1118448016 M * Bertl evening folks! 1118448093 M * Doener hey Bertl 1118448209 M * Bertl hmm .. did you understand why hiryuu didn't do the chbind _before_ switching to some user account? 1118448282 M * Doener no, thus i suggest a chbind'ed shell or that huge 'su' monster ;) 1118448359 M * Doener s/suggest/suggested/ 1118448479 M * Bertl hmm, yeah, missed that ... 1118448694 M * Doener hm, cogito is still driving me crazy ;) 1118448917 Q * erwan_ho Remote host closed the connection 1118449169 M * Bertl Doener: real man use git! ;) 1118449189 M * Bertl *men 1118449195 A * Doener sticks a letter on his forehead "unreal man!" 1118449207 M * Bertl ah, good point! ;) 1118449325 M * Bertl my connection went nuts today, had to switch the irc location, have you heard something about a new virus or attack? 1118449432 M * Doener no 1118452029 M * Hollow heya 1118452034 M * Doener hi Hollow 1118452064 M * Hollow hi Doener, do you know if there's a vnet patch for iptables 1.3.1? 1118452084 M * Doener no 1118452099 M * Doener I don't know 1118452126 M * Hollow Bertl: awake? 1118452195 M * Doener Bertl: got time for a check of the todo list? 1118452233 M * Bertl Hollow, Doener: sure ;) 1118452250 M * Hollow Bertl: is there/will there be a vnet patch for iptables 1.3.1? 1118452260 M * Bertl probably ... 1118452277 M * Bertl ngnet is broken right now ... we'll probably fix it up -after_ 2.0 release 1118452289 M * Hollow ok 1118452302 M * Doener Bertl: ok, first the things that seem to be done, but still in the list: 1118452326 M * Bertl Doener: kernel or tools? 1118452336 M * Doener kernel 1118452338 M * Bertl k 1118452367 M * Doener 32bit syscall compat for x86_64 and friends --- not sure, but looks like and I remember it as being done ;) 1118452387 M * Bertl yep, was done _and_ tested by myself (can go) 1118452397 M * Doener switch from nxi rcu to non-rcu -- we changed that to work like vxi 1118452418 M * Bertl yep, is done too, and also tested 1118452461 M * Doener do some preprocessor magic for the history --- took me ages to read that patch 1118452489 M * Bertl hehe, yeah, preprocessor magic is there ;) 1118452507 M * Doener ok, now some (at least one) others: 1118452509 M * Doener check that SOCK_USER_SOCKET is used at all -- don't understand it, but cscope says the flag bit is only set, not tested 1118452555 M * Bertl yes, I checked that one, and left it there, because we might need it later ... 1118452563 M * Doener ok 1118452566 M * Bertl (so maybe change that to some remark) 1118452628 M * Doener maybe move proc_pid_visible() to inline? --- seems also done. "+static inline int proc_pid_visible(..." 1118452658 M * Bertl excellent! ;) 1118452723 M * Bertl sec, phone 1118453135 M * Bertl back 1118453299 M * Doener hm, what's that cap-bound file? 1118453335 M * Bertl hmm, which one is that? 1118453370 M * Doener allow proc_dointvec_bset read without CAP_SYS_MODULE 1118453381 M * Bertl ah, yes 1118453407 M * Bertl I discovered (by accident) that the pretty old lcap tool 1118453428 M * Bertl tries to read the capabilities from proc/sysfs 1118453448 M * Bertl and for some unknown reason this requires CAP_SYS_MODULE ;) 1118453470 M * Bertl which makes the otherwise useful lcap tool, useless inside a guest 1118453480 M * Doener what's lcap? 1118453493 M * Bertl a tool to show and reduce capabilities 1118453511 M * Bertl wanted to use it for demonstrations ... 1118453681 M * Doener hm, is that a kernel-wide setting, or process wide? 1118453698 M * Bertl it's normal bcaps for a process 1118453713 M * Bertl nothing unusual as far as I can tell 1118453775 M * Bertl it seems as if folks (a long time ago) tried to implement posix caps ;)= 1118454359 M * Doener hm, cap_bset seems to be pretty much unused... 1118454533 M * Bertl yes, it was moved into the processes 1118454552 M * Bertl see cap_capget 1118454592 M * Bertl the idea behind the cap_bset was something like an selinux/vserver crossover 1118454602 M * Bertl (regarding capabilities) 1118454712 M * Bertl but do not spend too much time thinking about this actually, it's more an odity I observed, and as I saw no reason for the 'read' depending on CAP_SYS_MODULE, I made a note 1118454789 M * Doener AFAICT modifying cap_best in any way does only affect linux-vserver, nothing else 1118454905 M * Bertl well, actually not even that 1118454935 M * Bertl because vx_current_bcaps() si the only user, and very unlikely to be used for non context checks 1118454951 M * Doener ah right 1118454987 M * Bertl but yes, it isn't really used anymore, but making the 'read' depend on CAP_SYS_MODULE looked quite odd to me ;) 1118455032 M * Bertl probably wouldn't have bothered if it had been CAP_SYS_ADMIN ;) 1118455086 M * Doener ah, i should have looked into vanilla sources/followed the trace in the vserver sources... 1118455110 M * Doener actually cap_bprm_apply_creds uses it... but still reading shouldn't hurt 1118455463 M * Doener i'm off to bed now, good night everyone! 1118455468 N * Doener Doener_zZz 1118455533 M * Bertl okay, night! 1118463238 M * Bertl night everyone, cya all tomorrow ... 1118463246 N * Bertl Bertl_zZ 1118465207 J * erwan_ho ~erwan@konilope.dyndns.org 1118469669 Q * erwan_ho Remote host closed the connection 1118471518 J * monrad ~monrad@0x535b06c0.ronxx3.adsl-dhcp.tele.dk 1118471581 Q * monrad Quit: 1118471674 J * monrad ~monrad@213083190130.sonofon.dk 1118472436 J * alanhs ~icechat5@82-68-97-182.dsl.in-addr.zen.co.uk 1118478424 Q * nox uranium.oftc.net neutron.oftc.net 1118478720 J * nox ~nox@noxlux.de 1118479865 Q * Hollow Remote host closed the connection 1118479873 J * fwiffo ~mmrnmrhm@p5499D6F2.dip.t-dialin.net 1118479892 M * fwiffo hi 1118479924 J * Hollow ~Hollow@home.xnull.de 1118479939 M * fwiffo is there any possibility to limit the vserver for using a particular interface _without_ gaining access to the hosts real interface(s)? 1118479962 M * fwiffo so for example not eth0 1118479985 M * fwiffo sth like /^tun[0-9]+$/ 1118480012 M * fwiffo err, sorry, s/tun/tap/ 1118480131 M * fwiffo if i use any dummy interface like an ethertap iface, outgoing connections from within the vserver tries to use the real interface 1118480213 M * fwiffo okay, there is the way of telling the progras to use a specific iface, like ping -I iface ip 1118480223 M * fwiffo but that doesn't mean security 1118480283 M * fwiffo hm, somehow i think it's saturday... probably it IS saturday *g* 1118480363 A * fwiffo 's waiting for someone to wake up ;-) 1118480603 M * fwiffo hm, looking at the docs/mailinglists/logs/... found on the web it seems that almost nobody uses any other interface than /^eth[0-9]+$/ ... O_o 1118481328 J * Drakon ~drakon@195.225.129.10 1118481328 M * Drakon join #Russia 1118481344 M * fwiffo frickin' spammers 1118481563 Q * Drakon Killed (weasel (channel spam)) 1118483434 Q * Hollow Quit: /dev/zero 1118483570 J * Hollow ~Hollow@home.xnull.de 1118483724 J * rs ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr 1118484269 M * fwiffo so maybe the only solution to this is vnet, right? 1118484338 M * fwiffo hrm, if i knew for sure if nothing of the grsecurity stuff is breaking after applying the ngnet patch *ggrml* 1118484420 M * fwiffo s/i\>/i'd/ 1118484515 M * fwiffo any other way of getting around this? 1118486032 Q * flock Ping timeout: 480 seconds 1118486135 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1118486651 J * Doener` ~doener@p5487608D.dip.t-dialin.net 1118486798 M * fwiffo okay, that ngnet patch fixed, what now, are there any alternatives, before i'll apply that thingy? ;-) 1118487087 Q * Doener_zZz Ping timeout: 480 seconds 1118487403 M * fwiffo urgh, i hate applying experimental patches on a productive system 1118489480 Q * DuckMaster Remote host closed the connection 1118489746 J * duckx ~Duck@mna75-1-81-57-39-234.fbx.proxad.net 1118490971 Q * rs Quit: rs 1118492032 Q * id Remote host closed the connection 1118495171 M * fwiffo hm... 1118495185 M * fwiffo anyone awake now? 1118495240 M * Loki|muh yeah, but i don't know anything of ngnet ;) 1118495310 M * fwiffo uh, no problem 1118495339 M * fwiffo so, is there another possibility to seperate the vservers from eth[0-9]+ 1118495340 M * fwiffo ? 1118495377 M * fwiffo if yes, so i'll throw away ngnet 1118495406 M * fwiffo (andy play with it on my workstation ;-) 1118495429 M * fwiffo s/y// 1118495456 M * Loki|muh ohm seperate means what for you? 1118495471 M * fwiffo seperate means that i don't have to use eth0 1118495487 M * fwiffo ;-) 1118495514 M * fwiffo but some device i can use for masquerading 1118495542 M * Loki|muh hmmm, dunno :/ 1118495554 M * fwiffo so how's your setup? 1118495558 M * fwiffo using eth? 1118495563 M * Loki|muh I use eth 1118495579 M * fwiffo hm... 1118495600 M * fwiffo so you should have something like eth0 eth0:blah eth0:foo eth0:bar ... 1118495602 M * fwiffo right? 1118495613 M * fwiffo or just intergest, whotever 1118495616 M * fwiffo integers 1118495670 M * Loki|muh no i have eth0 und eth1 with many ips 1118495699 M * fwiffo ah, and you just bind the vserver to one particular ip 1118495706 M * Loki|muh jep 1118495707 M * fwiffo hrm, okay, that's just the normal way 1118495728 M * fwiffo hm... 1118495768 M * fwiffo then i have to hack it in myself... 1118495770 M * fwiffo *grml* 1118495852 M * fwiffo hm, oh wait 1118495883 M * fwiffo bridging should work on ethertap, i think ;-) 1118495887 M * fwiffo *trying* 1118496542 Q * MrX Ping timeout: 480 seconds 1118497559 J * rs ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr 1118498339 N * Doener` Doener 1118498349 M * Doener morning folks 1118498374 M * Doener fwiffo: what do you want to achieve? 1118498450 M * fwiffo rehi 1118498454 M * fwiffo moin Doener 1118498506 M * fwiffo i'm setting up the new version of my butt (basic user tracking target) system... 1118498521 M * fwiffo v1 used uml 1118498527 M * fwiffo and now i want to use vserver 1118498548 M * fwiffo privileges should be spereated by several virtual systems 1118498581 M * fwiffo which are not necessarily emulated onse, so i thought i could use vserver for it, because uml is veeeerryyy slow 1118498604 M * fwiffo (another alternative is xen, but it doesn't work well with smp systems) 1118498637 M * fwiffo i'm using debian sarge for the host installation 1118498700 M * fwiffo every vserver is dedicated to a specific task like user/urg/low user/rug/med, ... 1118498755 M * fwiffo beginning with urg/high i wanted to set up masquerading using ethertap 1118498816 M * fwiffo (goal: only let specific connections pass) 1118498877 M * fwiffo the first problem is: the vserver binds to tap0 (for example) successfully and accepts connections, too 1118498905 M * fwiffo but it uses eth0 for outgoing connections 1118498920 M * Doener because that's the way linux networking works 1118498950 M * Doener if the target is reachable via eth0, the packets will go out via eth0 1118498965 M * fwiffo nono, the target is reachable vie tap0 1118498968 M * fwiffo via 1118498980 M * fwiffo like set up in interfaces/0 1118499009 M * fwiffo and inside the vserver only that interface is shown 1118499021 M * Doener and you sent packets to that address? 1118499036 M * Doener target = the host the packets are sent to 1118499069 M * fwiffo k, that's what you mean, so inside tho vserver the routing table is still valid 1118499075 M * fwiffo hm... 1118499184 Q * alanhs Quit: Few women admit their age. Few men act theirs. 1118499186 M * fwiffo that's what i thought befor but i still have the problem, that ethertap is a bab solution for this making it impossible to set a gateway while using a gw an the real interface 1118499336 M * Doener policy routing may help here, but i don't have any experience with such setups 1118499360 M * Doener if you wait for Bertl to get up again, he will probably be able to help you 1118499371 M * fwiffo hm, k 1118499386 M * fwiffo waitink' ;-) 1118499603 M * duckx Moin 1118499612 M * duckx How goes Doener ? 1118499615 M * fwiffo moin duckx 1118499624 M * Doener hi duckx 1118499642 M * duckx We are still extremely happy by your work Doener :) 1118499650 M * duckx Our server rocks ... 1118499660 A * duckx is repeting itself !) 1118499725 M * Doener thanks! but remember that Bertl did most of the work ;) 1118499732 M * duckx Lol :) 1118499751 M * duckx Course ... Bertl_zZ is sleeping right now :) 1118499761 M * Doener heh 1118499774 M * duckx Was the CSS changed on the vserver ng page ? 1118499781 M * duckx I mean the cana one :) 1118499799 M * Doener the default is still the same, but you can choose a few others 1118499806 M * Doener (if your browser supports that) 1118499820 M * duckx Could you please send me the url back ? 1118499854 M * Doener wanna get high? ;) http://www.nongnu.org/util-vserver/doc/conf/configuration.html 1118499863 M * duckx So high :) 1118499885 M * duckx Cypress Hill right ? 1118499928 M * Doener i don't remember... but likely ;) 1118499951 M * Doener yep, google says you're right 1118499957 M * duckx héhé :) 1118499975 M * duckx Good smoke makes great culture :) 1118500032 M * Doener hmm... great culture... not what happened to some of my friends back then... 1118500121 N * Bertl_zZ Bertl 1118500135 M * Bertl morning folks! 1118500163 M * duckx remember that one http://tox.dyndns.org/vserver-alpha-utils-web/configuration.html 1118500176 M * duckx Morning Bertl ! 1118500258 M * duckx Had a nice sleep ? 1118500289 M * Bertl yep, was quite fine ... thanks, and you? 1118500307 M * duckx Well, I just had a 15 hours sleeping time ... 1118500318 M * duckx Damn I feel terrible good ! 1118500424 M * duckx The flower stylesheet just blowed my eyes ;) 1118500458 M * duckx Bertl: What about the ng version, any doc on it ? 1118500489 M * Bertl ngnet is broken right now ... will be fixed after the 2.0 release 1118500604 M * duckx ok 1118500617 M * duckx Let stay with the 2.0 release so :) 1118501355 M * Bertl good choice, I'd say ... 1118501376 M * Bertl in 1-2 months ngnet will be in the devel branch (2.1) 1118501478 M * Vudumen hi Bertl :) how are you? 1118501542 M * Bertl fine, thanks! and you? 1118501586 M * Vudumen well it's weekend so fine :) 1118501626 M * Vudumen Bertl: do you know anything about using ioctls from perl? :) 1118501776 M * Loki|muh ngnet still experimental and unstable? 1118501849 M * Vudumen Loki|muh: yes and currently it's broken :( 1118501872 M * fwiffo rehi 1118501906 M * fwiffo so, how do you define "broken"? ;-) 1118501917 M * fwiffo hi bertl, btw 1118501932 Q * fwiffo Quit: leaving 1118501939 J * fwiffo ~mmrnmrhm@p5499D6F2.dip.t-dialin.net 1118501948 M * fwiffo D'OH 1118501952 M * Bertl hey fwiffo! 1118501977 M * Bertl Vudumen: hmm, no, the only thing I really know about perl is, that it is a write-only language 1118501984 M * fwiffo i'm always used to typing /quit when i want to close a window *gg* 1118502018 M * fwiffo Bertl: did you read the history? 1118502033 M * Bertl not yet ... 1118502112 M * Vudumen Bertl: it depends on :) I really like perl and I used to read it too :)))) 1118502135 M * Vudumen fwiffo: it's broken. after a random period of time it just stops working for me 1118502153 M * fwiffo uh, k, i already unapplied it... 1118502168 M * fwiffo Vudumen: any other method of seperating virtual nics? 1118502223 M * Bertl not yet ... but as I said, ngnet will be working again .. soon 1118502236 M * Bertl (probably with slightly changed semantics though) 1118502263 M * fwiffo Bertl: np, i just wanted to get vserver working with virtual interfaces 1118502289 M * Bertl you might go back to an older version (kernel) and add the missing 2.0 patches 1118502291 M * fwiffo it's passible with /^tap[0-9]+$/, but it doesn't get gateways 1118502311 M * Bertl no, tun/tap is no option, as the devices will not be used at all 1118502324 M * fwiffo yeah, sure, better option? 1118502345 M * Bertl it's a common misunderstanding that interfaces are used if they have assigned an ip 1118502360 M * fwiffo mom, phone 1118502413 M * Vudumen Bertl: thats why i can ping an interface which i set down with ifconfig? 1118502444 M * Bertl well, you can not ping an interface, you can only ping an ip ;) 1118502546 J * alanhs ~icechat5@82-68-97-182.dsl.in-addr.zen.co.uk 1118502554 M * Bertl welcome alanhs! 1118502571 M * alanhs Hello again bertl! 1118502606 M * Vudumen Bertl: yes you are right :) but ami wrong when i think that ip is bounded to an interface? :) 1118502691 M * alanhs Bertl: I have been having some more fun with vserver today. I deciced to try to build a gentoo host and have almost succeeded, I am a little unclear about the fstab on the guest - should it be empty - I see the mtab gets created on the fly is this true of fstab ? 1118502724 M * Bertl no, the fstab isn really used 1118502734 Q * rs Quit: rs 1118502736 M * Bertl instead a replacement fstab is used (from the config) 1118502746 J * rs ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr 1118502749 M * Bertl (have a look at the config page for details) 1118502760 M * Bertl okay, dinner time, off for 20 or so ... 1118502769 N * Bertl Bertl_oO 1118502867 Q * monrad Quit: Leaving 1118503883 M * fwiffo shesh, have to go off, c'ya tomorrow... 1118503889 Q * fwiffo Quit: off to munich... 1118504024 N * Bertl_oO Bertl 1118504035 M * Bertl back now ... 1118505201 M * eyck cool, what now? 1118505653 M * Bertl hmm? 1118506220 J * Pazzo ~Pazzo@host130-250.pool8172.interbusiness.it 1118506305 M * Pazzo "irc.freenode.net. 60 IN A 127.0.0.1" <- ??? 1118506344 M * Bertl hmm? 1118506370 M * aba fixed 1118506370 M * Bertl indeed, funny idea ;) 1118506390 M * aba Bertl: they do it if they have clonebot issues ... 1118506455 A * Pazzo is going to start launch on 127.0.0.1 to repair freenode.net 1118506471 M * Pazzo s/on/ircd on/ 1118506476 J * kjo ~krischan@p5484E7E2.dip.t-dialin.net 1118506485 M * Bertl welcome kjo! 1118506489 M * Pazzo btw: hi Bertl, aba 1118506497 M * kjo Hi channel 1118506501 M * aba Hi Pazzo 1118506505 M * Bertl aba: btw, how about the future of linux-vserver + sarge? 1118506523 M * aba Bertl: sarge is out. finally. 1118506535 M * Bertl hehe, yes I saw it, already updated ;) 1118506543 M * Bertl from testing -> stable ;) 1118506633 M * Pazzo Bertl: I'm currently adding vshelper-delegate/shutdown and vwait + vshelper-hack-01 to my personal util-vserver sarge package and it works fine for my needs 1118506665 M * Pazzo (but as vs2.0 is gonna go to be stable it would also be great to have stable utils ;-) 1118506666 M * aba Bertl: so, sarge is only changed if there is some grave/critical bug. And etch should release in 12-18 months ... 1118506698 M * Bertl aba: yes, but the vserver stuff in sarge is just broken ... 1118506717 M * Bertl so it would make a lot of sense to update to 2.0 once it is out, no? 1118506729 M * Bertl (especially as 2.0 will be stable ;) 1118506754 M * Pazzo Bertl, aba: util-vserver in sid is fine if you do at least the vshelper-delegate/shutdown workaround 1118506766 M * Bertl Pazzo: not required with 2.0-rc4 1118506783 M * albeiro there is ddos against freenode taking place 1118506783 M * Bertl as I said, we really care about stability ;) 1118506801 M * Pazzo Bertl: coool - what's not needed? -delegate/shutdown or the reboot/vwait hack? 1118506809 M * Bertl both 1118506822 M * Bertl it's not perfect, but it works fine ... 1118506880 M * Pazzo BOTH? great :) how did you resolve this?? shouldn't this to be done in userspace? 1118506920 M * Bertl yes, but as it _wasn't_ done in userspace, we did move the interface changes into non-legacy mode 1118506942 M * Bertl so, with legacy enabled, it should work quite fine 1118507051 M * Pazzo hmm... so reboot from inside a vserver AND vserver xy stop work fine with current utils, right? 1118507137 M * Bertl that's the idea ... 1118507208 M * Pazzo Bertl: whats atm different between legacy and non-legacy mode? 1118507255 M * Bertl non legacy mode differs very much from the legacy mode (cleaner interface, more options/hooks) 1118507278 M * Bertl but unfortunately no tools to use it properly right now ... 1118507312 M * Bertl aside from that it removes a large amount of legacy code from the kernel 1118507590 M * Pazzo sounds good :) and what about ng? what's working / missing? some docs about current state? 1118507659 M * Pazzo I was very busy last months but things are going to be better (hmmm... didn't I say the same thing long time ago?? :'-) maybe I could start some serious testing and provide some feedback 1118507676 M * Pazzo since the very early beginnings of ngn I didn't try it again :( 1118507682 M * Doener Bertl: did I get it right, that reject files from a patch are splitted into two sections, one with removals and one with additions? 1118507705 A * Doener never used those xxx.rej thingies before 1118507753 M * Doener Pazzo: ngnet is broken atm, will be repaired once 2.0 is out 1118507819 M * Pazzo thnx Doener (hi Doener!) 1118507920 M * Bertl evening Doener! 1118507945 M * Doener evening Pazzo,Bertl 1118507952 M * Bertl Doener: well, I use unified reject files, so no idea ;) 1118508466 M * Pazzo is there a way to let grub boot from software raid 1? (failsafe like lilo with it's raid-extra-boot) 1118508492 M * Bertl grub has a default and fallback 1118508495 M * Pazzo (didn't find something like that so lilo is still my preferred boot loader) 1118508528 M * Pazzo hmm... may I also have multiple fallbacks? 1118508537 M * Bertl hmm, no 1118508579 M * Pazzo so I could use the fallback feature to be able to boot if for example hd0/1 fails... 1118508603 M * Bertl yep 1118508605 M * Pazzo ...but "failsafe" kernel upgrading then will require a lot of handwork - right? 1118508618 M * Bertl you can do one time boots too 1118508642 M * Bertl well, probably you can even do multi fallback ... 1118508697 M * Pazzo normally I do an upgrade, set default=LinudOLD - lilo -R Linux, append panic=10 and put a shutdown script in /etc/rc2.d to reboot in 10 minutes (helps if for example networking fails) 1118508722 M * Pazzo multi-fallback? 1118508782 M * Bertl the one time boot works by changing the default at boot time 1118508786 M * Pazzo (if I don't mess up both kernels / initrd files / symlinks the probability that my servers come back after such a reboot is really high :-) 1118508802 M * Bertl so you could probably make a chain of changes ... 1118508812 M * Pazzo yeah, that's what lilo -R is doing... 1118508829 M * Pazzo ...but what does grubs fallback do? 1118508844 M * Pazzo fallback kernel or fallback hd? 1118508971 M * Pazzo default 1 => fallback 0 ... ok, I googled and believe to understand grub 1118509012 M * Pazzo but what I need is to boot Linux from sda (fallback sdb) and LinuxOLD from sda (fallback sdb) 1118509053 M * Bertl fallback config 1118509202 M * Pazzo yeah, but grub's fallback has only ONE fallback ... so if I try to boot a not-booting kernel AND my first hd doesn't survive the reboot I'm in trouble, right? 1118509310 M * Pazzo that's what lilo is able to do. lilo is not as easy to handle as grub and if it wouldn't be a step backward for my setup I would really like to change all my boot managers 1118509350 M * Pazzo (also because I'm using nothing but Sarge since more than a year and grub is the default boot manager in Sarge) 1118509526 M * Pazzo forget it - thnx Bertl, I don't want to waste your time with such stupid problems. I'll stay with lilo ;-) 1118509611 M * Bertl Pazzo: yeah, but trust me, it also works quite fine with grub ;) 1118509748 M * Bertl okay, off for now ... back later ... 1118509752 M * Pazzo I trust you! but lilo gives me the possibility to have a failover drive AND a failover kernel at the same time - and that's what grub is not able to do 1118509753 N * Bertl Bertl_oO 1118509758 M * Pazzo cu Bertl! 1118510746 Q * rs Quit: rs 1118511134 J * kjo_ ~krischan@p5484C4F5.dip.t-dialin.net 1118511395 J * eXplasm explasm@p549F3B53.dip.t-dialin.net 1118511574 Q * kjo Ping timeout: 480 seconds 1118512004 J * id ~id@relax-media.softwarezentrum.de 1118514217 M * Pazzo Feedback: 2.0-rc4 is running fine, as Bertl already said reboot / stop issues are resolved 1118515354 Q * eXplasm Read error: No route to host 1118515368 J * eXplasm explasm@p549F3B53.dip.t-dialin.net 1118515637 J * eXplasm2 explasm@p549F3B53.dip.t-dialin.net 1118515637 Q * eXplasm Read error: Connection reset by peer 1118515948 M * Doener gtg now, cya later 1118515950 N * Doener Doener|gone 1118516647 J * rs ~rs@imhotep.rhapsodyk.net 1118521617 Q * kjo_ Ping timeout: 480 seconds 1118522970 Q * greedy Quit: using sirc version 2.211+KSIRC/1.3.12 1118522994 J * greedy ~jesper@0x503e3545.arcnxx21.adsl-dhcp.tele.dk 1118523188 J * Aiken ~james@tooax8-249.dialup.optusnet.com.au 1118525344 T * services.oftc.net http://linux-vserver.org/ | latest stable 1.2.10, devel 1.9.5, 2.0-rc4, ng9.5 -- He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1118525464 Q * greedy Quit: using sirc version 2.211+KSIRC/1.3.12 1118525483 J * greedy ~jesper@0x503e3545.arcnxx21.adsl-dhcp.tele.dk 1118525583 Q * greedy Quit: 1118525947 J * greedy ~jesper@0x503e3545.arcnxx21.adsl-dhcp.tele.dk 1118526204 Q * alanhs Ping timeout: 480 seconds 1118526240 N * Bertl_oO Bertl 1118526259 M * Bertl evening folks! 1118526266 M * Vudumen hi Bertl :) 1118526328 M * Bertl hey Vudumen! 1118527057 M * Aiken good morning 1118527067 M * Bertl morning Aiken! 1118527211 M * Aiken with the 2.0 release getting closer is there much effort maintaining 1.2.10 and 2.4.X ? 1118527245 M * Bertl no, not really, but we _are_ maintaining it (it's basically in feature deep freeze) 1118527321 M * Aiken was curious, apart from playing with 2.0 on this machine I am more interested in running vserever on a couple of 2.4 boxes 1118527421 M * Bertl any specific reason for that? 1118527500 M * Aiken they are systems that do what I want when I want as they and don't want to make too many major changes to them 1118527535 M * Aiken opne of the machine images is old enough a full rebuild would be the easiest way to get it to a 2.6 kernel and I don't want to touch it 1118527594 M * sannes :) 1118527677 M * Bertl Aiken: hmm, 2.6 works pretty fine if built monolithic with very old distros too ... 1118527712 M * Bertl a friend of mine updated a linux 2.2.x to 2.6 (we had to cross compile the kernel ;) 1118527827 M * Aiken had started looking at that idea, for some reason I had touble with the serial ports and the 2 ethernet cards came up in the wrong order so put the idea on hold 1118527880 M * Bertl i.c., well ethernet order can be fixed, about the serial ports, I don't know 1118527899 M * Aiken could have been an option I missed with the serial ports 1118527982 M * Aiken I keep finding more important things to do anyway, like finishing off the system image for my alpha 1118528009 M * Aiken and as long as I get the direcotry order correct with rsync this time to backup the new image it is finished 1118528015 M * Bertl ah, that reminds me that I still have to do the alpha install :) 1118528056 M * Aiken my alpha now makes my wifes 2nd linux computer 1118528090 M * Aiken she wanted the xterminal for her computer upgraded, I wanted the alpha on the network. everyone wins 1118528093 M * Bertl well, the alpha is a nice cpu design 1118528201 M * Aiken I quite like it but software can be a problem. There are a few packages that won't build either because they are not 64bit clean (which can also affect amd64) or just do silly things and won't even compile 1118528240 M * Bertl well, the not 64bit clean issue will be gone soon 1118528300 M * Aiken google has been good, eg firefox 1.0.4 won't compile on alpha. Put the error message in googe which took me to a patch 1118528411 M * Aiken I used debian to bootstrap the machine, proved to be a nice easy way to get linux on it. The machine has started with nt4. 1118528797 M * Aiken in someways I think is the advent of the amd 64bit chip that made making the alpha image easier 1118528874 M * Bertl yes, that's what I meant 1118529339 M * Aiken rh62 + util-vserver 0.30.207 = checking for nameif... no 1118529414 M * Bertl mandrake (8.1): rpm -qf `which nameif` 1118529414 M * Bertl net-tools-1.60-2mdk 1118529470 M * Aiken net-tools-1.54-4 is what is installed 1118529494 M * Bertl does it contain nameif and is it available (path)? 1118529542 M * Aiken rpm -qpl net-tools-1.54-4.i386.rpm | grep nameif returns nothing 1118529554 M * Bertl btw, nameif and /etc/mactab is a good way to keep the interface order ;) 1118529595 M * Aiken this is an example of why I am wary of upgrades on that machine 1118529657 M * Bertl yeah, well, the 0.30.207 tools will require it regardless of the kernel, no? 2.6/24? 1118529774 M * Aiken the machine has a 2.4.29 kernel, what I had though of doing is using vserver 1.2.10 to run a 3 newer images 1118529800 M * Bertl doesn't change anything regarding the choice of the userspace tools, or? 1118529898 M * Aiken 0.30 tools compiles fine 1118529917 M * Bertl well, you can use them with 2.0 too, no? 1118529937 M * Aiken I think I might have before the alpha tools compiled 1118529946 M * Aiken someting about legacy mode 1118529973 M * Bertl yep, for now the legacy mode is probably the best choice anyway 1118530038 M * Aiken so your suggestion is the older tools (0.30) with a monolithic 2.6.11.11? 1118530048 M * Aiken compile the kernel on this machine and it sounds like a doable idea 1118530065 M * Bertl well, it really depends what features you want to use 1118530073 M * Bertl did you have a look at the feature matrix? 1118530101 M * Bertl if you are fine with the features provided by 2.4/1.2.x, then no need to go 2.6 ... 1118530126 M * Aiken have had a look and apart from HARDCPU I was happy with the feature set of 1.2.10 1118530170 M * Bertl fact is, while 2.0 is getting stable (first stable release), 1.2.x is stable for a long time now ... 1118530691 M * Aiken still thinking out it but not today, I have a day of half life and a bbq in front of me. 1118530719 M * Bertl have fun then! 1118531342 M * Pazzo Bertl: where can I read something about quota / vroot with vs2.0? 1118531377 M * Bertl quota as in user/group quota or as in disk limits? 1118531415 M * Pazzo disk limits are still not possibly without tagging all files and counting / adjusting values etc, right? 1118531428 M * Pazzo quota as in user/group quota 1118531470 M * Bertl 'still not possible', hmm ... they never will be possible without that, neither are the usr/grp quotas on any linux system, no? 1118531567 M * Bertl anyway, quota on a separate partition is simply a matter of using vrsetup to configure the vroot device, and copying over that into the guest 1118531578 M * Bertl (plus maybe adjusting the mtab entry) 1118531628 M * Pazzo hmmm... thnx 1118531659 M * Bertl (i.e. the old docu still applies) 1118531674 M * Pazzo if I don't care about disk limits and quotas I can write whatever I want in a vservers fstab, right? 1118531682 M * Pazzo ehm - I mean for / 1118531688 M * Bertl basically ... 1118531698 M * Pazzo just "/dev/hdy /" or something like that 1118531710 M * Bertl well, actually you can write a lot there ... 1118531797 M * Pazzo ok, I'll write "/dev/zero / ext3 rw 0 0" ;-) 1118531848 M * Pazzo hehe... never had that much free disk space on /dev/zero 1118531907 M * Pazzo /dev/null looks even better :-) do I need to change the vserver's /etc/mtab or is there something in /etc/vservers/ for this purpose? 1118531976 M * Bertl * /etc/vservers//apps/init/mtab 1118532014 M * Bertl there is also a default, see the FlowerPage 1118532334 M * Pazzo doesn't seem to work... is this only used by "vserver build"? 1118532682 M * Pazzo tried also to remove /etc/mtab, created /etc/vservers//apps/init/mtab AND /etc/vservers/init/mtab - restarted vserver multiple times - no way 1118532712 M * Bertl tool version? 1118532730 M * Pazzo 207 1118532737 M * Pazzo (0.30.207) 1118532747 M * Pazzo from Debian SID 1118532962 M * Pazzo if I stop the vserver, modify the mtab file it will be changed back to contain only tmpfs & proc when I start the vserver 1118532975 M * Bertl sec checking here 1118532979 M * Pazzo hmm... maybe this is done at boot time by some debian script? 1118533012 M * Pazzo /etc/mtab contains what mount tells me 1118533024 M * Pazzo (is telling me) 1118533037 M * Bertl no, mount tells you what mtab contains ;) 1118533069 M * Bertl echo "/dev/zero / ufs defaults 0 0" >/etc/vservers/vinz/apps/init/mtab 1118533076 M * Bertl cat /vservers/vinz/etc/mtab 1118533076 M * Bertl /dev/zero / ufs defaults 0 0 1118533079 M * Bertl ... 1118533087 M * Bertl so that looks quite fine to me ... 1118533095 M * Bertl non-debian 0.30.207 ;) 1118533147 M * Pazzo is your /etc/vservers/vinz/apps/init/mtab a symlink?? 1118533163 M * Bertl no, it's a file 1118533238 M * Pazzo and if you change it at vinz's runtime mtab in vinz will be changed? or do you need to reboot vinz? 1118533315 M * Bertl it will be changed/written everytime when vince is restared 1118533320 M * Bertl *restarted even 1118533425 M * Pazzo so utils are going to copy /etc/vservers/../mtab to /vservers/vinz/etc/mtab - right? 1118533441 M * Bertl yes, and then add the mount entries from tmp, etc ... 1118533447 M * Pazzo so probably debian is changing this file at boot time - let's have a look 1118533530 M * Bertl hmm, if it helps you, vinz was created by: 1118533532 M * Bertl vserver vinz build -m debootstrap --hostname vinz --interface vinz=eth1:192.168.0.100/24 --context 42 -- -d sarge -m ftp://ftp.debian.org/debian 1118533545 M * Bertl (so it should be a 'default' sarge install, right?) 1118533588 M * Pazzo hehe... 1118533617 M * Pazzo /etc/rcS.d/S10checkroot.sh -> ../init.d/checkroot.sh 1118533641 M * Pazzo when I remove the symlink it works 1118533682 M * Bertl hmm, but the link is present here ... 1118533688 M * Pazzo ?? 1118533713 M * Bertl ls -la /vservers/vinz/etc/rc*/*root* 1118533714 M * Bertl lrwxrwxrwx 1 root root 22 Jun 9 01:52 /vservers/vinz/etc/rcS.d/S10checkroot.sh -> ../init.d/checkroot.sh* 1118533834 M * Pazzo checkroot calls /etc/init.d/mountvirtfs if init_mtab=yes 1118533920 M * Bertl well, I'd say this script isn't started at bootup at all 1118533926 M * Pazzo init_mtab=yes if mtab path is writeable (not /proc) 1118533952 M * Pazzo why not? it is started 1118534032 M * Pazzo what initstyle are you using? me: plain 1118534045 M * Bertl me default (i.e. sysv) 1118534090 M * Pazzo hmm... what does sysv do? just go into /etc/rc.d and launch all scripts? 1118534099 M * Bertl yup 1118534114 M * Pazzo /etc/rcS.d/README: The scripts in this directory are executed once when booting the system, ... 1118534145 M * Pazzo and what exactly doesn "plain" do? 1118534154 M * Pazzo s/doesn/does/ 1118534175 M * Bertl plain starts the init process inside the guest 1118534237 M * Pazzo and what's "better"? 1118534258 M * Bertl well, I never had any special use for init inside a guest ... 1118534271 M * Bertl but some folks say they 'need' it ... 1118534323 M * Pazzo Bertl: now I removed "si::sysinit:/etc/init.d/rcS" from /etc/inittab ... 1118534344 M * Bertl probably works fine too ;) 1118534356 M * Pazzo difference: mount /dev/hdv is still there...