1101600058 J * gaber gaber@linuxpl.net 1101601057 Q * gaber Read error: Connection reset by peer 1101601064 J * gaber gaber@linuxpl.net 1101601557 Q * gaber Ping timeout: 480 seconds 1101604172 J * Dew_ Dew@dsl.speedline209.226.electronicbox.net 1101604580 Q * Shuri Ping timeout: 480 seconds 1101606844 Q * monrad Quit: Leaving 1101609865 N * Bertl_oO Bertl 1101609876 M * Bertl greetings folks! 1101611218 Q * ntrs Ping timeout: 480 seconds 1101611374 J * ntrs ntrs@SP2-24.207.228.55.charter-stl.com 1101622624 Q * sannes Read error: Connection reset by peer 1101626697 M * Bertl night everyone! 1101626706 N * Bertl Bertl_zZ 1101629449 M * eyck night night 1101629453 M * eyck what? night? 1101629590 J * sannes ace@home.skarby.no 1101633726 Q * berni uranium.oftc.net venus.oftc.net 1101636459 Q * UFOczek Ping timeout: 480 seconds 1101637754 J * UFOczek ufoczek@hood.openbug.net 1101640480 Q * vx_info Ping timeout: 480 seconds 1101644854 Q * flock Ping timeout: 480 seconds 1101646123 J * virtuoso s0t0na@107ppp11.telegraph.spb.ru 1101647326 Q * Hollow Ping timeout: 480 seconds 1101647454 J * Hollow bene@home.xnull.de 1101649195 N * _no_x no_x 1101650584 Q * virtuoso Read error: Connection reset by peer 1101650596 J * virtuoso s0t0na@mutator.sot.com 1101653755 N * Bertl_zZ Bertl 1101653858 J * tanjix tanjix@c-180-204-70.n.dial.de.ignite.net 1101653862 M * tanjix hi together 1101654003 N * Bertl Bertl_oO 1101654527 J * id_ test@relax-media.softwarezentrum.de 1101654549 M * id_ aloha #versver 1101654621 M * id_ enrico alpha util-vserver0.30.196 does not compile on amd64 - 0.30.195 compiles fine - just 4 info .... 1101655597 M * daniel_hozac what's the problem? 1101655709 M * id_ vserver-start/undo.o(.text+0x100): In function `Undo_addTask': 1101655709 M * id_ vserver-start/undo.c:85: warning: warning: your code still has assertions enabled! 1101655709 M * id_ vserver-start/main.o(.text+0x5cf): In function `main': 1101655709 M * id_ ensc_wrappers/wrappers-stdlib.hc:46: warning: setenv calls malloc. Avoid it in small programs. 1101655709 M * id_ vserver-start/main.o(.text+0x56a): In function `main': 1101655710 M * id_ ensc_wrappers/wrappers-unistd.hc:207: undefined reference to `nice' 1101655711 M * id_ collect2: ld returned 1 exit status 1101655713 M * id_ make[2]: *** [vserver-start/vserver.start.bin] Error 1 1101655715 M * id_ make[2]: Leaving directory `/archiv/userspace/util-vserver-0.30.196' 1101655717 M * id_ make[1]: *** [install-recursive] Error 1 1101655719 M * id_ make[1]: Leaving directory `/archiv/userspace/util-vserver-0.30.196' 1101655721 M * id_ make: *** [install] Error 2 1101655738 M * id_ does not happen with .195 1101655909 M * daniel_hozac what dietlibc version? 1101656028 M * id_ 0.27 1101656132 M * id_ -2 (debian aloith repository) 1101656206 Q * id_ Quit: i will be back this night ... cya laters 1101657764 J * berni berni@2001:1b18:202::2 1101658348 N * Bertl_oO Bertl 1101658437 M * Doener hi Bertl! 1101658459 M * Bertl hey Doener! 1101658467 M * Doener how are you? 1101658476 M * Bertl fine thanks ... and you? 1101658520 M * Doener fine, but Haskell makes me go crazy... 1101658555 M * Bertl hmm .. why's that? 1101658648 M * Doener dunno, it's quite ok, but i just don't like the syntax... guess i'm too used to imperative languages 1101658735 M * Doener and sometimes it may be hugs' fault... i messed up 'data' and 'type' and it tells me that i had a misplaced semicolon... 1101658760 M * sannes :) 1101659490 J * Bertl_ herbert@janus.mc.tuwien.ac.at 1101659605 Q * Bertl Ping timeout: 480 seconds 1101659618 N * Bertl_ Bertl 1101664349 Q * Dew_ Quit: Leaving 1101664731 J * id_ test@dsl-213-023-038-026.arcor-ip.net 1101664806 M * Bertl Doener: any news regarding the uptime/start time stuff? 1101665477 J * karlmikaze_ chatzilla@ad96e0e7b.dsl.de.colt.net 1101665486 M * karlmikaze_ hi all 1101665502 M * Bertl greetings karlmikaze_! 1101665544 M * karlmikaze_ impressive project that is :) just got my first vs install done in vmware/debian sarge. w.o.w. 1101665568 M * karlmikaze_ thanks for your hard work 1101665669 M * Bertl you're welcome! 1101665936 M * karlmikaze_ just one question: which ulimit environment is proven to work with vserver-1.2.9 on debian-sarge, kernel 2.4.27? i'm getting "ulimit: max user processes: cannot modify limit" errors upon entering a vserver. 1101666051 M * Bertl try using -HS instead of only -S in the config file 1101666072 M * Bertl (it's a kernel feature introduced in 2.4.24 or so ..) 1101666117 M * karlmikaze_ aaahhhh :) thanks! 1101666234 J * flock restless@l192-117-111-12.broadband.actcom.net.il 1101666840 M * Bertl karlmikaze_: btw, did you have a look at the 2.6/1.9 features? 1101666861 M * Doener Bertl: nothing yet, i'm going to test some stuff with the 'fix' reverted later today, maybe that tells me anything 1101666875 M * Doener s/any/some/ 1101666879 M * karlmikaze_ bertl: not yet. i'm evaluating a stable setup in vmware a.t.m. 1101666916 M * Bertl Doener: okay, let me know if you track it down ... 1101666917 M * karlmikaze_ bertl: (looking for a non-profit typo3 hosting solution) 1101666950 M * Bertl how is typo3 ? 1101666974 M * karlmikaze_ http://typo3.com - os-web-cms 1101666996 M * Bertl yep, I know that, but how is it in action? 1101667154 M * karlmikaze_ i'll never touch anything else, cms-wise ;) great code, great community, great flexibilty. all oop, extension (==plugin) manager/kickstarter, rapid development using its api. 1101667196 M * karlmikaze_ plus easier to hack, being written in php. zope/opencms are fine, but python/java... 1101667356 M * Bertl any issues so far? 1101667521 M * karlmikaze_ no. performs great, we're running a 20+ million pi/month site on typo3, all dynamic delivery on a p4-2.4/1gig ram. code is being audited regularly by an austrian security company (no open issues as of now). 1101667564 M * Bertl sounds good ... I'll probably have a second look at it ... 1101670942 Q * karlmikaze_ Quit: ChatZilla 0.9.61 [Mozilla rv:1.7.3/20040910] 1101671054 Q * ndim Ping timeout: 480 seconds 1101671158 M * Bertl okay, back later ... 1101671164 N * Bertl Bertl_oO 1101671278 J * ndim U2FsdGVkX1@helena.bawue.de 1101671960 Q * id_ Quit: Verlassend 1101675669 J * meebey meebey@meebey.net 1101676159 J * Psy0rz psy0rz@linuxsysteem.nl 1101676160 M * Psy0rz Hi all 1101676286 M * Psy0rz Are there known issues about breaking out of a vserver or to run arbirary code somehow outside a vserver? Or no serious security issues till now ? 1101676938 M * sannes Psy0rz : there has been, not anyone known right now (and not for quite a while), bad configuration and weird setups might fool you.. 1101677067 M * sannes Psy0rz : I don't know how this is for 2.6, but the it is basically about keeping your /dev clean and not putting devices and mount points you don't have 100% understanding about into the vserver.. 1101677274 M * Psy0rz Ok, sounds cool! Thanx. 1101677575 M * sannes oh it rules, no doubt about it 1101677579 M * sannes :) 1101677581 M * Psy0rz I don't know if there are any developers of vserver inhere, but I think I found a small bug in the vserver 1.29 2.4.28 kernel patch. It seems the patch forgets to add the XFS_DIFLAG_IUNLINK define to xfs_dinode.h 1101677595 M * Psy0rz which breaks the build of xfs_super 1101677615 M * Psy0rz (ofcourse this is simply solved, but I don't know if it was known or not) 1101677693 M * Psy0rz yeah I tried it a few days ago, but vserver really rocks :) 1101677855 M * no_x Psy0rz: if you like 1.29 you should have a look on the new features of 1.9.x 1101677873 M * Psy0rz no_x 1.9.x is a development release ? 1101677881 M * Psy0rz lemme checkout the website... 1101677898 M * no_x development release like 2.6 (: 1101678057 M * Psy0rz no_x well features list looks nice 1101678065 M * no_x it is ! 1101678096 M * no_x http://www-user.tu-chemnitz.de/~ensc/util-vserver/doc/conf/configuration.html 1101678165 M * Psy0rz omg, that page is a pain to my eyes ;) 1101678174 M * no_x the configuration quite differ and you need thee 0.30.19x utils 1101678218 M * no_x Psy0rz: take css boring 1101678231 M * Psy0rz links solves the problem :) 1101678240 M * Psy0rz I am reading/browsing the page right now 1101678380 M * Psy0rz It looks quite extended 1101679068 J * monrad monrad@213083190130.sonofon.dk 1101681310 J * Johan johan@cc30575-a.emmen1.dr.home.nl 1101681312 M * Johan Hi all 1101681403 M * albeiro hi Johan :) 1101681501 M * Johan Hi albeiro (btw I am Psy0rz) 1101681760 M * Johan Maybe a question that's not specific related to the vserver project, but is there a list available of proc entries that are insecure or can be dangerous within a vserver ? 1101681822 M * albeiro i do not think there is such a list ready, but try to browse through vserver documentation, there should be mentioned some of them 1101681823 M * Johan somehow I don't have a clear view of the entries that live in the proc filesystem, and actually I am concerned there are entry's that can be a point of danger. 1101681832 M * Johan Hmm ok 1101681842 M * albeiro and look at grsecurity patch also which one it restricts 1101681862 M * albeiro basically allow only that what it really needed 1101681889 M * Johan Yeah there rises another question, is it possible to leave/disable/hide proc entries per-vserver 1101681914 M * Johan Hmm stupid question, never mind that (it's late here...) 1101681943 M * albeiro i think it should be possible, but duno really 1101681949 M * Doener it's not 1101681965 M * Johan Hmmm maybe not 1101681977 M * albeiro Doener: would it be possible to specify which context can see it ? 1101682003 M * Doener if you change the kernel, yes ;) 1101682024 M * albeiro hehe, sure i could ;] 1101682025 M * Johan Yeah I was afraid of that. So till now the best way is probably to secure it with grsec or so ;) 1101682046 M * albeiro but with grsec they will still be readable by root 1101682050 M * Doener you can generally hide entries, but not per context 1101682059 M * Doener just 0/1/other 1101682085 M * albeiro Doener: should i bug Bertl about that, what do you think ? ;p 1101682111 M * Doener i don't see much use in making any entries visible ;) 1101682126 M * Doener (except the absolutely needed ones that is) 1101682137 M * albeiro heh, right 1101682150 M * Doener http://savannah.nongnu.org/cgi-bin/viewcvs/util-vserver/util-vserver/distrib/misc/vprocunhide-files?rev=1.2&content-type=text/vnd.viewcvs-markup 1101682165 M * Doener Johan: that list is used by the vprocunhide script that comes with the alpha tools 1101682200 M * Johan Doener: that's interesting ! 1101682215 M * Doener i don't remember what a - in front of the line means... 1101682229 M * Doener at least those without a - are made visible 1101682237 M * Doener s/at least// 1101682289 M * Doener by default all entries are hidden on 1.9.x, that's why only those that are made visible are listed 1101682294 M * Johan So actually this is a list of what's a minimum/basic requirement of proc entries, right ? 1101682303 M * albeiro anyway, proc should be for _processes" information only, but kernel developers seem to forgot about it a menwhile 1101682344 M * Doener albeiro: i thought they're going back to that by sysfs 1101682374 M * Johan albeiro: Ah that's why other unixes have only /proc/ files and not more (at least that's what I saw on some boxes) 1101682384 M * Johan +? 1101682387 M * Doener Johan: depends on your needs, but in most common usage environments that's the minimum, special purposes may of course lower the requirements 1101682399 M * Johan ic 1101682635 M * albeiro Doener, Johan: yeah :) 1101682682 M * Doener Johan: FYI lycos is using the 1.9.x development release in production for their vserver hosting 1101682697 M * Johan Doener: that's cool to hear! 1101682698 M * Doener so you may consider it quite stable ;) 1101682741 M * Johan Doener: I only tried 1.29 a few days ago, and when I have some time (tomorrow I hope...) I will gi 1.9.x a try 1101682757 M * Doener great! 1101682759 M * Johan I am really enthousistic about this project, it really rocks 1101682776 M * Doener ok, i'm back to the books, got an exam on tuesday. later guys... 1101682780 N * Doener Doener|gone 1101682785 M * Johan later Doener|gone 1101683903 M * Johan need some sleep, goodbye all 1101683913 M * no_x cu Psy0rz Johan 1101683919 Q * Johan Remote host closed the connection 1101684146 Q * tanjix Quit: