1110240550 Q * prae Quit: Pwet 1110242474 Q * Tbery Remote host closed the connection 1110244035 J * ciphernaut ~a@61.88.18.130 1110244035 Q * ciphernaut Quit: 1110244129 J * ciphernaut ~a@61.88.18.130 1110245784 Q * sladen Ping timeout: 480 seconds 1110246039 J * sladen paul@starsky.19inch.net 1110246408 Q * maharaja Read error: Operation timed out 1110247612 J * chairuou ~chairuou@210.245.68.123 1110247922 N * Bertl_zZ Bertl 1110247949 M * Doener|zZz wb Bertl 1110247951 N * Doener|zZz Doener 1110247969 M * Bertl hmm, can't sleep either? 1110247998 M * Doener did get up at 18h CET ;) 1110248020 M * Doener just didn't get on irc yet 1110248075 M * Bertl i.c. well I was trying to get some rest for today ... but no luck :/ 1110248087 M * Bertl (well I did get some, but probably not enough ;) 1110248199 M * Doener i start to wonder if we should tell some people about #linuxhelp or whatever *g* (while looking through today's ml postings) 1110248240 M * Doener though i probably caused the same thought when i first showed up ;) 1110248356 M * Bertl well, if you refer to Timo, he is doing a 'class project', which purpose or aim is to get a linux-vserver installed, and he is just to lazy to read documentation ;) 1110248369 M * Bertl *too 1110248494 M * Doener well, part of that 'class project' should be reading i guess :-) 1110248518 M * Bertl emphasis on _should_ 1110248519 M * Doener hm, while we're at it, do you by chance know if there are any good books and 2.6 yet? 1110248551 M * Bertl well, you probably read rene, so the new LDD book should be out anytime soon 1110248589 M * Bertl and there are some nice howtos online which where updated to 2.6 too ... 1110248632 M * Doener rene on #kernelnewbies ? didn't have much time too follow that channel lately 1110248670 M * Bertl yep, well, two books are updated to 2.6 IIRC 1110248742 M * Doener i found Linux Kernel Development, but it got some not so good reviews... guess i'll have to visit the 'local' bookstore (where local means about 50km ;) 1110248810 M * Bertl I'd say you should not expect too much from those books, in general, they are probably good stuff to read it but they won't work as reference ... just because they are outdated the day they are released ... 1110248957 M * Doener yep, i'm more after something that, for example, would give a nice introduction to networking giving a good overview how it works... like fib, neigh, routing etc... to get an easier start into the code, cscope is nice for code analysis/reading, but still somewhat slow and annoying if you know about nothing 1110249135 M * Bertl yeah, I understand ... 1110249559 M * Doener http://linuxcommand.org/man_pages/chcon1.html 1110249568 M * Doener seems to be some new security stuff 1110249646 M * Doener yep, SELinux stuff and pretty complicated it seems... http://www.fedoraforum.org/forum/showthread.php?p=212856 1110249648 M * Bertl interesting ... 1110249738 M * Bertl ah, the policy tagging stuff ... 1110249792 M * Bertl yeah, read about it, good idea, very annoying implementation ... didn't know they introduced chcon though ... 1110249831 M * Bertl Doener: can you send a reply stating the obvious? 1110249906 M * Doener hm, doener.homeip.net seems to be blocked :( 1110249937 M * Doener yep 1110250043 M * Bertl well, probably because the reverse is a local ip :/ 1110250064 M * Bertl (guess my server would block it too) 1110250076 M * Doener ... in the dyndns system, i.e. i can't register it with a new account ;) 1110250175 M * Bertl want some shelter at 13thfloor.at? (ssh,mutt,web) 1110250250 M * Doener guess web (and scp/sftp) would be enough (and nice :) 1110252440 J * Renesco ~Renesco@193.120.71.52 1110252461 M * Bertl welcome Renesco! 1110252467 M * Renesco hello 1110252946 M * Doener ok, guess the page is unviewable with IE now ;) 1110252973 M * Bertl hmm? 1110252976 P * Renesco Leaving 1110253031 M * Doener true xhtml 1.0, IIRC IE just shows an xml tree if it encounters such a page 1110253032 M * Bertl ah, that reminds me that I could make the dirlisting on vserver.13thfloor.at a little nicer ;) 1110253097 M * Doener btw, is there gzip/deflate compression enabled, so that i should care when using .xhtml files? 1110253117 M * Bertl yes, compression is there, but should be transparent ... 1110253170 M * Doener ok, just thought it might be enabled based on extension instead of disabled based on extension ;) 1110253586 M * Doener btw, i found that one while casual browsing http://subwiki.tigris.org/ 1110253924 M * Bertl hmm, not bad! 1110253940 M * Bertl what does it require? 1110254040 M * Doener didn't have time to take a closer look yet 1110254185 M * Doener guess it's more in a state in which we could use it to get some ideas or develop it further if we like it, doesn't look too usable yet 1110254211 M * Bertl hmm, yeah ... looks like ... 1110254281 M * Doener hmm python, never used that 1110256790 J * maharaja maharaja@ipax.at 1110257196 J * nox- ~vps@213.39.207.222 1110257211 M * Bertl welcome maharaja! 1110257524 Q * nox Ping timeout: 480 seconds 1110257558 N * nox- nox 1110257616 Q * chairuou Read error: Connection reset by peer 1110259450 J * chairuou ~chairuou@210.245.68.123 1110259458 M * Bertl wb chairuou! 1110259626 J * kevinp2 ~kevinp@209.33.223.103 1110259638 M * Bertl welcome kevinp2! 1110259649 M * kevinp2 Howdy! 1110259667 M * Bertl alone at home? 1110259685 M * kevinp2 I'm just thinking about how all the cronjobs are going to kick off tonight and probably crash that server again... 1110259715 M * Bertl a godd idea is to offset them ... 1110259748 M * kevinp2 I've got some more memory on order and building a new server, but in the meantime, is it possible to change the strict overcommit easily? 1110259784 M * Bertl yes, witha reboot, you can specify it there ... 1110259802 M * kevinp2 Yeah, that would have been good when they were built. Now, people have are set with their crontabs the way they are. 1110259851 M * kevinp2 so I echo 2 > /proc/sys/vm/overcommit_memory and then reboot? 1110259882 M * kevinp2 or is there a better way? 1110259923 M * kevinp2 Or will this just give people a lot of memory errors - still better than the server crashing... 1110259950 M * Bertl no, you specify the value on the kernel command line 1110259963 M * Bertl but IIRC you can change it while running too ... 1110259985 M * Bertl and yes, it will give folks a bunch of memory errors, whenever they allocate more than available 1110260029 J * ntrs_ ntrs@Dardeene-68.188.50.87.charter-stl.com 1110260029 Q * ntrs Read error: Connection reset by peer 1110260063 M * kevinp2 IIRC? 1110260096 M * Doener if i remember/recall correctly 1110260112 M * kevinp2 aah... 1110260226 M * Bertl no, of course I meant 'Isn't it Really Cool' ;) 1110260230 M * Bertl http://www.acronymfinder.com/af-query.asp?String=exact&Acronym=iirc&Find=Find 1110260567 M * kevinp2 I think I'll just leave it as it is for now, I obviously need to do more research. I stopped three vservers, hopefully that will help. 1110260606 M * Bertl adding non raid swap space might be a good idea too 1110260611 M * kevinp2 Has anyone written anything that checks for high utilization by processes running in vservers? 1110260617 M * kevinp2 Yeah, that would be good. 1110260634 M * Bertl are you looking for vps ? 1110260638 M * Bertl or vtop? 1110260688 M * kevinp2 I wrote a quick one a couple weeks ago, that utilizes the vserver command to send the output of top to a file, so I could go back and look at it later to see who is running high load processes. 1110260704 M * kevinp2 aah, those sound like they would be good 1110260739 M * kevinp2 vtop - nice! Funny how you can be in the dark so long, the light hurts! 1110260757 M * Bertl yeah, an it's really trivial ... 1110260763 M * Bertl you can do it yourself with: 1110260772 M * Bertl chcontext --ctx 1 top 1110260781 M * kevinp2 this is perfect. I guess sometimes it's asking the right questions I guess 1110260794 M * kevinp2 ok, thanks 1110260802 M * Bertl you're welcome! 1110260872 M * kevinp2 And then you use vps to find out which vserver is running it? 1110260888 M * Bertl yes, vps is a little trickier ;) 1110260921 M * Bertl btw, 2.6/1.9.x has load accounting per context so you could also brose the proc entries for that ... 1110261010 M * kevinp2 It seems like there are huge advances being made in the 2.6 kernel in relation to vserver 1110261037 M * Bertl well, we are trying to add usefull stuff wherever possible ... 1110261087 M * kevinp2 This is quite the project and it's amazing to see how much time you put in to it. Your doing a great job. 1110261114 M * Bertl thanks! 1110261142 M * Bertl but I have to say it's a good community too ... 1110261173 M * Bertl and we won't be there where we are now, without the folks testing stuff and reporting back ... 1110261235 M * kevinp2 Well, I'll definitely be putting a lot of it to the test with my new server. We want to use all of these features to competely lock them down. 1110261360 M * kevinp2 I'm off for now. Thanks again for all your help! 1110261366 M * Bertl have fun! 1110261420 M * kevinp2 oh, by the way, I ended up recopying that test vserver over through rsync and it worked this time. 1110261451 M * Bertl good! so maybe just the copy while active didn't work out as expected 1110261644 M * kevinp2 Well, I realized that I had used rsync to copy it to a backup server earlier, and then I rsync'ed it from the backup server to the other server. This time I copied directly. I must have lost some ownership or permissions the other way. 1110261666 M * Bertl ah, yeah, that could be the case indeed ... 1110261859 M * kevinp2 anyway, take care! 1110261874 Q * kevinp2 Quit: 1110262221 M * Doener hm, that rohit(?) guy is also funny 1110262237 M * Bertl yeah? please elaborate! 1110262247 M * Doener ml ;) 1110262268 M * Bertl LOL, ah, yeah, yes ;) 1110262455 M * Doener time for some breakfast, back later 1110262460 N * Doener Doener|gone 1110263780 N * Doener|gone Doener 1110264859 J * DaPhreak ~DaPhreak@pc-outside.uni-greifswald.de 1110264899 M * Bertl welcome DaPhreak! 1110264917 M * DaPhreak morning Bertl :) 1110264968 M * DaCa morning all 1110264978 M * Bertl morning DaCa! 1110265012 M * DaCa Bertl: could you give me a hint on how trampoline.sh is supposed to be used? 1110265069 M * Bertl as a command in a ssh config? 1110265108 M * Bertl (man ssh(d) for details) 1110265188 M * Bertl http://www.sculpturedlife.com/vserver/irc-logs/index.php?date=2004-07-08 (as mentioned on the ml) 1110265245 M * DaCa Bertl: looking at it, tnx 1110265305 M * DaCa Bertl: I am only a bit worried for the case, if it could be bypassed, you are actually giving access to the rootserver 1110265358 M * Bertl well, right, of course the normal 'sshd' inside a vserver is a safer solution ... 1110265473 M * DaCa Bertl: that was my original idea, but as I only have one external IP, it means I have to listen on multiple ports, I was hoping for something more transparant 1110265505 M * Bertl what about port forwarding? 1110265632 M * DaCa Bertl: I want to redirect to a vserver depending on the username presented, ideally would be some proxy that initiates the ssh-negotation and forwards it once the username is received, but I dont think such a thing exists 1110265644 J * IceTi 125@mw635449.rz.ruhr-uni-bochum.de 1110265659 M * Bertl welcome Timo! 1110265669 M * IceTi good morning 1110265750 M * Bertl DaCa: well, not really ... 1110266190 M * DaCa Bertl: portforwarding wouldn't work with one ext. IP right? how would I differentiate where to forward to? 1110266287 M * Bertl simple, you use 'local' ips for the vservers 10.0.0.x 1110266319 M * Bertl then SNAT them to your public IP for outgoing, and forward ports 1000x to ip 10.0.0.x/22 1110266501 M * DaCa Bertl: sure, but then the user needs to connect to a port other than 22, thats what I meant with having to listen to multiple ports, its a solution, but your trampoline is more transparant :) 1110266562 M * Bertl good ;) 1110266758 M * Doener IceTi: regarding your build problems, take a look at http://www-user.tu-chemnitz.de/~ensc/util-vserver/doc/conf/configuration.html and search for "apt"... repeated searchind while also take you to (or at least near to) the configuration elements for rpm and yum, but looking at your error message you're using apt anyway 1110266768 M * Doener s/while/will/ 1110266839 M * IceTi whats that for a site? 1110266973 M * Doener the (in)famous flower page, it describes the various elements in the alpha tools' configuration tree 1110267157 M * IceTi very nice site ;-) 1110267215 M * IceTi i don´t think there is my problem 1110267219 M * IceTi describe 1110267265 M * Doener i'm pretty sure it is 1110267302 M * Doener AFAICT you don't have any repositories enabled in your apt configuration 1110267343 M * IceTi ehre can i do it? 1110267347 M * Doener google says: http://www.paul.sladen.org/vserver/irc-logs/200402/vserver.2004-02-24.txt (search for glibc) 1110267618 M * IceTi one moment i think i first instll util server new 1110267633 M * Doener why? 1110267635 M * IceTi another question: how can i completly remove a vserver 1110267669 M * Doener vserver stop; rm -rf /etc/vservers/ /vservers/ 1110267694 M * IceTi because i don´t have installed it with rpmbuild i just extract it and then ./configure and so or it´s the same?? 1110267695 M * Doener (use paths matching your setup of course) 1110267723 M * Doener pretty much the same depending on your configure settings... 1110267745 M * IceTi i make it like that ok? 1110267758 M * IceTi or it´s not good the install it more times? 1110267827 M * Doener depends on your needs and abilities to manage multiple installs at the same time... but you could just remove the currently installed stuff... 1110267851 M * IceTi how? i also have util 30 and 30.196 install 1110267858 M * IceTi how can i remove all that? 1110267866 M * Doener make uninstall 1110267881 M * Doener ... in the appropriate source tree 1110267881 M * IceTi i the directory? 1110267884 M * IceTi ok 1110267964 M * IceTi now i make cd /util-vserver-0.30.204 1110267980 M * IceTi then ./configure && make && make instsall 1110267982 M * IceTi right? 1110268008 M * Doener make cd ? 1110268013 M * Doener ah... 1110268020 M * IceTi ;-) 1110268022 M * IceTi right? 1110268029 M * IceTi i change in the directory 1110268032 M * IceTi ;-) 1110268047 M * Doener yes 1110268055 M * IceTi 00# ./configure && make && make install 1110268062 M * IceTi ok i do it 1110268095 M * IceTi and next something like that: vserver foo build -m apt-rpm --hostname vs.foo.org --netdev eth0 --interface 192.168.3.1/21 --context 42 -- -d fc1 1110268097 M * IceTi right? 1110268109 M * IceTi just with my configuration! 1110268119 M * atsab Bertl: regarding books: http://ftp.cdut.edu.cn/pub3/uncate_doc/ 1110268123 M * Doener yes, configure it first... 1110268132 M * atsab lots of stuff, e-books mainly 1110268135 M * IceTi what? 1110268148 M * Doener the tools regarding apt... 1110268148 M * IceTi what and where? 1110268193 M * Doener apt in /etc/vservers as described on the flower page (regarding location of the files) and the apt manual/man pages (regarding content) 1110268215 M * Doener though the files should have various repositories already in them, just commented out 1110268227 M * IceTi ?? 1110268237 M * IceTi i don´t understand 1110268261 M * Doener the flower page tells you where the apt configurations are stored 1110268280 M * Doener # /etc/vservers/.distributions/dist/apt 1110268280 M * Doener Default content of the /etc/apt/ directory. 1110268314 M * Doener so change that configuration to fit your needs, it's the usual apt stuff 1110268352 M * IceTi what do i change there? 1110268381 M * Doener the apt configuration used for building vservers using the various distributions 1110268388 M * IceTi # rpm http://ftp.ultra.csn.tu-chemnitz.de/pub/mirror/RedHat/.apt redhat/ 1110268388 M * IceTi # rpm-src http://ftp.ultra.csn.tu-chemnitz.de/pub/mirror/RedHat/.apt redhat/ 1110268388 M * IceTi # rpm ftp://ftp.tu-chemnitz.de/pub/linux/fedora/redhat 1110268388 M * IceTi # rpm ftp://ftp.ussg.iu.edu/pub/linux/fedora/fedora/redhat 1110268388 M * IceTi # rpm http://mirrors.usc.edu/pub/linux/fedora/redhat 1110268388 M * IceTi # rpm http://sunsite.informatik.rwth-aachen.de/ftp/pub/Linux/fedora/redhat 1110268391 M * IceTi like that? 1110268395 M * Bertl atsab: hmm, thanks, not sure they are legal though ... 1110268404 M * atsab ;-) 1110268423 M * Doener those are examples (commented out)... take one of them or add your preferred repository 1110268429 M * atsab where I live, we have a very lexible understanding of the word "legal" 1110268429 M * IceTi ok 1110268446 M * IceTi can i commend all out? 1110268491 M * Doener sure you can, but it's probably just creating unnecessary overhead due to the repositories containing the same stuff 1110268494 M * IceTi ok i´ve do it 1110268514 M * IceTi then? 1110268559 M * Doener once you're satisfied with your configuration try to build a vserver... 1110268731 M * IceTi vserver vsrh9-1 build -m apt-rpm --hostname vsrh1.azubi.de --netdev eth0 --interface 134.147.28.237/26 --context 42 -- -d rh9 1110268743 M * IceTi like that? 1110268762 M * Doener if those are the settings you want, yes 1110268765 M * Bertl yep, for example ... 1110268770 M * IceTi ok 1110268789 M * Bertl will create an ip with 134.147.28.237 1110268812 M * Bertl if you want to reuse an existing one, then scrap the --netdev eth0 1110268816 M * Doener be a little brave, trial/crash and error can be fun :) 1110268855 M * Doener (but don't tell anyone i suggested that ;) 1110268876 M * IceTi what? 1110268884 M * IceTi scrap the --netdev? 1110268889 M * IceTi ??? 1110268912 M * IceTi (weasel): Release-Dateien einiger Repositories konnten nicht geholt oderauthentifiziert werden.Derartige Repositories werden ignoriert. 1110268912 M * IceTi (weasel): Sie möchten `apt-get update' ausführen um diese Problem zu beheben 1110268912 M * IceTi (erwan_taf): Einige Index-Dateien konnten nicht heruntergeladen werden, sie wurden ignoriert oder alte weiterhin benutzt. 1110269024 M * Bertl ??? indeed! 1110269030 M * Doener uhm yeah... utf8 and german... anyway, it basically means that there were problems with some of the repositories you configured... 1110269035 J * DuckMaster ~Duck@dyn-83-157-150-15.ppp.tiscali.fr 1110269070 M * Doener try to use only one repository for now, as they probably all contain the same stuff, it's probably a better idea anyway 1110269089 M * Doener you can always switch between them later if the chosen one stops working 1110269111 M * IceTi n1 1110269126 M * IceTi it works 1110269133 M * IceTi DONE 1110269136 M * Doener n1? 1110269157 M * IceTi nice one 1110269164 M * Doener guess that's 1337? man, we got 2005, what do you want with stuff from 1337? ;) 1110269166 M * IceTi ok and now? 1110269189 M * Doener well, what do you want to do? 1110269194 M * IceTi start it? 1110269219 M * Doener then do so... (vserver start ...) 1110269225 M * IceTi OK 1110269242 M * IceTi The following problem(s) were encountered while verifying vshelper 1110269243 M * IceTi functionality: 1110269243 M * IceTi * The configured vshelper '/sbin/vshelper' does not match the 'vshelper' 1110269243 M * IceTi script of the util-vserver package 1110269243 M * IceTi To fix this, you can: 1110269244 M * IceTi * disable vshelper entirely by executing 1110269244 M * IceTi | touch "/usr/local/etc/vservers/.defaults/apps/vshelper/disabled" 1110269246 M * IceTi * disable only this message by executing 1110269246 M * IceTi | touch "/usr/local/etc/vservers/.defaults/apps/vshelper/warning-disabled" 1110269248 M * IceTi * configure the util-vserver vshelper script, e.g. by adding 1110269248 M * IceTi | kernel.vshelper = "/usr/local/lib/util-vserver/vshelper" 1110269250 M * IceTi to /etc/sysctl.conf and rebooting the machine, or by executing 1110269250 M * IceTi | echo "/usr/local/lib/util-vserver/vshelper" >/proc/sys/kernel/vshelper 1110269255 M * Doener don't flood! 1110269264 M * Doener and the message already tells you what to do... *sigh* 1110269270 M * IceTi sorry 1110269334 M * Doener if you got something longer than 3-4 lines you want to show to us, use some pastebin (e.g. pastebin.com) 1110269421 M * IceTi -bash-3.00# vserver vsrh9-2 start 1110269421 M * IceTi RTNETLINK answers: File exists 1110269421 M * IceTi Starting system logger: [FAILED] 1110269421 M * IceTi Starting kernel logger: [ OK ] 1110269435 M * IceTi i´ve to what ther stand before 1110269440 M * IceTi and now that :-( 1110269474 Q * DuckKing Ping timeout: 480 seconds 1110269495 M * Doener is 134.147.28.237 your 'main' ip address on that box? 1110269507 M * IceTi what? 1110269545 M * IceTi main ip ? NO 1110269567 M * Doener well, it seems to have existed before the vserver was started 1110269584 M * IceTi one momnet 1110269624 M * IceTi i think i reboot the host 1110269646 M * IceTi yes this ip is in use! 1110269651 M * IceTi is that the problem? 1110269695 Q * atsab Ping timeout: 480 seconds 1110269707 M * IceTi @Doener please don´t go ;-) 1110269820 M * Doener Bertl told you that if that ip address is already configured you should've scraped the --netdev part... guess you better change that in the configuration before stopping the vserver ;) 1110269840 M * Doener Bertl: can you take over from here on? going to clean up my room a little... 1110269845 M * IceTi but this ip is free 1110269873 M * Bertl Doener: sure ... 1110269896 M * Bertl IceTi: free means unused or unassigned? 1110269918 M * IceTi both 1110269944 M * Bertl well, then your config should be fine ... 1110269959 M * Bertl vserver start will have created an entry .. 1110269961 M * IceTi same error 1110269979 M * Bertl the system logger thing? 1110269986 M * IceTi yes 1110270005 M * Bertl well, rh9 seems to have klogd and syslog in the same package 1110270017 M * IceTi and ? that mean? 1110270040 M * Bertl so just comment out the klogd in that startup script (probably path/to/vserver/init.d/syslog) 1110270049 M * IceTi ok wait 1110270148 M * IceTi hmm there is no init.de 1110270154 M * IceTi init.d 1110270191 M * Bertl it's in /etc I forgot that path element ... 1110270201 M * Bertl so path/to/vserver/etc/init.d/syslog 1110270216 M * IceTi ok 1110270221 M * IceTi then comment out what? 1110270229 M * IceTi damn i feel stupid 1110270235 M * Bertl there should be a line starting klogd 1110270250 M * Bertl (search for klogd) 1110270256 M * IceTi yes 1110270281 M * Bertl comment them out, it's not useful to start it anyways ... 1110270306 M * IceTi echo -n $"Starting kernel logger: " 1110270306 M * IceTi daemon klogd $KLOGD_OPTIONS 1110270308 M * IceTi that? 1110270315 M * Bertl yep, make that 1110270325 M * IceTi ok 1110270327 M * Bertl # daemon klogd $KLOGD_OPTIONS 1110270332 M * IceTi i´ve comment out that 1110270357 M * Bertl excellent! 1110270365 M * IceTi no 1110270366 M * IceTi RTNETLINK answers: File exists 1110270366 M * IceTi Starting system logger: [FAILED] 1110270366 M * IceTi Starting kernel logger: 1110270390 M * Bertl try a stop and then a start again 1110270416 M * IceTi yes but no ... 1110270417 M * IceTi Starting system logger: [FAILED] 1110270418 M * IceTi Starting kernel logger: 1110270469 M * Bertl hmm, yes indeed your system logger failed not the klogd 1110270479 M * IceTi hmm yes 1110270494 M * IceTi comment that out? 1110270511 M * Bertl well, you can try to disable the entire syslog script 1110270514 Q * chairuou Quit: 1110270518 M * Bertl (with chkconfig for example) 1110270524 M * IceTi äh, 1110270530 M * IceTi how? what? 1110270538 M * Bertl vserver enter 1110270546 M * Bertl then 'chkconfig --list' 1110270570 M * Bertl should list you some runlevel configs 1110270586 M * IceTi i can´t enter the vserver 1110270594 M * Bertl syslog is probably there with a few on's 1110270606 M * Bertl hmm, what do you get when you try it? 1110270618 M * IceTi 'vserver ... suexec' is support for running vservers only; aborting... 1110270633 M * IceTi the vserver does not run 1110270639 M * Bertl okay, then try 1110270644 M * IceTi because i can´t start it, i think 1110270648 M * IceTi yes .. 1110270665 M * Bertl ( chroot /path/to/vserver chkconfig --list ) 1110270694 M * IceTi syslog 0:Aus 1:Aus 2:Ein 3:Ein 4:Ein 5:Ein 6:Aus 1110270710 M * IceTi and all othet stuff is aus , too 1110270726 M * Bertl ( chroot /path/to/vserver chkconfig --del syslog ) 1110270742 M * Bertl ( chroot /path/to/vserver chkconfig --add ssh ) 1110270759 J * erwan_ho ~erwan@lns-vlq-39f-81-56-133-136.adsl.proxad.net 1110270788 M * IceTi Fehler beim Lesen der Informationen über den Dienst ssh: Datei oder Verzeichnis nicht gefunden 1110270794 M * IceTi with ssh 1110270800 M * Bertl maybe sshd? 1110270808 M * IceTi no 1110270835 M * Bertl so what 'other' services are listed by chkconfig? 1110270852 M * erwan_ho hi Bertl 1110270860 M * Bertl hey erwan! 1110270870 M * IceTi network, random, netfs, rawdevices 1110270910 M * Bertl hmm, not much, guess you want to install something like sshd or so ... 1110270918 M * IceTi yes 1110270950 M * Bertl vapt-get --help 1110270963 M * IceTi why are there not sao much thing like in the host? 1110270983 M * Bertl because it's a minimal config you can build on ... 1110270996 M * Bertl (but it is indeed very minimal) 1110271025 M * IceTi how can i build a full RH9 1110271056 M * Bertl well, you probably don't want that, unless you like servers with 4-5GB 1110271086 M * IceTi that is all the same 1110271088 M * Bertl but adding some services like sshd or httpd with vapt-get should be fine ... 1110271102 M * IceTi yes 1110271198 M * Bertl okay, I'm off to bed now .. guess folks here in the channel can help you if you need something ... 1110271208 M * IceTi nooo 1110271238 M * IceTi just one question 1110271243 M * Bertl hmm yup? 1110271245 M * IceTi how can i install a FULL server 1110271259 Q * erwan_ho Remote host closed the connection 1110271306 M * Bertl by specifying every package you want installed ... (or at least all packages which pull in the rest) 1110271322 M * IceTi where? 1110271351 M * Bertl in your case (apt-rpm) with vapt-rpm ... or in your package default database 1110271372 M * IceTi ähm ok (not really understand that) 1110271396 M * Bertl but as I said, nobody actually wants that, because you do not have disk space to throw out of the window ;) 1110271413 M * IceTi hmm 1110271426 M * Bertl just use vapt-get to install the services you want to use, the dependancies will be resolved by apt-get anyways 1110271456 M * Bertl if you don't know how, read the apt-get documentation ... 1110271461 M * IceTi ok 1110271471 M * Bertl okay, cya! 1110271475 M * IceTi cya 1110271483 N * Bertl Bertl_zZ 1110271486 M * Doener night Bertl! 1110271506 M * Bertl_zZ thanks! 1110271509 M * IceTi Doener can u hellp me? 1110271592 M * Doener if you tell me what's the problem... maybe... 1110271651 M * IceTi well, u know i´ve build a new vserver 1110271659 M * IceTi but i can not start it 1110271708 M * weasel IceTi: i sag's glei, i war's net. 1110271724 M * IceTi (weasel): was? 1110271730 M * weasel Tue 09:01:52 (weasel): Release-Dateien einiger Repositories konnten nicht geholt oderauthentifiziert werden.Derartige Repositories werden ignoriert. 1110271732 M * weasel not my fault. 1110271745 M * Doener heh 1110271773 M * IceTi ??? 1110271782 M * Doener well, you suceeded in entering it, right? so it has to be running... 1110271812 M * IceTi no 1110271816 M * IceTi i can not ente rit 1110271974 M * Doener ok... undo the changes you did the the syslog initscript 1110271999 M * IceTi ok 1110272002 M * IceTi mom 1110272022 M * Doener then start the vserver, install sshd using vapt-rpm, enter the vserver and disable the syslog stuff 1110272028 J * Elchbulle ~elch@donut.toppoint.de 1110272030 M * Elchbulle Hi 1110272034 M * IceTi ok 1110272035 M * IceTi done 1110272037 M * Doener welcome Elchbulle 1110272050 M * Elchbulle :-) 1110272050 M * IceTi i can´t start it ! 1110272070 M * Elchbulle is there a know problem with dpkg and vserver ? 1110272082 M * Doener uhm, no? 1110272117 M * Doener IceTi: well, you're above paste of the startup message say that at least klogd got started and so at least one process should be there and keep the vserver alive... 1110272132 M * Doener if not, just try to install sshd while the vserver is stopped, may work as well 1110272160 M * Doener Elchbulle: do you experience any issues 1110272162 M * Doener ? 1110272177 M * Elchbulle well I have :( Look here http://www.toppoint.de/~elch/kapott.jpg 1110272198 M * Elchbulle nope just newvserver --copy-reboot foo 1110272272 J * _are_ ~are@gateway-dsl.lihas.de 1110272310 M * _are_ hi 1110272344 M * IceTi damn 1110272359 M * IceTi i think i´am too stupid for this 1110272369 M * Doener well, looks like you just miss a file, maybe your package list is out of date? (there's no dpkg-1.10.25 in the debian repositories anymore) 1110272396 M * Doener IceTi: where do you get the "test6*" stuff from? 1110272405 M * IceTi mom 1110272421 M * Doener especially the asterisk looks bogus to me 1110272441 M * IceTi rpm http://sunsite.informatik.rwth-aachen.de/ftp/pub/Linux/fedora/redhat 9/i386 os updates 1110272448 M * IceTi this i ´ve comment out 1110272518 M * Elchbulle Doener I dont know 1110272525 M * IceTi i too ;-) 1110272531 M * Elchbulle where does this .25 comes from? 1110272553 M * Doener IceTi: ehrm... yeah... but the question was, why did you put the "test6*" in the command line? (09:55:55 IceTi -bash-3.00# /usr/local/sbin/vapt-get test6* --all -- sshd+) 1110272573 M * IceTi öhm i want to install sshd 1110272606 M * Doener IceTi: and your vserver is called "test6*"? 1110272615 M * IceTi (Doener): yes 1110272615 J * prae ~prae@ezoffice.mandrakesoft.com 1110272623 M * DaPhreak morning prae :) 1110272647 M * Doener Elchbulle: maybe an outdated package list, never used the newvserver stuff myself... try "apt-get update" and then re-run the build... 1110272657 M * IceTi yes3 1110272680 M * Doener IceTi: well you got to escape the asterisk then, otherwise your shell will expand it for you... (as you've seen) 1110272696 M * IceTi asterisk? 1110272699 M * Doener * 1110272742 M * IceTi ? 1110272752 M * Elchbulle doener I did before 1110272780 M * Elchbulle and I tried five mins ago too.. :( 1110272794 M * Doener FYI the asterisk and the plus in vapt-get's help are to be applied as in regular expressions, i.e. * means 0 or more vserver names, and + means 1 or more parameters 1110272801 M * IceTi i think I make the vserver with newvserver or? 1110272810 M * Doener and combining a name with --all is probably bogus 1110272819 M * Doener IceTi: no, that's legacy stuff... 1110272826 M * prae DaPhreak: hi :) 1110272836 M * Elchbulle rm /var/lib/vservers/ARCHIVES/sarge/dpkg_1.10.25_i386.deb <-- this may help 1110272843 M * prae DaPhreak: you know the morning badtrip ? :) 1110272857 M * IceTi ok BUT what can i do now? 1110272867 M * IceTi nothing works 1110272868 M * Doener did you install sshd by now? 1110272881 M * IceTi i don´t knoiw how 1110272914 M * Doener ok, let's look at vapt-get's help... 1110272918 M * Doener Usage: /usr/sbin/vapt-get * [--all] -- + 1110272943 M * Doener so we can supply some vservernames or --all and a bunch of parameters for apt-get... 1110272968 M * Doener so to install package abc in vserver xyz we probably do: vapt-get xyz -- install abc 1110272977 M * IceTi so? /usr/sbin/vapt-get test6* --all --sshd+ ???? 1110272997 M * Doener 10:06:49 Doener and combining a name with --all is probably bogus 1110273002 M * Doener 10:04:40 Doener IceTi: well you got to escape the asterisk then, otherwise your shell will expand it for you... (as you've seen) 1110273008 M * Doener 10:06:34 Doener FYI the asterisk and the plus in vapt-get's help are to be applied as in regular expressions, i.e. * means 0 or more vserver names, and + means 1 or more parameters 1110273132 M * Doener please at least try to use the information you get... 1110273140 M * Elchbulle muhahahahahaha 1110273146 M * Elchbulle rm /var/lib/vservers/ARCHIVES/sarge/dpkg_1.10.25_i386.deb <-- this worked 1110273161 M * IceTi /usr/local/sbin/vapt-get test6 --install sshd 1110273167 M * IceTi dont work 1110273170 M * prae DaPhreak: a new grsec ?!! 1110273181 M * Doener IceTi: put a space between -- and install 1110273183 M * Elchbulle thanks Doener for your help 1110273193 M * IceTi vnamespace: vc_enter_namespace(): No such process 1110273197 M * IceTi no 1110273199 M * Doener Elchbulle: well, i didn't do it, was all your work ;) 1110273208 M * Doener IceTi: ok, so we need a running vserver... 1110273213 M * Elchbulle Yeah but you bring me on that idea :-) 1110273228 M * Elchbulle so my vserver stuff runs *happy* 1110273231 M * IceTi yes that was my problem 1110273237 M * DaPhreak yeah prae, new grsec .. but wait .. had forgotten something :) 1110273239 M * IceTi all the time 1110273260 M * DaPhreak (grsecurity/gracl_shm.c #include ) ;) 1110273260 M * Doener IceTi: after the line you commented out in the syslog init script, add the following line: 1110273263 M * Doener sleep 600 & 1110273278 M * Doener that should give us a running vserver for 10 minutes, long enough to install sshd 1110273292 M * prae DaPhreak: 2.1.3 .. it's for RSBAC Problems ? 1110273292 M * IceTi that is a new vserver tere i don´t haev cemment out that! 1110273295 M * Doener well, actually a pretty sleepy vserver but who cares ;) 1110273312 M * Doener IceTi: just after that line, no matter if it's commented out or not 1110273318 M * IceTi ok 1110273325 M * IceTi i´ve done it 1110273331 M * IceTi [1] 7660 1110273344 M * DaPhreak yeah prae 1110273372 M * Doener IceTi: you got that line while starting the vserveR? 1110273380 M * IceTi waht? 1110273385 M * Doener 10:15:31 IceTi [1] 7660 1110273394 M * Elchbulle Ahh next error . I cant belive it 1110273397 M * IceTi -bash-3.00# vserver test6 start 1110273397 M * IceTi Starting system logger: [FAILED] 1110273397 M * IceTi Starting kernel logger: [ OK ] 1110273427 M * Doener IceTi: then where did that output come from? 1110273436 M * IceTi öhm 1110273445 M * IceTi wehen i want to start vserver test6 1110273460 M * Doener i mean the "[1] 7660" 1110273462 M * IceTi should i install anothet util-vserver? 1110273466 M * IceTi ok 1110273478 M * Doener you didn't just execute the "sleep 600 &" did you? 1110273479 M * IceTi when i type sleep 600 & 1110273490 M * IceTi yes 1110273501 M * Doener i said you should add that to the syslog initscript after the line you commented out before... 1110273509 M * IceTi oh 1110273511 M * IceTi soory 1110273514 M * Doener np 1110273537 M * Doener just stop the vserver, add the line and start the vserver.. 1110273572 M * Elchbulle well take a look at: http://www.toppoint.de/~elch/kapott2.jpg please 1110273601 M * prae DaPhreak: thx for your mail ;) 1110273603 M * IceTi -bash-3.00# vserver test6 start 1110273604 M * IceTi Starting system logger: [FAILED] 1110273604 M * IceTi Starting kernel logger: [ OK ] 1110273611 M * Doener Elchbulle: can you scroll up to the first error? 1110273619 M * Doener IceTi: check with vserver-stat if the vserver is running 1110273646 M * IceTi CTX PROC VSZ RSS userTIME sysTIME UPTIME NAME 1110273646 M * IceTi 0 63 254.4M 14.3K 0m31s36 0m22s75 1h05m55 root server 1110273646 M * IceTi 42 1 1.6M 115 0m00s00 0m00s00 0m46s40 test6 1110273651 M * IceTi yes it works right? 1110273659 M * Doener well, for 10 minutes... 1110273663 M * Doener now install sshd 1110273666 M * Elchbulle Errors were encountered while processing: 1110273666 M * Elchbulle netbase 1110273666 M * Elchbulle exim4-base 1110273666 M * Elchbulle telnet 1110273666 M * Elchbulle exim4-daemon-light 1110273668 M * Elchbulle at 1110273668 M * Elchbulle exim4 1110273670 M * Elchbulle mailx 1110273670 M * Elchbulle W: Failure while configuring base packages. This will be attempted 5 times. 1110273672 M * Elchbulle dpkg: dependency problems prevent configuration of netbase: 1110273672 M * Elchbulle netbase depends on ifupdown (>= 0.6.4-4.9); however: 1110273674 M * Elchbulle Version of ifupdown on system is 0.6.4-4.8. 1110273674 M * Elchbulle dpkg: error processing netbase (--configure): 1110273676 M * Elchbulle dependency problems - leaving unconfigured 1110273676 M * Elchbulle dpkg: dependency problems prevent configuration of exim4-base: 1110273678 M * Elchbulle exim4-base depends on netbase; however: 1110273678 M * Elchbulle Package netbase is not configured yet. 1110273680 M * Elchbulle dpkg: error processing exim4-base (--configure): 1110273680 M * Elchbulle This ? 1110273681 M * Doener stop... 1110273690 M * Elchbulle repeats many times ... 1110273697 M * IceTi öhm yes, but i think nothing is installed on this vserver ! 1110273708 M * Doener hm, looks like the looping messages are too long to get the first error... 1110273718 M * Doener IceTi: just try to install it... 1110273724 M * IceTi how 1110273744 M * Doener 10:12:41 IceTi /usr/local/sbin/vapt-get test6 --install sshd 1110273745 M * Doener 10:13:00 Doener IceTi: put a space between -- and install 1110273749 M * Doener 10:13:13 IceTi vnamespace: vc_enter_namespace(): No such process 1110273752 M * IceTi -bash-3.00# /usr/local/sbin/vapt-get test6 -- install sshd 1110273752 M * IceTi Lese Paketlisten... Fertig 1110273752 M * IceTi Erzeuge Abhängigkeitsbaum... Fertig 1110273752 M * IceTi (Elchbulle): Konnte Paket sshd nicht finden 1110273753 M * Doener 10:13:27 Doener IceTi: ok, so we need a running vserver... 1110273758 M * Doener and by now we got one 1110273763 M * Doener so that should suceed now... 1110273769 M * Elchbulle He says something like blabla depends on netbase, netbase isnt configured yet, however ...... 1110273780 M * Doener IceTi: try with ssh instead of sshd 1110273796 M * IceTi no 1110273799 M * IceTi not found 1110273805 M * Doener openssh 1110273815 M * IceTi YES 1110273821 M * IceTi :-) 1110273827 M * IceTi an dnow? 1110273841 M * Doener ok, after installation completed, restart the vserver 1110273879 M * IceTi sind hier eigentlich alle deutsch? 1110273890 M * Doener no, just a few folks speak ferman 1110273892 M * IceTi ok i´ve restarted 1110273893 M * Doener s/ferman/german/ 1110273893 M * Elchbulle IceTi Nope 1110273911 M * Pazzo IceTi: nein :) 1110273941 M * Doener otherwise it would probably make little sense to speak english all the time... 1110273945 M * Elchbulle Mhh well what to do now with this problem ? 1110273957 M * IceTi ok, but what do i have do ti now 1110274006 M * Doener IceTi: did the vserver startup mention 'sshd' being started (or openssh server, or bsd sshd or something like that)? 1110274008 M * DaCa Elchbulle: apt-get update && apt-get install ifupdown && apt-get upgrade 1110274015 M * IceTi no 1110274031 M * IceTi -bash-3.00# vserver test6 restart 1110274031 M * IceTi Starting killall: [ OK ] 1110274031 M * IceTi Starting system logger: [FAILED] 1110274031 M * IceTi Starting kernel logger: [ OK ] 1110274058 M * Elchbulle DaCa ifupdown is already the newest version. 1110274064 M * Doener ok, enter the vserver and activate sshd to be started on boot (should be runlevel 3) 1110274087 M * DaCa 10:21 < Elchbulle> Version of ifupdown on system is 0.6.4-4.8. 1110274090 M * DaCa thats old 1110274110 M * Elchbulle well I cleared this /var/lib/vservers/ARCHIVES/ now, maybe that helps 1110274121 M * DaCa apt-cache policy ifupdown 1110274127 M * Elchbulle helped with dpkg 1110274155 M * IceTi there is nothing with sshd 1110274159 M * Elchbulle DaCa ifupdown: 1110274159 M * Elchbulle Installed: 0.6.4-4.10 1110274159 M * Elchbulle Candidate: 0.6.4-4.10 1110274159 M * Elchbulle Version Table: 1110274159 M * Elchbulle *** 0.6.4-4.10 0 1110274184 M * Elchbulle seems to be a problem with this archives 1110274188 M * Doener IceTi: check /etc/init.d within the vserver... 1110274212 M * IceTi yes i have 1110274217 M * IceTi there is not much 1110274221 M * Doener IceTi: ah, the server is in a separate package on redhat... 1110274224 M * Doener install openssh-server 1110274229 M * DaCa Elchbulle: yes, I presume you are using newvserver from vserver-debian? 1110274237 M * Elchbulle DaCa yes 1110274241 M * DaCa Elchbulle: imho it suxx :p 1110274261 M * DaCa Elchbulle: it doesnt work well with a moving target 1110274265 M * Doener Elchbulle: is that a 'fresh' vserver install? 1110274271 M * Elchbulle DaCa well what other sw should I use ? 1110274273 M * Doener and what kernel are you using? 1110274299 M * Doener if answer are: yes and 2.6.x consider using alpha tools instead 1110274302 M * Doener http://linux-vserver.org/alpha+util-vserver 1110274304 M * IceTi yes he starte sshd 1110274308 M * Elchbulle Doener I set it up with 1.2.10 and copy via rsync my other vservers , well they work 1110274325 M * IceTi (Doener): now i must install all packege ? manuel? 1110274338 M * IceTi it´s done? or? the vserver wqorks right? 1110274340 M * DaCa Elchbulle: well, it works if you remember to clear this cache everytime something changes 1110274349 M * Doener IceTi: no, you certainly don't have to install _all_ packages... 1110274361 M * IceTi but the packege thT I WANT 1110274362 M * Doener just those you want ;) 1110274365 M * IceTi YES 1110274368 M * DaCa Elchbulle: but personaly, I prefer to use the images and deploy-vserver from marlow.dk 1110274371 M * IceTi BUT manuel? 1110274387 M * IceTi do make all people that so? 1110274394 M * IceTi very bad english i now 1110274402 M * Elchbulle DaCa oh mhh 1110274425 M * Elchbulle btw Can I use a ISDN Card from a vserver ? 1110274438 M * Doener dunno about redhat's apt-rpm stuff, but probably there's aptitude available which is pretty nice to quickly install everything you need 1110274486 M * IceTi apttide? 1110274490 M * IceTi where? 1110274648 M * Doener try to install it, otherwise ask google, i'm no redhat guy 1110274690 M * IceTi but so all peole make it? 1110274695 M * Elchbulle DaCa what is his images all about ? Can I be sure there is no rootkit inside ? 1110274699 M * IceTi by install all packege manuel? 1110274760 M * Elchbulle After cleaning the Archives: I: Base system installed successfully. 1110274772 M * DaCa Elchbulle: if you dont trust them, you need to build those images for yourself :) 1110274797 J * GenUX ~genux_@rrcs-24-199-44-118.west.biz.rr.com 1110274823 M * GenUX can I run hardware specific apps in a vserver? 1110274844 M * GenUX like an app specificly designed to run on an AMD64 on a AMD64 host running vserver 1110274889 M * DaCa GenUX: sure, vserver is no emulation, its isolation 1110274906 M * GenUX so whats the diff between vserver and chrooting then? 1110274911 M * Doener IceTi: well, should your distro install a graphical subsystem on your remote server? or an office suite on your ps2? most distro's have some pre-defined sets of applications the can be installed all-in-one, but that's distro dependend 1110274947 M * IceTi how can i install ALL 1110274958 M * DaCa GenUX: more isolation :) 1110274962 M * GenUX lol 1110274965 M * Doener IceTi: distro dependend 1110274970 M * IceTi hmm 1110274992 M * GenUX that is what I need, I am compiling lots of stuff for many diff platforms but want to isolate them so if 1 crashes it doesn't take the system down 1110275009 M * GenUX vserver won't effect my gcc output will it? even if its hardware optimized? 1110275025 M * Doener GenUX: isolation on the processlevel (vserver's only see their own processes), isolation on the network level (access is limited to certain, configurable ip addresses atm), memory limits, cpu limits, various other virtualizations (load average for example) 1110275033 M * Doener features depend on the version you're using 1110275046 J * rs ~rs@staff.fr.lyceu.net 1110275048 M * Doener for example the 2.4 branch doesn't have memory limits IIRC 1110275051 M * rs hi there 1110275055 M * Doener hi rs 1110275066 M * GenUX but using something in the 2.6.x would be fine then? 1110275087 M * Doener yep, with 2.6 you can get the latest and greatest features... 1110275120 M * Doener if you want information about the general ideas and concepts, we got a paper for you ;) 1110275126 M * Elchbulle well thanks all for your help , my vserver runs 1110275131 M * GenUX please point me there. 1110275132 M * Doener Elchbulle: great! 1110275134 M * Elchbulle *hugs* 1110275137 M * Doener http://linux-vserver.org/Linux-VServer-Paper 1110275143 M * Doener (had to get the url first ;) 1110275151 M * GenUX ok, looking for it now 1110275155 M * Elchbulle have a nice day 1110275163 M * GenUX got it, thanks 1110275167 Q * Elchbulle Quit: Vserver rulez 1110275172 N * GenUX GenUX_Away 1110275226 M * GenUX_Away is there any VIRTUALIZATION being done on it? 1110275239 N * GenUX_Away GenUX 1110275325 M * IceTi how can i completly remove a vserver? 1110275362 M * Doener GenUX: what do you actually mean by 'virtualization'? when we talk about virtualization we don't mean emulating any hardware, since that would be .. well.. emulation ;) 1110275405 M * Doener IceTi: stop it, remove the configuration (from /etc/vservers) and remove the vserver's files ( from /vservers ) 1110275444 M * GenUX hmm, I guess I hear so much of "virtualization" from Qemu, VMWare, VirtualStation, etc that I am so screwed up in the terms. Basically I am asking if vserver is emulating or shimming or whatever any hardware. Is it hiding it in ANY form? 1110275566 M * IceTi (Doener): but so it was right to instsall the vserver or? 1110275680 M * Doener GenUX: the hardware is not hidden in any form. the best comparison can be made with virtuozzo, or maybe solaris zones though i've never used the latter i heard it's similar to linux-vserver 1110275690 M * Doener IceTi: i guess so... 1110275708 M * IceTi guess? 1110275710 M * GenUX ahh ok 1110275712 M * IceTi oh oh 1110275726 M * GenUX that is a little more helpful, thank you very much :) 1110275744 M * Doener IceTi: well, you could start it, you could enter it, so it seems to be fine, right? 1110275752 M * IceTi yes 1110275753 M * IceTi :-) 1110275781 M * IceTi hmm what is in /usr/local/etc/vserver/ 1110275788 M * IceTi that was with util 0.30 not 1110275818 M * Doener the you configured the alpha tools to use that location (i.e. you didn't specify a different location, since that one is the default location) 1110275826 M * GenUX is there a doc on how to setup vserver on gentoo linux? 1110275829 M * Doener s/the/then/ 1110275837 M * Doener GenUX: indeed there is... sec 1110275845 M * GenUX yeah :) 1110275847 M * Doener http://linux-vserver.org/Documentation 1110275860 M * IceTi ok 1110275866 Q * flock Read error: Operation timed out 1110275871 M * GenUX very cool 1110275875 M * GenUX looking at it now 1110275883 M * IceTi and must i config something else? like some secrurity settings or so? 1110275885 M * Doener http://oss.croup.de/vserver/guide/hm, seems the link on that page is broken 1110275887 M * IceTi or is it safe? 1110275887 M * Doener oops... 1110275928 M * GenUX eek its way out of date 1110275949 J * atsab ~as@lotes.vtu.lt 1110275954 M * Doener yeah 2 of 3 are, and the other link is broken (and that's the one i meant) 1110275955 M * atsab in 2.6.* should selinux support be disabled? 1110275964 M * Doener GenUX: http://dev.gentoo.org/~hollow/vserver/guide/ there you go 1110276024 M * GenUX very cool, thats a lot newer thanks 1110276039 M * Doener even by the ebuild's maintainer ;) 1110276047 M * Doener s/even/even done/ 1110276048 M * IceTi (Doener): What does that sleep 600 & do? and why does it work with it 1110276057 M * IceTi ups 1110276060 M * IceTi ups 1110276078 M * Doener IceTi: it just creates a process that sleep for 10 minutes 1110276089 M * IceTi and after the 10 minutes? 1110276097 M * Doener it dies 1110276098 M * GenUX do you do all the (s)ed lines your self or have a macro? 1110276103 M * IceTi and the vserver too? 1110276119 M * Doener i actually do them myself 1110276124 M * GenUX lol 1110276149 M * GenUX lol, shouldn't you add a /g to the end of them to make them (s)ed and vi compatible, lol 1110276170 M * Doener IceTi: a vserver only lives as long as there is at least one process alive, so if the sleep process is the only process is the vserver it will take the vserver with it 1110276188 M * IceTi hmm 1110276197 M * Doener GenUX: for example the s/the/then/ would have been wrong with a g at the end ;) 1110276199 M * IceTi and why can i just start the vserver with this? 1110276208 M * GenUX lol 1110276263 M * Doener IceTi: because your vserver didn't (correctly) start any processes we added the sleep, so that the vserver is kept alive for 10 minutes. long enough to install sshd. now that the sshd is started on vserver startup the sleep stuff can be removed, as the sshd will keep the vserver alive 1110276264 M * GenUX just wondering can I run init in it? Which console will it appear on? 1110276286 M * IceTi ah ok 1110276305 M * IceTi but is that only by my? 1110276308 M * IceTi and why? 1110276344 M * Doener you can run init in it, but it won't appear on any console. there are basically two ways to get 'into' the vserver. a) ssh connection (preferred) b) using the 'enter' method of the tools (may cause some problems in some cases) 1110276359 M * GenUX ahhh 1110276392 M * Doener IceTi: maybe the rh9 build method is broken, i don't know. you should probably ask that on the mailing list... 1110276401 M * IceTi ok 1110276411 M * IceTi where can i config the ip adress? 1110276435 M * GenUX thanks for the help I'm going to drop off now 1110276443 M * Doener GenUX: you're welcome! 1110276474 M * Doener IceTi: take a look at the flower page, look for 'interfaces' 1110276485 M * IceTi link? 1110276510 M * Doener reading the stuff there and looking at an existing vserver's configuration you should be able to figure it out ;) it's not that hard 1110276512 M * Doener http://www-user.tu-chemnitz.de/~ensc/util-vserver/doc/conf/configuration.html 1110276530 M * Doener btw, you can choose between several styles for that page 1110276535 Q * GenUX Quit: Leaving 1110276540 M * Doener (if your browser supports that...) 1110276623 M * IceTi one problem i still have: 1110276624 M * IceTi Starting system logger: [FAILED] 1110276628 M * IceTi hmm ehy? 1110276666 M * Doener maybe a look at the syslog helps ;) without any error message we really can't help you there 1110276717 M * Doener but it is strange that syslogd fails to start... klogd is know to silently die, but syslog should work well... maybe another problem with the rh9 build, don't know 1110276759 M * Doener s/know/known/ 1110278171 M * IceTi ö 1110278860 Q * DaPhreak Quit: leaving 1110280366 J * DaPhreak ~DaPhreak@pc-outside.uni-greifswald.de 1110281024 M * IceTi hello? anybody here? 1110281217 M * DaPhreak .... 1110281388 M * IceTi hello? 1110281405 M * IceTi I´ve a problem 1110281415 M * TheSeer shoot.. 1110281424 M * IceTi I dpn´t have the resolv.conf in my vserver 1110281431 M * TheSeer and? 1110281439 M * IceTi so I dont can connect ti the intenet 1110281442 M * IceTi or? 1110281443 M * TheSeer echo "namserver 1.2.3.4" > /etc/resolv.conf 1110281461 M * IceTi an d where cdan i config my UP-adress? 1110281467 M * TheSeer your what? 1110281474 M * IceTi ip-adress, sorry 1110281492 M * TheSeer oh.. that should have been done before starting the vserver 1110281497 M * TheSeer you cannot change it from within 1110281536 M * IceTi really? 1110281550 M * TheSeer it would be pretty pointless if you could 1110281555 M * TheSeer security wise that is 1110281585 M * TheSeer i'm not toooo sure you have a clue on what you're doing here, am i right? 1110281620 M * IceTi yes 1110281710 M * TheSeer ;) 1110281727 M * TheSeer okay.. resolv.conf has pretty much nothing to do with any kind of "connection" 1110281731 M * IceTi forget it 1110281733 M * IceTi it works 1110281740 M * IceTi :-) 1110281740 M * TheSeer it's merely a helper to find the nameservers 1110281787 M * IceTi yes 1110281908 M * IceTi -bash-2.05b# apt-get install wget 1110281908 M * IceTi rpmdb: unable to join the environment 1110281908 M * IceTi error: db4 error(11) from dbenv->open: Resource temporarily unavailable 1110281908 M * IceTi error: cannot open Packages index using db3 - Resource temporarily unavailable ( 1110281908 M * IceTi 11) 1110281910 M * IceTi error: cannot open Packages database in 1110281910 M * IceTi (erwan_taf): could not open RPM database 1110281914 M * IceTi what´s this? 1110281931 M * erwan_taf IceTi: ? 1110281960 M * erwan_taf apt-get tries to use the rpm database ? 1110281963 M * erwan_taf hum 1110281970 M * TheSeer that's perfectly valid 1110281981 M * IceTi yes 1110281985 M * TheSeer in case it's a redhat/fedora based system that is 1110281985 M * IceTi but it don´t work 1110281998 M * TheSeer how did you install that vserver? 1110282001 M * erwan_taf sounds like your rpm database is not correct 1110282018 M * TheSeer and what version of veserver and tools are you running? 1110282023 M * erwan_taf I don't know about problems by mixing apt & rpm 1110282048 M * erwan_taf why not using yum or urpmi for installing rpms ? 1110282052 M * TheSeer erwan_taf: that's not "mixing" .. apt and rpm have pretty much nothing to do with each other 1110282074 M * TheSeer erwan_taf: apt is just a tool manage packages.. no matter if .deb or .rpm 1110282082 M * TheSeer and yum suxx performance wise 1110282462 J * ntrs ntrs@Dardeene-68.188.50.87.charter-stl.com 1110282462 Q * ntrs_ Read error: Connection reset by peer 1110282986 M * IceTi yujm? 1110282988 M * IceTi yum? 1110283331 M * IceTi Starting httpd: httpd: bad user name apache 1110283340 M * IceTi what does that mena hwo can i fix that? 1110283375 M * TheSeer moah.. 1110283380 M * TheSeer get a clue! 1110283380 M * IceTi :-) 1110283386 M * IceTi ??? 1110283392 M * TheSeer wtf did you do to that poor server? 1110283400 M * IceTi nothing 1110283414 M * IceTi i´ve just installed httpd 1110283418 M * TheSeer how? 1110283421 M * IceTi then i wanne start it and 1110283424 M * IceTi mom 1110283464 M * IceTi vserver vsrh9-1 build -m apt-rpm --hostname vs.az.de --netdev eth0 --interface xxx.xxx.xxx.xxx/26 --context 42 -- -d rh9 1110283465 M * IceTi so! 1110283481 M * IceTi but there a nearly no packeges installed 1110283489 M * IceTi i have all installed manuel 1110283491 M * TheSeer sure.. it's a core system 1110283497 M * IceTi ? 1110283506 M * IceTi can i install all packeges? 1110283515 M * TheSeer feel free to add whatever you want 1110283517 M * IceTi or the importents? 1110283539 M * IceTi with one befehl 1110283560 M * TheSeer apt will take care of dependencies 1110283582 M * IceTi yes but i have to instsall all packeges manuel thats not good 1110283591 M * TheSeer ?? 1110283596 M * TheSeer what do you mean "all packages"? 1110283626 M * IceTi passwd, ssh. httpd 1110283629 M * IceTi an dso on 1110283648 M * TheSeer yes.. and? 1110283652 M * TheSeer i don't see your point.. 1110283655 M * IceTi is there something that alls these important things where installed automatically? 1110283662 M * IceTi that is my pont 1110283668 M * TheSeer they aren't important 1110283677 M * IceTi but for me 1110283682 M * TheSeer then install them 1110283694 M * TheSeer nobody stops you from doing that 1110283704 M * IceTi i don´t want to type 100 times /usr/local/sbin/vapt-get vsrh9-1 -- install find 1110283710 M * IceTi for example 1110283722 M * TheSeer then just install them at once? 1110283736 M * TheSeer usr/local/sbin/vapt-get vsrh9-1 -- install find passwd ssh sshd httpd php wget lynx ....... 1110283742 M * IceTi ok 1110283755 M * IceTi and why now, doesn´t work the httpd 1110283778 M * TheSeer Starting httpd: httpd: bad user name apache 1110283784 M * TheSeer actually *reading* an error message might help 1110283797 M * IceTi how can i fix that? 1110283803 M * TheSeer besides, rh9 is seeeriously outdated 1110283819 M * IceTi what then? 1110283829 M * TheSeer add the user (atually the rpm install should have done that..) or change the httpd.conf to use a different user 1110283837 M * IceTi do u have a vserver installed? 1110283844 M * IceTi or more than one? 1110283845 M * TheSeer sure.. quite a lot actually 1110283853 M * IceTi what distrubotions? 1110283854 M * TheSeer on different servers with different versions 1110283866 M * IceTi for example? 1110283874 M * TheSeer fc2 / fc3 1110283885 M * IceTi and u have installed all packeges manuel? 1110283892 M * TheSeer no 1110283896 M * TheSeer just the packages i need 1110283925 M * IceTi yes manuel right? 1110283931 M * TheSeer sure 1110283944 M * TheSeer using apt-get basically though 1110283946 M * IceTi so at the start there was nothing on it? 1110283949 M * IceTi yes 1110283958 M * TheSeer nothing but the core os, right 1110283962 M * TheSeer as it's supposed to be 1110283963 M * IceTi ok 1110283967 M * IceTi thank you ;-) 1110283975 M * IceTi and do u have make something else 1110283981 M * IceTi like secrurity settings or so 1110283999 M * TheSeer i do have sort of complex firewall setup 1110284016 M * IceTi at the vsercers? or in the ROOT system? 1110284020 M * TheSeer on the root server 1110284025 M * IceTi for example? 1110284054 M * TheSeer limiting access, define QOS stuff 1110284061 M * IceTi and that is safe? the user don´t have access to other vservers on the root system? 1110284073 M * TheSeer that's the idea of a vserver 1110284076 M * IceTi ok 1110284077 M * IceTi cool 1110284079 M * IceTi :-) 1110284094 M * IceTi how do u instsall the vserver? like me ? 1110284101 M * TheSeer ? 1110284120 M * IceTi vserver vsrh9-1 build -m apt-rpm --hostname vs.az.de --netdev eth0 --interface xxx.xxx.xxx.xxx/26 --context 42 -- -d rh9 1110284120 M * IceTi (13:05:11) (IceTi) so! 1110284121 M * IceTi vserver vsrh9-1 build -m apt-rpm --hostname vs.az.de --netdev eth0 --interface xxx.xxx.xxx.xxx/26 --context 42 -- -d rh9 1110284121 M * IceTi (13:05:11) (IceTi) so! 1110284127 M * IceTi ? 1110284169 M * TheSeer /usr/lib/util-vserver/vserver-build --force -m apt-rpm -n build --hostname=XXXX --netdev=eth0 --interface a.b.c.d --netmask 255.255.255.224 -- -d fc3 1110284187 M * IceTi ok i thnik its tehh same 1110284194 M * IceTi and i can just make these fc1/ fc2/ rh9/ suse91/ 1110284201 M * IceTi can i add something there? 1110284210 M * IceTi like suse 9.2 1110284222 M * TheSeer if you configure them, sure 1110284240 M * IceTi ok i think i have no more questions 1110284243 M * IceTi THANK U 1110284248 M * TheSeer ll /etc/vservers/.distribiutions 1110284249 M * IceTi .-) 1110284252 M * IceTi yes 1110284259 M * TheSeer you need to find a apt-repository for suse 9.2 though 1110284285 M * TheSeer i'd discourage using suse though 1110284301 M * TheSeer suse is the worst distribution money can buy 1110284306 M * IceTi hehe 1110284306 M * IceTi ok 1110284311 M * IceTi was just a question 1110284311 M * SiD3WiNDR no, that would be redhat :p 1110284319 M * TheSeer SiD3WiNDR: fedora is free 1110284324 M * SiD3WiNDR so is suse 1110284328 M * SiD3WiNDR and fedora isn't redhat 1110284332 M * SiD3WiNDR etc etc 1110284333 M * TheSeer SiD3WiNDR: and despite suse, redhat's stuff at least works 1110284333 M * IceTi not? 1110284334 M * SiD3WiNDR I use debian anyway :p 1110284344 A * SiD3WiNDR 0xf00d 1110284357 M * IceTi but what is fedora then? 1110284360 M * TheSeer but let's not start a distro-war ;> 1110284362 M * IceTi a new RedHat!!!!! 1110284369 M * IceTi or? 1110284374 M * IceTi just a question 1110284377 M * IceTi no war ;-) 1110284379 M * Doener your ! key is broken ;) 1110284397 M * IceTi anyway I´m away 1110284403 M * TheSeer well.. fedora is close to redhat 1110284408 M * IceTi yes 1110284545 M * TheSeer i personally prefer fedora/redhat based distros 1110284548 M * TheSeer but that's me ;> 1110285978 Q * pusling Ping timeout: 480 seconds 1110287258 J * Wonka produziert@chaos.in-kiel.de 1110287272 M * Wonka morning. 1110287412 M * Wonka it says "do not use local loopback inside a vserver" in the vserver_administrators_guide... 1110287439 M * Wonka but i need to restrict access to some tcp based service to my vserver 1110287466 M * Wonka i want to run a memcached in my vserver, and i want it to only respond to connects from my vserver 1110287475 M * Wonka any ideas? 1110287629 M * Wonka at the moment i am thinking of patching memcached to only accept connections from a specified ip, but i don't think that's the Way It Should Be. 1110288390 M * _are_ I don't know memcached, but if it supports tcp-wrapper, this should be easy, otherwise just use iptables on the master 1110290277 M * IceTi I´ve a litle problem with my apache 1110290280 M * IceTi omebody here? 1110290291 M * IceTi when i wanna start it 1110290310 M * IceTi Starting httpd: httpd: bad user name apache 1110290315 M * IceTi hmmm ?????? 1110290324 M * Doener TheSeer: your turn ;) 1110290357 M * IceTi ? 1110290417 M * TheSeer hm? 1110290447 M * TheSeer IceTi: can you read what i type? 1110290456 M * IceTi yes 1110290465 M * TheSeer so WHY THE F*CK DON'T YOU DO IT THEN? 1110290476 M * IceTi what? 1110290487 M * TheSeer you question has already been answered. just READ.. 1110290517 M * IceTi i don´t think my questionwas answered 1110290568 M * TheSeer Starting httpd: httpd: bad user name apache 1110290569 M * TheSeer what does that mena hwo can i fix that? 1110290585 M * IceTi yes ... 1110290591 M * TheSeer actually *reading* an error message might help 1110290591 M * TheSeer how can i fix that? 1110290596 M * TheSeer what then? 1110290596 M * TheSeer add the user (atually the rpm install should have done that..) or change the httpd.conf to use a different user 1110290600 M * IceTi and where is the answer? 1110290619 M * TheSeer right there? 1110290624 M * IceTi the user apche is there 1110290624 M * TheSeer pretty much two hours ago 1110290639 M * TheSeer no it's not 1110290646 M * IceTi shure 1110290651 M * TheSeer otherwise apache wouldn't complain 1110290670 M * IceTi in /etc/passwd 1110290671 M * IceTi apache:!!:48:48:Apache:/var/www:/sbin/nologin 1110290703 M * IceTi and in gropu also 1110290712 M * Doener inside the vserver? 1110290718 M * IceTi yes 1110290729 M * TheSeer and you do start the service INSIDE the vserver too, right? 1110290739 M * IceTi yes 1110290750 M * TheSeer why do i doubt that to be true? 1110290751 M * IceTi of course 1110290762 M * IceTi what? 1110290767 M * TheSeer vserver enter 1110290769 M * TheSeer id apache 1110290789 M * IceTi uid=48(apache) gid=48(apache) groups=48(apache) 1110290795 M * TheSeer service httpd start 1110290799 M * IceTi why should i lie? 1110290818 M * IceTi -bash-2.05b# service httpd start 1110290818 M * IceTi Starting httpd: httpd: bad user name apache 1110290818 M * IceTi [FAILED] 1110290832 M * TheSeer you're still inside the vserver, right? 1110290836 M * IceTi yes 1110290854 M * TheSeer congratulations, you fucked up ;-P 1110290860 M * IceTi what? 1110290861 M * TheSeer i have no clue what you did 1110290884 M * Doener did you add the apache user yourself? 1110290897 M * IceTi no 1110290903 M * IceTi the user was there 1110290908 M * IceTi usr/local/sbin/vapt-get vsrh9-1 -- install joe 1110290921 M * IceTi instead of joe --> httpd 1110291088 M * SiD3WiNDR joe rocks 1110291117 M * Doener what distribution is your host using? 1110291147 M * Doener what does syslog tell about the failure? 1110291156 M * IceTi my? 1110291162 M * Doener does the apache error log provide further information? 1110291163 M * IceTi FeroaCore3 1110291174 M * Doener SELinux enabled? 1110291178 M * IceTi ?? 1110291179 M * TheSeer why do you use rh9 if you have a FC3 host? 1110291186 M * Doener check both syslogs, host and guest... 1110291187 M * TheSeer Doener: SELinux is disbaled by default 1110291195 M * Doener yes, but http://www.issociate.de/board/post/141181/Starting_httpd:__httpd:__bad_user_name_apache_%5BFAILED%5D.html 1110291203 M * IceTi ahh what? 1110292579 J * FEN_HIN ~JFOC@latarius.tkdgroup.com 1110292782 M * _are_ anyone has patched a swsusp2-patched kernel with vserver or vice versa already? there are a few rejects, some of them seem obvious and are moved empty lines. 1110292800 M * _are_ some others seem to be a bit more tricky 1110294646 Q * IceTi Quit: get satisfied! • :: ««« (Gamers.IRC) »»» www.gamersirc.net :: 1110294688 J * FEN_HIN__ ~JFOC@latarius.tkdgroup.com 1110294688 Q * FEN_HIN Read error: Connection reset by peer 1110294711 N * FEN_HIN__ FEN_HIN 1110294910 M * TheSeer gnarf.. 1110294952 M * TheSeer if i ever get a tendency to help a n00b please warn me ;> 1110294967 J * sebd ~sebd@lesdeveloppementsdurables.org 1110294988 M * FEN_HIN :) 1110295561 M * prae M. FEN HIN ! 1110295562 M * prae :) 1110295568 M * prae sebd: welcome too :) 1110295584 M * sebd hi :) 1110295601 M * FEN_HIN hello prae 1110296036 Q * FEN_HIN Quit: JFOC Network v15 Professional Edition[FEN_HIN]: [- http://www.jfoc.net -] OFFLINE After 22mins 31secs 1110296473 J * pusling ~pusling@195.215.29.124 1110296711 Q * DaPhreak Read error: Operation timed out 1110297210 J * Straxus ~mines@227-121.SPEEDe.golden.net 1110297263 M * Straxus hmm 1110297276 M * Straxus I believe this is the first channel I've seen in a long time without an op 1110297294 M * Straxus in any case, anyone up for a chbind question? 1110297307 M * Straxus using 1.2.8, Util-vserver 0.32 1110297352 M * daniel_hozac util-vserver 0.32? 1110297363 M * Straxus yeah, on RH9 1110297373 M * Straxus 2.4.26 kernel 1110297377 M * daniel_hozac util-vserver's latest stable release was 0.30... 1110297401 M * Straxus [root@localhost winer]# /usr/sbin/chbind --help 1110297401 M * Straxus chbind version 0.32 1110297401 M * Straxus chbind [ --silent ] [ --ip ip_num[/mask] ] [ --bcast broadcast ] command argument 1110297405 M * Straxus curious 1110297450 M * Straxus this came from http://linux-vserver.org/Util-VServer+for+RH9 1110297462 M * Straxus wait, no it didn't 1110297466 M * Straxus sorry, haven't had enough coffee yet 1110297554 M * daniel_hozac i believe jacques vserver tools are at version 0.32 though. 1110297578 M * Straxus this was a precompiled ver for RH9 from a site linked off of the linux-vserver homepage 1110297607 M * Straxus ahh yes 1110297608 M * Straxus http://dns.solucorp.qc.ca/miscprj/s_context.hc?prjstate=1&nodoc=1 1110297621 M * Straxus that's his page all right 1110297633 M * Straxus and that's the ver currently running on the machine in question 1110297653 M * Straxus so, the question is 1110297679 M * Straxus trying to do a 'chbind --ip eth0:0 [junk]' and getting failures 1110297692 M * Straxus I notice that chbind --ip eth0 [junk] works correctly 1110297706 M * Zoiah Straxus: that stuff is no long maintained. 1110297764 M * Straxus hmm, k. Would what I'm trying to do work in 1.2.10/util 0.30? 1110297782 J * genstef ~stefan@ppp-82-135-0-222.mnet-online.de 1110297784 M * genstef hi 1110297832 M * genstef Is there already a vserver patch for unionfs-1.0.9 available? 1110297876 M * Wonka _are_: i have no access to the master... 1110297909 M * Wonka _are_: and memcached is a process designed to not to be started for every connect, but keep running. 1110297937 M * daniel_hozac you are supposed to give chbind an IP though. 1110297984 M * Straxus the man page indicates IP or Interface 1110298050 M * Straxus for the --ip flag 1110298076 M * Straxus it certainly threw me off that I was passing an interface as an argument for --ip, but it seemed to work correctly until virtual devices came into the fray 1110298261 M * Straxus does chbind pass the argument right through to the vserver kernel methods, or does it do some initial parsing first? 1110298419 M * daniel_hozac it parses it. 1110298450 M * daniel_hozac util-vserver's chbind uses /proc/net/dev to look up devices, and aliases aren't in there. 1110298497 M * Straxus hmmm, k 1110298528 M * Straxus guess the latest ver of util-vserver won't help then 1110298548 M * daniel_hozac why do you want to pass it the interface name anyway? 1110298619 M * Straxus I have a setup where I have a bunch of virtual interfaces already created, and I'm trying to force processes to use their own specific virtual interface rather than 0.0.0.0 to bind to 1110298650 M * Straxus I'm only using the chbind functionality of vserver for process interface restriction, not actually running inside of a vserver 1110298700 M * daniel_hozac you realize that it won't bind to the interface anyway, right? it'll still bind to the IP address that interface has at chbind execution time. 1110298749 M * Straxus good enough... the interface won't change, but I was hoping to just point it at the interface so that it could pull out whatever other info it needs, like values for --bcast 1110298795 M * Straxus but that is good to know for reference purposes, might help to explain unexpected behaviour in the future if we start getting too fancy with our setup. :) 1110298990 M * kevinp What's the best way to see which of your vservers is using the most resources? (CPU & memory) 1110298997 M * Straxus don't suppose anyone knows any tricks for getting virtual interfaces to show up in /dev... :) 1110299017 M * Wonka network interfaces in /dev? 1110299023 M * kevinp (on a historical basis) 1110299030 Q * _are_ Quit: bbl 1110299036 M * Wonka since when do they show up there? 1110299042 M * daniel_hozac Straxus: aliases will never show up in /proc/net/dev. you'd want to rewrite chbind to use another method of interface detection. 1110299058 M * Straxus yeah, kinda figured 1110299065 M * daniel_hozac kevinp: cat /proc/virtual/*/limit ? 1110299075 M * Straxus never as easy as a symlink in dev 1110299114 M * Wonka Straxus: network devices are one of the not many things that aren't files in linux 1110299123 M * Wonka Straxus: you'd have to take plan9 for that... 1110299153 M * kevinp I don't have a virtual in /proc? 1110299166 A * Wonka neither 1110299177 M * Straxus that'd cause a bit of rewriting for our RH9-based system, I imagine 1110299179 M * daniel_hozac kevinp: stable vserver? 1110299189 M * Straxus thanks for the pointers all, much appreciated 1110299195 M * kevinp 2.4.27-vs1.29-rc2 1110299221 M * daniel_hozac kevinp: sorry, i've never used anything other than 1.9.x. 1110299382 P * Straxus 1110299398 M * kevinp ok, thanks, though. I looked in /proc/sys/vm/ and don't see anything relevant. 1110299431 M * daniel_hozac /proc/sys is for sysctl, like the configuration files for the kernel. 1110299500 M * kevinp ok, any other ideas? 1110299553 M * kevinp vserver-stat has a userTIME and a sysTIME, but I'm not sure how valid these number are. 1110299917 M * daniel_hozac they should be valid. 1110299928 J * Ale__ ~AAAAAAAA@micomisariato.telconet.net 1110300162 M * kevinp Looks like it. There is a RSS number defined in the man page as Resident Set Size that seems to vary widely among the vservers. Shouldn't that be the same? 1110300278 M * kevinp Looks like the most important number to me is the VSZ, the number of pages of virtual memory a vserver is using. 1110300386 M * DaCa kevinp: RSS are the memory pages that are _really_ in memory (not swapped out) 1110300566 M * kevinp ok, that makes more sense 1110301115 M * kevinp what's interesting though is that the total of all of the vservers RSS does not equal anywhere close to how much memory is actually being used. 1110301195 M * DaCa I am not sure but I think RSS doesnt include shared memory 1110301234 M * kevinp If I total up the RSS of 40 vservers, it only comes up to 8 MB. 1110301313 M * DaCa so total memory usage should be something like kernel space+RSS+shared memory+buffers+cache 1110301400 M * kevinp While the VSZ adds up to more than 34 GB! 1110301462 M * DaCa your servers are unified? 1110301498 M * kevinp I'm not sure, I didn't set this all up, I'm coming into it after all of that trying to figure out all the problems with it. 1110301520 M * kevinp What's the best way to check? In the build script? 1110301803 M * kevinp got to go... 1110302909 N * Bertl_zZ Bertl 1110302940 M * Bertl morning folks, everything fine? 1110302983 P * Wonka bye 1110303137 M * DaCa morning Bertl :) 1110303156 M * DaCa Bertl: I thought .at was in the same timezone as .be :) 1110303234 M * Bertl hmm, probably is ... why? 1110303316 M * DaCa Bertl: I would like to be able to have the same biorythm :) 1110303360 M * Bertl hmm, start working on linux-vserver then, I'd suggest *G* 1110303512 M * DaCa I played with your trampoline idea, but it has too many drawbacks 1110303522 M * DaCa a) it only works for root 1110303548 M * DaCa b) you get a pts allocated in the root server, so you cant use screen in the vserver 1110303664 M * Bertl hmm, yes, and the solution would be? 1110303768 M * DaCa the previous plan, a sshd in each vserver and port forward to it? I see no other solution 1110303804 M * Bertl I mean, the trampoline was not an idea, it was a solution to a given problem, which obviously is different to what you have in mind ... 1110303838 M * Bertl now I wonder, why don't you try to find a 'solution' for your problem ... 1110303879 M * Bertl obviously you want something which allows various users to be mapped into different vserver (as maybe different users, right?) 1110303905 M * DaCa Bertl: yes 1110303977 M * Bertl so as you want to basically switch the user, you ahve to accept that whatever does this, has to have root rights 1110304027 M * Bertl further, if you want to switch into different vservers, you also have to accept that it needs to be root on the host 1110304055 M * Bertl now what about duplicate users? hansi @ vps1 and hansi @ vps2 1110304079 M * DaCa yes, the second in is my problem, I dont really want to switch user, but I need rootprivs to enter the vserver 1110304120 M * Bertl not necessarily, what you need are capabilities ;) 1110304223 M * DaCa right :) 1110304335 M * Bertl but I would worry more about the different uids and users ... 1110304337 M * DaCa using sudo in trampoline.sh helps too, and I can protect it further with grsec 1110304357 M * Bertl how are your solutions for that issues? (the users/uids) 1110304471 M * DaCa Bertl: no problem with that, its very small scale, so I can arrange to have them match uids 1110304571 A * micah looks up 1110304589 M * micah DaCa: so you saw my message to the mailing list I gather 1110304657 M * DaCa actually, its a server which is used for hosting of some websites, mail, personal stuff, but also as a devbox, and so I need to redirect some users in a vserver 1110304699 M * DaCa micah: I am not subscribed yet, I should do that. I saw you talking about it here yesterday 1110304726 M * micah DaCa: ah, well I posted a message basically saying what you are saying now... I tried the trampoline and I found the same limitations and I want to do the same as you 1110304742 M * micah DaCa: and Bertl responded saying its just easier to run sshd in each vserver :) 1110304756 M * micah he may be right, but I am interested to find other options if possible 1110304777 M * Bertl DaCa: how many vserver are we talking about (regarding scale) 1110304806 M * micah It would of course be best to manage users centrally (in ldap maybe?) then you could keep the usernames from colliding 1110304847 M * micah I was thinking it might be possible to ssh to a vserver, and depending on the user, it would ssh forward to another vserver 1110304850 M * daniel_hozac something like virtual hosts for sshd ;) 1110304877 M * micah or a tunnel or something 1110304914 M * Bertl well, it's probably easily done, you 'just' have to fork and move the ssh-server thread into the vserver before it allocates the pty 1110304948 M * Bertl (while keeping the network stuff intact) 1110304999 M * Bertl another option would be to disable the pts isolation 1110305013 M * micah DaCa: I am very interested in anything you come up with -- if I dont find anything, I will probably end up taking the resource hit and launch ssh in each vserver 1110305040 M * Bertl well, ssh in each vserver is by far the 'securest' approach 1110305101 M * Bertl and the resource consumption is not really high: 3224/1420 1110305133 M * Bertl sleep 100 has 2176/632 (VM/RSS pages) 1110305186 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1110305187 M * DaCa sorry, I was away for a while 1110305275 M * DaCa Bertl: just every networkexposed service in his vserver, and some vservers as devbox, probably not more than 10 in total 1110305302 M * Bertl np, I'm leaving right now .. but will be back later ... ;) 1110305332 N * Bertl Bertl_oO 1110305436 Q * prae Quit: Client exiting 1110305658 M * DaCa micah: I dont think it will be a resource hit to run a sshd in each vserver, my problem is more that I only have one external IP which makes portredirection a clumsy solution (clumsy as in less transparant, the user has to connect to a port != 22) 1110305708 J * shuri sjnesjd@dsl.speedline209.226.electronicbox.net 1110305778 M * micah DaCa: yeah, I hear you... I fortunately have IPs I can use, but I am seeing that management of different users in different vservers could become a chore 1110306426 Q * lilo Quit: bbiab 1110306781 J * lilo ~lilo@lilo.usercloak.oftc.net 1110307094 M * DaCa micah: in that case, I would definately run a separate sshd in the vservers 1110307145 Q * lilo Quit: brb 1110307233 M * DaCa micah: if your scared about performance issues, I think the only one will be virtual memory usage, and you can cut that down by unifying the binaries and libraries 1110307895 M * micah DaCa: yeah, I'm still trying to nail down unification... I'm unifying against a reference server, but I not sure how that will work when I upgrade packages in my reference (what if package files are removed, moved, or new ones are added or configurations change?)... or if I should setup regular crond unification, etc. 1110307895 Q * rpetre Read error: Connection reset by peer 1110307902 M * micah wanting to get things setup, and then work on that 1110308120 J * lilo ~lilo@lilo.usercloak.oftc.net 1110309937 Q * genstef Quit: Verlassend 1110311888 Q * DuckMaster Quit: Client exiting 1110311991 M * jd86 Bertl_oO: you here? 1110312424 Q * flock Remote host closed the connection 1110312508 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1110313358 M * jd86 i'm making a vserver setup script and i want to know if the interface thing needs something to fix it or if you think it will work: vserver $vservername build -m skeleton --hostname $host --flags $flagq --initstyle $initz --interface $hostname=$eadapter:$iaddr/$nmask 1110313475 Q * rs Quit: leaving 1110313530 M * sannes :) 1110313659 M * jd86 you know sannes 1110313707 M * sannes hm.. just got here.. not sure what you mean, when you say "interface thing" do you mean ngn or just the old way? 1110313824 M * sannes I'm not very up-to-date on these things right now, my last attempt at 2.6 kernel was a bit stumped .. 1110314204 M * jd86 :) 1110314363 M * daniel_hozac why do you want aliases? 1110314379 M * jd86 daniel_hozac: what do you mean? 1110314435 M * daniel_hozac just wondering if you had some particular need for aliases 1110314446 M * jd86 i dont know what you mean tho what aliases am i using? 1110314477 M * daniel_hozac $hostname=... 1110314492 M * jd86 i thought u had to 1110314499 M * daniel_hozac no, not at all. 1110314505 M * jd86 show me how to do it then 1110314521 M * daniel_hozac just $eadapter:$iaddr/$nmask should work. 1110314529 M * jd86 hmm 1110314533 Q * flock Remote host closed the connection 1110314587 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1110314982 M * Ale__ someone can tell me How can I configure the Linux PAM ??? 1110316131 J * erwan_ho ~erwan@lns-vlq-39f-81-56-133-136.adsl.proxad.net 1110317417 Q * erwan_ho Remote host closed the connection 1110317446 J * erwan_ho ~erwan@lns-vlq-39f-81-56-133-136.adsl.proxad.net 1110317544 Q * monrad Read error: Operation timed out 1110317590 J * monrad ~monrad@213083190130.sonofon.dk 1110317601 Q * erwan_taf Read error: Operation timed out 1110318017 Q * erwan_ho Ping timeout: 480 seconds 1110318745 J * erwan_ho ~erwan@lns-vlq-39f-81-56-133-136.adsl.proxad.net 1110318901 Q * shuri Quit: 1110319297 J * erwan_taf ~erwan@81.80.43.68 1110319407 Q * erwan_ho Remote host closed the connection 1110320638 M * jd86 anyone hurr? 1110321523 M * jd86 how do i do a passwd for the root user inside of a vserver? 1110322470 M * jd86 i tried some vcontext stuff but it isn't working 1110322733 M * kevinp The easiest way I know of is to do "vserver enter" and then passwd root 1110322894 J * prae ~prae@sherpadown.net 1110323629 M * daniel_hozac or just vserver exec passwd root ;) 1110323780 M * jd86 i like daniel's 1110323788 M * jd86 and i gotta figure out why this net isnt starting on it:( 1110323796 N * Bertl_oO Bertl 1110323801 M * jd86 bertl!!! 1110323807 M * Bertl evening folks! 1110323834 M * jd86 Bertl: its not starting my eth0 when it starts the vserver 1110323862 M * jd86 aha 1110323863 M * jd86 maybe not 1110323878 M * Bertl hmm? 1110323947 M * jd86 vserver-2 0 # vserver redhat-template stop 1110323947 M * jd86 vkill: vc_ctx_kill(): No such process 1110323947 M * jd86 Vserver '/etc/vservers/redhat-template' still running unexpectedly; please investigate it manually... 1110323950 M * jd86 what do you think is happening 1110324025 M * Bertl no idea, seems that some process (maybe an init, they are harder to kill) is still running inside? 1110324040 M * jd86 how do i tell 1110324049 M * Bertl did you investigate it manually? 1110324085 M * jd86 when i stop it, i think it stops 1110324087 M * jd86 but i dont really know for sure 1110324096 M * Bertl well, check it then ... 1110324098 M * jd86 how 1110324111 Q * Ale__ Quit: Client Exiting 1110324112 M * Bertl vps or enter it and do ps/top ... 1110324140 M * jd86 i dont think its running 1110324172 M * jd86 when i star it, it doesnt really do anything i think i have the init style wrong 1110324192 M * Bertl hmm, well, that might explain the failing vkill 1110324203 M * jd86 what is it for redhat 1110324211 M * daniel_hozac sysv 1110324211 M * Bertl usually I'd use sysv 1110324224 M * jd86 aha! 1110324279 M * jd86 but 1110324279 M * jd86 now 1110324282 M * jd86 when i try to start ssh 1110324285 M * jd86 it failed on generating key 1110324323 M * Bertl well, with what message? 1110324336 M * jd86 [root@redhat-template /]# /etc/init.d/sshd start 1110324336 M * jd86 Generating SSH1 RSA host key: [FAILED] 1110324340 M * jd86 i'm not a redhat person at all :( 1110324381 M * Bertl well, me neither, guess you have to look into the logs 1110324404 M * jd86 wheres that cuz its not /var/log/messages 1110324425 M * daniel_hozac /var/log/messages would be the log. 1110324473 M * jd86 its like not there. 1110324517 M * jd86 it isn't 1110324583 M * jd86 something really wierd is going on 1110324603 M * jd86 [root@redhat-template ssh]# ls 1110324603 M * jd86 ls: ssh_host_key: No such file or directory 1110324603 M * jd86 ls: ssh_host_key.pub: No such file or directory 1110324603 M * jd86 ls: ssh_host_rsa_key: No such file or directory 1110324603 M * jd86 ls: ssh_host_rsa_key.pub: No such file or directory 1110324604 M * jd86 ls: ssh_host_dsa_key: No such file or directory 1110324606 M * jd86 ls: ssh_host_dsa_key.pub: No such file or directory 1110324608 M * jd86 moduli ssh_config sshd_config 1110324610 M * jd86 if i'm typing ls how come it like thinks its there... 1110324637 M * daniel_hozac tagxid? 1110324642 M * jd86 its tagxid'ed 1110324646 M * Bertl dynamic contexts? 1110324647 M * jd86 the partition is 1110324662 M * jd86 oops this does have a dynamic context. 1110324673 M * Bertl if so, check the host logs, you'll get a bunch of warnings there ;) 1110324738 M * jd86 i dont see none :( 1110324751 M * jd86 this is making no sense to me 1110324810 M * Bertl well, maybe you disable that stuff ... (on kernel build) 1110324821 M * jd86 what stuff? 1110324828 M * jd86 well i dont have debug on 1110324829 M * Bertl but dynamic contexts and tagxid do not go well 1110324840 M * jd86 i set this up a long time ago 1110324849 M * jd86 i just set a static context 1110324854 M * Bertl ah, so we are talking about 2.4 there? 1110324861 M * jd86 kernel? 2.6.11 1110324874 M * Bertl couldn't be _that_ long then ... 1110324900 M * jd86 long since when? 1110324930 M * jd86 aha 1110324935 M * jd86 its working now i had to rm -rf it and re do it 1110324987 M * jd86 how do i get it so sshd starts automatically with redhat9? 1110325010 M * daniel_hozac chkconfig sshd on 1110325019 M * jd86 thx 1110325054 M * jd86 i love the tons of errors when starting/stopping these things 1110325064 M * Bertl huh? 1110325093 M * jd86 http://william.psunit.com/~jim/temp 1110325094 M * jd86 look 1110325097 M * jd86 when i stop the vserver 1110325142 M * daniel_hozac rm -f /etc/rc.d/rc0.d/S01halt /etc/rc.d/rc6.d/S01reboot 1110325148 M * Bertl well, obviously you have a bunch of scripts there which do not really belong there 1110325153 M * jd86 heh 1110325156 M * jd86 i hate redhat. 1110325157 M * jd86 but 1110325159 M * jd86 yes you are right 1110325169 M * Bertl what's sm-client? 1110325172 M * jd86 i dont know 1110325181 M * Bertl the random seed is junk too 1110325181 M * daniel_hozac some sendmail thing. 1110325181 M * jd86 this is using the distribution download thing that someone gave me before 1110325187 M * jd86 with tarballs for debian/redhat/fedora 1110325195 M * Bertl kernel logger is useless 1110325203 M * jd86 so what else should i kill? 1110325214 M * Bertl hwclock is useless 1110325234 M * Bertl in general I'd say kill everything from the runlevels and _just_ add the services you actually need/use 1110325279 M * daniel_hozac hwclock is part of the halt script. 1110325292 M * jd86 Bertl: you want to see the leet haxor script i'm writing ? 1110325309 M * daniel_hozac (anything after the Sending all processes the KILL signal... is part of the halt script) 1110325331 M * Bertl jd86: don't know yet, but I guess you want me to see it, right? 1110325358 M * jd86 lol its working so it doesn't matter, wait till its b0rked and i'm sure i'll make you see it :) it just makes me leet vservers. 1110325388 M * jd86 the creation part works 1110325392 M * jd86 i need to do the rest 1110325396 M * jd86 hopefully shouldn't be difficult 1110325416 M * Bertl great! ;) 1110325431 M * jd86 it was alot to get it to the point now 1110325475 M * jd86 but.. if you do want to see it at this point: http://william.psunit.com/~jim/vserver_setup.sh ;-) 1110325504 M * jd86 if you do you'll probably find 897947 problems with it tho 1110325575 M * Bertl hmm, interesting approach ... 1110325586 M * jd86 why do you say that? 1110325598 M * jd86 i'm not the best programmer even if its just bash :-D 1110325635 M * Bertl nono, don't get me wrong ... just recently 'we' talked about adding some config for vservers based (or similar) to the kernel config 1110325666 M * Bertl that would mean something which is like 'make config' or 'make menuconfig' on the ekrnel, if you know what I mean ... 1110325666 M * jd86 mind restating what yo just said i dont really get what your sayingconfig for what? 1110325685 M * jd86 but the kernel has it 1110325688 M * jd86 i dont get what you mean :( 1110325696 M * Bertl yes, you know the kernel config, right? 1110325700 M * jd86 yes 1110325707 M * jd86 you mean you'd have a config like that for making vservers? 1110325710 M * Bertl we toyed with the idea 1110325726 M * jd86 heh toying with the idea as i spend all my time worthllessly clunking at the keyboard and my lil shell script 1110325727 M * Bertl making and (re)configuring that is 1110325738 M * jd86 hey i made it to work and i'm going to keep adding stuff as i need more 1110325781 M * Bertl so I guess some kernel like config system would be appreciated on your side? hmm? 1110325791 M * jd86 hey anything that works. 1110325798 M * jd86 something that automates the addition process is great. 1110325808 M * jd86 honestly i wrote that so the person i'm doing all of this for can make some use of it 1110325817 M * jd86 and i like it so far too 1110325818 M * jd86 i dont know 1110325827 M * jd86 i haven't dedicated that much time on it yet there are still some things i dont get 1110325844 J * DukeGangsta|aw ~uefgangst@p548691D9.dip.t-dialin.net 1110325860 M * Bertl welcome DukeGangsta|aw! 1110325871 M * DukeGangsta|aw hi 1110325908 M * kevinp Bertl: Following up from a question earlier while you were gone - is there any other ways to look at what vserver is using resource wise (cpu/memory) in a historical way 1110325920 M * kevinp So far all I have is vserver-stat 1110325943 M * jd86 Bertl: have you any suggestions for me and my little script? 1110325948 M * Bertl kevinp: well, no, you also have /proc/virtual 1110325972 M * Bertl jd86: if it works for you, then do it this way ... 1110325977 M * kevinp They mentioned that but I'm running 2.4.27-vs1.29-rc2 1110325999 M * Bertl ah, well, 2.4/1.2x has not much resource accounting 1110325999 M * DukeGangsta|aw anyone here that has some experiences with multi-cpu-machines? i will get a dual xeon machine in a few days, and i want to run vservers on that... is there a possibility to give 1 cpu to 1 vserver, and all other vservers should run at the other cpu ? 1110326019 M * Bertl basically yes 1110326040 M * jd86 what does debian use for a init? 1110326058 M * jd86 (thats one thing i'm going to change now, have it determine the init method via distribution it selected!) 1110326075 M * Bertl DukeGangsta|aw: in a practical way that means that you have to care for the cpu affinity from userspace (it's not part of the tools yet) 1110326208 M * DukeGangsta|aw ok.... i didnt have a linux-multi-cpu machine till now... does linux use the 2 cpu's on itself, does it use them automatically, or do i have to tell each process with cpu it should use? i'm searching für a good multi-cpu-page that gives me some information about multi-cpu-linux working... 1110326243 M * Bertl well, usually you'll enable SMP and with HT xeons SMT 1110326268 M * jd86 DukeGangsta|aw: i have a smp 2x1ghz p3 :) 1110326282 M * Bertl then linux will 'by default' evenly distribute all processes across the virtual cpus 1110326298 M * Bertl 1x1G p3 means two virtual cpus 1110326306 M * Bertl *2x1G that is 1110326323 M * jd86 i have two p3 1ghz cpu 1110326326 M * jd86 however you'd like to say it 1110326350 M * Bertl if you now want some processes to 'stick' to one cpu, you have to limit/set the cpuaffinity for that 1110326367 M * jd86 aah ! time to implement some per context cpuaffinity stuff bertl 1110326384 M * Bertl well, it's already there ;) 1110326391 M * DukeGangsta|aw i will have 2* 2,8ghz xeons.... so will kernel-2.4.26-vssmp1.28.tar.gz work? or is there a smt-kernel?