1101431408 Q * DuckKing Ping timeout: 480 seconds 1101431634 J * duckx Duck@dyn-83-152-205-101.ppp.tiscali.fr 1101431635 N * Bertl_oO Bertl 1101431647 M * Bertl evening folks! 1101432291 M * mugwump hey hey hey 1101432306 M * Bertl hey sam! what's up? 1101432351 M * mugwump nothing much ... quite happy with 1.9.3 atm. What's new in these new 1.9.3.x releases? 1101432399 M * mugwump Ever thought of adding a vserver changelog file to the patch, perhaps? 1101432436 M * Bertl yeah, thought about it several times ... 1101432464 M * Bertl but if you look at the 2.6 changelog, there is a bunch of changes every minor release ... 1101432501 M * Bertl if I would document them in the 'necessary' detail, I guess the changelog header would already be as large as the entire patch ;) 1101432571 M * mugwump Well, you wouldn't need to give each sub-point release its own entry 1101432623 M * Bertl so how would that differ from the existing changelog then? 1101432731 M * mugwump Well, it's in the same place as the place you edit when you're hacking 1101432743 M * mugwump I find that important for my own projects 1101436099 Q * rs Quit: Lost terminal 1101437868 J * Shuri Dew@dsl.speedline209.226.electronicbox.net 1101437878 J * Dew_ Dew@dsl.speedline209.226.electronicbox.net 1101437880 Q * Dew_ Quit: 1101437918 M * Bertl hmm, welcome Shuri? 1101437927 N * Shuri SHuri 1101437929 M * SHuri :P 1101438086 M * SHuri how are you Bertl 1101438116 M * Bertl fine thanks, and you? 1101438149 M * SHuri fine tired 1101444298 Q * SHuri Quit: Leaving 1101447766 M * eyck morning? 1101447769 M * eyck evening? 1101447781 M * Bertl yep! 1101447802 M * eyck so, it means 'good night folks!' some time soon? 1101447822 M * Bertl exactly ... 1101448270 M * Bertl okay, folks! enough for me for now ... I'm off to bed! 1101448287 Q * eyck Ping timeout: 480 seconds 1101448298 N * Bertl Bertl_zZ 1101456526 N * Doener_zZz Doener 1101456535 M * Doener morning! 1101458582 Q * Bertl_zZ Remote host closed the connection 1101458587 J * Bertl_zZ herbert@janus.mc.tuwien.ac.at 1101458882 Q * Nik Quit: Hybernating my brain... 1101459836 J * grecea grecea@h-195-22-237-74.mdl.net 1101460259 J * rs rs@ice.aspic.com 1101460266 M * rs hi 1101461119 J * DuckMaster duckx@195.75.27.158 1101462386 M * DuckMaster yop 1101462388 M * DuckMaster yop 1101462415 M * DuckMaster It has been a while, dude ! 1101466638 M * Loki|muh moin 1101469777 Q * Zoiah Read error: Connection reset by peer 1101470360 J * redLED redled@d51A4EFA7.kabel.telenet.be 1101471246 Q * sannes Read error: Connection reset by peer 1101473824 N * Bertl_zZ Bertl 1101473834 M * Bertl morning folks! 1101474154 M * rs hey Bertl! 1101474217 M * Bertl greetings rs! how are you? 1101474256 M * rs fine thx 1101474906 J * DuckKing Duck@dyn-83-152-103-233.ppp.tiscali.fr 1101474941 M * Bertl wb DuckKin! 1101474945 M * Bertl +g 1101475099 Q * BWare Quit: using sirc version 2.211+KSIRC/1.3.10 1101475335 Q * duckx Ping timeout: 480 seconds 1101477727 J * eyck eyck@81.219.64.71 1101477789 M * Bertl welcome eyck! 1101477890 Q * lilo Read error: Connection reset by peer 1101478033 J * BeTa beta@e-glop.net 1101478039 M * BeTa hi ppl 1101478047 M * BeTa I get a problem ... 1101478071 M * BeTa I'm using Fedora Core 2 in a vserver installed on a debian sarge 1101478108 M * BeTa and I get "cannot enable executable stack as shared object requires" on some commands like "rpm" 1101478115 M * BeTa is there any "simple" solution ? 1101478157 M * DuckMaster Hy Bertl 1101478160 M * DuckMaster :) 1101478205 J * lilo lilo@lilo.usercloak.oftc.net 1101478213 J * sannes ace@home.skarby.no 1101478295 M * Bertl greetings BeTa! 1101478399 M * Bertl sounds to me like some stack protection is active or something ... what kernel is that? 1101478424 Q * Bertl Remote host closed the connection 1101478430 J * Bertl herbert@janus.mc.tuwien.ac.at 1101478449 Q * lilo Read error: Connection reset by peer 1101478456 M * BeTa mmm... I think (I I remember well) that I'm running a 2.6.9 vanilla ctx patched and compiled by my little hands... 1101478486 M * Bertl ctx means vs1.9.3? 1101478504 M * BeTa mmm... let me verify all of that 1101478526 M * Doener sounds like debian package to me ;) 1101478554 M * BeTa arf... you're right Bertl 1101478564 M * BeTa Doener: no debian package for my kernels... 1101478572 M * Doener great! :) 1101478584 M * BeTa 2.4.27-vserver-grsec 1101478588 M * BeTa :c/ 1101478743 M * Bertl grsec ... well well ... 1101478765 M * Bertl that sounds to me like security, which might include stack checks, right? 1101478782 M * BeTa right ! :c( 1101478806 M * albeiro [15:08:28] < BeTa> and I get "cannot enable executable stack as shared object requires" on some commands like "rpm" 1101478806 M * BeTa grrrr... I don't want to forget grsec, and I want to make it running :c/ 1101478813 M * BeTa yes ? 1101478823 M * albeiro this is because you disalowed text relocations 1101478837 M * albeiro simple solution is to disable mprotect on such a binaries 1101478849 M * BeTa so... 2.4.28 is out, let's try to recompile a new kernel w/o that restrictions 1101478858 M * albeiro secure solution is to change distribution 1101478859 M * BeTa albeiro: and how can I do so ? 1101478886 M * albeiro with chpax for example, to be found on pax project site, pax.grsecurity.net 1101478901 M * redLED hi #vserver! 1101478911 M * albeiro but, since you are using fedora (right ?) you can give up with security anyway 1101478913 M * Bertl greetings redLED! 1101478916 M * BeTa albeiro: what's about distribution ?? (it smells like a big troll) 1101478936 M * BeTa albeiro: lol... you're right... 1101478949 M * albeiro no, fedora will remain explotitable even with all this securoty fixes 1101478954 M * albeiro *security 1101478968 M * BeTa albeiro: but this vserver is built on debian... and for that use, I needed to have a Fedora 1101479013 M * BeTa working needs != personnal preferences 1101479026 M * albeiro heh 1101479052 M * albeiro http://lwn.net/Articles/111437/ 1101479054 M * redLED Bertl, new ngn patches to test out? 1101479058 M * albeiro skip to "spender" comments 1101479070 M * albeiro (Posted Nov 26, 2004 4:38 UTC (Fri) by guest spender) 1101479088 M * albeiro spender <- grsecurity author 1101479270 M * BeTa ok, I understand better... 1101479274 M * BeTa fsckin' fedora 1101479277 M * BeTa I hate this distro 1101479305 M * Bertl redLED: yes, of course ... will be ready in a jiffie ... 1101479591 J * flock restless@l192-117-111-12.broadband.actcom.net.il 1101479599 M * Bertl wb flock! 1101479916 M * redLED shalom flock, ma nishma? 1101479928 M * flock redLED: fine. you? 1101479933 M * flock hey Bertl. 1101479937 M * redLED quite allright as well :) 1101480007 M * DuckMaster Bertl: Our vservers work like a charm ... 1101480011 M * DuckMaster Thx again :) 1101480044 M * Bertl fine to hear! you're welcome! 1101480073 M * Bertl redLED: http://vserver.13thfloor.at/Experimental/delta-vs1.9.3.7-ng3.diff 1101480092 M * redLED Bertl, which features are implemented in this one (e.g., what should i expect?) 1101480157 M * Bertl you should expect drastic changes in behaviour ... 1101480168 M * Bertl first, make sure to disable CONFIG_IP_MULTIPLE_TABLES 1101480177 M * Bertl (for now) 1101480189 M * Bertl then enable the 'new' vnet device 1101480210 M * Bertl and of course, select ngn ... 1101480228 M * Bertl (I'd leave ipv6 disabled for now ...) 1101480751 M * Loki|muh why? 1101480838 M * redLED alright, i'll do the compile/run/test drive in a little while 1101480996 M * DuckMaster What is ng for ? 1101481025 M * Loki|muh next generation maybe? 1101481323 M * redLED Bertl, what should i expect to work, and what should i expect to break? 1101481341 M * redLED Bertl, in/out connectivity to and from vserver? between them? to the host? to the world? 1101481426 M * Bertl back now (we had a power outage ...) 1101481452 M * Bertl you need some other stuff to actually use it ... 1101481470 M * Bertl DuckMaster, Loki|muh: yep, ngn is next generation networking ... 1101481551 M * DuckMaster ok 1101481747 M * BeTa thx all ... see you soon, I'll be back :cb 1101481750 Q * BeTa Quit: bye 1101481804 J * lilo lilo@lilo.usercloak.oftc.net 1101481812 M * Bertl wb lilo! 1101481829 M * Bertl redLED: http://vserver.13thfloor.at/Experimental/vnet-0.01.tar.bz2 1101482075 M * Loki|muh Bertl: is the ngn able to do ipv6? 1101482150 M * Bertl partially, but it _will_ be able to do so ... 1101482157 M * Loki|muh fine :) 1101482163 M * Loki|muh thats great :) 1101482167 M * Bertl (it's one of the reasons to work on it) 1101482176 M * Bertl btw, testers are welcome! 1101482297 M * Loki|muh what advantages has the new network code? 1101482324 M * Bertl well, it's a completely new approach to linux-vserver networking 1101482349 M * Bertl based on the concept of iptable markings and virtualized interfaces/tables 1101482359 M * Loki|muh sounds nice 1101482413 M * Bertl the 'trick' is to find solutions which are performant and flexible, and allow to do similar things like UML and QEMU does (without the impact those solutions normally have) 1101484925 M * Bertl hmm, are we still here? 1101485057 M * brc BERTL! 1101485063 M * brc good afternoon 1101485074 M * Bertl hey brc! 1101485095 M * brc Bertl: i am sick, fever since monday,couldnt do the tests yet :( 1101485115 M * brc btw, what about this network virtualization stuff ?? didn't know it was already coded 1101485146 M * Bertl well, yeah, time passes by and stuff get's coded ... 1101485247 M * brc hehe you are fast 1101485272 M * brc so there will be no need to use vshelper to get iptables working? 1101485299 M * Bertl nothing in iptables is virtualized yet ... 1101485315 M * Bertl so time will tell ... 1101485391 M * brc ok 1101485406 M * brc will network virtualization turn it possible to create vpns ? 1101485448 M * Bertl vpns can already be created, so I guess yes ... 1101485501 M * brc ok :) 1101485723 M * Loki|muh Bertl: but a vpn needs a route, so how can I create a vpn inside a vserver? 1101485976 M * vx_info Hey guys! 1101486199 M * Bertl Loki|muh: never said that you create it _inside_ 1101486210 M * Bertl greetings vx_info! 1101486692 M * Loki|muh Bertl: ah ;) 1101487949 Q * DuckMaster Quit: Leaving 1101488078 J * Shuri Dew@dsl.speedline209.226.electronicbox.net 1101488280 M * Bertl okay, I'm off for now, back later ... 1101488284 N * Bertl Bertl_oO 1101488416 Q * Shuri Quit: Leaving 1101489443 Q * flock Quit: Expert, n.: Someone who comes from out of town and shows slides. 1101490238 Q * rs Quit: leaving 1101490962 N * Bertl_oO Bertl 1101492017 M * Bertl anybody around who wants to hack on iptables a little? 1101492029 M * Bertl (i.e. code some userspace stuff for that?) 1101492107 M * TheSeer define userspace stuff 1101492141 M * Bertl well, I would like to add a new iptables target/match similar to the 'MARK' target 1101492167 M * Bertl I'm pretty confident that the kernel part will be done in .. hmm ... a few hours at most 1101492189 M * Bertl but this needs some support from the userspace 'iptables' tool ... 1101492207 M * Bertl (as far as I understood it ;) 1101492210 M * TheSeer okay.. that's out of my leauge ;> 1101492631 M * Bertl no problem ;) 1101494958 M * Bertl hmm, okay kernel part is finished ... 1101495465 M * matti Huh... 1101495970 J * Zoiah Zoiah@matryoshka.zoiah.net 1101496016 M * redLED hmm 1101496022 M * redLED Bertl, final ngn kernel is done?! 1101496196 M * Bertl means? 1101496207 M * Bertl welcome Zoiah! 1101496216 M * Zoiah 'lo Bertl. :) 1101496244 M * Zoiah I upgraded my 2.4.26-ow2-vs1.27 box to 2.6.9-vs1.9.3 today. 1101496275 M * Bertl hmm, and? everything fine? 1101496288 M * Zoiah Hmm, mostly. 1101496298 M * Zoiah It seems legacy support isn't completely fine. 1101496307 M * Zoiah I can start my vservers, but I can't stop or enter them. 1101496316 M * Zoiah timmy:/dev# vserver deploy enter 1101496316 M * Zoiah WARNING: can not find configuration, assuming legacy method 1101496316 M * Zoiah ipv4root is now 193.16.154.41 1101496316 M * Zoiah chcontext: vc_new_s_context(): Operation not permitted 1101496318 M * Zoiah timmy:/dev# 1101496345 M * Zoiah This is with 0.30.196 1101496484 M * Bertl http://irc.13thfloor.at/LOG/LOG_2004-11-23.txt 1101496574 M * Bertl so we are still 'investigating' this ... and it seems enrico is away ... 1101496577 M * Zoiah Hmm, I seee talking about the problem. 1101496594 M * Zoiah I don't have the problem with a non-legacy vserver. 1101496606 M * redLED Bertl, i was wondering if hmm, okay kernel part is finished ... <- means that the NGN kernel is all done :p 1101496629 M * Bertl redLED: hmm, nope, just the iptables target I was talking about ... 1101496637 M * redLED ah :) 1101496647 M * Bertl btw, how is your testing status? 1101497492 M * redLED didn't get to it yet, gf forced me into making dinner 1101497496 M * redLED burned the chicken 1101497500 M * redLED had to rewind and repeat 1101497676 M * Bertl oh my god, I hope you didn't set your gf on fire ;) 1101498078 M * redLED nah, she gave the final result a 4-star rating 1101498080 Q * ndim Ping timeout: 480 seconds 1101498404 J * ndim U2FsdGVkX1@helena.bawue.de 1101498428 M * Bertl wb ndim! 1101500611 M * Bertl hmm, okay userspace iptables stuff done too ... 1101501198 M * brc Bertl you are really fast 1101501198 M * brc heeh 1101501221 M * Bertl and it even works ... ;) 1101501232 M * brc heheheh prety cool 1101501234 M * Bertl Chain INPUT (policy ACCEPT) 1101501234 M * Bertl target prot opt source destination 1101501234 M * Bertl VNET all -- anywhere anywhere VNET set 1 1101501245 M * brc you are the man 1101501245 M * brc ehhe 1101501256 M * Bertl okay, off for now ... back later ... 1101501278 N * Bertl Bertl_oO 1101501282 M * brc cya 1101504288 Q * Snow-Man Ping timeout: 480 seconds 1101504497 J * Snow-Man sfrost@snowman.net 1101508153 Q * Snow-Man Ping timeout: 480 seconds 1101508304 J * Snow-Man sfrost@snowman.net 1101509381 Q * redLED Quit: Leaving