1116548900 J * asdf test@pD902D387.dip.t-dialin.net 1116549254 Q * asdf Quit: ( www.nnscript.de :: NoNameScript 3.81 :: www.XLhost.de ) 1116550570 Q * matta Read error: Operation timed out 1116550832 J * eXplasm2 explasm@p549FEE79.dip.t-dialin.net 1116551259 Q * explasm__ Ping timeout: 480 seconds 1116552180 N * Bertl_zZ Bertl 1116552189 M * Bertl morning folks! 1116552298 M * Shuri morning Bertl do you want a Beer? 1116552378 M * Bertl thanks, but no thanks! I got my coca cola here with me ... (more caffeine) 1116552410 Q * lilo Quit: bbiab 1116552437 J * Beirdo_ ~gjhurlbu@linode.beirdo.ca 1116552440 M * Shuri hihi 1116552493 J * ntrs ruzin@Dardeene-68.188.50.87.charter-stl.com 1116552604 Q * Beirdo Ping timeout: 480 seconds 1116552705 J * lilo ~lilo@lilo.usercloak.oftc.net 1116553681 Q * lilo Remote host closed the connection 1116553890 N * Beirdo_ Beirdo 1116555024 J * romke ~romke@procyon.romke.net 1116558695 J * case ~case@donpanic.faveve.uni-stuttgart.de 1116558697 M * case moins 1116558807 M * Bertl morning case! 1116559168 M * case a, an oschdrian 1116559433 J * lilo ~lilo@lilo.usercloak.oftc.net 1116559682 M * Bertl wb lilo! 1116559952 J * lpaseen ~peters@ip227-169.istop.com 1116561518 Q * ntrs Quit: Leaving 1116561908 M * micah good evening everyone 1116561916 M * micah and good day to the others as well :) 1116561924 M * Bertl hey micah! 1116561979 M * micah I'm wondering if anyone has managed to get encrypted partitions working inside vservers, it sounds tricky 1116561984 M * micah (dmcrypt or loopaes) 1116562006 M * Bertl why should cryptoloop fail? 1116562029 M * micah well, you cannot mount partitions inside vservers first of all 1116562045 M * micah but I am suspecting you might have a way to do it that I have not thought about 1116562069 M * Bertl hmm, you mean secure mount is not working? 1116562099 M * micah I do not know what secure mount is 1116562115 M * Bertl something we introduced around 1.9.2 or so IIRC 1116562125 M * micah it is a way for vserver users to mount partitions? 1116562135 M * Bertl yup ... 1116562153 M * Bertl but putting that aside, why not mount it on the host? 1116562180 M * micah well, because I want to have different "owners" of the different vservers 1116562191 M * micah who have the password for their encrypted partiton (and not me) 1116562215 M * Bertl well, doesn't matter as you (as root) can read/write their data anyway 1116562246 M * micah this is what I want to avoid 1116562250 M * Bertl would require something like tcfs 1116562293 Q * Shuri Quit: 1116562299 M * micah hmm 1116562411 M * micah well, consider this 1116562433 M * micah if I was able to specify a certain filesystem could be mounted inside a particular vserver 1116562460 M * micah then that filesystem could be created by the owner of that vserver using cryptographic routines 1116562470 M * Bertl fine 1116562481 M * micah as something like loopaes has an entry in the fstab to denote it as encrypted 1116562511 M * Bertl perfect, now that user mounts it (specifying his secret passkey) and you simply cp -va all his data :) 1116562527 M * micah heheh 1116562544 M * Bertl did I miss something? 1116562547 M * micah no, I did 1116562552 M * micah ;) 1116562577 M * micah and tcfs keeps that from happening I assume 1116562596 M * Bertl it makes a good efford .. yes 1116562646 M * micah the problem is tcfs only has versions for linux 2.2 and nothing for 2.4 or 2.6 1116562662 M * micah it seems to maybe have fallen on hard times 1116562674 M * micah the last news updated in 2002 1116562689 M * Bertl http://www.tcfs.it/index.php?pc=3 1116562751 M * micah now we know what they look like 1116562754 M * Bertl http://www.tcfs.it/docs/tcfslinux-faq.3.html 1116562756 M * micah so we can track them down and ask them :) 1116562822 M * Bertl 3.x is working on 2.4 too 1116562842 M * micah 3.x? 1116562892 M * Bertl but it seems their server is down ... 1116562946 M * micah last release on freshmeat was in 2001 1116563005 M * Bertl yeah, well, time to start your own project, I guess ;) 1116563015 M * micah heheh 1116563021 M * Bertl I'll help with the vserver integration, okay? 1116563025 M * micah :) 1116563318 M * micah Bertl: here is a project that uses FUSE to make encrypted filesystems in userspace: http://arg0.net/users/vgough/encfs.html 1116563341 M * Bertl yeah, know it, has a lot of issues ... 1116563363 M * micah really... like stability issues? 1116563387 M * Bertl well, all issues resulting from fuse actually 1116563430 M * Bertl and it doesn't solve the 'don't trust root' issue 1116563485 M * micah yes you are right 1116563513 M * micah I read "pass-through filesystem" to mean the same as transparant filesystem as tcfs is (was) 1116563930 M * eyck what is 'dont trust root' issue? 1116563972 M * Bertl basically you have two kinds of encryption 1116564001 M * Bertl encryption which relies on the fact that root is trusted, and encryption which does not ... 1116565121 M * eyck hmm, I don't see how you could not trust root 1116565155 M * eyck he's such a nice fellow, 1116565166 M * eyck maybe I need to read more on the subject 1116565247 M * Bertl maybe ;) 1116565263 Q * FaUl Read error: Operation timed out 1116566406 J * FaUl ~immo@ip88.164.1211G-CUD12K-01.ish.de 1116569010 J * SEAwolfx_ ~mike@zeus.aqualys.net 1116569324 Q * SEAwolfx Ping timeout: 480 seconds 1116570032 Q * duckx Quit: Client exiting 1116570319 J * erwan_ho ~erwan@konilope.dyndns.org 1116570699 Q * SEAwolfx_ Remote host closed the connection 1116570802 M * lilo (thanks Bertl :) 1116570814 Q * lilo Quit: brb again 8 1116571094 J * SEAwolfx ~mike@69.41.174.196 1116571314 J * lilo ~lilo@lilo.usercloak.oftc.net 1116571380 J * matti matti@linux.gentoo.pl 1116572806 Q * Johnsie Read error: Operation timed out 1116572927 Q * erwan_ho Remote host closed the connection 1116573011 J * Johnsie ~john@acs-24-154-32-12.zoominternet.net 1116575852 J * prae ~prae@ezoffice.mandriva.com 1116576076 M * Bertl k, night folks! 1116576082 N * Bertl Bertl_zZ 1116576608 M * eyck night? 1116576611 M * eyck woa, 1116576645 M * romke Bertl works on his own clock :> 1116576853 J * alanhs ~icechat5@82-68-97-182.dsl.in-addr.zen.co.uk 1116577011 M * SEAwolfx well it depends where Bertl stays ;) 1116577115 M * SEAwolfx hm, in austria. indeed he works on his own clock. ;) 1116582352 M * Doener_zZz micah: for 'hide from host root'-stuff a new namespace create inside the vserver _could_ probably help 1116582362 N * Doener_zZz Doener 1116582446 M * Doener you can only reach a different namespace with some help. either the vserver syscall (but this only gets you the 'original' vserver namespace) or with a process in that namespace, making a file descriptor in that namespace available to you... 1116582454 N * Doener Doener|gone 1116584329 J * politi ~politi@cpe.atm2-0-1051059.0x50a09f6a.bynxx11.customer.tele.dk 1116584337 N * politi jcarlsen 1116584412 M * jcarlsen Have anyone solved the problem about compiling util-vserver on a Gentoo (x86_64)? 1116584475 M * jcarlsen http://www.paul.sladen.org/vserver/archives/200412/0067.html <- This problem to be exact 1116584760 J * pflanze ~chris@unk-110.ethz.ch 1116584954 J * tbenita ~tbenita@atreal.net2.nerim.net 1116585007 M * alanhs Hi folks, I wonder if someone can answer a real newbie question - I have spent the last day or so setting up a vserver and installing some guest images, and now I am left with a whole bunch of half working vservers. Is there a simple way of just deleting them all ? 1116585062 M * tbenita alanhs, just delete the folders that contains the vservers and their config files 1116585092 M * alanhs thanks tbenita. 1116585107 M * tbenita alanhs, np 1116585685 Q * DaPhreak Ping timeout: 480 seconds 1116586387 J * DaPhreak ~phreak@lms.rz.uni-greifswald.de 1116588543 J * knoppix_ ~knoppix@dsl-213-023-128-211.arcor-ip.net 1116589282 J * monrad ~monrad@213083190130.sonofon.dk 1116591089 Q * SEAwolfx Ping timeout: 480 seconds 1116591534 M * tbenita I don't know if the question is specific to vserver ; how can I see what process consumes system time ? 1116591550 M * tbenita (kernel 2.4 vserver) 1116591621 M * alanhs Could anyone help me, I have nearly ;-) built a vserver. But I am now getting this error "Error: /proc must be mounted" whenever I try to start a vserver, /etc/fstab is right (I think) - all my googling has failed to find any answers to what may cause this - help anyone ? 1116591696 M * tbenita alanhs, kernel 2.6 ? 1116591710 M * alanhs Oh Sorry - yes 1116591748 M * tbenita Did you do /usr/lib/util-vserver/vprocunhide ? 1116591771 J * SEAwolfx ~mike@63.246.136.50 1116591781 Q * monrad Read error: Operation timed out 1116591833 M * alanhs Yes I did - BTW do I have to do this everytime the machine is rebooted ? 1116591846 M * tbenita yes 1116592296 Q * lpaseen Remote host closed the connection 1116592765 J * monrad ~monrad@213083190130.sonofon.dk 1116594192 Q * SEAwolfx Quit: leaving 1116594352 Q * lilo Remote host closed the connection 1116594382 M * pflanze tbenita: vtop? 1116594390 J * lilo ~lilo@lilo.usercloak.oftc.net 1116595021 M * tbenita pflanze, vtop says 70%system but I don't understand why ! 1116595067 M * pflanze tbenita: and it doesn't show processes taking at least 70% cpu? 1116595074 M * tbenita no 1116595108 M * pflanze "at least 70%" meaning in total, of course 1116595149 M * pflanze If you have hyperthreading, that might explain part of it. 1116595197 M * tbenita it's not the case... 1116595227 M * pflanze (if you're running an older 2.4 kernel: they don't support HT well, and seem to add the slow cpu rest capacity as if it were a full cpu running) 1116595243 M * pflanze Maybe you're using IDE disks and haven't tuned them? 1116595251 M * pflanze (missing DMA) 1116595280 M * tbenita dma is on 1116595346 M * pflanze no idea then. (to raise your anxiety level: "hope you haven't been hacked?..") 1116595357 M * tbenita mmm 1116595373 M * pflanze You might want to ask in #kernelnewbies, this seems rather special. 1116595409 M * tbenita it must ba at MASTER host level then ? 1116595435 M * pflanze Well.. you've been looking from the master anyway, haven't you? 1116595444 M * tbenita yes 1116595448 M * pflanze (From inside a vserver you'll never see all processes.) 1116595460 M * tbenita I mean hacked ? 1116595482 M * pflanze well some kernel holes can be exploited directly from vservers. 1116595491 M * tbenita ok 1116595570 M * tbenita thx pflanze 1116595614 M * pflanze (It could be a bug in some driver or some such. But most cpu intensive drivers (like sync or raid stuff) are kernel threads and thus should show up in (v)top.) 1116595615 M * pflanze np 1116595668 M * pflanze (Unless something else turns up I'd boot from a knoppix cd and do a chkrootkit) 1116597790 M * tbenita pflanze, do you think that if a vserver is infected I can stop it and look at the results ? 1116597866 M * pflanze well, if you are sure that the kernel hasn't been compromised and the vserver has been set up securely (and vserver doesn't have a hole either), then yes 1116597885 M * pflanze *but* that doesn't seem the case here 1116597907 M * pflanze if you're seeing cpu being eaten by a process you're not seeing. 1116597967 M * pflanze or what do you mean? of course you could try to stop the vservers and see if cpu usage stops (which would still be strange if it does). 1116597969 Q * case Remote host closed the connection 1116598059 M * tbenita ok thanks pflanze 1116598062 M * pflanze tbenita: It might make sense to wait for Bertl to appear. 1116598078 M * pflanze I don't have that much vserver knowledge. 1116598127 M * pflanze Maybe there's some known problem with vserver after all. 1116598191 M * tbenita ok thanks for all pflanze 1116598390 Q * DuckKing Quit: Leaving 1116599294 M * BWare did you try to run vmstat 1116599309 M * BWare to see if disk io is the problem 1116599573 M * jcarlsen tbenita: Is there anything suspicous in /var/log/messages? 1116599603 M * tbenita BWare, jcarlsen I looked of the master logs and didn't find anything, except bad tcp packets 1116599626 M * jcarlsen tbenita: Ok 1116599943 M * tbenita BWare, what should look at in vmstat ? 1116599968 M * BWare run vmstat and check if io is being buffered 1116599984 M * BWare however that does not explain a cpu usage of 70% 1116600007 M * tbenita procs memory swap io system cpu 1116600014 M * tbenita r b w swpd free buff cache si so bi bo in cs us sy id 1116600021 M * tbenita 0 0 0 189796 87592 324396 902256 0 0 56 2904 551 841 3 81 16 1116600046 M * tbenita sorry ; I don't know verry well vmstat :-/ 1116600128 M * jcarlsen try "vmstat 5" 1116600144 M * jcarlsen and paste the second line of stats 1116600157 M * jcarlsen (thats an average over 5 seconds) 1116600165 M * tbenita 0 0 0 189796 71020 325096 916812 0 0 58 2022 495 710 3 74 23 1116600192 M * jcarlsen are you aware of anything write to the disk(?) with around 2MB/sec? 1116600207 M * jcarlsen are you aware of anything that writes to the disk(?) with around 2MB/sec? (fixed missing words) 1116600240 M * tbenita 2MB/sec ?? That looks a lot ! Maybe the mail server 1116600249 A * tbenita stops it 1116600297 M * tbenita what is the vmstat unit ? 1116600315 M * jcarlsen "bo" is block out 1116600326 M * jcarlsen data written to block devices 1116600330 M * jcarlsen usually disks :) 1116600339 M * tbenita ok thanks 1116600347 M * tbenita well ... It raised to 87% 1116600366 M * jcarlsen and what does "bo" say now? 1116600402 M * jcarlsen ignore the first line from vmstat, thats usually an average of a very short period 1116600443 M * jcarlsen did the system stop writing to disk after you stopped the mailserver? 1116600459 M * tbenita bo is now 2058 1116600472 M * tbenita it didn't stop... 1116600510 M * tbenita I'm stopping all vservers now 1116600604 M * tbenita ok I got it : my apache2 vserver 1116600638 M * jcarlsen ok, did it do anything to the cpu load? 1116600661 M * tbenita yes : it came back to a reasonable load 1116600668 M * jcarlsen ok, check the apache log 1116600674 M * tbenita ok 1116600703 M * jcarlsen apache may have been in some loop making syscalls 1116600872 M * tbenita [Fri May 20 13:05:14 2005] [error] server reached MaxClients setting, consider raising the M 1116600873 M * tbenita axClients setting 1116600959 M * jcarlsen hmm 1116600967 M * jcarlsen I'm no Apache expert 1116600993 M * tbenita I'll just try to start the vserver and stop apache 1116600994 M * jcarlsen actually, when I think of it, I'm no expert on anything :).. 1116601010 M * tbenita neither am I, but you know a lot !! 1116601013 M * tbenita :) 1116601025 M * jcarlsen I have an appointment in a minute, I'd better go now.. Good luck 1116601034 M * tbenita thanks a lot jcarlsen 1116601050 Q * jcarlsen Quit: :( 1116601177 Q * alanhs Quit: IceChat - what the cool people use 1116603378 J * case ~case@donpanic.faveve.uni-stuttgart.de 1116603380 M * case moins 1116603445 Q * _mountie Remote host closed the connection 1116603453 J * _mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com 1116603657 J * ntrs ruzin@Dardeene-68.188.50.87.charter-stl.com 1116603684 M * ntrs anyone here good with iptables? 1116603865 M * case for easy values of good. 1116603908 M * ntrs I am trying to prevent outgoing brute force ssh attacks off our servers. 1116603930 M * ntrs Is there a way to rate limit outgoing port 22 or something even more efficient? 1116603979 M * ntrs or maybe log that somehow? 1116604068 M * case a certain user ? 1116604080 M * case -m owner --owner uid, e.g. 1116604084 M * ntrs no, for the whole server 1116604174 M * case with pac you should be able to log all user's started processes. 1116604282 M * case package acct with debian 1116604291 M * ntrs I see 1116604306 M * case for the netfilter rules.. i just read some documentation as i do not know it by heart 1116604320 Q * cryo Read error: Operation timed out 1116604322 M * case there is something like -m limit bla 1116604332 M * case but i look for the correct syntax 1116604523 M * case something like iptables -A -p TCP --dport 22 -m limit --limit 3/minute --limit-burst 5 -j DROP 1116604531 M * case should do. not tested. 1116604553 M * case arg: iptables -A OUTPUT -p TCP --dport 22 -m limit --limit 3/minute --limit-burst 5 -j DROP 1116604558 M * case missed the OUTPUT 1116604570 M * ntrs right. and to log that? 1116604646 M * case same line with -j LOG ? 1116604649 M * case i am not sure. 1116604670 M * case or iptables -A OUTPUT -p TCP --dport 22 -j LOG 1116604688 M * case right ? not sure. 1116604699 M * ntrs ok, I'll try to look it up 1116604707 M * ntrs Thanks 1116604727 M * case my favorite tutorial is: http://iptables-tutorial.frozentux.net/iptables-tutorial.html 1116604908 J * mep_ mep@p5091CE88.dip.t-dialin.net 1116605349 Q * mep__ Ping timeout: 480 seconds 1116606837 Q * tbenita Quit: Leaving 1116606844 Q * prae Read error: Connection reset by peer 1116607285 J * cryo ~say@212.86.243.154 1116608457 P * axxo 1116609066 N * Bertl_zZ Bertl 1116609088 M * Bertl morning folks! 1116611116 Q * monrad Quit: Leaving 1116612812 J * monrad ~monrad@213083190130.sonofon.dk 1116613373 J * muadda ~muadda@gar31-1-82-234-50-167.fbx.proxad.net 1116614201 J * aba__ ~aba@2001:a60:f006::2 1116614540 Q * aba Quit: leaving 1116614556 N * aba__ aba 1116617154 M * micah ls -al 1116617156 M * micah ahk 1116617237 M * Bertl ;) 1116617341 M * micah too many windows, not enough focus :) 1116618276 J * Doener` ~doener@p548768BE.dip.t-dialin.net 1116618712 Q * Doener|gone Ping timeout: 480 seconds 1116620480 Q * virtuoso Ping timeout: 480 seconds 1116620768 J * Elchbulle ~elch@donut.toppoint.de 1116620772 M * Elchbulle hi 1116620809 M * FaUl elch! 1116620818 M * FaUl what are you doing here :-) 1116620834 M * Bertl evening Elchbulle! FaUl! 1116620893 M * FaUl Bertl: i discovered that my scsi-controller worked with 2.6.5, and i'm on holydays next week so i hope that i get 2.6.11.10 running than 1116620986 M * Elchbulle Hey FaUl Nice to see you *happy* 1116620991 M * Bertl FaUl: excellent ... 1116621008 M * Elchbulle Huhu Bertl :-) 1116621047 M * FaUl Bertl: after that we can test that vserver-ipv6 stuff 1116621089 M * Elchbulle FaUl I just want to know if I have to update to 2.0 1116621111 M * Bertl Elchbulle: have to? 1116621136 M * Elchbulle Bertl security reasons ? 1116621174 M * Bertl is 2.4/1.2 insecure now? 1116621210 M * Bertl don't get me wrong, I'm all for 2.6/2.0 ;) 1116621221 M * Elchbulle I dont know, thats the reason Im here and ask 1116621245 M * Elchbulle I use 1.2.10 1116621270 M * Bertl should be fine ... I guess 1116621287 M * Elchbulle good 1116621328 M * Elchbulle thank you bertl, as always. *hands Bertl a virtuell cookie* 1116621329 M * Bertl there was some kind of exploit, but I guess either Marcelo released a new version or some patch was available IIRC 1116621368 A * Bertl examies the cookie very carefully ... 1116621383 M * Elchbulle tasty 1116621435 M * Elchbulle I should send you a real cake via ups 1116621455 M * Bertl feel free to do so ;) 1116621546 M * Elchbulle where are you in rl located ? 1116621598 M * Bertl Austria, not too far away I guess ;) 1116621645 M * Elchbulle Yeah 1116621874 M * Bertl okay, back later ... 1116621880 N * Bertl Bertl_oO 1116622067 Q * nox unununium.oftc.net uranium.oftc.net 1116622067 Q * muadda unununium.oftc.net uranium.oftc.net 1116622067 Q * _mountie unununium.oftc.net uranium.oftc.net 1116622067 Q * DaPhreak unununium.oftc.net uranium.oftc.net 1116622067 Q * romke unununium.oftc.net uranium.oftc.net 1116622067 Q * Loki|muh unununium.oftc.net uranium.oftc.net 1116622067 Q * janra unununium.oftc.net uranium.oftc.net 1116622067 Q * eyck unununium.oftc.net uranium.oftc.net 1116622067 Q * stupidawy unununium.oftc.net uranium.oftc.net 1116622067 Q * mugwump unununium.oftc.net uranium.oftc.net 1116622067 Q * micah unununium.oftc.net uranium.oftc.net 1116622067 Q * pusling unununium.oftc.net uranium.oftc.net 1116622068 Q * SNy unununium.oftc.net uranium.oftc.net 1116622068 Q * sith unununium.oftc.net uranium.oftc.net 1116622068 Q * Seraph unununium.oftc.net uranium.oftc.net 1116622068 Q * Hunger unununium.oftc.net uranium.oftc.net 1116622068 Q * aba unununium.oftc.net uranium.oftc.net 1116622068 Q * berni unununium.oftc.net uranium.oftc.net 1116622144 J * nox ~nox@noxlux.de 1116622166 J * sith sith@aaronp.com 1116622166 J * Seraph kk@projects.verfaction.de 1116622166 J * Hunger Hunger.hu@Hunger.hu 1116622188 J * muadda ~muadda@gar31-1-82-234-50-167.fbx.proxad.net 1116622188 J * _mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com 1116622188 J * DaPhreak ~phreak@lms.rz.uni-greifswald.de 1116622188 J * romke ~romke@procyon.romke.net 1116622188 J * Loki|muh loki@satanix.de 1116622188 J * eyck eyck@81.219.64.71 1116622188 J * janra janra@paradox.homeip.net 1116622204 J * SNy ~mfr@bmx-chemnitz.de 1116622204 J * micah micah@192.101.188.235 1116622204 J * stupidawy foo@you.wish.you.were.pimp.olicio.us 1116622204 J * mugwump ~samv@210-54-92-184.ipnets.xtra.co.nz 1116622204 J * pusling ~pusling@195.215.29.124 1116622244 J * aba ~aba@2001:a60:f006::2 1116622244 J * berni ~berni@svr01.mucip.net 1116625540 J * MrX freebsd@219.95.234.184 1116626125 Q * monrad Remote host closed the connection 1116626156 J * `50`CTUHKU ~Mpower@82.147.147.1 1116626236 J * monrad ~monrad@213083190130.sonofon.dk 1116626238 Q * monrad Quit: 1116627290 J * terr ~gilles@ip-213-49-122-5.dsl.scarlet.be 1116627516 Q * `50`CTUHKU Quit: ( (GOLDscript) )(•)( wWw.GOLDscript.Tk )(•)( (GOLDscript) ) 1116629585 P * terr 1116629918 Q * rs Quit: rs 1116629959 Q * FaUl Ping timeout: 480 seconds 1116629973 Q * ntrs Quit: Leaving 1116630232 J * ntrs ruzin@Dardeene-68.188.50.87.charter-stl.com 1116630232 Q * ntrs Quit: 1116630499 J * FaUl ~immo@ip88.164.1211G-CUD12K-01.ish.de 1116631237 Q * Elchbulle Quit: Ab in den Wald 1116631374 J * kjo ~krischan@p5484B7F8.dip.t-dialin.net 1116631619 Q * muadda Quit: Leaving