1118448016 M * Bertl evening folks!
1118448093 M * Doener hey Bertl
1118448209 M * Bertl hmm .. did you understand why hiryuu didn't do the chbind _before_ switching to some user account?
1118448282 M * Doener no, thus i suggest a chbind'ed shell or that huge 'su' monster ;)
1118448359 M * Doener s/suggest/suggested/
1118448479 M * Bertl hmm, yeah, missed that ...
1118448694 M * Doener hm, cogito is still driving me crazy ;)
1118448917 Q * erwan_ho Remote host closed the connection
1118449169 M * Bertl Doener: real man use git! ;)
1118449189 M * Bertl *men
1118449195 A * Doener sticks a letter on his forehead "unreal man!"
1118449207 M * Bertl ah, good point! ;)
1118449325 M * Bertl my connection went nuts today, had to switch the irc location, have you heard something about a new virus or attack?
1118449432 M * Doener no
1118452029 M * Hollow heya
1118452034 M * Doener hi Hollow 
1118452064 M * Hollow hi Doener, do you know if there's a vnet patch for iptables 1.3.1?
1118452084 M * Doener no
1118452099 M * Doener I don't know
1118452126 M * Hollow Bertl: awake?
1118452195 M * Doener Bertl: got time for a check of the todo list?
1118452233 M * Bertl Hollow, Doener: sure ;)
1118452250 M * Hollow Bertl: is there/will there be a vnet patch for iptables 1.3.1?
1118452260 M * Bertl probably ...
1118452277 M * Bertl ngnet is broken right now ... we'll probably fix it up -after_ 2.0 release
1118452289 M * Hollow ok
1118452302 M * Doener Bertl: ok, first the things that seem to be done, but still in the list:
1118452326 M * Bertl Doener: kernel or tools?
1118452336 M * Doener kernel
1118452338 M * Bertl k
1118452367 M * Doener 32bit syscall compat for x86_64 and friends --- not sure, but looks like and I remember it as being done ;)
1118452387 M * Bertl yep, was done _and_ tested by myself (can go)
1118452397 M * Doener switch from nxi rcu to non-rcu -- we changed that to work like vxi
1118452418 M * Bertl yep, is done too, and also tested
1118452461 M * Doener do some preprocessor magic for the history --- took me ages to read that patch
1118452489 M * Bertl hehe, yeah, preprocessor magic is there ;)
1118452507 M * Doener ok, now some (at least one) others:
1118452509 M * Doener check that SOCK_USER_SOCKET is used at all -- don't understand it, but cscope says the flag bit is only set, not tested
1118452555 M * Bertl yes, I checked that one, and left it there, because we might need it later ...
1118452563 M * Doener ok
1118452566 M * Bertl (so maybe change that to some remark)
1118452628 M * Doener maybe move proc_pid_visible() to inline? --- seems also done. "+static inline int proc_pid_visible(..."
1118452658 M * Bertl excellent! ;)
1118452723 M * Bertl sec, phone
1118453135 M * Bertl back
1118453299 M * Doener hm, what's that cap-bound file?
1118453335 M * Bertl hmm, which one is that?
1118453370 M * Doener allow proc_dointvec_bset read without CAP_SYS_MODULE
1118453381 M * Bertl ah, yes
1118453407 M * Bertl I discovered (by accident) that the pretty old lcap tool
1118453428 M * Bertl tries to read the capabilities from proc/sysfs
1118453448 M * Bertl and for some unknown reason this requires CAP_SYS_MODULE ;)
1118453470 M * Bertl which makes the otherwise useful lcap tool, useless inside a guest
1118453480 M * Doener what's lcap?
1118453493 M * Bertl a tool to show and reduce capabilities
1118453511 M * Bertl wanted to use it for demonstrations ...
1118453681 M * Doener hm, is that a kernel-wide setting, or process wide?
1118453698 M * Bertl it's normal bcaps for a process
1118453713 M * Bertl nothing unusual as far as I can tell
1118453775 M * Bertl it seems as if folks (a long time ago) tried to implement posix caps ;)=
1118454359 M * Doener hm, cap_bset seems to be pretty much unused...
1118454533 M * Bertl yes, it was moved into the processes
1118454552 M * Bertl see cap_capget
1118454592 M * Bertl the idea behind the cap_bset was something like an selinux/vserver crossover
1118454602 M * Bertl (regarding capabilities)
1118454712 M * Bertl but do not spend too much time thinking about this actually, it's more an odity I observed, and as I saw no reason for the 'read' depending on CAP_SYS_MODULE, I made a note
1118454789 M * Doener AFAICT modifying cap_best in any way does only affect linux-vserver, nothing else
1118454905 M * Bertl well, actually not even that 
1118454935 M * Bertl because vx_current_bcaps() si the only user, and very unlikely to be used for non context checks
1118454951 M * Doener ah right
1118454987 M * Bertl but yes, it isn't really used anymore, but making the 'read' depend on CAP_SYS_MODULE looked quite odd to me ;)
1118455032 M * Bertl probably wouldn't have bothered if it had been CAP_SYS_ADMIN ;)
1118455086 M * Doener ah, i should have looked into vanilla sources/followed the trace in the vserver sources...
1118455110 M * Doener actually cap_bprm_apply_creds uses it... but still reading shouldn't hurt
1118455463 M * Doener i'm off to bed now, good night everyone!
1118455468 N * Doener Doener_zZz
1118455533 M * Bertl okay, night!
1118463238 M * Bertl night everyone, cya all tomorrow ...
1118463246 N * Bertl Bertl_zZ
1118465207 J * erwan_ho ~erwan@konilope.dyndns.org
1118469669 Q * erwan_ho Remote host closed the connection
1118471518 J * monrad ~monrad@0x535b06c0.ronxx3.adsl-dhcp.tele.dk
1118471581 Q * monrad Quit: 
1118471674 J * monrad ~monrad@213083190130.sonofon.dk
1118472436 J * alanhs ~icechat5@82-68-97-182.dsl.in-addr.zen.co.uk
1118478424 Q * nox uranium.oftc.net neutron.oftc.net
1118478720 J * nox ~nox@noxlux.de
1118479865 Q * Hollow Remote host closed the connection
1118479873 J * fwiffo ~mmrnmrhm@p5499D6F2.dip.t-dialin.net
1118479892 M * fwiffo hi
1118479924 J * Hollow ~Hollow@home.xnull.de
1118479939 M * fwiffo is there any possibility to limit the vserver for using a particular interface _without_ gaining access to the hosts real interface(s)?
1118479962 M * fwiffo so for example not eth0
1118479985 M * fwiffo sth like /^tun[0-9]+$/
1118480012 M * fwiffo err, sorry, s/tun/tap/
1118480131 M * fwiffo if i use any dummy interface like an ethertap iface, outgoing connections from within the vserver tries to use the real interface
1118480213 M * fwiffo okay, there is the way of telling the progras to use a specific iface, like ping -I iface ip
1118480223 M * fwiffo but that doesn't mean security
1118480283 M * fwiffo hm, somehow i think it's saturday... probably it IS saturday *g*
1118480363 A * fwiffo 's waiting for someone to wake up ;-)
1118480603 M * fwiffo hm, looking at the docs/mailinglists/logs/... found on the web it seems that almost nobody uses any other interface than /^eth[0-9]+$/ ... O_o
1118481328 J * Drakon ~drakon@195.225.129.10
1118481328 M * Drakon join #Russia
1118481344 M * fwiffo frickin' spammers
1118481563 Q * Drakon Killed (weasel (channel spam))
1118483434 Q * Hollow Quit: /dev/zero
1118483570 J * Hollow ~Hollow@home.xnull.de
1118483724 J * rs ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr
1118484269 M * fwiffo so maybe the only solution to this is vnet, right?
1118484338 M * fwiffo hrm, if i knew for sure if nothing of the grsecurity stuff is breaking after applying the ngnet patch *ggrml*
1118484420 M * fwiffo s/i\>/i'd/
1118484515 M * fwiffo any other way of getting around this?
1118486032 Q * flock Ping timeout: 480 seconds
1118486135 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il
1118486651 J * Doener` ~doener@p5487608D.dip.t-dialin.net
1118486798 M * fwiffo okay, that ngnet patch fixed, what now, are there any alternatives, before i'll apply that thingy? ;-)
1118487087 Q * Doener_zZz Ping timeout: 480 seconds
1118487403 M * fwiffo urgh, i hate applying experimental patches on a productive system
1118489480 Q * DuckMaster Remote host closed the connection
1118489746 J * duckx ~Duck@mna75-1-81-57-39-234.fbx.proxad.net
1118490971 Q * rs Quit: rs
1118492032 Q * id Remote host closed the connection
1118495171 M * fwiffo hm...
1118495185 M * fwiffo anyone awake now?
1118495240 M * Loki|muh yeah, but i don't know anything of ngnet ;)
1118495310 M * fwiffo uh, no problem
1118495339 M * fwiffo so, is there another possibility to seperate the vservers from eth[0-9]+
1118495340 M * fwiffo ?
1118495377 M * fwiffo if yes, so i'll throw away ngnet
1118495406 M * fwiffo (andy play with it on my workstation ;-)
1118495429 M * fwiffo s/y//
1118495456 M * Loki|muh ohm seperate means what for you?
1118495471 M * fwiffo seperate means that i don't have to use eth0
1118495487 M * fwiffo ;-)
1118495514 M * fwiffo but some device i can use for masquerading
1118495542 M * Loki|muh hmmm, dunno :/
1118495554 M * fwiffo so how's your setup?
1118495558 M * fwiffo using eth?
1118495563 M * Loki|muh I use eth
1118495579 M * fwiffo hm...
1118495600 M * fwiffo so you should have something like eth0 eth0:blah eth0:foo eth0:bar ...
1118495602 M * fwiffo right?
1118495613 M * fwiffo or just intergest, whotever
1118495616 M * fwiffo integers
1118495670 M * Loki|muh no i have eth0 und eth1 with many ips
1118495699 M * fwiffo ah, and you just bind the vserver to one particular ip
1118495706 M * Loki|muh jep
1118495707 M * fwiffo hrm, okay, that's just the normal way
1118495728 M * fwiffo hm...
1118495768 M * fwiffo then i have to hack it in myself...
1118495770 M * fwiffo *grml*
1118495852 M * fwiffo hm, oh wait
1118495883 M * fwiffo bridging should work on ethertap, i think ;-)
1118495887 M * fwiffo *trying*
1118496542 Q * MrX Ping timeout: 480 seconds
1118497559 J * rs ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr
1118498339 N * Doener` Doener
1118498349 M * Doener morning folks
1118498374 M * Doener fwiffo: what do you want to achieve?
1118498450 M * fwiffo rehi
1118498454 M * fwiffo moin Doener
1118498506 M * fwiffo i'm setting up the new version of my butt (basic user tracking target) system...
1118498521 M * fwiffo v1 used uml
1118498527 M * fwiffo and now i want to use vserver
1118498548 M * fwiffo privileges should be spereated by several virtual systems
1118498581 M * fwiffo which are not necessarily emulated onse, so i thought i could use vserver for it, because uml is veeeerryyy slow
1118498604 M * fwiffo (another alternative is xen, but it doesn't work well with smp systems)
1118498637 M * fwiffo i'm using debian sarge for the host installation
1118498700 M * fwiffo every vserver is dedicated to a specific task like user/urg/low user/rug/med, ...
1118498755 M * fwiffo beginning with urg/high i wanted to set up masquerading using ethertap
1118498816 M * fwiffo (goal: only let specific connections pass)
1118498877 M * fwiffo the first problem is: the vserver binds to tap0 (for example) successfully and accepts connections, too
1118498905 M * fwiffo but it uses eth0 for outgoing connections
1118498920 M * Doener because that's the way linux networking works
1118498950 M * Doener if the target is reachable via eth0, the packets will go out via eth0
1118498965 M * fwiffo nono, the target is reachable vie tap0
1118498968 M * fwiffo via
1118498980 M * fwiffo like set up in interfaces/0
1118499009 M * fwiffo and inside the vserver only that interface is shown
1118499021 M * Doener and you sent packets to that address?
1118499036 M * Doener target = the host the packets are sent to
1118499069 M * fwiffo k, that's what you mean, so inside tho vserver the routing table is still valid
1118499075 M * fwiffo hm...
1118499184 Q * alanhs Quit: Few women admit their age. Few men act theirs.
1118499186 M * fwiffo that's what i thought befor but i still have the problem, that ethertap is a bab solution for this making it impossible to set a gateway while using a gw an the real interface
1118499336 M * Doener policy routing may help here, but i don't have any experience with such setups
1118499360 M * Doener if you wait for Bertl to get up again, he will probably be able to help you
1118499371 M * fwiffo hm, k
1118499386 M * fwiffo waitink' ;-)
1118499603 M * duckx Moin
1118499612 M * duckx How goes Doener ?
1118499615 M * fwiffo moin duckx
1118499624 M * Doener hi duckx 
1118499642 M * duckx We are still extremely happy by your work Doener  :)
1118499650 M * duckx Our server rocks ... 
1118499660 A * duckx is repeting itself !)
1118499725 M * Doener thanks! but remember that Bertl did most of the work ;)
1118499732 M * duckx Lol :)
1118499751 M * duckx Course ... Bertl_zZ is sleeping right now :)
1118499761 M * Doener heh
1118499774 M * duckx Was the CSS changed on the vserver ng page ?
1118499781 M * duckx I mean the cana one :)
1118499799 M * Doener the default is still the same, but you can choose a few others
1118499806 M * Doener (if your browser supports that)
1118499820 M * duckx Could you please send me the url back ?
1118499854 M * Doener wanna get high? ;) http://www.nongnu.org/util-vserver/doc/conf/configuration.html
1118499863 M * duckx So high :)
1118499885 M * duckx Cypress Hill right ?
1118499928 M * Doener i don't remember... but likely ;)
1118499951 M * Doener yep, google says you're right
1118499957 M * duckx héhé :)
1118499975 M * duckx Good smoke makes great culture :)
1118500032 M * Doener hmm... great culture... not what happened to some of my friends back then...
1118500121 N * Bertl_zZ Bertl
1118500135 M * Bertl morning folks!
1118500163 M * duckx remember that one http://tox.dyndns.org/vserver-alpha-utils-web/configuration.html
1118500176 M * duckx Morning Bertl !
1118500258 M * duckx Had a nice sleep ?
1118500289 M * Bertl yep, was quite fine ... thanks, and you?
1118500307 M * duckx Well, I just had a 15 hours sleeping time ...
1118500318 M * duckx Damn I feel terrible good !
1118500424 M * duckx The flower stylesheet just blowed my eyes ;)
1118500458 M * duckx Bertl: What about the ng version, any doc on it ?
1118500489 M * Bertl ngnet is broken right now ... will be fixed after the 2.0 release
1118500604 M * duckx ok
1118500617 M * duckx Let stay with the 2.0 release so :)
1118501355 M * Bertl good choice, I'd say ...
1118501376 M * Bertl in 1-2 months ngnet will be in the devel branch (2.1)
1118501478 M * Vudumen hi Bertl :) how are you?
1118501542 M * Bertl fine, thanks! and you?
1118501586 M * Vudumen well it's weekend so fine :)
1118501626 M * Vudumen Bertl: do you know anything about using ioctls from perl? :)
1118501776 M * Loki|muh ngnet still experimental and unstable?
1118501849 M * Vudumen Loki|muh: yes and currently it's broken :(
1118501872 M * fwiffo rehi
1118501906 M * fwiffo so, how do you define "broken"? ;-)
1118501917 M * fwiffo hi bertl, btw
1118501932 Q * fwiffo Quit: leaving
1118501939 J * fwiffo ~mmrnmrhm@p5499D6F2.dip.t-dialin.net
1118501948 M * fwiffo D'OH
1118501952 M * Bertl hey fwiffo!
1118501977 M * Bertl Vudumen: hmm, no, the only thing I really know about perl is, that it is a write-only language
1118501984 M * fwiffo i'm always used to typing /quit when i want to close a window *gg*
1118502018 M * fwiffo Bertl: did you read the history?
1118502033 M * Bertl not yet ...
1118502112 M * Vudumen Bertl: it depends on :) I really like perl and I used to read it too :))))
1118502135 M * Vudumen fwiffo: it's broken. after a random period of time it just stops working for me
1118502153 M * fwiffo uh, k, i already unapplied it...
1118502168 M * fwiffo Vudumen: any other method of seperating virtual nics?
1118502223 M * Bertl not yet ... but as I said, ngnet will be working again .. soon
1118502236 M * Bertl (probably with slightly changed semantics though)
1118502263 M * fwiffo Bertl: np, i just wanted to get vserver working with virtual interfaces
1118502289 M * Bertl you might go back to an older version (kernel) and add the missing 2.0 patches
1118502291 M * fwiffo it's passible with /^tap[0-9]+$/, but it doesn't get gateways
1118502311 M * Bertl no, tun/tap is no option, as the devices will not be used at all
1118502324 M * fwiffo yeah, sure, better option?
1118502345 M * Bertl it's a common misunderstanding that interfaces are used if they have assigned an ip
1118502360 M * fwiffo mom, phone
1118502413 M * Vudumen Bertl: thats why i can ping an interface which i set down with ifconfig?
1118502444 M * Bertl well, you can not ping an interface, you can only ping an ip ;)
1118502546 J * alanhs ~icechat5@82-68-97-182.dsl.in-addr.zen.co.uk
1118502554 M * Bertl welcome alanhs!
1118502571 M * alanhs Hello again bertl!
1118502606 M * Vudumen Bertl: yes you are right :) but ami wrong when i think that ip is bounded to an interface? :)
1118502691 M * alanhs Bertl: I have been having some more fun with vserver today. I deciced to try to build a gentoo host and have almost succeeded, I am a little unclear about the fstab on the guest - should it be empty - I see the mtab gets created on the fly is this true of fstab ?
1118502724 M * Bertl no, the fstab isn really used
1118502734 Q * rs Quit: rs
1118502736 M * Bertl instead a replacement fstab is used (from the config)
1118502746 J * rs ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr
1118502749 M * Bertl (have a look at the config page for details)
1118502760 M * Bertl okay, dinner time, off for 20 or so ...
1118502769 N * Bertl Bertl_oO
1118502867 Q * monrad Quit: Leaving
1118503883 M * fwiffo shesh, have to go off, c'ya tomorrow...
1118503889 Q * fwiffo Quit: off to munich...
1118504024 N * Bertl_oO Bertl
1118504035 M * Bertl back now ...
1118505201 M * eyck cool, what now?
1118505653 M * Bertl hmm?
1118506220 J * Pazzo ~Pazzo@host130-250.pool8172.interbusiness.it
1118506305 M * Pazzo "irc.freenode.net.       60      IN      A       127.0.0.1" <- ???
1118506344 M * Bertl hmm?
1118506370 M * aba fixed
1118506370 M * Bertl indeed, funny idea ;)
1118506390 M * aba Bertl: they do it if they have clonebot issues ...
1118506455 A * Pazzo is going to start launch on 127.0.0.1 to repair freenode.net
1118506471 M * Pazzo s/on/ircd on/
1118506476 J * kjo ~krischan@p5484E7E2.dip.t-dialin.net
1118506485 M * Bertl welcome kjo!
1118506489 M * Pazzo btw: hi Bertl, aba
1118506497 M * kjo Hi channel
1118506501 M * aba Hi Pazzo 
1118506505 M * Bertl aba: btw, how about the future of linux-vserver + sarge?
1118506523 M * aba Bertl: sarge is out. finally.
1118506535 M * Bertl hehe, yes I saw it, already updated ;)
1118506543 M * Bertl from testing -> stable ;)
1118506633 M * Pazzo Bertl: I'm currently adding vshelper-delegate/shutdown and vwait + vshelper-hack-01 to my personal util-vserver sarge package and it works fine for my needs
1118506665 M * Pazzo (but as vs2.0 is gonna go to be stable it would also be great to have stable utils ;-)
1118506666 M * aba Bertl: so, sarge is only changed if there is some grave/critical bug. And etch should release in 12-18 months ...
1118506698 M * Bertl aba: yes, but the vserver stuff in sarge is just broken ...
1118506717 M * Bertl so it would make a lot of sense to update to 2.0 once it is out, no?
1118506729 M * Bertl (especially as 2.0 will be stable ;)
1118506754 M * Pazzo Bertl, aba: util-vserver in sid is fine if you do at least the vshelper-delegate/shutdown workaround
1118506766 M * Bertl Pazzo: not required with 2.0-rc4
1118506783 M * albeiro there is ddos against freenode taking place
1118506783 M * Bertl as I said, we really care about stability ;)
1118506801 M * Pazzo Bertl: coool - what's not needed? -delegate/shutdown or the reboot/vwait hack?
1118506809 M * Bertl both
1118506822 M * Bertl it's not perfect, but it works fine ...
1118506880 M * Pazzo BOTH? great :) how did you resolve this?? shouldn't this to be done in userspace?
1118506920 M * Bertl yes, but as it _wasn't_ done in userspace, we did move the interface changes into non-legacy mode
1118506942 M * Bertl so, with legacy enabled, it should work quite fine
1118507051 M * Pazzo hmm... so reboot from inside a vserver AND vserver xy stop work fine with current utils, right?
1118507137 M * Bertl that's the idea ...
1118507208 M * Pazzo Bertl: whats atm different between legacy and non-legacy mode?
1118507255 M * Bertl non legacy mode differs very much from the legacy mode (cleaner interface, more options/hooks)
1118507278 M * Bertl but unfortunately no tools to use it properly right now ...
1118507312 M * Bertl aside from that it removes a large amount of legacy code from the kernel
1118507590 M * Pazzo sounds good :) and what about ng? what's working / missing? some docs about current state?
1118507659 M * Pazzo I was very busy last months but things are going to be better (hmmm... didn't I say the same thing long time ago?? :'-) maybe I could start some serious testing and provide some feedback
1118507676 M * Pazzo since the very early beginnings of ngn I didn't try it again :(
1118507682 M * Doener Bertl: did I get it right, that reject files from a patch are splitted into two sections, one with removals and one with additions?
1118507705 A * Doener never used those xxx.rej thingies before
1118507753 M * Doener Pazzo: ngnet is broken atm, will be repaired once 2.0 is out
1118507819 M * Pazzo thnx Doener (hi Doener!)
1118507920 M * Bertl evening Doener!
1118507945 M * Doener evening Pazzo,Bertl 
1118507952 M * Bertl Doener: well, I use unified reject files, so no idea ;)
1118508466 M * Pazzo is there a way to let grub boot from software raid 1? (failsafe like lilo with it's raid-extra-boot)
1118508492 M * Bertl grub has a default and fallback
1118508495 M * Pazzo (didn't find something like that so lilo is still my preferred boot loader)
1118508528 M * Pazzo hmm... may I also have multiple fallbacks? 
1118508537 M * Bertl hmm, no
1118508579 M * Pazzo so I could use the fallback feature to be able to boot if for example hd0/1 fails...
1118508603 M * Bertl yep
1118508605 M * Pazzo ...but "failsafe" kernel upgrading then will require a lot of handwork - right?
1118508618 M * Bertl you can do one time boots too
1118508642 M * Bertl well, probably you can even do multi fallback ...
1118508697 M * Pazzo normally I do an upgrade, set default=LinudOLD - lilo -R Linux, append panic=10 and put a shutdown script in /etc/rc2.d to reboot in 10 minutes (helps if for example networking fails)
1118508722 M * Pazzo multi-fallback?
1118508782 M * Bertl the one time boot works by changing the default at boot time
1118508786 M * Pazzo (if I don't mess up both kernels / initrd files / symlinks the probability that my servers come back after such a reboot is really high :-)
1118508802 M * Bertl so you could probably make a chain of changes ...
1118508812 M * Pazzo yeah, that's what lilo -R is doing...
1118508829 M * Pazzo ...but what does grubs fallback do?
1118508844 M * Pazzo fallback kernel or fallback hd?
1118508971 M * Pazzo default 1 => fallback 0 ... ok, I googled and believe to understand grub
1118509012 M * Pazzo but what I need is to boot Linux from sda (fallback sdb) and LinuxOLD from sda (fallback sdb)
1118509053 M * Bertl fallback config
1118509202 M * Pazzo yeah, but grub's fallback has only ONE fallback ... so if I try to boot a not-booting kernel AND my first hd doesn't survive the reboot I'm in trouble, right?
1118509310 M * Pazzo that's what lilo is able to do. lilo is not as easy to handle as grub and if it wouldn't be a step backward for my setup I would really like to change all my boot managers
1118509350 M * Pazzo (also because I'm using nothing but Sarge since more than a year and grub is the default boot manager in Sarge)
1118509526 M * Pazzo forget it - thnx Bertl, I don't want to waste your time with such stupid problems. I'll stay with lilo ;-)
1118509611 M * Bertl Pazzo: yeah, but trust me, it also works quite fine with grub ;)
1118509748 M * Bertl okay, off for now ... back later ...
1118509752 M * Pazzo I trust you! but lilo gives me the possibility to have a failover drive AND a failover kernel at the same time - and that's what grub is not able to do
1118509753 N * Bertl Bertl_oO
1118509758 M * Pazzo cu Bertl!
1118510746 Q * rs Quit: rs
1118511134 J * kjo_ ~krischan@p5484C4F5.dip.t-dialin.net
1118511395 J * eXplasm explasm@p549F3B53.dip.t-dialin.net
1118511574 Q * kjo Ping timeout: 480 seconds
1118512004 J * id ~id@relax-media.softwarezentrum.de
1118514217 M * Pazzo Feedback: 2.0-rc4 is running fine, as Bertl already said reboot / stop issues are resolved
1118515354 Q * eXplasm Read error: No route to host
1118515368 J * eXplasm explasm@p549F3B53.dip.t-dialin.net
1118515637 J * eXplasm2 explasm@p549F3B53.dip.t-dialin.net
1118515637 Q * eXplasm Read error: Connection reset by peer
1118515948 M * Doener gtg now, cya later
1118515950 N * Doener Doener|gone
1118516647 J * rs ~rs@imhotep.rhapsodyk.net
1118521617 Q * kjo_ Ping timeout: 480 seconds
1118522970 Q * greedy Quit: using sirc version 2.211+KSIRC/1.3.12
1118522994 J * greedy ~jesper@0x503e3545.arcnxx21.adsl-dhcp.tele.dk
1118523188 J * Aiken ~james@tooax8-249.dialup.optusnet.com.au
1118525344 T * services.oftc.net http://linux-vserver.org/ | latest stable 1.2.10, devel 1.9.5, 2.0-rc4, ng9.5  -- He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;)
1118525464 Q * greedy Quit: using sirc version 2.211+KSIRC/1.3.12
1118525483 J * greedy ~jesper@0x503e3545.arcnxx21.adsl-dhcp.tele.dk
1118525583 Q * greedy Quit: 
1118525947 J * greedy ~jesper@0x503e3545.arcnxx21.adsl-dhcp.tele.dk
1118526204 Q * alanhs Ping timeout: 480 seconds
1118526240 N * Bertl_oO Bertl
1118526259 M * Bertl evening folks!
1118526266 M * Vudumen hi Bertl :)
1118526328 M * Bertl hey Vudumen!
1118527057 M * Aiken good morning
1118527067 M * Bertl morning Aiken!
1118527211 M * Aiken with the 2.0 release getting closer is there much effort maintaining 1.2.10 and 2.4.X ?
1118527245 M * Bertl no, not really, but we _are_ maintaining it (it's basically in feature deep freeze)
1118527321 M * Aiken was curious, apart from playing with 2.0 on this machine I am more interested in running vserever on a couple of 2.4 boxes
1118527421 M * Bertl any specific reason for that?
1118527500 M * Aiken they are systems that do what I want when I want as they and don't want to make too many major changes to them
1118527535 M * Aiken opne of the machine images is old enough a full rebuild would be the easiest way to get it to a 2.6 kernel and I don't want to touch it
1118527594 M * sannes :)
1118527677 M * Bertl Aiken: hmm, 2.6 works pretty fine if built monolithic with very old distros too ...
1118527712 M * Bertl a friend of mine updated a linux 2.2.x to 2.6 (we had to cross compile the kernel ;)
1118527827 M * Aiken had started looking at that idea, for some reason I had touble with the serial ports and the 2 ethernet cards came up in the wrong order so put the idea on hold
1118527880 M * Bertl i.c., well ethernet order can be fixed, about the serial ports, I don't know
1118527899 M * Aiken could have been an option I missed with the serial ports
1118527982 M * Aiken I keep finding more important things to do anyway, like finishing off the system image for my alpha
1118528009 M * Aiken and as long as I get the direcotry order correct with rsync this time to backup the new image it is finished
1118528015 M * Bertl ah, that reminds me that I still have to do the alpha install :)
1118528056 M * Aiken my alpha now makes my wifes 2nd linux computer
1118528090 M * Aiken she wanted the xterminal for her computer upgraded, I wanted the alpha on the network. everyone wins
1118528093 M * Bertl well, the alpha is a nice cpu design
1118528201 M * Aiken I quite like it but software can be a problem. There are a few packages that won't build either because they are not 64bit clean (which can also affect amd64) or just do silly things and won't even compile
1118528240 M * Bertl well, the not 64bit clean issue will be gone soon
1118528300 M * Aiken google has been good, eg firefox 1.0.4 won't compile on alpha. Put the error message in googe which took me to a patch
1118528411 M * Aiken I used debian to bootstrap the machine, proved to be a nice easy way to get linux on it. The machine has started with nt4.
1118528797 M * Aiken in someways I think is the advent of the amd 64bit chip that made making the alpha image easier
1118528874 M * Bertl yes, that's what I meant
1118529339 M * Aiken rh62 + util-vserver 0.30.207 = checking for nameif... no
1118529414 M * Bertl mandrake (8.1): rpm -qf `which nameif`
1118529414 M * Bertl net-tools-1.60-2mdk
1118529470 M * Aiken net-tools-1.54-4 is what is installed
1118529494 M * Bertl does it contain nameif and is it available (path)?
1118529542 M * Aiken rpm -qpl net-tools-1.54-4.i386.rpm | grep nameif    returns nothing
1118529554 M * Bertl btw, nameif and /etc/mactab is a good way to keep the interface order ;)
1118529595 M * Aiken this is an example of why I am wary of upgrades on that machine
1118529657 M * Bertl yeah, well, the 0.30.207 tools will require it regardless of the kernel, no? 2.6/24?
1118529774 M * Aiken the machine has a 2.4.29 kernel, what I had though of doing is using vserver 1.2.10 to run a 3 newer images
1118529800 M * Bertl doesn't change anything regarding the choice of the userspace tools, or?
1118529898 M * Aiken 0.30 tools compiles fine
1118529917 M * Bertl well, you can use them with 2.0 too, no?
1118529937 M * Aiken I think I might have before the alpha tools compiled
1118529946 M * Aiken someting about legacy mode
1118529973 M * Bertl yep, for now the legacy mode is probably the best choice anyway
1118530038 M * Aiken so your suggestion is the older tools (0.30) with a monolithic 2.6.11.11?
1118530048 M * Aiken compile the kernel on this machine and it sounds like a doable idea
1118530065 M * Bertl well, it really depends what features you want to use
1118530073 M * Bertl did you have a look at the feature matrix?
1118530101 M * Bertl if you are fine with the features provided by 2.4/1.2.x, then no need to go 2.6 ...
1118530126 M * Aiken have had a look and apart from HARDCPU I was happy with the feature set of 1.2.10
1118530170 M * Bertl fact is, while 2.0 is getting stable (first stable release), 1.2.x is stable for a long time now ...
1118530691 M * Aiken still thinking out it but not today, I have a day of half life and a bbq in front of me.
1118530719 M * Bertl have fun then!
1118531342 M * Pazzo Bertl: where can I read something about quota / vroot with vs2.0?
1118531377 M * Bertl quota as in user/group quota or as in disk limits?
1118531415 M * Pazzo disk limits are still not possibly without tagging all files and counting / adjusting values etc, right?
1118531428 M * Pazzo quota as in user/group quota
1118531470 M * Bertl 'still not possible', hmm ... they never will be possible without that, neither are the usr/grp quotas on any linux system, no?
1118531567 M * Bertl anyway, quota on a separate partition is simply a matter of using vrsetup to configure the vroot device, and copying over that into the guest
1118531578 M * Bertl (plus maybe adjusting the mtab entry)
1118531628 M * Pazzo hmmm... thnx
1118531659 M * Bertl (i.e. the old docu still applies)
1118531674 M * Pazzo if I don't care about disk limits and quotas I can write whatever I want in a vservers fstab, right?
1118531682 M * Pazzo ehm - I mean for /
1118531688 M * Bertl basically ...
1118531698 M * Pazzo just "/dev/hdy /" or something like that
1118531710 M * Bertl well, actually you can write a lot there ...
1118531797 M * Pazzo ok, I'll write "/dev/zero / ext3 rw 0 0" ;-)
1118531848 M * Pazzo hehe... never had that much free disk space on /dev/zero
1118531907 M * Pazzo  /dev/null looks even better :-) do I need to change the vserver's /etc/mtab or is there something in /etc/vservers/<vsname> for this purpose?
1118531976 M * Bertl *   /etc/vservers/<vserver-name>/apps/init/mtab
1118532014 M * Bertl there is also a default, see the FlowerPage
1118532334 M * Pazzo doesn't seem to work... is this only used by "vserver <vsname> build"?
1118532682 M * Pazzo tried also to remove /etc/mtab, created /etc/vservers/<vserver-name>/apps/init/mtab AND /etc/vservers/init/mtab - restarted vserver multiple times - no way
1118532712 M * Bertl tool version?
1118532730 M * Pazzo 207
1118532737 M * Pazzo (0.30.207)
1118532747 M * Pazzo from Debian SID
1118532962 M * Pazzo if I stop the vserver, modify the mtab file it will be changed back to contain only tmpfs & proc when I start the vserver
1118532975 M * Bertl sec checking here
1118532979 M * Pazzo hmm... maybe this is done at boot time by some debian script?
1118533012 M * Pazzo /etc/mtab contains what mount tells me
1118533024 M * Pazzo (is telling me)
1118533037 M * Bertl no, mount tells you what mtab contains ;)
1118533069 M * Bertl echo "/dev/zero / ufs defaults 0 0" >/etc/vservers/vinz/apps/init/mtab
1118533076 M * Bertl cat /vservers/vinz/etc/mtab 
1118533076 M * Bertl /dev/zero / ufs defaults 0 0
1118533079 M * Bertl ...
1118533087 M * Bertl so that looks quite fine to me ...
1118533095 M * Bertl non-debian 0.30.207 ;)
1118533147 M * Pazzo is your /etc/vservers/vinz/apps/init/mtab a symlink??
1118533163 M * Bertl no, it's a file
1118533238 M * Pazzo and if you change it at vinz's runtime mtab in vinz will be changed? or do you need to reboot vinz?
1118533315 M * Bertl it will be changed/written everytime when vince is restared
1118533320 M * Bertl *restarted even
1118533425 M * Pazzo so utils are going to copy /etc/vservers/../mtab to /vservers/vinz/etc/mtab - right?
1118533441 M * Bertl yes, and then add the mount entries from tmp, etc ...
1118533447 M * Pazzo so probably debian is changing this file at boot time - let's have a look
1118533530 M * Bertl hmm, if it helps you, vinz was created by:
1118533532 M * Bertl vserver vinz build -m debootstrap --hostname vinz --interface vinz=eth1:192.168.0.100/24 --context 42 -- -d sarge -m ftp://ftp.debian.org/debian
1118533545 M * Bertl (so it should be a 'default' sarge install, right?)
1118533588 M * Pazzo hehe...
1118533617 M * Pazzo  /etc/rcS.d/S10checkroot.sh -> ../init.d/checkroot.sh
1118533641 M * Pazzo when I remove the symlink it works
1118533682 M * Bertl hmm, but the link is present here ...
1118533688 M * Pazzo ??
1118533713 M * Bertl ls -la /vservers/vinz/etc/rc*/*root*
1118533714 M * Bertl lrwxrwxrwx  1 root root 22 Jun  9 01:52 /vservers/vinz/etc/rcS.d/S10checkroot.sh -> ../init.d/checkroot.sh*
1118533834 M * Pazzo checkroot calls /etc/init.d/mountvirtfs if init_mtab=yes
1118533920 M * Bertl well, I'd say this script isn't started at bootup at all
1118533926 M * Pazzo init_mtab=yes if mtab path is writeable (not /proc)
1118533952 M * Pazzo why not? it is started
1118534032 M * Pazzo what initstyle are you using? me: plain
1118534045 M * Bertl me default (i.e. sysv)
1118534090 M * Pazzo hmm... what does sysv do? just go into /etc/rc<default runlevel>.d and launch all scripts?
1118534099 M * Bertl yup
1118534114 M * Pazzo /etc/rcS.d/README: The scripts in this directory are executed once when booting the system, ...
1118534145 M * Pazzo and what exactly doesn "plain" do?
1118534154 M * Pazzo s/doesn/does/
1118534175 M * Bertl plain starts the init process inside the guest
1118534237 M * Pazzo and what's "better"?
1118534258 M * Bertl well, I never had any special use for init inside a guest ...
1118534271 M * Bertl but some folks say they 'need' it ...
1118534323 M * Pazzo Bertl: now I removed "si::sysinit:/etc/init.d/rcS" from /etc/inittab ...
1118534344 M * Bertl probably works fine too ;)
1118534356 M * Pazzo difference: mount /dev/hdv is still there...