1116636184 J * rs ~rs@imhotep.rhapsodyk.net 1116637240 J * explasm__ explasm@p549FEAC4.dip.t-dialin.net 1116637425 Q * eXplasm2 Read error: Operation timed out 1116637574 J * ntrs ntrs@Dardeene-68.188.50.87.charter-stl.com 1116637664 Q * MrX Quit: Killed Terminal 1116637918 J * Acid-Duck ~Acid-Duck@CPE0008743afb19-CM0012c9214e06.cpe.net.cable.rogers.com 1116638108 P * ntrs Leaving 1116640504 Q * kjo Quit: Verlassend 1116640649 Q * Acid-Duck Quit: 1116641872 Q * rs Quit: rs 1116641931 N * Bertl_oO Bertl 1116641950 M * Bertl evening/morning folks! 1116648196 M * lilo hi Bertl 1116648288 Q * lilo Quit: brb 1116649669 M * Bertl okay, folks, off to bed ... have a good whatever everyone! 1116649673 M * eyck ok 1116649679 M * eyck good morning, 1116649679 N * Bertl Bertl_zZ 1116652262 J * lilo ~lilo@lilo.usercloak.oftc.net 1116653589 J * virtuoso ~s0t0na@80.253.205.251 1116654756 J * lilo_ ~lilo@lilo.usercloak.oftc.net 1116654782 Q * virtuoso Read error: Connection reset by peer 1116654874 Q * lilo Ping timeout: 480 seconds 1116657901 J * alanhs ~icechat5@82-68-97-182.dsl.in-addr.zen.co.uk 1116665596 N * Bertl_zZ Bertl 1116665605 M * Bertl morning folks! 1116665875 M * alanhs Morning Bertl, you were kind enough to help me out the other day, and I have made great progress - but I still have a slight problem I wonder if I can ask your help again as I have exhaused google ! 1116665905 M * matti Hi Bertl :) 1116666046 M * Bertl alanhs: sure, go ahead! 1116666054 M * Bertl matti: hey :] 1116666060 J * slash^ ~slash@150.101.63.190 1116666069 M * Bertl welcome slash^! 1116666084 M * slash^ hi :D 1116666117 M * slash^ is the 2.0 vserver stable to use guys and girls ? 1116666135 M * Bertl we do not 'use' guys and girls ;) 1116666149 M * slash^ stable enuf vs the "stable 1.2.10" that is heh 1116666181 M * Bertl well, 2.0 isn't released yet, but it will be as stable as the 1.2 releases (just for 2.6) 1116666263 M * slash^ so i could get away running the rc1... ? i need to run a game server box for the world cyber games with 2 game servers on the one box 1116666286 M * slash^ would hate for it to end in tears :( 1116666296 M * Bertl I guess so ... what are the alternatives? 1116666297 M * slash^ or am i safer to use the 1.9.5 1116666318 M * Bertl no, definitely 2.0-rc1 is _more_ stable than 1.9.5 (even .x) 1116666337 M * slash^ im running 2.6 kernel so im gathering i have to use the 1.9x branch and when i saw the 2.0 stuff i figured it could be the go 1116666352 M * slash^ more stable... now we talking :D 1116666406 M * slash^ thanx for the help Bertl 1116666413 M * Bertl you're welcome! 1116666437 M * Bertl once it works for you, feel free to to add yourself to the list of happy linux-vserver users ;) 1116666450 M * slash^ always good to get straight answers.. 1116666461 M * slash^ i have to say i love vserver never had a problem with the 1.9.5 1116666476 M * Bertl so _already_ happy then *G* 1116666479 M * slash^ then again the boxes dont get used with heavy loads 1116666483 M * slash^ hah yes :D 1116666502 M * slash^ was using the UML but thought there had to be better and found you guys... 1116666566 M * Bertl I don#t know the requirements the cyber games will have .. if extremely short latencies are a must, you should fine tune the kernel somewhat 1116666630 M * Bertl is this an SMP/SMT maschine? 1116666636 M * slash^ yes SMT 1116666645 M * alanhs bertl; anyway my problem is that I am still getting 'Error: /proc must be mounted' when I try to do a vserver xx start - do you have any clues? I am running the latest development stuff on a FC3 host. 1116666648 M * slash^ and i have compiled everything from the starat with multithreading and the latest gcc 1116666662 M * Bertl alanhs: what tool version? 1116666684 M * Bertl slash^: well latest gcc is not always the best ;) 1116666726 M * Bertl slash^: could you describe the 'work load' a little ... 1116666738 M * alanhs I beleve the latest. You pointed me at them the other day. 1116666738 M * slash^ alanhs i use to get that same error and ha dto install some vproc stuf :D 1116666761 M * slash^ the load will be 2 Counter-strike : Source servers 1116666773 M * slash^ the machine is a 3.2ghz intel SMT with 2gigs of ram 1116666784 M * slash^ each vserver will have its own HD 1116666787 M * Bertl alanhs: try to start vprocunhide then 1116666812 M * Bertl slash^: doesn't that mean you'll have similar files? 1116666818 M * slash^ very 1116666830 M * alanhs bertl; yes I have done that, still no luck. 1116666830 M * Bertl what will it do with the harddisks? 1116666854 M * slash^ map changes are very heavy on IO load 1116666863 M * Bertl alanhs: try 'setattr -R --~hide /proc' and let me know what that does 1116666896 M * slash^ so if they restart 1 server or change map etc it wont have an impact on the other vserver running its version of cs : s 1116666907 M * slash^ are you think vserver wont cope ? 1116666909 M * Bertl slash^: what harddisks do you have? SATA? 1116666913 M * slash^ yes sata 1116666917 M * slash^ raptors 1116666921 M * slash^ 10K rpm 1116666933 M * eyck sturdy beasts 1116666935 M * Bertl make them a soft linear stripe 1116666945 M * slash^ with that ncq shit.. 1116666951 M * slash^ you rekon raid is the go ? 1116666960 M * Bertl striping (i.e. RAID 0) yes 1116666962 M * alanhs bertl; I get a bunch of messages like "/proc/bus/usb: Invalid argument" 1116666969 M * Bertl alanhs: that's fine 1116667006 M * Bertl alanhs: once that is done, try 'chcontext --xid 666 ls /proc | wc' 1116667018 M * Bertl slash^: look the argumentation ehre is simple: 1116667034 M * Bertl the kernel will be reading data from the disk 1116667040 M * Bertl disks 1116667071 M * Bertl ah, no, thinko, it's probably best to make them RAID 1 1116667094 M * Bertl so, to continue ... with th argumentation 1116667105 M * slash^ hmmmm... 1116667107 M * Bertl if one (or the other) server will require map data 1116667116 M * Bertl it will request them, no? 1116667131 M * slash^ we were thinking raid for the increase in performance.. 1116667132 M * Bertl this will lead to the kernel fetching them asap 1116667133 M * slash^ um yes 1116667145 M * slash^ every map change it puts huge IO load on the drive 1116667151 M * Bertl now if soemthing was already loaded, it is cached (inode cache) 1116667162 M * slash^ yeah.. im following 1116667164 M * Bertl if you ahve two different disks/fs 1116667178 M * Bertl then the same data will be cached twice 1116667191 M * Bertl which will lead to unnecessary caching 1116667206 M * Bertl but, if you have a (maybe even RO) mirror 1116667229 M * Bertl then the kernel will use the disk layout to fetch the data most efficiently 1116667245 M * slash^ ahh ha.... 1116667246 M * Bertl i.e. it will use the _nearest_ location on either disk 1116667254 M * slash^ however since we will be running 2 servers 1116667265 M * slash^ which means 2 seperate installs of counter-strike 1116667273 M * slash^ one will have a certain map 1116667275 M * slash^ another on another 1116667301 M * slash^ it will have to fetch two differnt files which is why we figured the two drives is better then raid 1116667308 M * Bertl yeah, but the maps (not the particular ones) will be identical, no? 1116667339 M * slash^ are you saying in my vserver config to store the maps in the same area ? 1116667344 M * slash^ and not have 2 copies of the maps ? 1116667349 M * Bertl yep 1116667356 M * slash^ hmmmmmmmmmmmmmmmmmmmmmm 1116667366 M * Bertl after all, that's the advantage ;) 1116667384 M * Bertl so IMHO the following setup would be optimal: 1116667402 M * slash^ yeah it is.. making me think now perhaps i should fire up the cs:s and use iostat to see how heavy the load is on the drives when people are on the server 1116667405 M * Bertl - RAID 1 with a huge blocksize (128 -512) 1116667407 M * slash^ i would imagine its nothing 1116667427 M * Bertl not that the blocksize matters with raid 1,) 1116667432 M * slash^ yeah.. 1116667450 M * Bertl - a filesystem with a large blocksize and allocations in 1M-4M 1116667469 M * Bertl - nodiratime or RO mounted 1116667481 M * slash^ to have the maps folder in both vservers i can use a symlink to the other vserv ? 1116667487 M * Bertl (if RO is possible, it's probably the best) 1116667497 M * alanhs bertl; Perfect, it now works! I am going to make sure it survives the reboot :-) 1116667501 M * slash^ and that wont cause any problems ? 1116667510 M * Bertl slash^: no, you either mount it into both, or with --bind# 1116667518 M * Bertl alanhs: it won't 1116667522 M * slash^ hmmm 1116667540 M * Bertl alanhs: your vprocunhide is either missing or doesn't get executed on bootup 1116667552 M * slash^ well we have 3 drives 1 for system 1 for cs1 another for cs2 1116667565 M * Bertl alanhs: check that the vprocunhide service is activated (chkconfig?) 1116667574 M * slash^ raid seems like the go with the whole map side of things 1116667586 M * slash^ wonder hwy i never thought of sharing the maps heh 1116667627 M * Bertl slash^: it might even be interesting to use all three for the maps (partially) 1116667650 M * Bertl i.e. make a 16GB partition at the end (for the system) 1116667652 M * slash^ i thought raid1 was fatser writing tho and not muych speed increase in reading ? 1116667670 M * slash^ er raid 0 sorry 1116667701 M * Bertl raid 0 is striping ... this will read faster (might be an alternative too unless the servers go crazy at once) 1116667716 M * Bertl look, you are setting up the system, no? 1116667737 M * Bertl so you'll probably do some tests where maps are cycled, yes? 1116667743 M * slash^ doing it as we speak 1116667771 M * Bertl so let me suggest to make the following 'setup' and test at least three combinations: 1116667780 M * slash^ yes by all means 1116667812 M * Bertl partition all disks the same, 100M part1, space part2, 16GB part3 1116667842 M * Bertl how much memory has the system? 1116667844 M * slash^ k.. 1116667849 M * slash^ 2gigs of DDR 1116667851 M * slash^ so duel channel 1116667857 M * slash^ with the HT proc 1116667858 M * Bertl k, cool! 1116667877 M * Bertl 120GB disks or what? 1116667886 M * slash^ yep all 3 disks are 120gigs 1116667898 M * Bertl okay, then make the first partition 2GB 1116667921 M * Bertl so 2GB, 100GB, 16GB 1116667933 M * slash^ being the first drive ? 1116667940 M * Bertl all drives the same 1116667943 M * slash^ yep k 1116667961 M * Bertl then put the OS on the first disk, 3rd partition 1116667981 M * Bertl and the boot block/kernel in the first disk, 1st part 1116667997 M * Bertl the following setups for the map data: 1116667999 M * slash^ so no boot partition then 1116668003 M * slash^ k 1116668006 M * Bertl part1 = boot 1116668021 M * slash^ 2gigs ? 1116668024 M * Bertl yep 1116668030 M * slash^ for /boot ? 1116668033 M * slash^ or for / 1116668037 M * Bertl doesn't matter, does it? 1116668044 M * Bertl for boot 1116668053 M * slash^ i usualy store kerel in /boot in its own partition 1116668058 M * slash^ and then / on another 1116668065 M * Bertl yeah, 2GB /boot (kernel) ;) 1116668075 M * slash^ hah ok 1116668081 M * slash^ it will only use 3meg of that :D 1116668092 M * Bertl well, it won't get lonely, will it? 1116668105 M * Bertl okay, let's do the following ... 1116668124 M * Bertl no, dinner is ready ... so let's make a short break ;) 1116668143 M * Bertl what am I saying, dinner? lunch ... back in 30 or so 1116668157 M * slash^ hah ok :D 1116668163 M * slash^ sounds like a plan 1116668174 M * Bertl 40M,2G,rest,16GB 1116668183 M * Bertl (alternative plan ;) 1116668189 N * Bertl Bertl_oO 1116668791 M * slash^ rest being what ? 1116668798 M * slash^ rememberingi have three hard drives 1116668802 M * slash^ one is for the host system it self 1116669108 N * Bertl_oO Bertl 1116669112 M * Bertl okay, back ... 1116669129 M * Bertl slash^: you can do some testing, no? 1116669260 Q * cemil Ping timeout: 480 seconds 1116669284 M * slash^ not right now 1116669289 M * slash^ i have the system built 1116669293 M * slash^ i can tar it up and do what i like 1116669305 M * slash^ open to sugestions tho.. taking in everything your saying 1116669307 M * Bertl okay, let me elaborate on the idea then ... 1116669373 M * Bertl for simplicity we partition all 3 disks the same 1116669389 M * slash^ yep 1116669408 M * slash^ even tho we striping on the last two which will host the 2 vservs running counterstike 1116669461 M * Bertl a small partition for boot (40M), a larger one for 'swap' (2GB) 1116669483 M * Bertl a big one (the rest for CS), and a system partition (16GB) 1116669500 M * slash^ ok 1116669502 M * Bertl 16GB is probably enough, no? 1116669511 M * slash^ wont mater 1116669512 M * slash^ but yeah 1116669518 M * slash^ and i stripe all three ? 1116669526 M * Bertl okay, you can adjust the partitions to your likings 1116669544 M * Bertl then the following test scenarios: 1116669552 M * Bertl scenario A) 1116669586 M * Bertl system on disk 1, cs1 on disk2/part3, cs2 on disk3/part3 1116669596 M * Bertl (swap only on disk1) 1116669604 M * Bertl that's what you planned, no? 1116669610 M * slash^ yes 1116669620 M * slash^ using vserver to jail the counterstrikes 1116669627 M * Bertl okay, so we have that one .. make a client which just changes maps and time that 1116669632 M * slash^ so little hands who admin the box wont mess with the wrong cs 1116669647 M * Bertl scenario B) 'mirroring' 1116669681 M * Bertl make a triple mirror of part(s)3 and one of part(s)4 1116669701 M * Bertl use swap on all three disks (no mirror or so) 1116669719 M * Bertl share the maps over both vservers 1116669741 M * Bertl any questions to that one? 1116669779 M * slash^ nope 1116669783 M * slash^ makes sense 1116669813 M * Bertl scenario C) 'striping' 1116669843 M * Bertl make a triple stripe (large blocksize 128 or 256) over all part(s)3 1116669860 M * Bertl (and same with part(s)4 1116669874 M * Bertl again swap stays the same (over all 3 disks) 1116669888 M * Bertl again, share the maps between both servers 1116669919 M * slash^ i didnt think you could strip ovber 3 disks ? 1116669933 M * Bertl now depending on the actualy server profile, I think taht either B or C will win 1116669946 M * Bertl you can stripe and mirror over as many disks as you like 1116669961 M * Bertl in all testcases make sure to mount the maps RO 1116669968 J * mef ~mef@pcp09895218pcs.ewndsr01.nj.comcast.net 1116670034 M * Bertl welcome mef! 1116670041 M * mef Hi bertl 1116670090 M * mef I was skimming things to find out what the xid in the NFS code is being used for. 1116670111 M * Bertl hehe, you can 'disable' it with 2.0-rc* 1116670130 M * mef Is the assumption that on the server side you can do the poor man's COW or what is it used for. 1116670155 M * Bertl yup, actually lycos is using that over NFS ;) 1116670180 M * mef Interesting. 1116670213 M * slash^ hmmmm 1116670247 M * slash^ after presenting the 3 possible cases im going to have to test these now to get the most out of this heh 1116670317 M * Bertl sure ;) 1116670354 M * Bertl it's hard to tell how B) vs. C) will score without knowing the CS internals 1116670369 M * slash^ yeah 1116670373 M * Bertl if the server does short bursts (IO) and then processing of the data 1116670383 M * Bertl then I guess C will rule 1116670400 M * slash^ i might mail the devs as we have a relationship with valve for this obviously 1116670406 M * mef I'll take a closer look at the NFS thing then. Previously PlanetLab nodes didn't use NFS. I am working on letting folks who have clusters pxeboot a pl node and leave it running for a day or so. This is where I'll need NFS and it would be nice if I could optimize the persistent store via this NFS trick of yours. 1116670408 M * slash^ see what they say 1116670433 J * yarihm ~yarihm@217-162-204-252.dclient.hispeed.ch 1116670443 M * Bertl mef: you should definitely talk to rs, he has configured the stuff for lycos 1116670445 M * mef Has your scheduler changed much from 1.9.3 to 2.0? 1116670462 M * Bertl mef: not really, just a few bugs fixed ;) 1116670470 M * Bertl welcome yarihm! 1116670484 M * yarihm hey Bertl, my favourite kernel hacker :) 1116670500 M * mef It basically is a hard limit based scheduler that is not work preserving, right? 1116670527 M * Bertl define 'work preserving' 1116670553 M * mef When everyone has hit their limit, who (besides the idle task) gets to use the left over cycles. 1116670571 M * Bertl those which are not limited ;) 1116670590 M * mef What if everyone is limited? 1116670613 M * Bertl then nobody (if you ahve enabled limit idle task) 1116670629 M * mef Right... 1116670662 M * mef In those scenarios, we at least would like to schedule in a fair share way the remaining cycles. 1116670703 M * Bertl hehe, sounds cool in theory, but that's not really possible, unless you 'know' the future ;) 1116670727 M * Bertl it's either 'limit' or 'fair use' 1116670740 M * mef True... 1116670753 M * Bertl what might be what you are looking for is guaranteed minimum 1116670796 M * mef My co-worker modified your scheduler to be a fair-share scheduler that can also provide guarantees (minimums). 1116670810 M * Bertl hmm, patches? 1116670815 M * mef Not yet. 1116670851 M * mef He did it this just a few days ago and is testing it thoroughly. But the goal is to give you patches at some point. 1116670854 M * Bertl well, better send them soon, before I start rewriting the scheduler ... which will definitely happen after 2.0 ... 1116670873 M * Bertl (unless you do not want to have them fed back, that is ;) 1116670906 M * mef It is our goal to have that go back to the vserver project... 1116670920 M * mef Our primary goal is to get a better scheduler for PlanetLab. 1116670952 M * Bertl didn't CKRM turn out as expected? 1116670956 M * mef The "other" scheduler has been ok, but we need something better. 1116670998 M * mef The CKRM scheduler is ok, but we need something better. 1116671006 M * slash^ Ahh i didnt know Bertl was a dev :D ahhah nice one 1116671038 M * Bertl mef: well, sounds like cooperation here might be the way to go ... 1116671045 M * Bertl slash^: is that bad? ;) 1116671058 M * slash^ hah thats wikid 1116671172 M * Bertl mef: I have some ideas for a new scheduler ... 1116671179 M * mef bertl: with the CKRM scheduler and other CKRM controllers not working out that well for us, it looks like we'll be moving on to fully embrace all of the vserver related performance isolation support. You ready for a bear hug? 1116671196 M * Bertl mef: always ;) 1116671417 M * mef bertl: great! 1116671464 M * mef Your scheduler already works on SMP systems, right? 1116671483 M * Bertl yes, sure ... 1116671490 M * mef sure?! 1116671498 M * Bertl but it's not as efficient on SMP/SMT as it could be 1116671510 M * mef ok 1116671517 M * slash^ should i not run SMT then with 2 ? 1116671530 M * Bertl mef: well, I would not implement stuff which doesn't work on arch X/subarch Y 1116671567 M * Bertl slash^: the emphasis is on 'could be' and we are talking about CPU limits, not sure you want to do that, actually 1116671583 M * mef SMT is hard. VMware uses a nice trick to properly account for time on SMT systems. 1116671584 M * Bertl slash^: (use CPU limits that is) 1116671616 M * slash^ i never used the cpu limits 1116671637 M * slash^ isnt that allowing a vserv instance to only get given a certain amount of cpu ? 1116671649 M * Bertl yup, precisely 1116671680 M * Bertl slash^: ah, but a few hints for the kernel config 1116671709 M * Bertl slash^: disable highmem, use the memory split with 2.5 or 3GB kernel space 1116671727 M * mef berlt: my co-worker will focus on getting it work right on uni-procs first and then later focus on optimizing it for SMP. 1116671740 M * slash^ disable highmem ?! i have 2gigs of it it wont get detected 1116671754 M * Bertl mef: won't work I guess, but hey, he can try ;) 1116671764 M * Bertl slash^: that's what the memory split is for ;) 1116671769 M * mef what wont work? 1116671783 M * Bertl mef: doing UP then moving to SMP ;) 1116671790 M * slash^ is this a tip for using cpu hard limit or for my setup with the SMT ? 1116671820 M * Bertl slash^: neither nor, just a tip to reduce your overhead (by eliminating highmem) 1116671837 M * mef bertl: since he is modifying your scheduler, it should work no less efficiently on SMP than what you already have. 1116671857 M * Bertl mef: that's a bold assumption ... 1116671868 M * slash^ never knew that.. so memory split with 3gig kernel space will still detect the 2gigs of ram and use it all ?? 1116671889 M * Bertl slash^: yup 1116671902 M * Bertl the only difference is that userspace will be limited to 1GB 1116671902 M * mef bertl: agreed.... I'll shut up on this line and leave it to my co-worker. 1116671905 M * slash^ hah going to recompile the kernel and see this :D 1116671932 M * Bertl slash^: but that should be fine in your setup anyways ... (means each process has max 1GB) 1116672057 M * slash^ ok memory split is on by default and its on 2gig /1gig kernel (Default) 1116672065 Q * lilo_ Remote host closed the connection 1116672070 M * slash^ let me reboot and see if i can see the 2gigs with hihmem off 1116672071 J * lilo ~lilo@lilo.usercloak.oftc.net 1116672101 M * Bertl wb lilo! 1116672123 M * Bertl slash^: 3G/1G (default) 1116672132 M * mef bertl: see you later. 1116672142 M * Bertl mef: k, cya! 1116672165 M * Bertl slash^: and you won't see ore than 97x megs with that ... 1116672170 M * slash^ hah yeah 3gig/1gug 1116672172 M * slash^ typo 1116672177 M * slash^ im on the tiniest lappy 1116672180 M * slash^ kb overly small 1116672197 M * Bertl slash^: but if you go to 1G/3G then you'll see all of the 2GB 1116672245 M * slash^ oh ? 1116672255 M * eyck 1G goes to kernel? 1116672277 M * slash^ and this improves the kernel ? 1116672290 M * eyck improves userspace I 'spose 1116672295 M * eyck s'pose 1116672298 M * eyck hmm, suppose 1116672321 M * slash^ thats what its all about :D 1116672349 M * Bertl the thing is, highmem has a certain overhead on x86 1116672364 M * Bertl by eliminating highmem, you reduce that overhead 1116672421 M * slash^ so this should make CS run better then had i run with highmem ? 1116672430 M * slash^ nice little tip 1116672514 M * Bertl hey we are optimizing for the world cyber games, every tiny bit might be important ;) 1116672574 M * slash^ yeah :D thanx for the help 1116672611 M * Bertl well, you might mention linux-vserver there (somehow) in turn ;) 1116672612 M * slash^ here we go rebooting :F 1116672628 M * slash^ ahh haha as it was they freaked out when i said it will be a linuxbox 1116672632 M * slash^ not a window box running the servers 1116672664 M * slash^ unbelieveable top reports 2gigs of ram hah 1116672672 M * slash^ learn something new every day :D 1116672690 M * Bertl well, it's not available on other kernels (out of the box ;) 1116672744 M * slash^ 0k highmem reported by dmesg 1116672747 M * slash^ yet i have 2gigs of ram 1116672749 M * slash^ thats awesome 1116672760 M * slash^ never botherd to look at that option before... 1116672761 M * slash^ thanx :D 1116672767 M * Bertl you're welcome! 1116672780 M * Bertl check /proc/meminfo for the ugly details ;) 1116672898 M * slash^ heh mem total 2gigs hightotal 0 :D 1116672977 M * slash^ time for a feeed.. afk :P 1116672998 M * mef Forgot to chat about one more thing: have you made any headway on building support for disk I/O performance isolation? 1116673098 M * Bertl well, we did some testing there ... 1116673115 M * Bertl basically block I/O is accounted but not limited 1116673138 M * mef xen uses something based on cello http://citeseer.csail.mit.edu/shenoy97cello.html 1116673176 M * mef there were some students at the umn that were supposed to work on a CKRM controller implementing cello. 1116673198 M * Bertl is the paper available somewhere? 1116673212 M * mef the wacky thing with CKRM is that it is the top-half of the work, so whatever they got working in the bottom half might be something that can be ripped out and possibly used in vserver. 1116673223 M * mef The above link should have a pdf reference. 1116673231 M * Bertl ah, right, didn't see it ... 1116673310 M * Bertl will look into it .. basically we came to the conclusion that we should 'penalize' contexts for I/O (by reducing their buckes) 1116673314 M * Bertl *buckets 1116673348 M * Bertl i.e. certain amount of I/O eats a certain amount of tokens ... 1116673472 M * mef I've emailed the person who was working on Cello for CKRM/Linux and cc'd you. Hopefully they got something working well enough and will dole out the patches to the kernel. 1116673552 M * Bertl excellent! 1116673654 Q * knoppix_ Ping timeout: 480 seconds 1116674253 J * knoppix_ ~knoppix@dsl-213-023-140-012.arcor-ip.net 1116674346 M * alanhs bertl; Really sorry to but in, but I have tried 'chkconfig --add vprocunhide' and I get 'error reading information on service vprocunhide: No such file or directory' do I have to run it in any particular directory ? 1116674570 M * Bertl how did you install the tools, and which version is it (vserver-info - SYSINFO should report it) 1116674736 M * alanhs bertl; Kernel: 2.6.11.10 VS-API: 0x00010025 util-vserver: 0.30.207 - I have to confess I have lost my notes about how I got them - bud they were from the 13thfloor server 1116674791 M * Bertl built as rpms or by hand? 1116674909 M * alanhs rpms i think - perhapse I just made a mistake on this stage - I have to declare that I am a rank newbie :$ 1116674966 M * Bertl no problem with that, let's see what 'rpm -qa | grep util-vserver' says 1116675185 M * alanhs util-vserver-0.30-0 1116675230 M * alanhs I think I missed a stage - I have a util-server-0.30.207 directory but rpmbuild fails 1116675256 M * Bertl so util-vserver 0.30.207 doesn't include the vprocunhide ... 1116675266 M * Bertl (0.30 that is) 1116675275 M * Bertl 0.30.207 _does_ include it 1116675293 M * Bertl best would be to get the tar file and do: 1116675317 M * Bertl rpmbuild -tb util-vserver-0.30.207.tar 1116675639 M * alanhs I am getting failed dependancies - I guess I must have missed this stage 1116675740 M * Bertl well, get the missing packages installed, likely vlan, beecrypt, iproute 1116675901 M * alanhs On the case :-) I have to say it is years since I did any *nix work - I live in the land of Window now - and things are starting to come back to me. Its all very interesting ! 1116676075 Q * mef Quit: Leaving 1116676499 M * Bertl alanhs: well, I eliminated most proprietary stuff on my machines, it makes my life so much easier ;) 1116676654 M * alanhs LOL That is the purpose of this work - I am trying to build a vserver so I can throw microsoft out of my company server room ! 1116677061 M * SiD3WiNDR how is that related? :p 1116677303 M * aba Bertl: would you mind to take a look at http://bugs.debian.org/305216 ? Might that also happen with 2.4.27 or 2.6.8.1? 1116677335 M * SiD3WiNDR sure 1116677340 M * SiD3WiNDR ;) 1116677346 M * Bertl aba: checking ... 1116677364 M * SiD3WiNDR oh 1116677364 M * SiD3WiNDR hmm 1116677389 M * SiD3WiNDR odd. 1116677424 M * SiD3WiNDR anyway, some debian people seem to have a very closed vision of their kernel support I guess 1116677448 M * SiD3WiNDR "why is it serious? it only applies to kernel 2.4.29 and up" 1116677456 M * SiD3WiNDR what sort of GAY answer is that? 1116677474 M * SiD3WiNDR I would think one can run debian with the latest kernel release 1116677476 M * Bertl :) 1116677498 M * SiD3WiNDR I'd put severity on grave just to cause trouble >) 1116677505 M * Bertl aba: no util-vserver script/package should ever do chmod 000 since 0.30 or so ;) 1116677552 M * Bertl aba: instead use setattr --barrier (which will know what to do regardless of the kernel) 1116677603 M * Bertl btw, that's the way it is done in existing 0.30.20x postinstall scripts ... 1116677632 M * aba Bertl: ok, thanks. 1116677639 M * aba I might quote you? 1116677645 M * Bertl sure 1116677701 M * SiD3WiNDR I already referred to Bertl in a previous mail on there ;) 1116677724 M * SiD3WiNDR btw, re "2.4.29 only", I noted it on 2.4.30 1116677726 M * aba SiD3WiNDR: well, there was a question from Steve there ... 1116677730 M * SiD3WiNDR so it will be a problem for any new kernel 1116677731 M * SiD3WiNDR yes, I saw it 1116677739 M * SiD3WiNDR and I could kick him in the head for it ;) 1116677760 M * SiD3WiNDR luckily I'm only violent when on IRC ;) 1116677800 M * Bertl aba: I'd say it should happen on most kernels ... 1116677809 M * Bertl (most recent kernels that is ;) 1116677811 A * aba can't comment on that, as even hiding hats doesn't really help anymore. 1116677816 M * aba yes, that's ok. 1116677828 A * aba will probably upload a fix this weekend ... 1116677877 M * aba SiD3WiNDR: btw, it would really help if you create a patch of the source package, and send it to the package (and tag it patch). 1116677908 M * SiD3WiNDR hmm 1116677933 M * aba hey, it's BSP-time and short to release, feel free to do it. 1116677936 M * SiD3WiNDR yea 1116677937 M * SiD3WiNDR I will 1116677948 M * SiD3WiNDR just need to free some diskspace on my laptop first ;) 1116677948 M * aba (and you might want to join #debian-bugs at freenode) 1116677951 M * aba ah, cool 1116677970 M * SiD3WiNDR hopefully I know how to do it right,though ;) 1116677990 M * Bertl get your bug @ #debian-bugs ? *G* 1116678169 M * aba Bertl: that's the "resolve bugs now"-coordination channel. 1116678216 M * SiD3WiNDR chmod 000 /var/lib/vservers/ 1116678216 M * SiD3WiNDR chattr +t /var/lib/vservers/ 1116678216 M * SiD3WiNDR # setattr --barrier /var/lib/vservers/ || true 1116678219 M * SiD3WiNDR that's in the postinst 1116678225 M * SiD3WiNDR I remove the first, uncomment the third 1116678230 M * SiD3WiNDR but what is that || true doing there? 1116678273 M * Bertl well, it makes sure that it succeeds I guess 1116678283 M * Bertl (even if /var/lib/vservers/ doesn't exist) 1116678306 M * Bertl btw, as I probably said a thousand times, the following would be better 1116678313 M * Bertl setattr --barrier /var/lib/vservers/*/.. 1116678447 M * Bertl chmod+chattr is plain wrong for 2.6 (just info) 1116678466 M * SiD3WiNDR :) 1116678478 M * SiD3WiNDR aba: would this be okay to send? http://dev.sid3windr.be/files/tmp/util-vserver.patch 1116678484 M * SiD3WiNDR and Bertl :) 1116678534 M * Bertl depends, if you _assume_ that an older version was installed ... 1116678544 M * Bertl you should also undo the 'bad' changes 1116678561 M * SiD3WiNDR ah 1116678562 M * SiD3WiNDR yea 1116678564 M * Bertl i.e. set the permission != 000 and remove t 1116678573 M * SiD3WiNDR what should the permissions be then? 1116678575 M * Bertl 700 should be fine ... 1116678580 M * Bertl 0700 that is ;) 1116678644 M * SiD3WiNDR 0700 also undoes the -t? 1116678649 M * SiD3WiNDR ah 1116678650 M * SiD3WiNDR no 1116678690 M * SiD3WiNDR new one uploaded to same url 1116678691 M * Bertl but -t is what you probably want ;) 1116678729 M * Bertl yup, looks god to me so far ... you might make the undo thing conditional (i.e. check for 000 and +t first) 1116678770 M * SiD3WiNDR if you tell me how ;) 1116678783 M * SiD3WiNDR cause I'm not that eleet in shellscripting :/ 1116678910 M * Bertl `ls -ld x | colrm 11``lsattr -d x | colrm 14` 1116679053 M * SiD3WiNDR that requires bsdmainutils to be installed, dunno how to handle all this debian regulation stuff :/ 1116679065 M * Bertl whut? 1116679082 M * Bertl is colrm bad? 1116679104 M * SiD3WiNDR I dunno :p 1116679120 M * Bertl well, everything else was used before, no? chmod, chattr ... 1116679176 M * SiD3WiNDR those are in coreutils and e2fsprogs 1116679184 M * SiD3WiNDR those are rather guaranteed to be installed I guess 1116679308 M * Bertl chattr and lsattr are the same, no? 1116679354 M * Bertl ls should be part of any distro ... ;) 1116679364 M * SiD3WiNDR yes, but I was talking about colrm ;) 1116679369 M * SiD3WiNDR the rest is no problem I guess ;) 1116679370 M * Bertl so the one remaining is colrm ... 1116679378 M * SiD3WiNDR maybe cut 1116679384 M * Bertl you can replace it with that 1116679399 M * SiD3WiNDR :) 1116679451 M * SiD3WiNDR I'll add it to the patch before sending 1116679504 M * SiD3WiNDR hopefully my shellscripting isn't bash specific, cause debian doesn't like that either *G* 1116679509 M * Bertl yeah, but you have to check that value against the right string ;) 1116679548 M * SiD3WiNDR yesyes :P 1116679588 M * Bertl just making sure :) 1116679690 M * SiD3WiNDR new version on same url again.. 1116679728 M * SiD3WiNDR unless I should check only the t attr and not assume there are no others set ;) 1116679883 M * Bertl an that does work? 1116679910 M * Bertl btw, I'd check for both, in one check 1116679938 M * SiD3WiNDR it works 1116679945 M * SiD3WiNDR how do I do it in one check? 1116679948 M * Bertl ""` looks fishy to me ... 1116679952 M * SiD3WiNDR (i'm actually quite a bash newbie) 1116679966 M * SiD3WiNDR hmm 1116679966 M * SiD3WiNDR yea 1116679970 M * Bertl "` ... `" I would understand ;) 1116679975 M * SiD3WiNDR indeed 1116679989 M * SiD3WiNDR however, it works, funnily enough 1116679991 M * Bertl so how is it working then? ;) 1116680017 M * Bertl anyway, you should check for both in one 'test' 1116680424 M * SiD3WiNDR I agree :) 1116680429 M * SiD3WiNDR last attempt ;) 1116680435 M * SiD3WiNDR at same url 1116680502 M * Bertl /] && [/ -a / 1116680576 M * Bertl but looks good otherwise ... well, maybe the +t test could be reduced to just the 't') 1116680726 M * SiD3WiNDR :p 1116680887 M * SiD3WiNDR like that? :) 1116680919 M * SiD3WiNDR err 1116680937 M * SiD3WiNDR ye, like that ;) 1116680970 M * Bertl looks good, tested? 1116680995 M * SiD3WiNDR raw-shellscript wise, yes 1116681002 M * SiD3WiNDR I'll make a deb out of it now :) 1116681200 J * Psy0rz ~psy0rz@195.169.61.234 1116681221 M * Bertl welcome Psy0rz! 1116681236 M * Psy0rz HI 1116681237 M * Psy0rz hi 1116681251 M * Psy0rz my vserver just doesnt run after starting it 1116681254 M * Psy0rz it seems to start ok 1116681262 M * Psy0rz no errors and stuff 1116681267 M * Psy0rz but when i do status its not running :( 1116681271 M * Bertl well, probably nothing is started, so that's okay ;) 1116681273 M * Psy0rz testme seems to work fine 1116681300 M * Psy0rz suzanne root # vserver hobbybop start 1116681300 M * Psy0rz RTNETLINK answers: File exists 1116681300 M * Psy0rz * Caching service dependencies... 1116681301 Q * slash^ Ping timeout: 480 seconds 1116681311 M * Psy0rz and thats it..then it returns but isnt running 1116681330 M * Psy0rz how to find out whats happening? strace is hanging 1116681430 M * Psy0rz im using kernel 2.6.11.9-vs2.0-rc1 with 0.30.207 1116681462 M * Bertl as I said, everything is working as expected (quire fine) 1116681466 M * Bertl *quite even 1116681477 M * Psy0rz ah 1116681482 M * Bertl your vserver guest is not starting any services though 1116681492 M * Psy0rz well 1116681497 M * Bertl so the context is disposed right after startup 1116681498 M * Psy0rz i know that 1116681504 M * Psy0rz disposed? 1116681518 M * Psy0rz doesnt a empty vserver keep running? 1116681519 M * Bertl well, alst process goes away, the context is disposed 1116681526 M * Psy0rz suzanne root # vserver hobbybop status 1116681526 M * Psy0rz Vserver 'hobbybop' is stopped 1116681532 M * Psy0rz ooh ok 1116681537 M * Bertl there would be nothing to keep the context alive 1116681551 M * Bertl per definition a vserver context is a group of processes ;) 1116681565 M * Psy0rz oooooh ok 1116681567 M * Psy0rz lol 1116681568 M * Bertl no process -> no context ;) 1116681569 M * Psy0rz makes sence 1116681578 M * Psy0rz didn't know that it worked that way 1116681592 M * SiD3WiNDR patch submitted to bts 1116681592 A * Psy0rz emerging openssh 1116681593 M * Psy0rz :D 1116681599 M * Bertl yeah, or syslog 1116681600 A * SiD3WiNDR bbiab, trying to upgrade ipw2200 driver 1116681659 M * Bertl Psy0rz: also make sure to clean up the service dependancies (if that isn't already done by the gentoo folks) 1116681671 M * Psy0rz yeah i did that already 1116681679 M * Psy0rz rmmed some stuff somewhere in var 1116681696 M * Bertl yeah, that's a good description, I have to remember that ;) 1116681703 M * Psy0rz rofl 1116681762 M * Psy0rz rm -r hobbybop/var/lib/init.d/* 1116681764 M * Psy0rz that 1116681785 M * Psy0rz i wish i could build stuff outside the vserver and install it inside 1116681793 M * Psy0rz like 'externalize' with apt 1116681802 M * Psy0rz ROOT=/vserver/bla emerge bla 1116681805 M * Psy0rz doesnt seem to do it 1116681809 M * Bertl well, what about writing some vemerge? 1116681817 M * Psy0rz thinking about it 1116681825 N * Doener` Doener 1116681829 M * Psy0rz i want to keep the vserver as small as possible 1116681833 M * Doener hey folks! 1116681834 M * Psy0rz no gcc and portage inside it 1116681836 M * SiD3WiNDR okay, that was quick, new ipw2200 doesn't insert :p 1116681955 M * Psy0rz hmm my sshd probably dies because port 22 is in use :D 1116682052 M * Bertl yeah, you can change the sshd config on the host or the port on the guest 1116682068 M * Bertl Hey Doener! 1116682081 M * Bertl Doener: finally got rid of your backtick? 1116682087 M * Psy0rz i know 1116682096 M * Psy0rz :) 1116682188 M * SiD3WiNDR hehe 1116682227 M * Psy0rz w00p it works 1116682264 M * Psy0rz hobbybop / # kill 24445 1116682264 M * Psy0rz hobbybop / # ps fax 1116682264 M * Psy0rz PID TTY STAT TIME COMMAND 1116682264 M * Psy0rz 25199 pts/2 S 0:00 /bin/bash -login 1116682264 M * Psy0rz 25227 pts/2 R+ 0:00 \_ ps fax 1116682264 M * Psy0rz 1 ? S 0:00 init [3] 1116682266 M * Psy0rz hobbybop / # logout 1116682266 M * Psy0rz suzanne vservers # vserver hobbybop enter 1116682268 M * Psy0rz 'vserver ... suexec' is supported for running vservers only; aborting... 1116682268 M * Psy0rz that makes sence now :D 1116682280 M * Psy0rz it dies with the last process 1116682301 M * Bertl yup 1116682302 M * Doener Bertl: yep, but i guess it won't take too long till it returns ;) 1116682304 M * Psy0rz i wonder why init doesnt keep running tough 1116682326 M * Bertl Psy0rz: I guess this is a fake init, no? 1116682386 M * Psy0rz i think so 1116682389 M * Psy0rz dunno 1116682408 M * Psy0rz no 1116682413 M * Psy0rz why should it be fake? 1116682423 M * Psy0rz vservers just have a normal init 1116682449 M * Psy0rz so when i logout from that shell, there should be exactly one process left and thats init 1116682451 M * Psy0rz right? 1116682484 M * Bertl depends on your startup config 1116682498 M * Bertl with the gentoo init style there is no init ;) 1116682510 M * Psy0rz oh 1116682520 M * Psy0rz i love vservers :D 1116682550 M * Psy0rz now i finally can run a screwaround-giveawayshells-rungameservrers vserver on my real server :D 1116682595 M * Psy0rz i'm rsyncing it to a copy, and see what happens if i unmerge gcc and portage and stuff 1116682616 M * Psy0rz and then try to directly emerge on the host 1116682662 M * Psy0rz how is device security in 2.0? 1116682669 M * Psy0rz should i still make sure the /dev is clean? 1116682890 M * Bertl yup, /dev should be cleaned up 1116682930 M * Bertl Psy0rz: if you change the init style to plain, you'll get a real init btw ;) 1116682973 M * Bertl (not that I would suggest doing so without good reason ;) 1116683021 M * Bertl Doener: interested in some 2.0 cleanups? 1116683036 M * Bertl (I mean in doing some cleanups ;) 1116683036 M * Psy0rz ah ok 1116683178 M * Doener what is it? 1116683218 M * Bertl - removing commented out stuff 1116683220 M * SiD3WiNDR Psy0rz: yea, I have a giveawayshell vserver too, that's what got my interest before I realized the full potential, I had a UML for that long time ago ;) 1116683248 M * Bertl Doener: - moving the proc inline check into the internal include 1116683314 M * Bertl - checking/updating the debug info 1116683539 M * Doener does "remove commented out stuff" include the // rss += something; stuff? 1116683663 M * Bertl hmm, yeah, I'd say so ... it will be gone with 2.6.12 anyway ... no? 1116683677 M * Doener yep 1116683690 M * Bertl so go wild there ;) 1116683708 M * Doener ok, then you'll get that one soon... 1116683739 M * Bertl +void free_vx_info(struct vx_info *vxi) 1116683746 M * Bertl +// BUG_ON(!vx_state(vxi, VXS_DEFUNCT)); 1116683756 M * Bertl this should actually make sense now, no? 1116684165 M * Doener i'd say so 1116684430 M * Doener Bertl: hm, what about the previos one? i.e. VXS_SHUTDOWN? 1116684722 M * Bertl removed that one, it's obsolete IMHO 1116684738 M * Bertl *remove even 1116684918 M * Bertl but maybe the shutdown would make sense too ... 1116685041 M * Psy0rz hehe SiD3WiNDR :) 1116685046 M * Psy0rz i used uml for a while too 1116685047 M * aba SiD3WiNDR: is the question still open? I was shopping :) 1116685056 M * SiD3WiNDR aba: I submitted the patch to the bts 1116685066 M * SiD3WiNDR aba: if it's wrong or not totally debian or whatever feel free to spank me ;) 1116685070 M * SiD3WiNDR I'm just leaving for shopping. 1116685078 M * aba SiD3WiNDR: thanks. 1116685241 M * alanhs bertl; Thankyou very much for your help earlier - My server is all up and running now. Now I have to start learning how to use them! 1116685246 J * rs ~rs@imhotep.rhapsodyk.net 1116685267 M * aba why the "*/.." in "setattr --barrier /var/lib/vservers/*/.. || true"? And why || true - don't we want to fail if it's not possible? 1116685307 M * Bertl alanhs: you're welcome! and have fun! (maybe you like to add yourself to the happy vserver users, if not already done so ;) 1116685326 M * Bertl evening rs! 1116685344 M * Bertl aba: probably opens a can of worms ... 1116685346 M * rs hey 1116685350 M * alanhs I certinly will - thanks again! 1116685378 M * Bertl aba: i.e. what if filesystem has no xattr 1116685390 M * Bertl or if that dir just doesn't exist? 1116685412 M * SiD3WiNDR the .. is a symlink-whatever issue, to make sure the barrier is set on the correct directory 1116685423 M * SiD3WiNDR Bertl can explain for the 1001th time ;) 1116685432 M * aba SiD3WiNDR: ah, ok. 1116685440 M * Bertl 1002nd actually ;) 1116685442 M * SiD3WiNDR ;) 1116685443 M * SiD3WiNDR the || true was already there commented out so I left it in... 1116685450 M * SiD3WiNDR as per Bertl 's recommendation earlier today 1116685456 M * aba hm, I'll add that as explanation ... 1116685461 M * SiD3WiNDR okay 1116685465 A * SiD3WiNDR really off shopping now 1116685490 M * maharaja Bertl: i just read that you'll be giving a speech at the linuxwochen... 1116685509 M * Bertl aba: if the debian package 'creates' that dir then it's probably fine to assume that it exists ... 1116685524 M * Bertl maharaja: yes? 1116685544 M * maharaja Bertl: as i'm not able to attend the linuxwochen, do you think that there will be some video coverage? 1116685551 M * aba Bertl: I'll check that later ... 1116685555 M * maharaja do they tape the presentations? 1116685574 M * Bertl I don't think so ... but hey, you already know that stuff, no? 1116685611 M * maharaja well, don't know what you're going to tell them :) 1116685630 M * maharaja i think that you can always lern something new, even if ppl talk about stuff you already know 1116685642 M * maharaja at least, you see how others talk about that subject 1116685662 M * maharaja but there are a couple of other presentations i would like to attend ... but there's no time on thursday :-/ 1116685682 M * Bertl probably more interesting might be the LinuxTag Workshop ... 1116686257 M * maharaja just went through that program too 1116686264 M * maharaja when will this workshop take place? 1116686353 M * Bertl in the afternoon ;) 1116686428 M * DaCa Bertl: not at 3 am? :p 1116686459 M * DaCa which day? 1116686572 M * Bertl 2005-06-24 15:00 1116686577 M * Bertl 2005-06-24 16:00 1116686605 M * DaCa nice, I'll be there 1116686629 M * Bertl http://www.infodrom.org/LinuxTag/workshops.php3 is this publically visible? 1116686650 M * daniel_hozac nope. 1116686695 M * Bertl well, they should have it somewhere, otherwise there would be no sense in marking it visible, no? 1116686721 M * Bertl (otoh, who knows ;) 1116686737 M * Bertl anyway, first hour is about the usual vserver stuff ... 1116686750 M * DaCa the LT is website is a hell if you dont understand german, even if you select english you're constantly thrown back to german pages 1116686757 M * Bertl second hour is 'Kernel side implementation of process isolation, interface virtualization and resource limitations. Architecture independance, testing and implementation on various kernel archs.' 1116686789 M * Bertl (so might be interesting for some folks ;) 1116687219 M * Doener Bertl: http://www.13thfloor.at/~doener/vserver/patches/diff-2.6.11.9-vs2.0-rc1-remove_commented.diff 1116687371 M * Bertl hmm, remind me why we(I?) removed the current->cap_bset stuff? 1116687544 M * Bertl the one inode->i_size = 64; can probably go for now too, rest looks really fine 1116687609 M * Doener bcap... i don't know ;) 1116687680 M * Doener hm which inode->i_size = 64? there are two being removed and two (not commented out) being kept ;) 1116687706 M * Bertl well, 64 is not the answer, 42 might be ;) 1116687733 M * Bertl I'd say, let's remove them for now ... don't know how other proc entries do that 1116687759 M * Doener so remove both, right? 1116687820 M * Bertl I'd say so ... 1116687842 M * Bertl (probably needs some investigation/testing) 1116687847 M * Doener ok, updated the patch... 1116687857 M * Doener back in a few... 1116687860 N * Doener Doener|gone 1116687926 M * Bertl Doener|gone: (just to have a reminder) you mentioned a check in the switch, which doesn't make sense anymore/is wrong ... 1116688565 N * Doener|gone Doener 1116688590 M * Doener yep, the last one IIRC, it conflicts with the comment that accompanies it 1116688617 M * Doener /* below here only with VX_ADMIN */ 1116688617 M * Doener if (!vx_check(0, VX_ADMIN|VX_WATCH)) 1116688715 M * Bertl we are probably also doing some checks twice, wanna clean that up? 1116688732 M * Doener sure... 1116688783 M * Bertl updated the todo list for the kernel (last block of entries ;) 1116688946 M * Bertl hum hum ... 1116688947 M * Bertl fs/nfs/inode.c 1116688956 M * Bertl +/*FIXME 1116688956 M * Bertl +fail_dlim: 1116688969 M * Doener yep, seen that... thought "FIXME, so don't remove ;)" 1116689121 M * Bertl yeah, but I guess, we also have to fix it ;) 1116689237 M * Doener hm, in the latter checks we return -ENOSYS sometimes, while the checks do_vserver cause -EPERM to be returned... 1116689243 M * Doener s/latter/later/ 1116689321 J * Shuri sjnesjd@64.235.209.226 1116689348 M * Bertl +// inode->i_dqh = dqhget(sb->s_dqh); 1116689366 M * Bertl (in fs/inode.c) can go for now, it's context quota stuff ... 1116689394 M * Bertl Doener: explicit example? 1116689429 M * Doener the check pasted above returns -EPERM, the check in vc_ctx_kill returns -ENOSYS 1116689456 M * Doener --> in ctx 0 it works, in ctx 1 you get -ENOSYS, in ctx >1 you get -EPERM 1116689500 M * Bertl hmm, in a weird way, that makes sense ;) 1116689563 M * Bertl btw, the follow_dotdot BUG() is still in 2.6.11.x?! 1116689614 M * Bertl ah no, should be fine with break too 1116689677 M * Doener hmm... guess I'm not weird enough (yet?) 1116689690 M * Bertl okay, guess I need a pause ... looking too long at the code makes me hungry ... 1116689724 M * Bertl ad weird: simple, admin is allowed to do it, and so is watch, but for watch, the syscall cmd is not there ;) 1116689746 M * Bertl (because we do not want to provide it for watch) 1116689767 M * Bertl okay, off for dinner now .. back later ... 1116689774 N * Bertl Bertl_oO 1116690177 Q * Doener Quit: Leaving 1116690212 J * Doener ~doener@p548768BE.dip.t-dialin.net 1116690478 J * ook ~nobo@4va54-1-81-56-99-20.fbx.proxad.net 1116690484 M * SiD3WiNDR aba, Bertl_oO : easy situation where the || true on the set barrier is needed, is if you don't have any vservers installed, then /var/lib/vservers/*/.. won't exist :) 1116690491 M * SiD3WiNDR thought of that while shopping :P 1116690518 P * ook 1116691016 N * Bertl_oO Bertl 1116691051 M * Bertl SiD3WiNDR: good point, but in this case we should set the barrier on the dir itself ... 1116691287 M * SiD3WiNDR heheh 1116691289 M * SiD3WiNDR true. 1116691294 M * SiD3WiNDR so actually it's not perfect yet 1116691310 J * mep__ mep@p5091BC7A.dip.t-dialin.net 1116691485 Q * alanhs Quit: Do fish get thirsty? 1116691615 J * ntrs ntrs@iits01232.inlink.com 1116691745 Q * mep_ Ping timeout: 480 seconds 1116691938 M * maharaja is it ok to "dump 0zf" a life system? 1116691941 M * maharaja to clone it 1116691969 M * Bertl yes that's fine ... 1116692036 M * maharaja or should i use rsync? 1116692048 M * maharaja or dd :) 1116692221 M * Bertl well, depends what you're up to ... dump/restore is probably the safest on ext2/3 1116692338 M * maharaja what does this mean: 1116692338 M * maharaja dump -0f - / 1116692341 M * maharaja äh 1116692347 M * maharaja ./tmp/rstdir1116713917: (inode 163264) not found on tape 1116692347 M * maharaja ./tmp/rstmode1116713917: (inode 163272) not found on tape 1116692360 M * maharaja while doing dump -0f - / | restore -rf - 1116692439 M * Bertl means that you have /tmp on the rootfs which is bad ;) 1116692476 M * maharaja :> 1116692479 M * maharaja its the rescue system 1116692481 M * Bertl aside from that it states that it created two files in temp which are not part of the backup 1116692483 A * SiD3WiNDR wonders 1116692495 M * maharaja k - i c 1116692500 M * SiD3WiNDR how do you check in shellscript if a directory contains files.. ls -l|wc -l ? :p 1116692521 M * Bertl hardlink count is a good indication 1116692557 M * pusling is chroot allowed inside a vserver ? 1116692575 M * Bertl pusling: yup, should be fine if you have 'powers' 1116692587 M * pusling what kind of powers ? ;) 1116692612 M * Bertl CAP_SYS_CHROOT 1116692632 M * pusling okay 1116692664 M * maharaja thank you bertl 1116692670 M * pusling does it have any bad side effects ? 1116692681 M * Bertl maharaja: you're welcome! 1116692701 M * Bertl pusling: well, except for changing the root directory, no ;) 1116692728 M * pusling can I add it without restarting the vserver ? 1116692868 M * Bertl actually you should have it by default ... 1116692917 M * Bertl # chcontext --xid 100 --secure chroot / true 1116693014 M * Bertl pusling: any indication that it fails and if, how it fails? 1116693045 J * monrad ~monrad@0x535b06c0.ronxx3.adsl-dhcp.tele.dk 1116693047 M * pusling $ cat capabilities 1116693047 M * pusling CAP_NET_RAW 1116693055 M * pusling I have not cap_sys_chroot 1116693146 M * Bertl well, as I said, it's usually given by default, check with 'grep Cap /proc/self/status' 1116693154 M * pusling inside the vserver 1116693156 M * pusling ? 1116693159 M * Bertl yup 1116693192 M * pusling CapInh: 0000000000000000 1116693192 M * pusling CapPrm: 00000000d44c24ff 1116693192 M * pusling CapEff: 00000000d44c24ff 1116693193 M * pusling CapBset: 00000000d44c24ff 1116693235 M * Bertl so you already got it ... 1116693248 M * Bertl plus the dangerous CAP_NET_RAW ;) 1116693268 M * pusling how is CAP_NET_RAW dangerous ? 1116693286 M * pusling (And how do I parse the CapInh, CapPrm and .. ?) 1116693287 M * Bertl well, it allows the guests to sniff/spy on eachother and the host 1116693315 M * Bertl and to create faked packets ... 1116693328 M * pusling CAP_NET_RAW is/was on by default on debian 1116693339 M * Bertl yeah, that's a debian bug ;) 1116693365 M * Bertl and IIRC it was filed more than once .... 1116693371 M * pusling okay 1116693406 M * pusling what is CAP_NET_RAW needed for ? 1116693429 M * Bertl raw access to the network devices ... see /usr/include/linux/capability.h for details 1116693474 Q * monrad Read error: Operation timed out 1116693512 J * mac ~mac@f01m-31-11.d4.club-internet.fr 1116693522 M * pusling ..but which programs nedes cap_net_raw ? 1116693543 M * Doener ping 1116693547 M * Doener but only on 2.4 kernels 1116693571 M * Doener in 2.6 there's a special context capability to just allow ping but not tcpdump and such... 1116693644 Q * mac Remote host closed the connection 1116693824 M * pusling perhaps I sometime soon should upgrade to 2.6.x ;) 1116693833 M * Bertl nap attack! back later ... 1116693843 N * Bertl Bertl_zZ 1116693856 M * SiD3WiNDR napnap Bertl_zZ ;) 1116693940 J * monrad ~monrad@213083190130.sonofon.dk 1116693950 M * FaUl someone here who is familar with that linux-kernel? can i easyly copy scsi-drivers from 2.6.8 to 2.6.11.10? 1116694625 Q * lilo Remote host closed the connection 1116694649 J * lilo ~lilo@lilo.usercloak.oftc.net 1116694840 M * explasm__ ist bei euch auch PRO7/rtl2 usw down? :D scheint als hätte es bei denen was zerissen 1116694864 M * explasm__ wrong chan 1116696334 M * FaUl *gaehn* 1116696769 Q * Pazzo Quit: Verlassend 1116697184 M * SiD3WiNDR jawohl! 1116697969 Q * BWare Ping timeout: 480 seconds 1116698541 J * BWare ~bware@office.intouch.net 1116701144 Q * ntrs Quit: Leaving 1116702530 M * FaUl net/ipv4/ipvs/ip_vs_core.c: In function `ip_vs_leave': 1116702530 M * FaUl net/ipv4/ipvs/ip_vs_core.c:462: error: too few arguments to function `inet_addr_type' 1116702533 M * FaUl distcc[18023] ERROR: compile net/ipv4/ipvs/ip_vs_core.c on localhost failed 1116702615 M * FaUl on 2.6.11.10 with rc1 and ngnet 9.5 1116702701 M * daniel_hozac do you actually need IPVS? 1116702799 M * FaUl i'm not quite sure what this is ;) 1116702825 M * daniel_hozac Linux Virtual Server. 1116702975 M * FaUl ah, i confused that ;) 1116703014 M * FaUl net/ipv6/af_inet6.c: In function `inet6_bind': 1116703014 M * FaUl net/ipv6/af_inet6.c:285: error: too few arguments to function `inet_addr_type' 1116703014 M * FaUl distcc[19244] ERROR: compile net/ipv6/af_inet6.c on localhost failed 1116703323 M * Doener IIRC DaPhreak did some ngnet port... 1116703386 M * Doener http://studip.uni-greifswald.de/~heim/vspatches/ngnet9.5-vs2.0-rc1.patch 1116703395 M * Doener no idea how well it works though 1116703668 M * FaUl ok, thx 1116704686 J * Doener` ~doener@p54874F2C.dip.t-dialin.net 1116704846 Q * Doener Read error: Operation timed out 1116706156 M * FaUl mh, i guess i'll start whining on linux-scsi or linux-kernel because of that broken sym53c8xx_2 1116706755 M * daniel_hozac hmm, that's broken? 1116706782 M * daniel_hozac oh, _2. i've got sym53c8xx. 1116706826 M * FaUl hmm, how to use that? 1116706844 M * FaUl my problem is that it hangs on my tekram-controler 1116706855 M * FaUl which sucks, because / is on a scsi-disk :) 1116706862 M * FaUl and /home, too 1116706874 M * daniel_hozac i haven't had any problems yet on my server. 1116706890 M * daniel_hozac all disks are on a SmartArray 3200 controller. 1116706926 M * daniel_hozac but the kernel is fairly ancient by now (2.6.10-1.760.vs1.9.4.1). 1116706977 M * FaUl mh, i need ngnet9.5 because bertl agreed to implement v6-support on this :) 1116707007 M * daniel_hozac i can't imagine that it's broke in more recent kernels. 1116707649 M * FaUl daniel_hozac: in 2.6.8 it works fine, but in 2.6.9 it does not anymore 1116708575 M * daniel_hozac well, i'm using a 2.6.10 based kernel ;) 1116708613 M * daniel_hozac might want to look at the changes made to the driver between those two kernels though. 1116709181 M * FaUl daniel_hozac: they are nontrivial as far as i've seen. i'm not so familar with kernel-coding though 1116710032 J * muadda ~muadda@gar31-1-82-234-50-167.fbx.proxad.net 1116713476 Q * Zoiah Remote host closed the connection 1116713537 M * daniel_hozac [OT] anyone know why SIOCGIFMAP would return with a zero ifr.ifr_map.base_addr? (and where is this kind of thing on-topic?) 1116713595 J * Zoiah Zoiah@matryoshka.zoiah.net 1116715707 M * Doener` daniel_hozac: 2.4 or 2.6? 1116715739 M * daniel_hozac Doener`: well, 2.6 for the host returning a zero base_addr. 1116715830 M * daniel_hozac (and yes, it is a PCI NIC that has a base address) 1116716897 N * Bertl_zZ Bertl 1116716927 M * Bertl morning/evening folks! 1116716938 M * Doener` morning/evening Bertl! ;) 1116717000 M * muadda morning/evening Bertl! 1116717045 M * Bertl hey muadda! Doener`! 1116717328 M * Bertl Doener`: hmm, guess you did read gilles' email, right? 1116717893 M * SiD3WiNDR morning/evening Bertl ;) 1116718000 Q * muadda Quit: Leaving 1116718263 M * Bertl guess we need a TZIG soon ... 1116718420 M * Doener` TZIG? 1116718434 M * Bertl (time zone indepedent greeting) 1116718440 M * Zoiah Move ZIG, move ZIG, move ZIG, move ZIG, you know what you doing, take off every ZIG! 1116718443 M * Doener` heh :) 1116718543 M * Bertl what about the well known 'Aloha' for a start? (or too Hawaiian?) 1116718618 M * Bertl (or maybe just 'greetings ... !" ;) 1116718660 M * Bertl well nothing I really worry about, actually ... *G* 1116718677 M * Doener` hmm... "Hidiho"? (Mr. Hanky...) 1116718682 M * Doener` ;) 1116718710 M * SiD3WiNDR =) 1116718712 M * Shuri :) 1116718729 M * Shuri kawabonga 1116718756 M * Bertl isn#t that a drink? 1116718771 M * Shuri Bart Simpsons 1116718798 M * Doener` Kawabonga? That's from Teenage Mutant Ninja Turtles IIRC... 1116718814 M * Shuri yhaw 1116718824 M * Shuri karamba is Bart's 1116718825 M * Shuri :) 1116718840 M * Bertl Doener`: do you want to talk about it? *G* 1116718919 M * Doener` well, i guess "Eat my shorts" is not an option, right? ;) 1116718938 M * Doener` anyways... yes, i read Gilles' mail 1116718962 M * Bertl lol @ ems 1116719000 M * Bertl that mail brought up two questions (for me) 1116719020 M * Bertl a) should be care about 'virtualizing' the route information too 1116719030 M * Bertl s/be/we/ 1116719061 M * Bertl b) should we pick up the 'source ip' idea once again (for non ngnet)