1120867246 J * gin_lit ~gin@tonic.iis.nsk.su 1120867275 M * gin_lit hi all 1120867402 M * gin_lit anybody here? 1120867579 M * maharaja yes 1120867580 M * maharaja i am 1120867600 M * Bertl greetings gin_lit! 1120867637 M * gin_lit :) 1120867653 M * gin_lit could someone help me with ngnet? 1120867848 M * maharaja never used ngnet, sorry about that 1120867857 M * Bertl gin_lit: hmm, are you developing it? 1120867903 M * gin_lit no, i am trying to use it 1120867926 M * gin_lit ngnet is a latest thing that i need 1120867931 M * Bertl ah, k .. 1120867941 M * gin_lit except os templates... 1120867943 M * Bertl for what do you _need_ it? 1120867966 M * gin_lit i need isolate network devices from other virtual servers 1120867993 M * gin_lit i want to see only one network device in one virtual server 1120868011 M * gin_lit not all devices on host os 1120868022 M * Bertl aha, and for what purpose? 1120868094 M * gin_lit now when i run command like 'ifconfig en0 some_ip up', i am getting an error 1120868118 M * gin_lit SIOCSIFADDR: Permission denied 1120868128 M * Bertl yeah, well, don't do it, no? 1120868141 M * gin_lit ? 1120868152 M * maharaja bertl: what purpose has testfs.sh ? 1120868158 M * Bertl gin_lit: I mean why does the 'guest' need to set the interface? 1120868175 M * Bertl gin_lit: (not ngnet related) 1120868198 M * Bertl maharaja: filesystem testing (xid tagging, xattrs) 1120868218 M * gin_lit yes, i have run command vnet -x cntx_id -n __ -d eth0 -D en0 1120868241 M * gin_lit it runs without any errors 1120868251 M * maharaja Bertl: is it safe to run it on a production environment to see the output? 1120868265 M * gin_lit but i cannot use ifconfig inside vps 1120868271 M * Bertl maharaja: yes, but it will not be useful there :) 1120868289 M * Bertl gin_lit: you need some capabilities like NET_ADMIN and such .. 1120868313 M * gin_lit it is already in configuration file 1120868334 M * maharaja well, i currently got v2-rc5 as my production environment :) 1120868357 M * Bertl gin_lit: what does 'grep Cap /proc/self/status' show? 1120868361 M * maharaja Bertl: how long is it supposed to run? 1120868392 M * Bertl a few minutes, but as I said, there are some requirements to make it useful 1120868404 M * gin_lit Bertl: from guest os? 1120868412 M * Bertl gin_lit: yep, from the guest 1120868429 M * gin_lit just a second 1120868436 M * Doener evening! 1120868442 M * Bertl evening Doener! 1120868443 M * Doener ensc is alive! ;) 1120868452 M * Bertl seems so, yeah! :)= 1120868471 M * Bertl and he found a bug in your? patch! 1120868475 M * Doener did i introduce that bug? 1120868478 M * Doener heh :) 1120868496 M * Bertl seems so, I fixed it already in my tree 1120868531 M * gin_lit it shows the following: 1120868531 M * gin_lit CapInh: 0000000000000000 1120868532 M * gin_lit CapPrm: 00000000fffffeff 1120868532 M * gin_lit CapEff: 00000000fffffeff 1120868557 M * Bertl hmm, that's a lot of caps ... 1120868582 M * Bertl (for a vserver guest of course) 1120868598 M * Doener hm, yeah, that was one of the moved/modified limit checks... oops ;) 1120868601 M * gin_lit oi 1120868618 M * gin_lit # grep Cap /proc/self/status 1120868618 M * gin_lit CapInh: 0000000000000000 1120868618 M * gin_lit CapPrm: 00000000d44c04ff 1120868618 M * gin_lit CapEff: 00000000d44c04ff 1120868624 M * gin_lit it is right :) 1120868633 M * Bertl that looks better ;) 1120868650 M * gin_lit :) 1120868707 M * Bertl but I don't see CAP_NET_ADMIN there ... 1120868718 M * gin_lit hm 1120868908 M * gin_lit CapInh: 0000000000000000 1120868908 M * gin_lit CapPrm: 00000000d44c14ff 1120868908 M * gin_lit CapEff: 00000000d44c14ff 1120868917 M * gin_lit what about this? 1120868947 M * Bertl better ;) 1120868957 M * gin_lit yes, with this everything is works :) 1120868968 M * Bertl Doener: http://vserver.13thfloor.at/Experimental/FOR-2.0/delta-mremap-fix01.diff 1120869002 M * maharaja Bertl: what changes where made from rc4 to rc5? 1120869017 M * Doener looks good 1120869075 M * gin_lit but I cannot ping guest os :( 1120869099 M * Bertl well, ngnet is not complete yet, it requires static arp entries for now 1120869116 M * gin_lit hm 1120869161 M * Bertl maharaja: not too much, a little debug info and cleanups 1120869167 M * gin_lit did you ever seen Virtuozzo system? 1120869186 M * Bertl no, but I've heard a few things about it ... 1120869214 M * gin_lit i am working with it for about 2 years 1120869228 M * Bertl and you love it, right? 1120869235 M * gin_lit yes :) 1120869251 M * Bertl so why now linux-vserver? 1120869278 M * gin_lit I am looking for an alternative solution 1120869291 M * Bertl hmm, why so? 1120869330 M * maharaja Bertl: thank you! 1120869352 M * Bertl maharaja: but there will be a bunch of changes to -rc6 1120869361 M * gin_lit just intresting ;) 1120869375 M * maharaja Bertl: when can we expect rc6 to be released 1120869385 M * Bertl tonight 1120869434 M * Bertl Doener: did you get around looking at the other patches? 1120869443 M * Doener not yet, been away all day 1120870033 M * maharaja mhm, rc5 is not working as expected 1120870048 M * Bertl what do you expect :) 1120870057 M * maharaja a booting system ;) 1120870071 M * maharaja as i'm not in front of the server, i cannot say what the problem might be 1120870093 M * Bertl I'd opt for an admin issue ... 1120870116 M * maharaja me too 1120870281 M * Bertl Doener: what are your plans for tonight? 1120870330 M * Doener not much... got up at about 5am, i.e 22 hours ago... reading the patches now, will probably go to bed after that 1120870348 M * Bertl k, thanks! 1120870639 M * Doener ok, i'd say they all look good. 1120870663 M * Bertl excellent ... 1120870775 M * Bertl Doener: last question, in do_mremap(), we do 1120870784 M * Bertl ret = -EAGAIN; 1120870784 M * Bertl if (locked > lock_limit && !capable(CAP_IPC_LOCK)) 1120870784 M * Bertl goto out; 1120870795 M * Bertl but 1120870801 M * Bertl + ret = -ENOMEM; 1120870801 M * Bertl + if (!vx_vmlocked_avail(current->mm, 1120870801 M * Bertl + (new_len - old_len) >> PAGE_SHIFT)) 1120870801 M * Bertl + goto out; 1120870830 J * eXplasm2 explasm@p549F347D.dip.t-dialin.net 1120870843 M * Bertl looks to me like one of those here is wrong, n? 1120870853 M * Bertl (the return code) 1120870994 M * Doener yep, both should be _EAGAIN 1120871032 M * Doener s/_/-/ 1120871138 M * Doener ok, off to bed then... have a good one! 1120871144 M * Bertl god night! 1120871148 M * Bertl *good even 1120871259 Q * explasm__ Ping timeout: 480 seconds 1120871315 Q * Zoiah Remote host closed the connection 1120874209 M * Aiken the nfs problem is sorted 1120874223 M * Bertl excellent, details= 1120874228 M * Bertl s/=/?/ 1120874275 M * Aiken it took a 2.6.12.2 client to break a 5 year old nfs server that had been very well behaved otherwise :( 1120874297 M * Aiken upgraded nfs-utls all round and flock now works again 1120874343 M * Aiken it needed a current statd running on both server and client 1120875818 J * angel4u Angel@81.181.82.216 1120875819 M * angel4u hi 1120875824 M * angel4u someone online? 1120875825 M * Bertl welcome angel4u! 1120875850 M * angel4u nice topic :) 1120875924 M * Bertl yeah, we like it too :) 1120876025 M * angel4u someone know how i will make the vserver after i patched the kernel? 1120876058 M * Bertl configure it, build it, install it, boot it :) 1120876069 M * angel4u 1 second 1120876080 M * angel4u need me some scripts to make the virtual server right ? 1120876083 M * Bertl then have a look at the tools (util-vserver) 1120876111 M * angel4u how i will allow the ram hdd and ip`s ? 1120876127 M * Bertl http://linux-vserver.org/alpha+util-vserver 1120876149 M * Bertl have a look at the vserver creation section 1120876198 M * angel4u 1 second pls 1120876269 M * angel4u [root@localhost ~]# uname -a 1120876269 M * angel4u Linux localhost.localdomain 2.6.10-vs1.9.3.14 #1 Wed Dec 29 06:41:32 EET 2004 i686 athlon i386 GNU/Linux 1120876270 M * angel4u [root@localhost ~]# 1120876273 M * angel4u so the kernel is done 1120876281 M * angel4u is some scripts to make the vserver ? 1120876311 M * Bertl hmm, any reason why you use this specific kernel/patch version? 1120876367 M * angel4u sir just i test this technology in my computer home 1120876382 M * angel4u and i wish to have one virtual server maked by me 1120876407 M * angel4u vskel-0.20 will help me ? 1120876431 M * Bertl please have a look at the 'vserver creation' section I mentioned 1120876681 M * angel4u vserver build -m apt-rpm * -- -d fc1 1120876695 M * angel4u vserver angel build -m apt-rpm * -- -d fc1 1120876697 M * angel4u like that ? 1120876708 M * angel4u whatt need to put to * ? 1120876712 M * Bertl well, the * are described a little further down 1120876748 M * angel4u give me one example pls 1120876835 M * Bertl vserver foo build -m rpm --hostname vs.foo.org --netdev eth0 --interface * 192.168.3.1/21 --context 42 -- -d fc3 -b /media/cdrom/Fedora/RPMS 1120876848 M * Bertl excluding the '*' 1120876857 M * Bertl (it's the second example on that page) 1120876882 M * angel4u need to put the cd in cdrom ? 1120876909 M * Bertl depends on your repository setup 1120876925 M * Bertl this is just _an_ example 1120876935 M * Bertl you can create a guest in various ways ... 1120876993 M * angel4u man i wish create only one :) 1120877005 M * angel4u after that i will get some expierence 1120877019 M * angel4u 192.168.3.1/21 this is the iprange ? 1120877022 M * Bertl so what about this one then: 1120877050 M * Bertl vserver foo build -m debootstrap --hostname vs.foo.org --netdev eth0 --interface 192.168.3.1/21 --context 42 -- -d sarge -m ftp://ftp.debian.org/debian 1120877080 M * angel4u example if i wish to put 3 ip`s for one vserver 1120877081 M * Bertl (the last example) it will build a debian sarge guest directly from the network 1120877087 M * angel4u ex 1.2.3.4 1.2.3.5 1.2.3.6 1120877097 M * angel4u how i will add this ? 1120877114 M * Bertl --interface 1.2.3.4 --interface 1.2.3.5 --interface 1.2.3.6 1120877277 M * angel4u nice 1120877286 M * angel4u and is some patch for security ? 1120877298 M * angel4u vserver foo build -m rpm --hostname vs.foo.org --netdev eth0 --interface 10.0.0.2 --interface 10.0.0.3 --interface 10.0.0.4 --context 42 -- -d fc3 -b /media/cdrom/Fedora/RPMS 1120877300 M * angel4u is ok? 1120877410 M * Bertl will create a guest called 'foo' with hostname 'vs.foo.org' and assign 3 ips (without netmask) to eth0 (and the guest), guest context id will be 42, distro fc3 built from an rpm repository/ mounted at /media/cdrom/Fedora/RPMS 1120877444 M * angel4u aha 1120877452 M * angel4u so after that ... 1120877463 M * angel4u how i will set root password for vserver ? 1120877479 M * Bertl you first start the guest with 'vserver foo start' 1120877493 M * Bertl then, you can 'enter' it with 'vserver foo enter' 1120877506 M * Bertl you can then set passwords, or do whatever you want :) 1120877518 M * angel4u that`s nice 1120877561 M * angel4u the root dady can see the vserver process right? 1120877595 M * Bertl no, we decided against that, but there is a 'spectator' context which sees all processes 1120877611 M * angel4u like top ? 1120877619 M * angel4u u know why i ask u? 1120877629 M * Bertl not yet :) 1120877633 M * angel4u bcz i wish to put in one server some vservers for custommers 1120877652 M * angel4u and if they will use scan or flood 1120877657 M * angel4u need to see that 1120877673 M * Bertl there is for example vps and vtop 1120877701 M * angel4u and for security kernel can put grsec patch ? 1120877726 M * Bertl there are patches to combine grsec and vserver 1120877740 M * Bertl but to make it useful, you need a proper policy 1120877775 M * angel4u Bertl i see u know more about that technology 1120877789 M * angel4u can u be my teacher ? 1120877795 M * angel4u step by step ? 1120877840 M * Bertl ask, and I'll point you in the right direction ... 1120877853 M * angel4u is too much to work now 1120877858 M * angel4u and my time is limited :) 1120877871 M * angel4u here is 6:00 am 1120877879 M * Bertl here 5am :) 1120877888 M * angel4u your country ? 1120877895 M * Bertl Austria 1120877899 M * angel4u nice 1120877903 M * angel4u i`m from Romania 1120877935 M * angel4u this is my daddy 1120877936 M * angel4u [ 07:50:42 ] root@ThUnDeR (~/utile)]# uname -a 1120877936 M * angel4u FreeBSD ThUnDeR.Shell-Power.net 4.11-STABLE FreeBSD 4.11-STABLE #1: Thu Jul 7 22:01:51 IDT 2005 root@:/usr/obj/usr/src/sys/DRAGON i386 1120877937 M * angel4u [ 07:50:43 ] root@ThUnDeR (~/utile)]# 1120877952 M * angel4u u have jail technology inside 1120877959 M * angel4u but something is wrong 1120877968 M * angel4u the oidentd running 1120877982 M * angel4u and the users of jail don`t run the oidentd 1120877995 M * angel4u like that angel4u is angel@66.252.7.34 1120878008 M * angel4u they is angel4u is ~angel@66.252.7.34 <- like that 1120878044 M * angel4u i put in rc.conf oidentd_enable="YES" 1120878055 M * angel4u but dunno why don`t work 1120878114 M * Bertl and? 1120878144 M * angel4u so in the daddy root work the oidentd 1120878149 M * angel4u but in the jail no 1120878160 M * angel4u i don`t know whatt need to do 1120878169 M * Bertl daddy = host, jail = guest ? 1120878175 M * angel4u yes 1120878190 M * Bertl and it's a freebsd with a jail? 1120878196 M * angel4u yes 1120878203 M * Bertl no idea about that :) 1120878206 M * angel4u :)) 1120878207 M * angel4u hehe 1120878212 M * angel4u 1 second 1120878218 M * angel4u : cannot create directory `/vservers/foo/./usr/include/protocols': No space left on device 1120878219 M * angel4u cp: cannot create directory `/vservers/foo/./usr/include/db4': No space left on device 1120878219 M * angel4u cp: writing `/vservers/foo/./usr/include/features.h': 1120878220 M * angel4u :DDDDDDDDD 1120878338 M * kestrel is using kernel qos the recommended way of limiting network traffic per vserver? 1120878361 M * Bertl yes, tc for example 1120878413 M * angel4u kestrel u ask me in freebsd or fedora ? 1120878418 M * kestrel cool 1120878457 M * angel4u no space for my hdd to make vserver :( 1120878511 M * kestrel bertl: i am running snmpd inside my vservers quite successfully 1120878556 M * Bertl sounds good! 1120878664 M * kestrel i have virt_cpu, virt_mem, virt_uptime and virt_load and all seem to be virtualised nicely (except cpu) 1120878705 M * Bertl yeah, cpu virtualization is still missing ... 1120878716 M * kestrel that would explain it :) 1120878729 M * kestrel the 2.0 branch is very nice 1120878736 M * kestrel nice work :) 1120878741 M * Bertl thanks! 1120878780 M * angel4u Bertl u maked this technology ? 1120878799 M * Bertl well, yeah, you can say so ... 1120878807 M * angel4u gratz man 1120878839 M * angel4u i see alot of companny`s use this technology for hosting 1120878865 M * Bertl yeah, we have a page for them (on the wiki) but I guess only a fraction has entered there ... 1120878881 M * angel4u i don`t have words 1120878912 M * angel4u whatt is better 2.4.X kernel or 2.6.X ? 1120878935 M * Bertl from the kernel design point of view: 2.6.x 1120878948 M * angel4u and for security ? 1120878949 M * Bertl from the stability point of view, probably 2.4.x 1120878951 M * angel4u 2.4 1120878955 M * angel4u right ? 1120878969 M * angel4u and if the fedora have 2.6 kernel 1120878979 M * angel4u can put him 2.4 kernel ? 1120878980 M * Bertl security is hard to answer ... I'd opt for 2.6 here, just because stuff is easier to fix/faster fixed 1120879021 M * Bertl from the linux-vserver point of view, I'd definitely go for 2.6/vs2.0 1120879040 M * angel4u vs2.0 is the patch ? 1120879052 M * Bertl currently it's vs2.0-rc5, yes 1120879057 M * angel4u nice 1120879060 M * angel4u so .. 1120879070 M * angel4u if i will put one fedora up 1120879075 M * angel4u and i will make vservers 1120879090 M * angel4u the vserver root can crash the kernel ? 1120879131 M * Bertl every process can potentially crash the kernel (if there is a kernel bug somewhere :) 1120879159 M * angel4u whett need to do to this guyz to no use exploits and scaners 1120879164 M * angel4u sry for my bad english 1120879194 M * angel4u when i see u i will say "guten tag her profesor" 1120879204 M * Bertl np, english isn't my mother tongue either ... 1120879210 M * Bertl lol 1120879223 M * angel4u :) 1120879238 M * angel4u dunno but i don`t unserstand 1120879243 M * angel4u u maked this technology 1120879247 M * angel4u and is much to work 1120879252 M * angel4u that is for free ? 1120879267 M * Bertl yep, well, you can make a donation if you like to ... 1120879285 M * angel4u the microsoft guyz if make one patch they wish monney :) 1120879294 M * angel4u Bertl u have more pasion in whatt u do 1120879321 M * angel4u heh man in my country 10 euros is much monney 1120879324 M * Bertl I like what I do, and I like it if others appreciate it ... 1120879345 M * angel4u i apreciate your work and i apreciate u 1120879354 M * angel4u congratulations 1120879360 M * Bertl thanks! 1120879384 M * angel4u i wish to put up one server in vserver technology but ... linux is not familial for me 1120879398 M * angel4u i know only how to set servicess in linux 1120879404 M * angel4u mail servers ftp httpd etc 1120879407 M * angel4u not kernel 1120879423 M * angel4u [05:00:13 root@netoffice private]# cat /etc/issue 1120879423 M * angel4u Red Hat Enterprise Linux ES release 3 (Taroon) 1120879423 M * angel4u Kernel \r on an \m 1120879430 M * angel4u [05:14:54 root@netoffice private]# uname -a 1120879430 M * angel4u Linux netoffice.ro 2.4.21-4.0.1.EL #1 Thu Oct 23 01:36:33 EDT 2003 i686 i686 i386 GNU/Linux 1120879431 M * Bertl well, there are a bunch of howtos out there (how to build/configure) a kernel 1120879431 M * angel4u [05:15:03 root@netoffice privat 1120879435 M * angel4u this is my web server 1120879449 M * angel4u yeah but my english is limited 1120879469 M * Bertl it seems good enough to understand most prts, no? 1120879472 M * Bertl *parts even 1120879478 M * angel4u yes 1120879485 M * angel4u like 60-70 % of english 1120879498 M * angel4u but is hard to read manual and teach the variables 1120879517 M * angel4u i learn english in the scool 1120879525 M * angel4u only 1 year 1120879528 M * angel4u 2 hours /week 1120879529 M * Bertl most stuff is easy to learn by doing (both kernel and languages) 1120879541 M * angel4u yes but for me is dangerous 1120879546 M * angel4u cz my servers are in usa 1120879559 M * angel4u and if i will do something wrong i will pay for reinstall 1120879560 M * angel4u :( 1120879596 M * Bertl then you should spend a little time to consider all possibilities, and maybe even try out some things at home ... 1120879622 M * angel4u that i do 1120879626 M * angel4u trust me 1120879639 M * Bertl one guy did a remote repartitioning and kernel install on a remote system somewhere oversea 1120879644 M * angel4u but if will put one server up to vserver technology need best secirity 1120879669 M * angel4u yes but this guy is profesor 1120879681 M * angel4u have in he`s room only penguens :) 1120879698 M * angel4u my ideea 1120879699 M * Bertl no, that guy is a provider which hadn't done much with linux before ... 1120879732 M * angel4u vserver will work good in rh 9 with 2.4.X kernel and grsec 1120879733 M * angel4u right ? 1120879764 M * daniel_hozac if you want security, why would you use such an out of date system? 1120879772 M * Bertl IIRC, RH 9 uses tls, so you should use a 2.6 kernel as 2.4 doesn't provide that 1120879797 M * angel4u daniel_hozac i don`t get your answer 1120879799 M * Bertl but RH 9 guests are known to work quite fine with a 2.6 host kernel 1120879829 M * Bertl angel4u: btw, here is the howto: http://linux-vserver.org/Remote+Server+Repartitioning 1120879844 M * angel4u so vserver patch with grsec patch make a conflict ? 1120879845 M * daniel_hozac RH 9 was discontinued over (?) a year ago. 1120879860 M * angel4u daniel_hozac that right 1120879880 M * daniel_hozac if you want security, you want the latest security patches for the software installed. 1120879894 M * angel4u daniel_hozac look 1120879915 M * angel4u in my country the guyz like 30 % of custommers find this servers for ilegal operations 1120879918 M * angel4u like flood 1120879927 M * angel4u or to exploit and crash the kernel 1120879947 M * angel4u here is a bad problem :) 1120879957 M * angel4u big problem* 1120879965 M * Bertl well, they will have a hard time to do that from inside a guest ... 1120879968 M * angel4u sometime i hate my country 1120879979 M * daniel_hozac by using an old system, there are far more known vulnerabilities for them to exploit. 1120880025 M * Bertl angel4u: what daniel_hozac is trying to tell you is: it's not a good idea to use ancient RH/SuSE/whatever system if you are concerned about security 1120880055 M * angel4u aha 1120880062 M * angel4u better is freebsd right ? 1120880066 M * angel4u for that 1120880082 J * clc ~xxx@nts-100.7-185-64.nts-online.net 1120880094 M * clc can you set limits on cpu % and memory usage with linux vserver? 1120880107 M * Bertl welcome clc! 1120880115 M * Bertl yes, you can :) 1120880117 M * clc hi Bertl 1120880120 M * clc oh wow thats great :) 1120880125 M * clc can't do that with solaris zones i hear :-P 1120880133 M * Bertl really? 1120880152 M * kestrel i'm pretty sure you can 1120880153 M * angel4u hey guyz i wish to teach this technology 1120880166 M * angel4u maybe in 1 day .... i will finish that 1120880167 M * clc i dunno im confused about zones v. domains 1120880183 M * angel4u if i will come here and i will ask some questions maybe someone will answer me 1120880191 M * angel4u thank your guyz for the time 1120880201 M * Bertl you're welcome! have fun! 1120880202 M * angel4u congratulations for this work 1120880221 M * Bertl thanks again! 1120880268 M * angel4u good bye 1120880274 M * Bertl cya 1120880274 M * angel4u i`m going now 1120880281 M * angel4u nice to meet u Bertl 1120880288 M * Bertl my pleasure! 1120880312 M * angel4u in this channel i teach how to rebuild a kernel in linux 1120880321 M * angel4u one guy explain me steb by step 1120880322 M * angel4u :) 1120880328 M * angel4u nice network and nice mans 1120880329 M * angel4u regards 1120880344 M * kestrel see ya 1120880350 Q * angel4u Quit: have a nice day 1120880366 M * ddlp w00t! i got my first vserver working 1120880367 M * kestrel you seen this bertl: http://www.karrot-x.net/jamesd/jailVzone.html 1120880380 M * Bertl ddlp: congrats! 1120880406 M * clc but he's not comparing zones to linux vserver :-P 1120880410 M * Bertl kestrel: yes, they forgot about linux-vserver ... 1120880418 M * kestrel yeah :\ 1120880426 M * Bertl maybe some folks should send a mail to them ... 1120880434 M * daniel_hozac didn't Doener already do that? 1120880444 M * Bertl yeah, emphasis on _some_ 1120880446 M * kestrel yeah i read that somebody had 1120880451 M * kestrel heh 1120880461 M * kestrel where "some" > 1 eh? :) 1120880490 M * ddlp Bertl: thanks! 1120880609 M * Bertl kestrel: but hey, they forgot about Xen and QEMU too :) 1120880689 M * kestrel true 1120880694 M * clc but arent Xen and QEMU not the same thing or in the same class since theyre hypervisors or virtual machines? 1120880699 M * kestrel and missed quite a few requirements imo 1120880725 M * Bertl clc: and VMware is? 1120880743 M * kestrel clc: they accomplish the same goal though - multiple virtual servers on one system 1120880790 M * Bertl IMHO Xen is the kernel UML planned for a long time, and QEMU is the free VMware 1120880803 M * clc lol Bertl sorry i didnt realize he compared it to vmware 1120880870 M * ddlp is normal to have run the /etc/init.d/vprocunhide 1120880879 M * kestrel it's weird though, he comparis bsd jails...and as i understand it, never having used them, they are closer to vservers than any of the others 1120880881 M * ddlp ? 1120880896 M * Bertl ddlp: yes, you run that to configure the procfs security 1120880967 M * clc well solaris zones dont seem so cool now that you can't set a cpu limit or memory limit 1120880974 M * Bertl kestrel: yes, the bsd jail (though the 'original') is the featureless pendant to linux-vserver 1120881017 M * Bertl clc: I remember having seen some %cpu values for zones ... 1120881027 M * ddlp Bertl: ok.. and it works :) ... maybe i am wondering why it apparently didn't run/work at booting 1120881071 M * clc they just told me you couldn't but you could set the limit of cpu like only use 1 cpu 1120881097 M * Bertl 'they' being? 1120881111 M * kestrel of the full partitioning systems, xen seems like the best to me 1120881113 M * clc lol people in the #solaris room in freenode 1120881151 M * Bertl kestrel: objection, pure hw partitioning is superior (see s390 and friends) 1120881210 M * kestrel oh yeah of course, but who has the money for that? :) not me! 1120881508 M * clc heh heh .. 1120881727 M * clc so whats new fellas 1120881751 M * Bertl http://vserver.13thfloor.at/Experimental/patch-2.6.12.2-vs2.0-rc6.diff :) 1120881767 T * Bertl http://linux-vserver.org/ | latest stable 1.2.10, devel 1.9.5, 2.0-rc6, ng9.5 -- He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1120881852 A * Aiken goes to break his alpha 1120882054 M * ddlp hmmm... my host is ignoring the second processor 1120882088 M * Bertl maybe you didn't enable SMP/SMT? 1120882189 M * ddlp Bertl: i used the 686-smp .config 1120882234 M * Bertl aha :) 1120882255 M * ddlp aha? 1120882276 M * Bertl well, I guess that was supposed to tell me something, but ... it didn't *G* 1120882309 M * ddlp ahhh, i see :-) 1120882358 M * Bertl well, I currently tested the VS2.0-pre3b.config and it worked quite fine ... 1120882414 M * ddlp Bertl: beyond that, everything seems ok :-) 1120882490 M * ddlp Bertl: the first time i started the vserver top showed a very high cpu load... 1120882502 M * ddlp Bert: i restarted the server and since then is normal 1120882511 M * ddlp restarted the vserver :-) 1120882542 M * Bertl probably something was running inside the guest for the first time? 1120882591 M * ddlp Bertl: yes, apache2 1120882644 M * ddlp Bertl: and sshd :-) 1120882654 M * Bertl (if somebody wants to track the PLM testrun the id is 4602) 1120883687 Q * DaCa-fi Ping timeout: 480 seconds 1120883702 J * DaCa-fi ~danny@mail.limehouse.org 1120883741 M * Bertl wb DaCa-fi! 1120884295 J * matti matti@linux.gentoo.pl 1120884312 M * Bertl welcome matti! 1120884501 M * matti Hi Bertl :] 1120884526 M * matti Bertl: Did romke tell you about IMQ module issue on vServer? 1120884551 M * Bertl hmm, not that I can remember ... 1120884580 M * matti Bertl: It seems to make little panic when loaded and working for a while. 1120884589 M * matti Bertl: We test it on two different machines. 1120884596 M * matti Bertl: Same effect. 1120884616 M * Bertl well, were is the source for that modules? 1120884620 M * Bertl *module 1120884639 M * matti Bertl: But, I wait for IMQ developers - I want to know, that is not a IMQ issue itself. 1120884677 M * matti Bertl: http://www.linuximq.net/ 1120884704 M * matti s/developers/developers\ reply/ 1120884749 M * Bertl any quick example how to trigegr the issue? 1120884805 M * matti Bertl: Here's sime scripe that romke try to setup: http://procyon.romke.net/~romke/howtos/imq-deneb 1120884810 M * matti s/sime/simple/ 1120884840 M * matti s/scripe/script/ 1120884845 M * matti Yh, I need a slep. 1120884846 M * matti ;p 1120884851 M * matti s/slep/sleep/ 1120884861 M * Bertl IMQ behavior (PRE/POSTROUTING) 1120884864 M * Bertl default? 1120884869 M * matti Yes. 1120884883 M * matti We're not using NAT. 1120885016 M * Bertl ip6 support? 1120885044 M * matti No. 1120885065 M * Bertl how many devices? 1120885067 M * matti Pure IPv34 routing. 1120885069 M * matti Two. 1120885075 M * matti You mean IMQ? 1120885078 M * Bertl yep 1120885084 M * matti So, two. 1120885110 M * matti s/IPv34/IPv4/ 1120885133 M * matti I love sed notation... Damn ;p 1120885147 M * matti Oh, tea is ready. 1120885154 M * Bertl compiled it into the kernel (2.6.12.2-vs2.0-rc6) 1120885154 M * matti Bertl: Want some? 1120885170 M * Bertl no, thanks, not that early in the morning :) 1120885176 M * matti ;] 1120885185 M * Bertl the kernel booted fine without any issues 1120885196 M * matti We've IMQ in the module. 1120885208 M * matti With 2.6.11.11 and previous vServer release. 1120885219 M * Bertl yeah, but I didn't want to bother with the module :) 1120885223 M * matti ;p 1120885234 M * Bertl [ 9.324592] IMQ starting with 2 devices... 1120885235 M * Bertl [ 9.385099] IMQ driver loaded successfully. 1120885242 M * Bertl [ 9.387156] Hooking IMQ before NAT on PREROUTING. 1120885242 M * Bertl [ 9.387479] Hooking IMQ after NAT on POSTROUTING. 1120885257 M * matti Seems fine for now. 1120885286 M * matti But, establish some throguput on that. 1120885309 M * matti s/throguput/throughput/ 1120885326 M * Bertl first I ahve to get ttc into the qemu guest :) 1120885335 M * matti :p 1120885364 M * Bertl hmm, does it need a modified tc? 1120885370 M * matti Hm, nope. 1120885375 M * matti It's just an device. 1120885381 M * matti Look at romke's script. 1120885399 M * Bertl # tc qdisc add dev imq0 root handle 1: htb default 30 1120885399 M * Bertl Unknown qdisc "htb", hence option "default" is unparsable 1120885406 M * matti ;P 1120885417 M * matti Yep, you don't h've HTB compiled-in ;p 1120885430 M * Bertl sec 1120885445 M * matti I mean: 1120885447 M * matti iptables -t mangle -A PREROUTING -d 193.239.36.1 -j IMQ --todev 0 1120885452 M * matti iptables -t mangle -A POSTROUTING -s 193.239.36.1 -j IMQ --todev 0 1120885457 M * matti For example. 1120885489 M * Bertl iptables v1.2.9: Unknown arg `--todev' 1120885521 M * matti Ops. 1120885541 M * matti It seems, that iptables need some patches. 1120885547 M * matti http://www.linuximq.net/patchs/iptables-1.2.9-imq1.diff 1120885549 M * matti :p 1120885594 M * matti Bertl: But, wait for our tests on latest kernel and vServer. 1120885600 M * Bertl k 1120885632 M * matti Bertl: If the issue will be also noticeable, we 'll do some researches, k? 1120885641 M * Bertl if it fails, I'd suggest compiling in the module into the kernel 1120885657 M * Bertl (most issues are derived from bad/broken module code) 1120885669 M * matti Yep, you're right. 1120885677 M * Bertl altough I didn't see anything obvious in the patch 1120885746 M * matti Hm... 1120885786 M * matti Maybe it's something other then. But panic/hang-up was only an issue after setup IMQ, etc. 1120885813 M * matti Hm, well see, what will happen' with latest code. 1120885814 M * matti :) 1120885831 M * Bertl yeah, make sure that the module is compiled for the vserver kernel 1120885844 M * Bertl (as the vserver patch changes the structure layout) 1120885855 M * matti Aye aye. 1120885856 M * matti :) 1120889013 J * Zoiah Zoiah@matryoshka.zoiah.net 1120889316 M * Aiken rc6 claims it is rc5 :( 1120889356 M * Aiken -EXTRAVERSION = .2 1120889357 M * Aiken +EXTRAVERSION = .2-vs2.0-rc5 1120889590 M * Bertl oops :) 1120889697 M * Aiken oh well, just changed the local Makefile and ready to praise ccache 1120889713 M * Bertl okay, patches are updated 1120889722 M * Bertl thanks for spotting! 1120889969 M * matti Bertl: ;p 1120890255 M * DaPhreak *uh* -rc6 ?! :) 1120890300 M * Aiken testme.sh passes everything and my program with my flock issue passes :) 1120890369 M * Bertl great! 1120890565 M * Bertl okay, I'm off to bed now .. have a good whatever everyone! 1120890576 N * Bertl Bertl_zZ 1120892355 Q * [maple] Read error: Connection reset by peer 1120892409 Q * Aiken Ping timeout: 480 seconds 1120893494 J * Doener` ~doener@p54875729.dip.t-dialin.net 1120893947 Q * Doener Ping timeout: 480 seconds 1120895327 Q * Hollow Quit: /dev/zero 1120895715 Q * gin_lit Read error: Connection reset by peer 1120895944 J * Hollow ~Hollow@home.xnull.de 1120901471 Q * complexho Ping timeout: 480 seconds 1120901724 J * atsab ~as@lotes.vtu.lt 1120902740 Q * sukria Quit: leaving 1120903772 Q * eXplasm2 Remote host closed the connection 1120906306 J * complexho ~mark@funk.gotadsl.co.uk 1120907200 Q * complexho Ping timeout: 480 seconds 1120907347 J * complexho ~mark@funk.gotadsl.co.uk 1120907458 J * eXplasm explasm@p549F347D.dip.t-dialin.net 1120908855 J * renihs ~renihs___@193.170.52.70 1120912660 Q * flock Ping timeout: 480 seconds 1120912699 Q * Doener` Quit: Leaving 1120912879 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1120913132 J * Doener ~doener@p54875729.dip.t-dialin.net 1120913346 J * Hollow|mobile ~bene@p54978BC3.dip0.t-ipconnect.de 1120913591 Q * complexho Ping timeout: 480 seconds 1120914282 J * complexho ~mark@funk.gotadsl.co.uk 1120914675 Q * renihs Ping timeout: 480 seconds 1120915069 J * renihs ~renihs___@193.170.52.70 1120916117 J * gin_lit ~gin@tonic.iis.nsk.su 1120917075 Q * Greek0 Quit: leaving 1120917104 J * Greek0 ~greek0@81.189.246.175 1120917684 J * eXplasm2 explasm@p549F347D.dip.t-dialin.net 1120917684 Q * eXplasm Read error: Connection reset by peer 1120918520 Q * renihs Ping timeout: 480 seconds 1120920402 Q * daniel_hozac Ping timeout: 481 seconds 1120921250 J * renihs ~renihs___@193.170.52.70 1120921267 Q * renihs Quit: 1120921268 J * renihs ~renihs___@193.170.52.70 1120921483 J * daniel_hozac ~daniel@h56n2fls32o829.telia.com 1120922114 M * renihs hmm i am trying to limit a vserver to a specified amount of ram, ulimit -m newsize within the vserver context does not seem to help 1120922128 M * renihs how can i affect the /proc/virtual//limits ? 1120922296 M * kestrel which version? 1120922343 M * renihs 0.30.207 1120922356 M * renihs 2.6.11.12-vs2.0-rc4 1120922399 M * kestrel okay, you need something like this: 1120922400 M * kestrel [root@sclera:/etc/vservers/retina/rlimits]cat rss 1120922400 M * kestrel 1048576 1120922443 M * kestrel you can adjust it on the fly with 'vlimit'. 'vlimit -c -a' will list 1120922470 M * kestrel you also might want virt_mem in /etc/vservers//flags 1120922510 M * renihs setting rss in rlimits worked :) 1120922512 M * renihs thx alot 1120922534 M * renihs hmm is there a docu for all files within /etc/vservers? somehow i wasnt able to find something yet ...but maybe its just me 1120922565 M * renihs this virtual teamspeak server tried to eat up 700mb ram :) ...now its doing fine with 25mb :) 1120922568 M * kestrel the flower page is the "document" 1120922572 M * renihs ah :) 1120922572 M * renihs k 1120922595 M * kestrel but it's next to useless except for telling you what to google for 1120922618 M * renihs yah :) because rss file isnt listed there? 1120922622 M * renihs ah 1120922623 M * renihs no it is 1120922648 M * renihs does a description for cpu, fsize, data, stack, core, rss, nproc, nofile, memlock, as and locks exist? 1120922669 M * renihs i wouldnt have guessed rss as memory limit ) 1120922669 M * kestrel no, hence my statement about it being next to useless :) 1120922679 M * renihs k :) 1120922726 M * renihs pff however those vservers are awesome :) 1120922731 M * renihs really awesome :) 1120922764 M * kestrel yeah, it's good :) 1120922773 M * renihs good is an understatement :) 1120922773 M * kestrel the 2.6 version is very nice 1120922777 M * renihs yes 1120922780 M * kestrel hehe 1120922807 M * renihs i used 2.6.9-vs1.9.3 for about 8 months 1120922817 M * renihs without any problems, crash or whatever (3 vservers only though) 1120922868 M * kestrel yeah, it's pretty stable 1120922892 M * kestrel been running the 2.4 version for a year or two without any issues 1120922916 M * renihs hmm another thing, could it pose a security problem if i have images within the /vservers dir loopmounted? 1120922929 M * renihs like /vservers/bla.image mounted on /vservers/bla 1120922981 M * kestrel security problem how? 1120922983 M * renihs and one more thing :), might there be any way i could monitor the cpu usage from each vserver with snmp? didnt work sofar since mem/cpu output is all the same in my mrtg stats 1120922984 M * renihs dunno 1120922996 M * renihs i mean, loopmounts are not default i guess 1120923019 M * renihs i like those loopmounted images -> fast restore/backup 1120923020 M * kestrel they are fairly common with vservers apparently 1120923023 M * renihs ah ok 1120923057 M * kestrel if you use virt_mem, virt_cpu, virt_uptime and virt_load, you will get those things virtualised 1120923061 M * kestrel per-vserver 1120923067 M * kestrel except that virt_cpu is not implemented yet 1120923072 M * kestrel but the others are 1120923074 M * renihs :) hmm 1120923076 M * renihs lemme try 1120923085 M * kestrel i'm running net-snmp in all my vservers, works well 1120923094 M * kestrel interface stats are not per-vserver either 1120923105 M * renihs :( 1120923132 M * kestrel yeah, that is unfortunate 1120923142 M * kestrel you could do it with iptables rules on the host 1120923147 M * kestrel but that's a bit of a dodgy hack 1120923162 M * renihs ah ok thats fine tha 1120923163 M * renihs n 1120923173 M * renihs i like dogy workarounds :) 1120923179 M * renihs dodgy 1120923188 M * kestrel hehe 1120923250 M * renihs hmm naja, dont need to monitor cpu/ram that much 1120923276 M * renihs users/processes/disk/connections is quite ok 1120923283 M * kestrel hard_cpu is good too, if you're concerned about a vserver going crazy 1120923321 M * renihs yah, hmm i will need to figure that one out too 1120923336 A * renihs searching his mixed docu 1120923371 M * renihs (Note by pflanze: it's limiting the available cpu resources for a context, and is set by a config file from the alpha utils or via the userspace tools) 1120923373 M * renihs gruml 1120923386 M * renihs which config file? :) 1120923407 M * kestrel [root@sclera:/etc/vservers/retina]cat schedule 1120923407 M * kestrel 1 1120923407 M * kestrel 2 1120923407 M * kestrel 500 1120923407 M * kestrel 62 1120923409 M * kestrel 500 1120923409 M * kestrel 0 1120923416 M * kestrel then put hard_cpu in your flags file 1120923436 M * renihs hmm that was a bit too fast for me :), hmm flags file? 1120923452 M * kestrel the first number divided by the second number is the percentage of cpu 1120923458 M * kestrel ie. 1/2 = 50% 1120923461 M * renihs ah :) 1120923477 M * renihs why do u have 3 entries for one vserver? 1120923486 M * kestrel [root@sclera:/etc/vservers/retina]grep sched_hard flags 1120923486 M * kestrel sched_hard 1120923493 M * kestrel ah, sorry, it was sched_hard 1120923499 M * renihs k 1120923512 M * kestrel should be 6 lines: 1 2 500 62 500 0 1120923532 M * renihs k, /etc/vservers//sched_hard -> 6 lines 1120923535 M * kestrel the info is buried somewhere in the wiki 1120923545 M * renihs yah i think i stumbled over it already once 1120923555 M * renihs but what is 500 62 500 0 doing there? 1120923559 M * kestrel nah, the file is flags, you put the vserver flags in it, one per line 1120923563 M * renihs ah ok 1120923573 M * kestrel virt_cpu, etc. are other flags 1120923586 M * kestrel they're other values for the scheduler 1120923611 M * kestrel for the token bucket algorithm 1120923626 M * renihs ah ok, refilling it in some matter 1120923638 M * kestrel correct 1120923648 M * kestrel http://linux-vserver.org/Linux-VServer-Paper-06 1120923653 M * kestrel section 0.6.3 1120923693 M * kestrel http://linux-vserver.org/Scheduler+Parameters 1120923696 M * renihs hmm k thx, that i am going to try now 1120923723 M * kestrel there is also sched_prio which is a priority scheduler 1120924008 M * renihs hmm i guess cpuburn should be a good test to see if it really just uses 50% 1120924080 M * renihs hmm doesnt go higher than 26% ? 1120924082 M * renihs hmm ... 1120924133 M * kestrel do you have multiple cpu's? 1120924140 M * renihs no this one is just 1 1120924162 M * renihs it stays at 25% hmm 1120924175 M * renihs i must have borked something again... 1120924219 M * renihs grumbl, i guess thats the cause :), /proc/virtual/bla/sched shows 1120924220 M * renihs Token: 500 1120924221 M * renihs FillRate: 1 1120924221 M * renihs Interval: 4 1120924263 M * renihs hmm i guess i made nonsense, and these are defaults 1120924360 M * kestrel do you have six lines: 1 2 500 62 500 0 1120924364 Q * renihs Read error: Connection reset by peer 1120924375 M * kestrel oh 1120924379 J * renihs ~renihs___@193.170.52.70 1120924387 M * renihs i hate wireless lan... 1120924391 M * kestrel do you have six lines: 1 2 500 62 500 0 1120924394 M * kestrel yeah :\ 1120924400 M * kestrel one number per line 1120924419 M * renihs hmm i have a file called sched_hard with 6 lines but i guess thats not correct 1120924433 M * renihs and i have a file flags with sched_hard...but me is a bit confused 1120924449 M * renihs in /etc/vservers/ 1120924498 M * kestrel the file is "schedule" 1120924502 M * DaPhreak i guess sched_hard are the hard limits of a vps (which the vserver 'bla' isn't allowed to exceed) 1120924504 M * kestrel it has the six numbers in it 1120924507 M * renihs ah :) 1120924508 M * renihs ok 1120924512 M * kestrel sched_hard is a flag, it goes in "flags" 1120924515 M * renihs k 1120924518 M * renihs that i have 1120924522 M * kestrel cool 1120924528 M * kestrel that should do it then 1120924564 M * renihs Token: 500 1120924564 M * renihs FillRate: 1 1120924564 M * renihs Interval: 2 1120924568 M * renihs now it seems to work :) 1120924572 M * DaPhreak http://linux-vserver.org/Scheduler+Parameters <-- for info ;) 1120924602 M * renihs great, thx alot, it stays at 50.5% :) 1120924635 M * kestrel no problem 1120924641 M * renihs DaPhreak, hmm that url is quite empty :) 1120924669 M * DaPhreak renihs: not really ;) 1120924680 M * DaPhreak Scheduler parameters /etc/vservers//schedule should contain 6 lines: 1120924684 M * DaPhreak (and so on) 1120924693 M * DaPhreak ~ 100 lines or so ;P 1120924723 Q * Hollow|mobile Quit: Leaving 1120924739 M * kestrel yeah, i pasted that page and http://linux-vserver.org/Linux-VServer-Paper-06 1120924752 M * DaPhreak well leave the "<-- for info ;)" out 1120925135 Q * renihs Ping timeout: 480 seconds 1120925209 J * renihs ~renihs___@193.170.52.70 1120925231 M * renihs grumbl 1120925271 M * renihs i guess i am going to make a custom livedvd with some vserver on it :) 1120925349 J * badiane ~chatzilla@user-0ccerh5.cable.mindspring.com 1120925363 M * badiane hello 1120925413 M * badiane is anyone here 1120925623 M * renihs who knows? 1120926398 J * badiane_ ~chatzilla@user-0ccerh5.cable.mindspring.com 1120927018 N * Bertl_zZ Bertl 1120927049 M * renihs morning Bertl :) 1120927096 M * Bertl morning folks! renihs! 1120927313 M * DaPhreak morning Bertl ; 1120927316 M * DaPhreak ;) 1120927352 M * DaPhreak 2.6.12.2-vs2.0-rc6 runs quite fine here :) 1120927414 P * badiane 1120927434 M * renihs pff i am not uptodate anymore it seems 1120927464 M * Bertl outdated? 1120927482 M * DaPhreak (rc6) ;) 1120927483 M * renihs 2.6.11.12-vs2.0-rc4 1120927485 M * renihs :( 1120927495 M * Bertl how could that happen? *G* 1120927505 M * DaPhreak renihs: i was also until yesterday ;) *G* 1120927506 M * renihs lazy me :) 1120927515 M * renihs hehe k, 1120927546 A * renihs is starting sync 1120927554 M * DaPhreak well actually everything runs fine here Bertl, except that vserver name stop 1120927575 M * renihs still running, please investigate manually? 1120927593 M * DaPhreak yeah i guess thats if you use the plain init-style 1120927596 M * DaPhreak /usr/lib/util-vserver/vserver.stop: line 79: 25913 Killed "${NICE_CMD[@]}" ${USE_VNAMESPACE:+$_VNAMESPACE --enter "$S_CONTEXT" -- } $_VCONTEXT $SILENT_OPT --migrate --chroot --xid "$S_CONTEXT" -- "${INITCMD_STOP[@]}" 1120927630 M * renihs yup, i use plain init, and even if there is only init running in the vserver i get that message 9/10 times :) 1120927653 M * DaPhreak well its everytime, here :) 1120927677 M * DaPhreak but hopefully that will be fixed in .208 (util-vserver) 1120927816 M * renihs i hope bug #13697 will be fixed soon :) 1120927836 M * renihs coz now i have a expect script starting my servers :) 1120927920 M * DaPhreak renihs: you saw ensc's comment on that bug ? 1120927928 M * DaPhreak ah .. sorry *g* 1120927950 M * renihs yap, already posted my fstab and a strace output from startup (i guess useless but ..:) 1120928105 M * renihs pff gentoo portage devs are lazy again :), 2.6.12.2-vs2.0-rc6 not yet included :( 1120928134 M * DaPhreak heh, well actually because Hollow is currently out (at least he told me) 1120928143 M * renihs out? 1120928150 M * renihs u mean, drinking in some pub? 1120928154 M * DaPhreak yeah :) 1120928157 M * renihs ah :) 1120928165 M * DaPhreak or at least for social interaction *G* 1120928186 M * renihs bla, hmm i guess i can wait a couple days :) 1120928288 M * DaPhreak well use the ebuild for -rc5, put it into your overlay, get the tars from http://phreak.xnull.de/kernel/vserver-sources/vserver-sources-2.0_rc6.patch.bz2 and ebuild ./*-rc6.ebuild digest .. 1120928304 M * renihs yap i was thinking on doing that 1120928310 M * renihs but no time left atm :) 1120928315 M * DaPhreak heh :) 1120928365 M * renihs btw DaPhreak u use gentoo i assume? 1120928411 M * DaPhreak actually, yeah .. at least ~14 hours a day *G* 1120928421 M * renihs if u are bored someday maybe u might diff your installed packages on your box with mine and tell me if i am missing any usefull stuff on my livedvd 1120928429 M * renihs http://www.doebling.sth.ac.at/livedvd 1120928430 M * renihs argl 1120928438 M * renihs http://www.doebling.sth.ac.at/livedvd/installed.packages 1120928449 M * renihs maybe sometime...i am missing so many dev stuff ...dunno 1120928476 M * renihs not important though :) 1120928501 M * DaPhreak on which machine ?! *g* my laptop or my server ?! 1120928519 M * renihs whatever is your desktop :) 1120928548 M * renihs whichever i mean 1120928566 M * renihs i doubt that is a english word... 1120928598 M * DaPhreak heh, another one using xfce *G* 1120928616 M * renihs gnome is default, but xfce, openbox, fluxbox, hmm 1120928622 M * renihs no kde though 1120928658 M * Bertl renihs: desktop? (regarding the english word :) 1120928674 M * renihs hmm no which/whatever 1120928687 M * renihs whichever i mean :) 1120928691 A * renihs confused 1120928835 M * renihs hmm but i guess i will make a vserver only livedvd with some prebuild vservers...however i doubt that that makes much sense 1120928852 M * renihs on the other hand hmm 1120928907 M * DaPhreak renihs: http://phreak.xnull.de/packages.list.desktop 1120928937 M * renihs DaPhreak, thx alot!!! 1120928945 M * renihs http://www.doebling.sth.ac.at/livedvd/gentoo.jpg <---cool closeup from a gentoo 1120929003 M * renihs the red stripe makes it faster :), fastest bird on earth 1120929012 M * renihs at least underwater... 1120929048 M * DaPhreak you're creating a livedvd ?! *G* sounds like fun .. 1120929057 M * renihs hmm "fun" is relative :) 1120929071 M * renihs but its quite nice already, 2200+ packages though 1120929091 M * renihs currently i am waiting on legal issues beeing checked (+100 non-gpl/bsd licenses) 1120929157 M * DaPhreak damn .. why has a Cobalt Qube3 to be that much expensive *grml* 1120929161 M * renihs check out the screenshots on ww.doebling.sth.ac.at/livedvd and tell me what u think :) 1120929202 M * renihs but its quite cool, a vserver and openmosix kernel is included as well 1120929209 M * renihs and openmosix seems to work even :) 1120929211 M * Bertl hmm, maybe we are a little off-topic here? 1120929216 M * renihs yah thats true, sorry 1120929258 M * DaPhreak hmm Bertl, whats actually causing this vstop issue mentioned earlier ?! something inside the tools or is it kernel-related ?! 1120929295 M * Bertl tool issue, I provided a hack solution some time ago 1120929307 M * DaPhreak ml or on irc ? 1120929313 M * Bertl you can use that to fix most of it ... sec 1120929338 M * Bertl http://vserver.13thfloor.at/Experimental/vshelper-hack-01.diff 1120929374 M * DaPhreak ah, that one :) 1120929401 M * DaPhreak thanks for the pointer :) 1120929433 M * Bertl yw 1120929657 J * badiane ~chatzilla@user-0ccerh5.cable.mindspring.com 1120929667 M * badiane hello 1120929853 M * Bertl welcome badiane! 1120929858 M * badiane hey 1120929861 M * badiane how are you 1120929890 M * Bertl fine, thanks! and you? 1120929911 M * Bertl Greek0: I decided against the vs_memory include removal ... 1120929926 M * badiane I'm ok 1120929932 M * badiane still stuck in the same place 1120929941 M * badiane I haven't have much time 1120929958 M * Bertl care to refresh my memory? 1120929962 M * badiane my problem is with the routing 1120930001 M * badiane my vservers are attached to eth1 1120930008 M * badiane the machine has 3 interfaces 1120930019 M * badiane eth0 1120930025 M * badiane to the outside 1120930033 M * badiane eth1 to the inside and also has the vservers 1120930039 M * badiane and ath0 that has the wireless 1120930046 M * badiane the host is running shorewall 1120930060 M * badiane if I don't do anything special with the routing 1120930081 M * badiane shorewall will forward to the vserver which I want to use as a main proxy 1120930104 M * badiane but the outside can reach all of the other ip's even though they are on different subnets 1120930122 M * badiane the proxy ideally should front for the dmz servers 1120930138 M * badiane and another virtual interface to the "interanal" proxy 1120930142 M * Bertl that sounds pretty much like a config/shorewall issue ... 1120930165 M * badiane which itself is a vserver running on eth1 which will front for my internal virtual file-server 1120930178 M * badiane and my actual network attached to the eth1 via a switch 1120930186 M * badiane well 1120930200 M * badiane when I set up individual routing 1120930208 M * badiane for the subnets and set some rules 1120930211 M * badiane nothing happens 1120930234 M * badiane once i remove the rules in the vserver (i've only tried in the vproxy) 1120930242 M * badiane I can access things 1120930256 M * Bertl the rules 'in the vserver'? 1120930257 M * badiane so I need help with the routing 1120930271 M * Bertl vserver guests do not have separate routing ... 1120930275 M * badiane the rules are on the host for the vservers which is what I gathere 1120930297 M * badiane if I have different subnets on an interface 1120930316 M * badiane shouldn't I be able to state individual routes for them 1120930318 M * Bertl why not scratch the shorewall thingy for now, clean up th tables (iptables/route) and make a simple setup by hand? 1120930335 M * badiane I'm not good with iptables 1120930341 M * badiane that's why I use shorewall 1120930353 M * Bertl well, shorewall isn't good with iptables either :) 1120930358 M * renihs yah :) 1120930363 M * renihs very confusing :) 1120930371 M * badiane I wonder if on a regular server I wouldn't have to configure individual routes for all the subnets 1120930378 M * badiane hmmmm :-) 1120930387 M * Bertl well, it is a regular server 1120930397 M * badiane I have done this setup with actual servers 1120930402 M * Bertl the vserver kernel does not change the networking in any way 1120930410 M * badiane I realize that 1120930413 M * Bertl (well at least on the host) 1120930426 M * badiane I've always used the old routing tools 1120930445 M * badiane and now I would like to route based on source address 1120930457 M * DaPhreak Bertl: sadly the vshelper-hack.diff doesn't change much .. 1120930463 M * badiane so that the dmz traffic goes out of the proxy route 1120930464 M * DaPhreak http://pastebin.ca/17322 1120930538 M * badiane I looked it up but didn't gather much from it 1120930553 M * badiane I think that my vshelper has been giving some errors 1120930575 M * Bertl DaPhreak: hmm, looks like the stop rc script is killed, maybe it is killing itself? 1120930596 M * Bertl (hmm, unlikely) 1120930633 M * DaPhreak you mean the vserver is trying to kill his own init ? 1120930661 M * Bertl DaPhreak: please enable vserver debugging and do 'echo 3 >/proc/sys/vserver/debug_switch' 1120930668 J * explasm__ explasm@p549F6606.dip.t-dialin.net 1120930672 M * Bertl (recent (i.e. -rc6 kernel if possible) 1120930682 M * DaPhreak $ uname -r 1120930683 M * DaPhreak 2.6.12.2-vs2.0-rc6 1120930685 J * yarihm ~yarihm@217-162-114-239.dclient.hispeed.ch 1120930803 M * Bertl welcome yarihm! 1120930843 M * Bertl badiane: http://archives.linux-vserver.org/200311/0470.html 1120930921 M * DaPhreak i guess you want to see those vxD: vc: VCMD 's ? 1120930927 M * badiane ok 1120930948 M * Bertl DaPhreak: yep, with some comments, what was done when :) 1120930975 M * DaPhreak yeah .. divided the into start and stop .. 1120931012 M * DaPhreak or even *more* divided than this ?! (e.g. init-related stuff) .. 1120931055 M * DaPhreak Bertl: http://phreak.xnull.de/vserver.st{art,stop} 1120931096 M * yarihm hi Bertl 1120931110 Q * eXplasm2 Ping timeout: 480 seconds 1120931733 M * renihs hmm my memory limit doesnt seem to work 1120931787 M * renihs i have /etc/vservers//flags (virt_mem), and /etc/vservers//rlimits/rss (=64000) 1120931815 M * renihs but vserver-stat shows 570mb used 1120931876 M * Bertl what does /proc/virtual//limit show? 1120931909 M * renihs RSS: 762 2996 32000 0 1120931979 M * renihs (just changed to 32000) 1120932256 M * renihs any idea what i could have missed 1120932495 M * Bertl well, it does currently use 762 pages, and reached a max of 2996 pages, so in any case below 32k pages 1120932588 M * renihs hmm i am not sure i understood that 1120932618 M * renihs 600 11 547.9M 4.4K 0m01s46 0m00s47 14m20s17 (vserver-stat) 1120932621 M * renihs hmm 1120932987 M * Bertl RSS vs VM 1120933010 M * renihs hmm k, so rss is number of pages and vm is memory? 1120933041 M * Bertl RSS = Resident Set Size 1120933047 M * Bertl (pages currently in memory) 1120933063 M * Bertl VM/AS is virtual memory / address space 1120933090 M * renihs so if i want to limit memory i need to set vm? 1120933090 M * Bertl the vserver-stat has a bug 1120933105 M * Bertl the 4.4K are actually 4.4*4k 1120933119 M * Bertl (or soemthing like that) 1120933129 M * Bertl and thi is the RSS you observed 1120933143 M * Bertl renihs: depends on how you define 'memory' 1120933150 M * renihs :) 1120933161 M * renihs hmm i would like the vserver not to use more than 64mb 1120933169 M * Bertl one of the features of linux vserver (in contrast to UML or Xen) is that memory is shared 1120933206 M * Bertl so you can easily limit the number of in-memory pages (of a specific vserver) to 64MB 1120933222 M * Bertl (would be the RSS) 1120933243 M * renihs hmm k but i have rss set to 32000 1120933245 M * Bertl and you can also limit the amount of addressable memory to 64MB (actually a little low, but hey it's possible) 1120933273 M * renihs and where do i do that? (amount of addressable memory) 1120933282 M * Bertl that's the VM/AS 1120933348 M * renihs hmm can that be affected by a rlimits setting? 1120933369 M * Bertl yes 1120933396 M * renihs cpu, fsize, data, stack, core, rss, nproc, nofile, memlock, as and locks hmm 1120933412 M * renihs as 1120933413 M * renihs ah 1120933432 M * renihs -> rlimits/as is the one i need? 1120933445 M * Bertl for the vm/as, yep 1120933450 M * renihs k and its in kb? 1120933474 M * Bertl I do not manage to memorize what unit it currently uses ... 1120933490 M * renihs hehe k, i am trying per error :=) 1120933499 M * Bertl it's either 1k pages or PAGESIZE pages 1120933735 J * ntrs ~ntrs@62.162.246.101 1120933766 Q * ntrs Quit: 1120933852 Q * renihs Read error: No route to host 1120935439 Q * badiane Read error: Connection reset by peer 1120936180 M * Hollow evening all 1120936269 M * Bertl evening Hollow! 1120936438 M * eyck evening, 1120936456 M * Bertl hey eyck! 1120936599 M * eyck hey, thank god it's friday. 1120936910 M * Bertl hum, it is? 1120936966 M * Greek0 Bertl: ok, np 1120936979 M * Bertl Greek0: you read my reasons? 1120937024 M * Greek0 couldn't find them in the backlog just now. but I wasn't too sure about the patch myself, to be honest 1120937043 M * Bertl it's simple ... the sched.h is included in 1800+ files 1120937049 M * Greek0 I mean, the #includes in those file look strange when reading the patch, 1120937057 M * Greek0 yep 1120937066 M * Bertl this would rebuild all of them if I change a single line in vs_memory.h 1120937069 M * Greek0 yep 1120937078 M * Bertl which isn't what I want :) 1120937085 M * Greek0 mm 1120937100 M * Bertl that's why I try to move the #includes into the .c files where possible 1120937142 M * Bertl (so that just the affected files are rebuilt) 1120937215 M * Bertl from the end-user point of view, your patch is quite fine ... 1120937626 M * eyck damn... I miscalculated something.... it's not friday today. 1120937972 M * Bertl eyck: probably some error in the moon table :) 1120938218 J * Jani|Asterix ~mail@G940f.g.pppool.de 1120938220 N * Jani|Asterix Jani 1120938222 A * Jani waves 1120938231 M * Bertl welcome Jani! 1120938243 M * Jani And the right Person avaible :) Heya Bertl. 1120938245 M * Jani Good that you are here 1120938253 M * Jani Follow problem, I have a problem with one of my vServer 1120938285 M * Jani When I exectuted I I get the info: 1120938294 M * Jani vcontext: execvp("/etc/init.d/rc"): No such file or directory 1120938302 M * Jani But, this file exist in the vserver 1120938402 M * Jani Any hint what I need todo? 1120938463 M * Bertl does it? 1120938468 M * Bertl (exist I mean) 1120938601 M * Jani The file exist, I have double and tripple check it 1120938646 M * Bertl could you use --debug and upload the output somewhere? 1120938787 M * Jani Oh, there is a debug output avaible? 1120938814 M * Bertl vserver --debug vserver02 start 1120938816 M * Bertl yep 1120938828 M * Jani Oh, cool :) 1120938871 M * Jani Oh, I think I see the problem 1120938875 M * Jani One moment, I will upload it 1120938955 M * Jani http://files.svpdata.de/debug_vs0509 1120938959 M * Jani But I think I have see the problem 1120938994 M * Jani Line 427 1120939084 M * Bertl no the double // are fine 1120939090 M * Jani *hmms* Are fine? 1120939104 M * Bertl yeah, it's well defined in unix 1120939108 M * Jani Ok. 1120939119 M * Jani Oh, right 1120939130 M * Jani *looks to the clock* My brain seems to sleep already 1120939161 M * Bertl are you using debian by any chance? :) 1120939185 M * Jani The hostsystem is SuSe 1120939189 M * Jani The Image is Debian 1120939195 M * Jani But, the other images work well 1120939198 M * Jani Just this one not 1120939208 M * Bertl okay, was jsut another bad joke ... 1120939226 M * Bertl but the issue might be non, trivial, so let's verify that ... 1120939238 M * Jani Kernel is 2.6.12-vs2.0-rc4 1120939240 M * Jani *g* 1120939264 M * Bertl /usr/local/sbin/chbind --silent --ip 62.141.43.85 -- /usr/local/sbin/vcontext --create --silent --xid 1002 -- /usr/local/sbin/vnamespace --set -- /usr/local/sbin/vlimit --dir /usr/local/etc/vservers/vs0509/rlimits --missingok -- /usr/local/sbin/vsched --xid self -- /usr/local/sbin/vuname --xid self --dir /usr/local/etc/vservers/vs0509/uts --missingok -- /usr/local/sbin/vuname --xid self --set -t context=/usr/local/etc/vservers/vs0509 -- /usr/local/sbin/vattri 1120939274 M * Bertl could you try this simple sequence :) 1120939467 M * Jani vattri not exist, I assume you mean vattribute? 1120939488 M * Jani When I use vattribute I not get an response after the execution 1120939555 M * Bertl hmm, I don#t see vatttri ehre ... 1120939571 M * Jani -- /usr/local/sbin/vattri 1120939573 M * Bertl but I just copied line 649 from your debug output 1120939586 J * Aiken ~james@tooax8-249.dialup.optusnet.com.au 1120939591 M * Bertl so you might copy that from there, and change the last few commands 1120939604 M * Bertl /etc/init.d/rc 3 -> ls -la /etc/init.d/rc 1120939606 M * Jani Ok 1120939739 M * Jani When I run line 649 I get the response -> 'save_ctxinfo: open("/usr/local/var/run/vservers/vs0509"): File exists' 1120939783 M * Jani Oh wait 1120939805 M * Jani Question, in Line 649 last words /etc/init.d/rc 3 1120939819 M * Jani Should it be perhaps /vserver/vs0509/etc/init.d/rc? 1120939858 M * Bertl no, that is fine, because it is already inside the chroot 1120939972 J * _are_ ~are@dsl-084-056-151-237.arcor-ip.net 1120940000 M * Jani Ok 1120940019 M * Jani Btw. just to show that the file exist--> 1120940020 M * Jani -rwxr-xr-x 1 root root 2235 2004-09-10 17:00 /vservers/vs0509/etc/init.d/rc 1120940021 M * Jani ;) 1120940042 M * _are_ hi 1120940049 M * DaPhreak Bertl: is it intended that ps -ef shows (2*number of started vservers)x /bin/bash /sbin/vshelper restart 14 1120940096 M * Bertl no, that is the side effect of the hanging helper 1120940103 M * DaPhreak ah .. 1120940108 M * Bertl (which should be fixed by the hack patch) 1120940136 M * DaPhreak well i probably have to reboot, to get that hack fully working, no ? 1120940152 M * Bertl hmm, no 1120940158 M * DaPhreak otherwise, the patch doesn't work as it should :) 1120940160 M * Bertl you can kill the host visible bashes 1120940172 M * Bertl once all those helpers are gone ... 1120940194 M * Bertl it should work (but with a sync vshelper at least) 1120940781 M * Bertl Jani: never doubted that, but what does the command do? 1120940889 M * Jani You mean Line 649? 1120940949 M * Jani It first complain that the file /usr/local/var/run/vservers/vs0509 exist, I have delete it now and when I rerun the command I get 'save_ctxinfo: open("/usr/local/var/run/vservers/vs0509"): File exists 1120940950 M * Jani ' 1120941106 M * Bertl hmm, well, the command should work given that /usr/local/var/run/vservers/vs0509 is removed before 1120941209 M * Jani Just the same error as when I would do it via vserver vs0509 start 1120941210 M * Jani *hmms* 1120941388 M * Bertl okay, that sounds good ... 1120941417 M * Bertl so if you change the last command to the ls, what does it give (again after removing the file) 1120941471 M * Jani vcontext: execvp("ls"): No such file or directory 1120941492 M * Bertl okay, that's what I expected ... 1120941499 M * Jani *hmms* 1120941507 M * Bertl somehow your guest dir is 'invisible' 1120941516 M * Bertl probably some funny chmod 000 or so :) 1120941523 M * Jani My guest dir? 1120941534 M * Bertl check the permissions of the guest's root 1120941567 Q * badiane_ Ping timeout: 480 seconds 1120941599 M * Jani 755, like the others 1120941627 M * Bertl try the following: 1120941676 M * Bertl su - daemon ls -la /vservers/vs0509/etc/init.d/rc 1120941703 M * Bertl (or any other non root user) 1120941760 M * Jani g029:/ # su - jani 'ls -la /vservers/vs0509/etc/init.d/rc' 1120941761 M * Jani ls -la /vservers/vs0509/etc/init.d/rc: ls -la /vservers/vs0509/etc/init.d/rc: Datei oder Verzeichnis nicht gefunde 1120941783 M * Bertl ts ts ... 1120941798 M * Jani *hmms* 1120941799 M * Jani But 1120941804 M * Jani When I do it as user jani 1120941806 M * Bertl now start walking up the path 1120941825 M * Jani As user jani it works fine 1120941827 M * Jani Ok 1120941849 M * Jani g029:/vservers/vs0509/etc/init.d # su - jani 'ls -la /' 1120941849 M * Jani ls -la /: ls -la /: Datei oder Verzeichnis nicht gefunde 1120941868 M * Bertl what are the permissions of your / ? 1120941892 M * Bertl and more important, any funny security stuff active? 1120941916 M * Bertl (sidenote export LANG=C LC_ALL=C) 1120941958 M * Jani *hmms* 1120942223 M * Jani But, why this only happens with this certain vserver, the others works well 1120942353 M * Bertl is it a permission issue? 1120942396 M * Bertl could you give the testme.sh a spin? 1120942442 M * Jani http://files.svpdata.de/testme 1120942476 M * Bertl `md5sum <$pfile" 1120942489 M * Bertl sorry :) 1120942497 M * Jani heh 1120942498 M * Bertl The requested URL /testme was not found on this server. 1120942507 M * Jani *eegS* 1120942509 M * Jani http://files.svpdata.de/testme.txt 1120942511 M * Jani Sorry 1120942550 M * Bertl so what about the permissions of /? 1120942578 M * Bertl hmm, your command is wrong, btw 1120942585 M * Bertl su - jani ls -la / 1120942585 M * Jani My command is wrong? 1120942603 M * Jani Then it complains 'su: invalid option -- a' 1120942635 M * Bertl k, use su - jani bash -c "ls -la /" 1120942635 M * Jani I thought that the args of su needs to be in the ' ? 1120942663 M * Jani g029:/ # su - jani bash -c "ls -la /vservers/vs0509/etc/init.d/rc" 1120942663 M * Jani -rwxr-xr-x 1 root root 2235 2004-09-10 17:00 /vservers/vs0509/etc/init.d/rc 1120942669 M * Jani So, this works then 1120942678 A * Jani haven't do so much work with su before 1120942776 M * Bertl k, what does ls -la /usr/local/etc/vservers/vs0509/vdir report? 1120942798 M * Jani g029:/ # ls -la /usr/local/etc/vservers/vs0509/vdir 1120942798 M * Jani lrwxrwxrwx 1 root root 49 Jul 6 00:21 /usr/local/etc/vservers/vs0509/vdir -> /usr/local/etc/vservers/.defaults/vdirbase/vs0509 1120942821 M * Bertl okay and ls k-la /usr/local/etc/vservers/.defaults/vdirbase 1120942821 M * Jani *hmms* 1120942828 M * Bertl without the 'k' 1120942841 M * Jani g029:/ # ls -la /usr/local/etc/vservers/.defaults/vdirbase 1120942842 M * Jani lrwxrwxrwx 1 root root 9 Jun 23 15:26 /usr/local/etc/vservers/.defaults/vdirbase -> /vservers 1120942845 M * Jani Wait a moment 1120942854 M * Bertl aha! 1120942857 M * Jani When I use in the previous command another vserver 1120942862 M * Jani I get then the direct link 1120942917 M * Bertl let#s check the links then with: 1120942930 M * Bertl su - jani bash -c "ls -la /usr/local/etc/vservers/vs0509/vdir" 1120942941 M * Jani g029:/ # su - jani bash -c "ls -la /usr/local/etc/vservers/vs0509/vdir" 1120942941 M * Jani lrwxrwxrwx 1 root root 16 2005-07-09 23:01 /usr/local/etc/vservers/vs0509/vdir -> /vservers/vs0509 1120942980 Q * matti Remote host closed the connection 1120943005 M * Jani *hmms* 1120943018 M * Jani Ok, the vserver/vs0509/vdir points to vservers/0509 1120943037 M * Bertl hum, it did not before :) 1120943057 M * Bertl 22:59 < Jani> lrwxrwxrwx 1 root root 49 Jul 6 00:21 1120943057 M * Bertl /usr/local/etc/vservers/vs0509/vdir -> 1120943057 M * Bertl /usr/local/etc/vservers/.defaults/vdirbase/vs0509 1120943268 M * Jani Yeah, but /usr/local/etc/vservers/.defaults/vdirbase/vs0509 points to /vservers/0509 1120943301 M * Jani vs0509 1120943408 M * Bertl I somehow lost the track in your outputs ... 1120943441 M * Bertl what I can tell you so far is that the file is not accessible inside the geust 1120943444 M * Bertl *guest 1120943463 M * Bertl and the most likely reasons for this are: 1120943489 M * Bertl - there is some permission issue which kicks in once you lose almighty superuser powers 1120943506 M * Bertl - your libraries inside the guest are broken, and nothing can execute 1120943534 M * Bertl the first one can be checked by moving up the path (which is what I suggested, no idea how it worked out) 1120943551 M * Bertl the second one by a simple chroot /vservers/vs0509 /bin/bash 1120943631 M * Jani *hmms* 1120943708 M * Jani Ok, thanks so far 1120944104 M * Vudumen hi Bertl :) 1120944112 M * Bertl evening Vudumen! 1120944115 M * Vudumen good news. box is up again 1120944151 M * Bertl hmm, connection refused ... 1120944163 M * Vudumen Bertl: yes. i had to install a new os 1120944169 M * Vudumen now it's debian/amd64 (sarge) 1120944175 M * Bertl aha, okay :) 1120944399 J * are|lunch ~are@dsl-084-056-158-119.arcor-ip.net 1120944807 Q * _are_ Ping timeout: 480 seconds 1120945117 N * are|lunch _are_ 1120948480 Q * monrad Quit: Leaving 1120950412 Q * Jani Quit: