-02:~#  cat /proc/cmdline 
BOOT_IMAGE=/boot/vmlinuz-4.10.0-42-generic root=UUID=371a1314-677a-4b88-b804-b1278ff4ac6e ro isolcpus=1,2,3,8,9,10,11 hugepagesz=1G hugepages=0 hugepagesz=2M hugepages=2048


Here’s another interesting case in a system with two NUMA nodes in which the memory over-commitment occurs at every node, thus severe over-commitment:

root@peta-0001-06:~#  ps -elfww | sed -ne '1p; /qemu/p'
F S UID        PID  PPID  C PRI  NI ADDR SZ WCHAN  STIME TTY          TIME CMD
6 S oneadmin 24960     1 27  80   0 - 1648605 poll_s 13:51 ?      00:03:25 /usr/bin/qemu-system-x86_64 -name one-38 -S -machine pc-i440fx-xenial,accel=kvm,usb=off,mem-merge=off -m 1024 -realtime mlock=on -smp 2,sockets=2,cores=1,threads=1 -object memory-backend-file,id=ram-node0,prealloc=yes,mem-path=/dev/hugepages/libvirt/qemu,share=no,size=1073741824,host-nodes=1,policy=bind -numa node,nodeid=0,cpus=0-1,memdev=ram-node0 -uuid 87a23172-daf3-4605-92f2-50055f9370b9 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-one-38/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot strict=on -device usb-ehci,id=usb1,bus=pci.0,addr=0x5 -device nec-usb-xhci,id=usb2,bus=pci.0,addr=0x6 -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -device virtio-scsi-pci,id=scsi0,num_queues=2,bus=pci.0,addr=0x4 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x7 -drive file=/var/lib/one//datastores/0/38/disk.0,format=raw,if=none,id=drive-scsi0-0-0-0,cache=none,discard=unmap -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1 -drive file=/var/lib/one//datastores/0/38/disk.1,format=raw,if=none,id=drive-ide0-0-0,readonly=on -device ide-cd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=30 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=02:00:c0:a8:04:0b,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,path=/var/lib/libvirt/qemu/channel/target/domain-one-38/org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0 -vnc 0.0.0.0:38,password -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -msg timestamp=on
0 R root     32103 26834  0  80   0 -  4075 -      14:04 pts/2    00:00:00 sed -ne 1p; /qemu/p

root@peta-0001-06:~#  numastat 24960

Per-node process memory usage (in MBs) for PID 24960 (qemu-system-x86)
                           Node 0          Node 1           Total
                  --------------- --------------- ---------------
Huge                         0.00         1024.00         1024.00
Heap                        15.97            5.91           21.88
Stack                        0.13            0.00            0.13
Private                    676.95          595.42         1272.37
----------------  --------------- --------------- ---------------
Total                      693.05         1625.34         2318.38

root@peta-0001-06:~#  free -h
              total        used        free      shared  buff/cache   available
Mem:           5.8G        5.0G        483M        104K        310M        407M


Get this bounty!!!