1106352002 M * Bertl have fun, cya tomorrow! 1106352007 N * Bertl Bertl_zZ 1106352105 M * nayco night, Bertl_zZ 1106352107 M * nayco ! 1106353072 J * sod ~sod@sod.uniques.ro 1106353493 M * sod hello, can anyone explain me what does "chcontext: vc_new_s_context(): Operation not permitted" mean? 1106353499 M * sod and how to get rid of it 1106353525 M * sod it displays it when I try to enter a vserver 1106353631 M * mikelcu the vserver is definitely running? 1106353701 M * sod don't know, it seems to start, somehow 1106353727 M * mikelcu what kernel version? 1106353737 M * sod eh, 2.6.9 1106353745 M * sod latest utils 1106353746 M * mikelcu vserver version? 1106353756 M * mikelcu 1.9.3 I'm guessing yes? 1106353764 M * sod 1.9.3 1106353766 M * sod yes 1106353775 M * sod alpha branch for the utils 1106353862 M * mikelcu are you running the command as root? 1106353876 M * sod yes, ofc 1106353921 M * sod ackup:/# vserver backup01 enter 1106353921 M * sod WARNING: can not find configuration, assuming legacy method 1106353921 M * sod ipv4root is now xxx.xxx.xxx.xxx 1106353921 M * sod chcontext: vc_new_s_context(): Operation not permitted 1106353980 M * sod i used vprocunhide first, without it the vserver couldn't mount /proc 1106354013 M * sod before doing that i was able to enter the vserver, but with no /proc, it wasn't usable 1106354040 M * mikelcu hm I'm really not sure 1106354107 M * sod me neither, and I've been working on this one for quite a few hours now 1106354120 M * mikelcu you might try moving to new-style configs 1106354126 M * sod the thing is that we must run a 2.6 kernel for other reasons 1106354145 M * sod I'm looking on that right now, searching the docs 1106354150 M * mikelcu http://www-user.tu-chemnitz.de/~ensc/util-vserver/doc/conf/configuration.html 1106354175 M * mikelcu might make your eyes bleed a little, but it contains the info you need about new configs 1106354195 M * mikelcu I am running 2.6.9+1.9.3 on gentoo and it's working great 1106354244 M * mikelcu so I can fill you in on most of the skeleton config for a vserver instance, minus any distro-specific stuff 1106354267 M * sod wow, good thing I'm not epileptic, that page can give you a seizure 1106354276 M * mikelcu hahah 1106354291 M * sod tnx, I'm reading it now 1106354335 M * sod ok, changed the css, it's readable now 1106354356 M * mikelcu gotta love client-side css 1106354381 M * sod yeap 1106354442 M * sod ok, to make things short, could you provide me a working new style config for a vserver? 1106354500 M * mikelcu funny you should mention that 1106354623 M * mikelcu can you take DCC? 1106354641 M * sod guess, so 1106354645 M * sod let's try it 1106354654 Q * prae Quit: Pwet 1106354669 M * sod ok, tnx 1106354685 M * mikelcu ok here is what I have, and how that relates 1106354699 M * mikelcu I named my vservers after the domain or host they serve 1106354729 M * mikelcu i.e. /etc/vservers/mail.domain.com contains the config for the mail.domain.com vserver 1106354730 J * manju ~root@220.224.39.189 1106354745 M * sod yes, I can see that 1106354759 M * mikelcu each vserver gets its own subdirectory rather than a file now, which you can also see 1106354772 M * sod ok, I see 1106354773 M * mikelcu most of that will be pretty self-explanatory 1106354780 M * mikelcu nodename, domainname, etc 1106354780 M * sod yes, it's clear 1106354789 M * mikelcu here's the caveat though 1106354809 M * mikelcu docs are pretty sparse, so I pieced that together and it's working fine for me 1106354827 M * mikelcu but I really don't know if the example is "proper" per se 1106354830 M * sod ok, it's a starting point anyway 1106354832 M * sod tnx 1106354860 M * sod backup:/usr/local/etc# vserver-stat 1106354860 M * sod CTX PROC VSZ RSS userTIME sysTIME UPTIME NAME 1106354860 M * sod 0 33 56.4M 4.1K 2m22s92 0m52s83 1h49m46 root server 1106354860 M * sod 49153 4 6.3M 604 0m00s00 0m00s00 1h13m52 1106354860 M * sod 49154 4 6.3M 604 0m00s00 0m00s00 49m12s63 1106354873 M * mikelcu seem to be missing some names 1106354891 M * sod yes, how do I kill these contexts? 1106354984 M * sod --xid 1106355073 M * mikelcu sounds right 1106355414 M * manju i have problem installing vserver on my red hat linux 9 1106355523 M * mikelcu what problem 1106355573 M * manju can any body help me 1106355673 M * sod yes, it fscking works! 1106355679 M * mikelcu sod: cool :) 1106355693 M * sod damn, it's 3 in the morning here 1106355694 M * mikelcu manju: you have to tell us what the problem is before anyone can help you 1106355708 M * sod with some luck I'l be able to go to sleep around 5 1106355725 M * mikelcu haha 1106355855 J * sannes ~ace@home.skarby.no 1106355862 J * DaCa ~danny@d51A48B4A.access.telenet.be 1106356080 Q * manju Ping timeout: 480 seconds 1106356195 M * DaCa hi, I'm new to vserver, but have some experience with freebsd jails 1106356253 M * DaCa I am setting up a server with debian sarge, kernel 2.4.28-vs1.29-grsec 1106356310 M * DaCa I only have one real nic and only one static IP. 1106356380 M * DaCa My idea is to hang the vservers onto lo:aliases and then portredirect some incoming to the right vsersers. 1106356389 M * DaCa Does that make any sense? 1106356404 M * mikelcu hm 1106356460 M * mikelcu that might work, not sure 1106356464 M * mikelcu never tried it 1106356549 M * DaCa the reason for this idea is that if I put them on the real nic I cant firewall them right? 1106356610 M * DaCa I guess I will just have to try it out :) 1106356782 M * mikelcu actually I think you can firewall, the issue with iptables is that you can't change rules from inside a vserver 1106356792 M * mikelcu so you'd have to make rules on the root host 1106356799 M * sod you can use iptables in the root host 1106356803 M * sod no doubt vout it 1106356811 M * DaCa thats no problem 1106356827 M * sod so, you can build a firewall 1106356841 M * sod hint, -d vserver_ip 1106357051 M * DaCa is it better to hang them on eth0 instead of lo? 1106357123 M * sod yes 1106357251 Q * nayco Quit: Bonne nuit ! 1106357583 M * DaCa any reasoning behind this? I was under the impression that it would be a bad idea to hang the external and internal network on the same interface 1106357604 M * DaCa I need to read up on netfilter, I am not used to it 1106358153 M * mikelcu domain brokers are slime 1106358180 M * mikelcu I can't believe this crap is legal 1106359318 Q * DaCa Quit: zZzZzZz 1106361696 Q * ensc Ping timeout: 480 seconds 1106363356 M * mugwump "Barely legal" domains! domain on domain action 1106363701 M * mikelcu haha 1106363725 M * mikelcu whoa, http://vserver.13thfloor.at/Linux2.6/index.php?page=Per+Context+Disk+Limits got whacked 1106363768 M * mikelcu some assclown from taiwan must have written a wiki vandalizer 1106366148 Q * nox uranium.oftc.net jupiter.oftc.net 1106366148 Q * sannes uranium.oftc.net jupiter.oftc.net 1106366148 Q * mikelcu uranium.oftc.net jupiter.oftc.net 1106366148 Q * BobR_zZ uranium.oftc.net jupiter.oftc.net 1106366148 Q * sladen uranium.oftc.net jupiter.oftc.net 1106366148 Q * v00dY uranium.oftc.net jupiter.oftc.net 1106366148 Q * Seraph uranium.oftc.net jupiter.oftc.net 1106366148 Q * berni uranium.oftc.net jupiter.oftc.net 1106366148 Q * aba uranium.oftc.net jupiter.oftc.net 1106366192 J * sannes ~ace@home.skarby.no 1106366192 J * mikelcu ~o_o@c-24-21-186-135.client.comcast.net 1106366192 J * BobR_zZ ~georg@MAIL.13thfloor.at 1106366192 J * nox ~vps@c150074.adsl.hansenet.de 1106366192 J * berni ~berni@2001:1b18:202::2 1106366192 J * sladen paul@starsky.19inch.net 1106366192 J * v00dY v00dy@62.241.52.143 1106366192 J * aba ~aba@sol.turmzimmer.net 1106366192 J * Seraph kk@projects.verfaction.de 1106366288 Q * berni jupiter.oftc.net plasma.oftc.net 1106366288 Q * aba jupiter.oftc.net plasma.oftc.net 1106366364 J * berni ~berni@2001:1b18:202::2 1106366364 J * aba ~aba@sol.turmzimmer.net 1106369091 J * nox- ~vps@c135084.adsl.hansenet.de 1106369167 Q * nox Read error: Connection reset by peer 1106369204 Q * v00dY jupiter.oftc.net quasar.oftc.net 1106369204 Q * BobR_zZ jupiter.oftc.net quasar.oftc.net 1106369204 Q * mikelcu jupiter.oftc.net quasar.oftc.net 1106369204 Q * sannes jupiter.oftc.net quasar.oftc.net 1106369204 Q * Seraph jupiter.oftc.net quasar.oftc.net 1106369204 Q * sladen jupiter.oftc.net quasar.oftc.net 1106369211 N * nox- nox 1106369219 J * sannes ~ace@home.skarby.no 1106369219 J * mikelcu ~o_o@c-24-21-186-135.client.comcast.net 1106369219 J * BobR_zZ ~georg@MAIL.13thfloor.at 1106369219 J * sladen paul@starsky.19inch.net 1106369219 J * v00dY v00dy@62.241.52.143 1106369219 J * Seraph kk@projects.verfaction.de 1106370268 Q * berni uranium.oftc.net jupiter.oftc.net 1106370268 Q * aba uranium.oftc.net jupiter.oftc.net 1106370268 Q * nox uranium.oftc.net jupiter.oftc.net 1106370285 J * nox ~vps@c135084.adsl.hansenet.de 1106370285 J * aba ~aba@sol.turmzimmer.net 1106370285 J * berni ~berni@2001:1b18:202::2 1106370341 Q * nox jupiter.oftc.net neutron.oftc.net 1106370343 J * nox ~vps@c135084.adsl.hansenet.de 1106370377 Q * berni jupiter.oftc.net plasma.oftc.net 1106370377 Q * aba jupiter.oftc.net plasma.oftc.net 1106370379 J * berni ~berni@2001:1b18:202::2 1106370379 J * aba ~aba@sol.turmzimmer.net 1106385082 N * P[ia]zZzzz[oa]{3} Pazzo 1106385769 N * Bertl_zZ Bertl_oO 1106385940 M * Pazzo moin bertl :) 1106386143 N * Pazzo PazZzooo 1106386705 N * Doener|zZz Doener 1106387172 Q * grecea Remote host closed the connection 1106388003 J * grecea ~grecea@h-195-22-237-74.mdl.net 1106390760 Q * grecea Remote host closed the connection 1106395656 Q * sannes Ping timeout: 480 seconds 1106397154 J * prae ~prae@sherpadown.net 1106400819 N * Bertl_oO Bertl 1106400828 M * Bertl morning folks! 1106401068 M * aba hi Bertl 1106401087 M * Bertl hey aba! everything fine? 1106401089 M * aba you're just coming right: Is it a risk to offer /dev/(u)random to vhosts? 1106401094 M * aba mostly yes :) 1106401122 M * aba and the sudo-problem was a interessting behaviour of sudo and groups - I swapped the order of db and files, and now it works. 1106401125 M * Bertl well, reseeding the rnd requires caps, so it should be fine to have them inside the vserver 1106401143 M * Bertl aba: ah, so not vserver related at all, right? 1106401160 M * aba not related. 1106401164 M * aba but still interessting. 1106401170 M * Bertl definitely! 1106401385 M * Bertl hey great 2.6.11-rc2 is out! 1106401593 J * Tbery ~tb@rt-pha-1.karneval.cz 1106401632 M * Bertl welcome Tbery! 1106401733 M * Tbery HI 1106401737 M * Tbery all 1106402518 Q * flock Remote host closed the connection 1106402582 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1106402683 M * Bertl wb flock! 1106403257 M * eyck AFAIK random is safe to be fed with anything 1106403288 M * Bertl in theory .. yes ... 1106403352 M * Bertl one issue with random (not urandom) is that you could easily deplete the entropy pool, which in turn can cause all other users to hang ... 1106403375 M * aba well, I trust my users _that_ much. I don't have an issue of they can DoS my box. 1106403389 M * Bertl ;) 1106403605 M * Bertl aba: anyway, it might not be on purpose ... having a lot of entropy sources is advised for linux-vservers ... 1106404276 J * Alecsandro ale@ns1.ownado.com 1106404385 J * Marlow ~marlow@217.67.139.197 1106404450 Q * are|afk Ping timeout: 480 seconds 1106404518 M * Bertl welcome Marlow! 1106404525 M * Bertl welcome Alecsandro! 1106404535 M * Alecsandro Bertl, ;) 1106404702 M * Marlow hi :) 1106405082 J * are|afk ~are@dsl-084-056-155-140.arcor-ip.net 1106405203 M * Bertl wb are|afk! 1106405465 J * monrad ~monrad@213083190130.sonofon.dk 1106405476 M * Bertl welcome monrad! 1106405499 J * rs rs@ice.aspic.com 1106405507 M * Bertl welcome rs! 1106405521 M * rs hi 1106405522 M * rs thx 1106405642 M * Bertl I tried to reproduce the logs you get with a dual qemu setup, which works surprisingly well, where one qemu is nfs server for xid-tagged rootfs and vservers dir and the other is a client ... 1106405683 M * rs and did you find why ? 1106405687 M * Bertl but it works here like a charm, not a single log message ... 1106405718 M * Bertl so I'd ask you to use the patch for vs1.9.4-rc2 and try again ... 1106405728 M * Bertl (maybe we lost some hunks on the way ;) 1106405756 M * Bertl http://vserver.13thfloor.at/Experimental/NGNET/diff-2.6.11-rc1-vs1.9.4-rc2-ng8.12.diff 1106405761 M * rs ok 1106405782 M * Bertl if the logging remains, we have to narrow down the differences 1106405872 Q * Marlow Quit: [BX] If idiots could fly, IRC would be an airport 1106406098 M * monrad hi 1106406173 M * rs Bertl: found another difference: nfsall 1106406187 M * Bertl hmm, good point! 1106406196 M * Bertl try to avoid it for a test ... 1106406206 M * rs yeah I start without it 1106407533 J * sannes ~ace@home.skarby.no 1106407583 Q * prae Quit: Pwet 1106408338 M * Tbery Bertl, why I could send email with postfix?? 1106408344 M * Tbery from vservrer?? 1106408432 J * prae ~prae@sherpadown.net 1106408491 M * Loki|muh why not? 1106409070 M * Bertl Tbery: hmm, please rephrase ... 1106409346 M * Tbery Bertl, I get mail but I cant send.. 1106409351 M * Tbery and config are same.. 1106409367 M * Bertl what error message do you get? 1106409559 M * Tbery Jan 22 16:58:05 zs-ln amavis[6033]: (06033-02) Passed, -> , Message-ID: <20050122155734.M22943@zs-ln.cz>, Hits: - 1106409559 M * Tbery Jan 22 16:58:05 zs-ln amavis[6033]: (06033-02) TIMING [total 7427 ms] - SMTP EHLO: 1 (0%), SMTP pre-MAIL: 0 (0%), SMTP pre-DATA-flush: 1 (0%), SMTP DATA: 39 1106409559 M * Tbery Jan 22 16:58:05 zs-ln postfix/smtp[6271]: D9E37498058: to=, relay=127.0.0.1[127.0.0.1], delay=8, status=sent (250 2.6.0 Ok, id=06033-02, fr 1106409559 M * Tbery Jan 22 16:58:05 zs-ln postfix/qmgr[6188]: D9E37498058: removed 1106409561 M * Tbery Jan 22 16:58:05 zs-ln postfix/smtp[6379]: connect to mail.zstaborska.cz[213.151.94.86]: Invalid argument (port 25) 1106409566 M * Tbery Jan 22 16:58:05 zs-ln postfix/smtp[6379]: connect to smtpb-in-2.worldonline.cz[195.146.100.49]: Invalid argument (port 25) 1106409569 M * Tbery Jan 22 16:58:05 zs-ln postfix/smtp[6379]: connect to smtpb-in-3.worldonline.cz[195.146.100.39]: Invalid argument (port 25) 1106409572 M * Tbery Jan 22 16:58:05 zs-ln postfix/smtp[6379]: 4F51D49806E: to=, relay=none, delay=0, status=deferred (connect to smtpb-in-3.worldonline.cz[195. 1106409634 M * Tbery I can gat email.. 1106409643 M * Tbery but smtp..is wrong.. 1106409668 M * Bertl well, invalid argument on connect ... 1106409681 M * Tbery connect to mail.zstaborska.cz[213.151.94.86]: Invalid argument (port 25) 1106409687 M * Tbery why is this?? 1106409715 M * Bertl no idea ... you probably have to enable debugging for postfix/smtp ... 1106409739 M * Tbery what it mean?? 1106409755 M * Tbery how unenabled?? 1106409764 M * Bertl add -v to the master.cf 1106409774 M * Bertl i.e. change the line to smtpd -v 1106409962 N * Doener Doener|gone 1106409992 M * daniel_hozac Bertl: would removing the hunks for CONFIG_KERNEL_HZ do anything bad? 1106410010 M * Bertl no, you can get a patch for that, if you want 1106410013 M * Tbery smtp inet n - - - - smtpd 1106410016 M * Tbery here?? 1106410020 M * Bertl yep 1106410049 M * daniel_hozac i removed them myself... already had CONFIG_X86_HZ and figured it had the same purpose. 1106410072 M * Bertl k, where are those from? 1106410115 M * Tbery does not work 1106410122 M * daniel_hozac 2.6.10-ac9 1106410183 M * Bertl hmm, a varhz patch is in ac? 1106410198 M * daniel_hozac apparently. 1106410204 M * Bertl good to know, thanks ... 1106410228 M * Bertl btw, ac10 is out ;) 1106410280 M * daniel_hozac ah. 1106410348 M * Bertl hmm, but be careful with the ac version ... 1106410361 M * Bertl (ac version of varhz that is ...) 1106410378 M * daniel_hozac why is that? 1106410380 M * Bertl it will most likely breake for HZ > 1998 ... 1106410390 M * Bertl s/breake/break/ 1106410410 M * daniel_hozac well, i'm not changing it anyway ;) 1106410412 M * Bertl it seems alan didn't test it for higher values ... 1106410429 M * Bertl no problem if you do not use it ;) 1106410744 M * Tbery now is working.. 1106410759 M * Tbery but why must have vserver internet IP?? 1106410772 M * Tbery I used with forwarding.. 1106410783 M * Tbery but now stoped work.. 1106410792 M * Bertl well, there is no forwarding on the host (for vservers) 1106410800 M * Tbery I must get virtual server public ip.. 1106410811 M * Tbery I had.. 1106410816 M * Tbery all worked.. 1106410818 M * Bertl you can use SNAT or masquerading for outgoing conenctions 1106410825 M * Tbery I use snat 1106410827 M * Bertl but no forwarding ... 1106410883 M * Tbery ip_forward=yes 1106410883 M * Tbery spoofprotect=yes 1106410883 M * Tbery syncookies=no 1106410883 M * Tbery in /etc/network/option.. 1106410933 M * Tbery iface eth2 inet static 1106410933 M * Tbery address 82.113.57.138 1106410933 M * Tbery netmask 255.255.255.248 1106410933 M * Tbery network 82.113.57.136 1106410933 M * Tbery broadcast 82.113.57.143 1106410934 M * Tbery gateway 82.113.57.137 1106410935 M * Tbery iface eth2:1 inet static 1106410937 M * Tbery address 82.113.57.139 1106410941 M * Tbery netmask 255.255.255.248 1106410943 M * Tbery network 82.113.57.136 1106410945 M * Tbery broadcast 82.113.57.143 1106410947 M * Tbery in interfaces.. 1106410967 M * Tbery $IPT -A INPUT -p tcp -i $WANIFACE --dport 10025 -j ACCEPT 1106410967 M * Tbery $IPT -A INPUT -p tcp -d 82.113.57.138 --dport 10025 -j DROP 1106410967 M * Tbery $IPT -A INPUT -p tcp -d 82.113.57.139 --dport 10025 -j ACCEPT 1106410967 M * Tbery $IPT -t nat -A PREROUTING -p tcp -d 82.113.57.139 --dport 10025 -j DNAT --to 192.168.0.1:10025 1106410967 M * Tbery $IPT -A FORWARD -i $WANIFACE -o $LANIFACE -p tcp -d 192.168.0.1 --dport 10025 -j ACCEPT 1106410973 M * Tbery this in firewall.. 1106410979 M * Tbery and all worked.. 1106410999 M * Tbery I have two server with same configs.. 1106411006 M * Tbery on one is running wel.. 1106411009 M * Tbery on one is running well.. 1106411016 M * Tbery on one is bad.. 1106411019 M * Bertl hmm, you use port 10025 and postfix complains about port 25 1106411041 M * Tbery for amavis.. clamav ports.. 1106411065 M * Tbery $IPT -A INPUT -p tcp -i $WANIFACE --dport 25 -j ACCEPT 1106411066 M * Tbery $IPT -A INPUT -p tcp -d 82.113.57.138 --dport 25 -j DROP 1106411066 M * Tbery $IPT -A INPUT -p tcp -d 82.113.57.139 --dport 25 -j ACCEPT 1106411066 M * Tbery $IPT -t nat -A PREROUTING -p tcp -d 82.113.57.139 --dport 25 -j DNAT --to 192.168.0.1:25 1106411066 M * Tbery $IPT -A FORWARD -i $WANIFACE -o $LANIFACE -p tcp -d 192.168.0.1 --dport 25 -j ACCEPT 1106411068 M * Tbery #presmero 1106411074 M * Tbery this is for postfix.. 1106411082 M * Tbery only I cant send email.. 1106411096 M * Tbery I recived.. 1106411103 M * Tbery but not send.. 1106411114 M * Tbery only with public ip.. 1106411116 M * Bertl yes, because on the outgoing path you have no mapping from 192.168.0.1 to the 82.113.57.139 ip 1106411149 M * Tbery .. I must have more in firewall??? 1106411187 M * Bertl the forward rule will only be relevant if you have a real machine behind this box somewhere 1106411208 M * Bertl so assumed that your vserver uses 192.168.0.1, then the forward rules can go 1106411216 M * Bertl (because they have no effect at all) 1106411231 M * Tbery what do you advice?? 1106411274 M * Bertl I would add something like: -A POSTROUTING -s 192.168.0.1 -j SNAT --src-to 82.113.57.139 1106411299 M * Bertl maybe with --dport 25 and other checks/restrictions 1106411336 M * Bertl (this is for the nat table, so it requires -t nat 1106412250 Q * DuckKing Ping timeout: 480 seconds 1106413386 M * rs re 1106413398 M * Bertl wb rs! 1106413519 M * rs Bertl: still have messages 1106413537 M * rs with 1.9.4-rc1 and 8.12, no delta, no nfsall 1106413541 M * Bertl okay, any ideas how to narrow it down? 1106413573 M * rs I know that dev_queue_xmit_nit message was added in one of your ng8.x delta 1106413577 M * rs is it correct ? 1106413598 M * rs what does it mean exactly ? 1106413640 M * Bertl it means that a packet is transmitted which is nfxid tagged with a different tag as the interface 1106413650 M * Bertl dev_queue_xmit_nit(f7f681c0[#49152],f7cf9000[{eth0},#0]) 1106413666 M * Bertl this for example means that xid=49152 did create/tag the packet 1106413679 M * Bertl which is now transmitted via eth0 (which has xid=0) 1106413704 M * Bertl (this should not happen as the packet is supposed to leave via en0, which would change the nfxid tagging accordingly 1106413727 M * rs yeah but I don't setup vnet devices 1106413743 M * rs I don't setup nothing regarding network in the vserver 1106413753 M * rs a simple chcontext can trigger it 1106413836 M * Bertl I can even start a vserver over tagged NFS without triggering this message here :/ 1106414123 M * rs really strange 1106414149 M * rs maybe you can go on the node, maybe there something I don't see 1106414153 M * Bertl I'll install the kernel on the quad, can you provide some kind of nfs server? 1106414202 M * rs hmm yes I check 1106414239 M * rs what is the IP of the quad ? I don't remember 1106414735 J * pulsar ~pulsar@82.209.237.8 1106414762 M * Bertl welcome pulsar! 1106414775 M * pulsar Hi ! 1106414859 N * _Medivh Medivh 1106415156 Q * aba Remote host closed the connection 1106415170 J * aba ~aba@sol.turmzimmer.net 1106415175 M * Bertl wb aba! 1106415410 Q * hesus Ping timeout: 480 seconds 1106415457 J * duckx ~Duck@dyn-83-157-197-114.ppp.tiscali.fr 1106415477 M * Bertl welcome duckx! 1106415511 M * duckx Yo bertl ! 1106415517 M * duckx How are you doing ? 1106415532 M * duckx Our vservers are rocking :) 1106415544 M * Bertl great! and good to hear! 1106415571 M * duckx The box is now running with 7 vservers ... 1106415583 M * duckx And damn they work :) 1106415594 M * Alecsandro ipv6 work now in vserver ? 1106415609 M * duckx Welll.... 1106415616 M * duckx As far as I concerned ... 1106415619 M * Bertl duckx: well, you might consider adding yourself (or your company) to the happy linux-vserver users ... 1106415629 M * duckx Sure :) 1106415633 M * Bertl Alecsandro: on the host, yes, for the vserver no 1106415641 M * Alecsandro Bertl, ok 1106415657 M * Bertl this is something which will be possible with ngnet though ... 1106415753 M * Bertl okay, off for dinner now, back in 30-40 mins ... 1106415760 N * Bertl Bertl_oO 1106415989 M * duckx Bertl_oO: I just added OurSelf to the Happy users :) 1106416642 J * _ruben_ ~ruben@217.129.244.95 1106416792 Q * pulsar uranium.oftc.net quasar.oftc.net 1106416792 Q * sannes uranium.oftc.net quasar.oftc.net 1106416792 Q * v00dY uranium.oftc.net quasar.oftc.net 1106416792 Q * mikelcu uranium.oftc.net quasar.oftc.net 1106416792 Q * BobR_zZ uranium.oftc.net quasar.oftc.net 1106416792 Q * sladen uranium.oftc.net quasar.oftc.net 1106416792 Q * Seraph uranium.oftc.net quasar.oftc.net 1106416849 M * _ruben_ i'm trying to compile util-vserver-0.30.196 in Debian but configure warns me that dietlibc is too old: 0.24+ required, diet version 0.27-7 found 1106416851 J * v00dY v00dy@62.241.52.143 1106416864 M * _ruben_ it sees to be confused by the -7 1106416869 J * Seraph kk@projects.verfaction.de 1106416876 J * sladen paul@starsky.19inch.net 1106416900 M * _ruben_ can I force it to use dietlibc anyway? 1106416914 J * BobR_zZ ~georg@MAIL.13thfloor.at 1106417439 M * Loki|muh yes, there is a configure option for this, I guess 1106417616 J * mikelcu ~o_o@c-24-21-186-135.client.comcast.net 1106417734 J * pulsar ~pulsar@82.209.237.8 1106418173 M * xmb loki exop from qnet? 1106418275 M * Loki|muh nope 1106418327 M * _ruben_ Loki|muh: what file should I look for configure options? 1106418349 M * Loki|muh ./configure --help 1106418350 M * Loki|muh :) 1106418423 M * _ruben_ it has a --disable-dietlibc but no --force-dietlibc 1106418452 N * Bertl_oO Bertl 1106418479 M * Bertl evening folks! 1106418600 Q * Alecsandro Quit: Leaving 1106418951 M * Loki|muh _ruben_: oh... then this was in a old version of the tools :( 1106418961 M * Loki|muh bis this issue should be fixed... :( 1106418990 M * _ruben_ where should one look to fix it? 1106419045 M * Loki|muh try some older tools, I dont know which I used that time... :( 1106419056 M * Loki|muh or look at the configure script 1106419067 M * Bertl _ruben_: 0.30.196 should be fine ... 1106419072 M * Loki|muh at the place, where dietlibc is examined... 1106419085 M * Bertl did you check that your dietlibc works as expected? 1106419430 M * _ruben_ Bertl: I don't have the chance to check that. configure says that it needs 0.94+ and that I have 0.97-7 1106419482 M * Bertl sounds like the autoconf is not detecting that properly 1106419531 M * _ruben_ that's what I would like to fix, but don't know how. 1106419589 M * Bertl get the cvs tree and rerun aclocal and autoconf and automake 1106419677 M * _ruben_ i always wanted to learn the autotools, seems like a good time to do it :) 1106420022 M * daniel_hozac i think that problem was discussed on the list? 1106420388 J * nish ~nish@220.224.34.58 1106420398 M * Bertl welcome nish! 1106420494 M * nish morning Bertl 1106420518 M * nish :-) 1106420603 M * nish Bertl:SELINUX is same as vserver,conceptually ? 1106420649 M * Bertl well, not when I checked last time ;) 1106421505 M * nish Am i on the channel 1106421518 M * Bertl hmm, looks like ;) 1106421522 Q * nish Quit: Leaving 1106421539 M * Bertl well, it changed now ;) 1106421550 J * nish ~nish@220.224.34.58 1106421566 M * Tbery Bertl, it dont work.. 1106421571 M * Tbery doesnot 1106421601 M * Bertl what is 'it'? 1106421605 M * Tbery $IPT -t nat -A POSTROUTING -s 192.168.0.1 -o $WANIFACE -j SNAT --to-source 82.113.57.139 1106421614 M * Tbery forwarding.. 1106421636 M * Bertl has nothing to do with forwarding ... 1106421655 M * Tbery no.. 1106421667 M * Tbery IPT -A INPUT -p tcp -i $WANIFACE --dport 10026 -j ACCEPT 1106421667 M * Tbery $IPT -A INPUT -p tcp -d 82.113.57.138 --dport 10026 -j DROP 1106421667 M * Tbery $IPT -A INPUT -p tcp -d 82.113.57.139 --dport 10026 -j ACCEPT 1106421667 M * Tbery $IPT -t nat -A PREROUTING -p tcp -d 82.113.57.139 --dport 10026 -j DNAT --to 192.168.0.1:10026 1106421667 M * Tbery $IPT -A FORWARD -i $WANIFACE -o $LANIFACE -p tcp -d 192.168.0.1 --dport 10026 -j ACCEPT 1106421669 M * Bertl did you tcpdump it on the host, to see what packets leave and return? 1106421674 M * Tbery only this work.. 1106421699 M * Tbery I do that only for some ports.. 1106421705 M * Tbery witch I need.. 1106421715 M * Tbery 25 80 443 21 20 1106421722 M * Tbery 10025 10026 53 1106421765 M * Tbery but on on server work.. 1106421767 M * Tbery this 1106421777 M * Tbery wrehe can be mistake?? 1106421816 M * Bertl probably either in your iptables rules or in your assumptions 1106421846 M * Bertl such issues can not be 'guessed' just analyzed ... and you have to do it step by step ... 1106421895 M * Bertl use telnet (on the vserver) to reach the smtp port of another server, and tcpdump the packets on the host (or even better on the wire) 1106422662 J * hesus darksoul@pingu.ii.uj.edu.pl 1106422672 M * Bertl welcome hesus! 1106423365 M * daniel_hozac re: SELinux... would it be possible to use it inside a vserver? 1106423396 M * Bertl if configured outside, probably ... 1106423432 M * xmb will a grsec kernel run fine inside too? 1106423466 M * Bertl linux-vserver does not use a separate kernel for the guest, and folks report grsec+linux-vserver as wroking fine ... 1106423495 M * xmb i see 1106423510 M * xmb all grsec success reports being 2.4 kernels i guess 1106423544 M * Bertl hmm, probably ... 1106423670 M * pulsar grsec and linux-vserver are not applied clearly... 1106423695 M * Bertl that is why some folks provide 'adapted' patches ;) 1106424251 J * sannes ~ace@home.skarby.no 1106424393 M * Bertl welcome sannes! 1106424958 M * nish Bertl: SElinux's performance will be degraded by this coz it brings all "security policies" at one place and monitor them 1106425024 M * Bertl well, that's the design of SELinux, right? 1106425041 M * nish exactly 1106425293 M * nish Bertl:how does fake init maintains pid=1. 1106425308 M * nish inside vserver 1106425335 M * Bertl depends on the startup, if you have a real init running inside, then fakeinit does a mapping <-> 1 1106425357 M * Bertl if you have just fakeinit active, then the init from the host blends through 1106425508 M * nish no, actually in process table at pid entry does it has pid=1 store or it is managed by ...{dont know :-) } 1106425693 M * Bertl it is virtualized (mapped) on in and output ... 1106425695 Q * serving Ping timeout: 480 seconds 1106426484 J * DuckMaster ~Duck@dyn-83-157-196-50.ppp.tiscali.fr 1106426720 Q * duckx Read error: Operation timed out 1106427096 J * we2by ~jinxi@145.116.6.75 1106427099 M * we2by hello 1106427109 M * Bertl hello we2by! 1106427115 M * we2by is there precompiled kernel module for FC? 1106427127 M * Bertl huh? 1106427129 M * we2by I don't want to recompile my kernel 1106427142 M * Bertl but you just need a module? 1106427153 M * we2by yea, it is easiest way to go 1106427156 M * we2by if posible 1106427170 M * Bertl and what should that module do? 1106427171 M * we2by I am running FC3 1106427187 M * we2by Bertl, do the vserver job 1106427203 M * Bertl ah, I see :-) 1106427215 Q * nish Ping timeout: 480 seconds 1106427222 M * we2by I am running a smp kernel 1106427232 M * we2by 2.6.9-1.667smp 1106427238 M * we2by that version of kernel 1106427250 M * Bertl good to know ... 1106427269 M * we2by any patch or tutorial how to get vserver to work with that version? 1106427319 M * Bertl not that I know of ... 1106427331 M * Bertl but a vanilla kernel should work fine ... 1106427529 J * nish ~nish@220.224.16.99 1106427621 M * Bertl wb nish! 1106427843 M * nish Bertl: init process inside vserver is allocated usual next higher available pid,but the 1106427852 M * nish implemetation i mean whereever this init is used it is mapped ???? 1106427859 M * nish is that so ? 1106427864 M * Bertl yep, precisely 1106427882 M * we2by if I download the 2.6.10 kernel source from kernel org, do I still need to apply the patches from kernel.org is the kernel allready patched? 1106427887 M * nish ok 1106427908 M * Bertl we2by: the 2.6.10 kernel source is 2.6.10, if you mean that ... 1106427926 M * we2by I mean the patches in that kernel dir 1106427930 M * we2by security patches etc 1106427971 M * Bertl url please! 1106427987 M * we2by http://www.kernel.org/pub/linux/kernel/v2.6/ 1106427998 M * we2by Bertl, to use my old config, I just run make oldconfig? 1106428010 M * we2by do I have to copy config to it first? 1106428015 M * we2by or just run make oldconfig? 1106428025 M * Bertl http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.10.tar.bz2 <-- this is the kernel 1106428042 M * Bertl http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.10.bz2 <-- this is a patch against 2.6.9 1106428055 M * we2by okk 1106428070 M * Bertl you copy the .config over and do 'make oldconfig' 1106428099 M * daniel_hozac we2by: i have a 2.6.9-1.667.vs1.9.3.2smp. 1106428138 M * we2by how do I make the 2.6.10 a smp kernel? 1106428161 M * daniel_hozac we2by: and a 2.6.10-1.741.vs1.9.4.0.rc2.1smp 1106428181 M * we2by daniel_hozac, what do I enable in make menuconfig? 1106428186 M * we2by I want it smp 1106428271 M * Bertl probably SMP support ;) 1106428361 M * pulsar Bertl, Is for(;;) program good chois for hard cpu sheduler measurements ? 1106428392 M * Bertl hmm, well, depends ... you can use my cpuhog for that ... 1106428418 M * Bertl http://vserver.13thfloor.at/Experimental/TOOLS/cpuhog.c 1106428430 M * Tbery why I cant telnet zstaborska.cz 25 1106428448 M * Tbery from virtual.. with..postfix.. 1106428450 M * pulsar Bertl> Thank You! 1106428453 M * daniel_hozac we2by: if you want precompiled kernels, take a look at http://rpm.hozac.com/fedora/dhozac/3/i386/vserver/ 1106428485 M * Tbery I can ping 1106428501 M * Tbery but I cant any else.. 1106428501 M * Bertl Tbery: well, ping uses a completely different protocol 1106428532 M * Tbery I know... 1106428541 M * Tbery wherer can be trouble..?? 1106428546 M * Bertl Tbery: try ping -I 82.113.57.139 1106428568 M * pulsar ldd ./a.out -> linux-gate.so.1 => (0xffffe000) strange dependency ... 1106428577 M * Tbery work.. 1106428591 M * Bertl from inside the vserver? 1106428603 M * Bertl (and what about the vserver ip 192.168.x.x ?) 1106428606 M * Tbery yes.. 1106428630 M * we2by I think I did it wrong 1106428637 M * Tbery eth1:quid Link encap:Ethernet HWaddr 00:0A:5E:23:F9:47 1106428637 M * Tbery inet addr:192.168.0.1 Bcast:82.113.57.143 Mask:255.255.0.0 1106428637 M * Tbery UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 1106428637 M * Tbery Interrupt:193 Memory:feaf4000-0 1106428637 M * Tbery eth2:quid Link encap:Ethernet HWaddr 00:40:95:09:29:EA 1106428638 M * Tbery inet addr:82.113.57.139 Bcast:82.113.57.143 Mask:255.255.255.248 1106428641 M * we2by I ran this 1106428642 M * we2by cat patch-2.6.9-vs1.9.3.diff | patch -p1 1106428643 M * Tbery UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 1106428645 M * Tbery Interrupt:225 Base address:0xd000 1106428647 M * Tbery ip.. 1106428647 M * we2by is it ok? 1106428649 M * Tbery on virtual.. 1106428691 M * daniel_hozac we2by: weren't you using 2.6.10? 1106428703 M * we2by nope 1106428711 M * we2by I was using 2.4 on my laptop 1106428717 M * we2by I am reinstall it on my desktop 1106428723 M * we2by but now with 2.6.10 1106428757 M * daniel_hozac we2by: patch-2.6.9-vs1.9.3.diff would not be the right patch for 2.6.10. 1106428765 M * we2by ops 1106428769 M * we2by right 1106428776 M * we2by I'm so studpid 1106428876 M * we2by I can't see the 2.6.10 one on the site 1106428891 M * we2by I'm gonna give that precompiled one a try anyway 1106428900 M * daniel_hozac http://vserver.13thfloor.at/Experimental/RC-1.9.4/ 1106428946 M * we2by daniel_hozac, how do I install a kernel rpm 1106428954 M * we2by I run rpm -iUv file.rpm 1106428962 M * we2by ok , but I still need to run grub 1106428963 M * daniel_hozac we2by: just like any other RPM, rpm -ivh 1106428987 M * we2by I still have to add it to the bootloader 1106428994 M * we2by or does it do it himself? 1106429018 M * daniel_hozac we2by: the post install scriptlet should do that. 1106429044 M * we2by ok 1106429045 M * we2by cool 1106429065 M * we2by does that rpm include vserver utilities too? 1106429080 M * daniel_hozac we2by: no, that's just a kernel RPM. 1106429097 M * we2by any precompiled utilities? 1106429120 M * daniel_hozac rpmbuild -ta util-vserver-0.30.196.tar.bz2 and you'll build them yourself ;) 1106429188 M * we2by I will leave vserver for tomorow 1106429198 M * we2by it is too late now. :) 1106429209 M * Bertl have a good night we2by! 1106429225 M * we2by Bertl, I am not going to sleep yet 1106429226 M * we2by :P 1106429248 M * Bertl did I say that? 1106429260 M * we2by you thought so? 1106429558 M * Bertl no 1106429580 M * we2by I thought you thought so 1106429897 M * nish goodnight to all!! 1106429905 M * Bertl night nish! 1106429912 Q * nish Quit: Leaving 1106432025 N * Doener|gone Doener 1106432031 Q * Tbery Quit: Ukončuji 1106432037 M * Bertl wb Doener! 1106432048 M * Doener evening Bertl, #vserver ! 1106432312 M * Bertl Doener: do you have a kernel with your openfd stuff Doener for testing? 1106432324 M * Bertl -Doener 1106432375 M * Doener let's see where i moved that... i recently cleaned up my kernel trees... may take a bit 1106432432 M * Doener ah, i already moved that patch in my webtree, should be easy be port i guess 1106432450 M * Doener is there a rc2 patch yet? 1106432462 M * Bertl well, I'm testing it right now ... 1106432469 M * Bertl and I included your aptch ... 1106432484 M * Doener the openfd one? 1106432490 M * Bertl yep 1106432501 M * Bertl http://vserver.13thfloor.at/Stuff/SCRIPT/testme.sh-0.08 1106432525 M * Bertl (with -L option) 1106432535 M * Bertl vxW: !!! limit: 811b9068[OPENFD,17] = -2 on exit. 1106432535 M * Bertl [L01]# succeeded. 1106432535 M * Bertl vxW: !!! limit: 811b9068[OPENFD,17] = -2 on exit. 1106432535 M * Bertl [D01]# succeeded. 1106432535 M * Bertl vxW: !!! limit: 811b9068[OPENFD,17] = -7 on exit. 1106432537 M * Bertl [L02]# succeeded. 1106432540 M * Bertl vxW: !!! limit: 811b9068[OPENFD,17] = -7 on exit. 1106432543 M * Bertl [D02]# succeeded. 1106432545 M * Bertl vxW: !!! limit: 811b9068[OPENFD,17] = -2 on exit. 1106432548 M * Bertl [L03]# succeeded. 1106432550 M * Bertl vxW: !!! limit: 811b9068[OPENFD,17] = -2 on exit. 1106432553 M * Bertl [D03]# succeeded. 1106432555 M * Bertl vxW: !!! limit: 811b9068[OPENFD,17] = 2 on exit. 1106432558 M * Bertl [L11]# succeeded. 1106432560 M * Bertl vxW: !!! limit: 811b9068[OPENFD,17] = 2 on exit. 1106432563 M * Bertl [D11]# succeeded. 1106432565 M * Bertl vxW: !!! limit: 811b9068[OPENFD,17] = 2 on exit. 1106432567 J * serving ~serving@213.186.183.108 1106432568 M * Bertl [L12]# succeeded. 1106432571 M * Bertl vxW: !!! limit: 811b9068[OPENFD,17] = 2 on exit. 1106432573 M * Bertl [D12]# succeeded. 1106432576 M * Bertl and I'd appreciate a test run on the kernel you tested it with ... 1106432589 M * Bertl (just to make sure that I didn't mess it up somehow ;) 1106432601 M * Doener ok 1106432617 A * Doener goes fiddling with his 'strange' qemu setup 1106432625 M * Bertl ;) 1106432880 Q * SiD3WiNDR Ping timeout: 480 seconds 1106432951 Q * pulsar Ping timeout: 480 seconds 1106433099 M * Doener hey, Vienna gets its own linux distro :-) 1106433112 M * Bertl hmm, url? 1106433119 M * Doener http://www.heise.de/newsticker/meldung/55434 (german) 1106433160 M * Bertl ah, yeah, heard about that too ;) 1106433181 J * SiD3WiNDR luser@bastard-operator.from-hell.be 1106433197 M * Bertl but always good to hear ... 1106433339 J * pulsar ~pulsar@82.209.237.8 1106434779 Q * pulsar Quit: Leaving 1106434781 M * Doener ok, i get similar results here. just L01 and L03 don't cause any problems... and i guess i have some vague clue what's going on, will need some time to figure out anything i could share, right know it's just some unclear idea in my brain... 1106434811 M * Bertl okay, no problem, I just revert it for now 1106434847 M * Bertl Doener: another thing: looking at finish_task_switch() 1106434863 M * Bertl kernel/sched.c 2.6.11-rc2 1106434910 M * Bertl hmm .. nevermind ;) 1106434918 M * Doener ok, no problem :) 1106435095 J * brian ~brian@Da2a7.d.pppool.de 1106435104 M * Bertl welcme brian! 1106435113 M * brian Hi Bertl .. 1106435119 M * brian how are you ? 1106435132 M * Bertl fine, thanks! and you? 1106435154 M * brian thanx .. good ... but .. to much work :( 1106435221 M * brian tonight I have time .. so I think I update my kernel's .. 2.4.29 is there :-) 1106435242 M * brian is there a new patch too ? 1106435256 M * Bertl yes 1106435272 M * brian wow :-) .. but not on your site ?? 1106435295 M * Bertl http://vserver.13thfloor.at/Stuff/patch-2.4.29-vs1.2.10.diff 1106435307 M * Bertl (didn't get around to publish it yet ;) 1106435342 M * brian thanx much !! :-) .. now my saturday is a good day :-) 1106435347 M * brian smile 1106435410 M * Bertl check your barrier setup, the new aptch is stricter ... so your barrier might break if it isn't done correctly 1106435471 M * Bertl okay folks, I'm off to bed now ... have a good one! 1106435475 M * brian I dont have barrier .. 4 vserver on my host .. 1106435486 M * brian good night .. 1106435499 M * Bertl night brian! Doener! everybody else! 1106435506 N * Bertl Bertl_zZ 1106435956 Q * brian Quit: using sirc version 2.211+KSIRC/1.3.11 1106436158 P * click [IRSSI] 1106436158 Q * sod Read error: Connection reset by peer 1106436377 Q * we2by Quit: Leaving 1106436543 J * we2by ~jinxi@145.116.6.75 1106436703 Q * logger Remote host closed the connection 1106436720 J * logger ~rs@vds.pas-mal.com 1106437145 Q * Hollow Quit: Leaving 1106437160 J * Hollow ~bene@home.xnull.de 1106437778 Q * tchan Read error: Operation timed out 1106437912 J * tchan ~tchan@c-24-13-81-164.client.comcast.net