1121386942 Q * xbing Ping timeout: 480 seconds 1121386971 J * xbing ~nb@dsl081-044-121.lax1.dsl.speakeasy.net 1121387267 J * Guest478 ~Guest478@c-24-2-253-33.hsd1.ct.comcast.net 1121387286 M * Guest478 tubgirl.com 1121387288 M * Guest478 lemonparty.org 1121387291 P * Guest478 1121387826 J * Guest478 ~Guest478@c-24-2-253-33.hsd1.ct.comcast.net 1121387865 Q * Guest478 Quit: GamersDaily.TV 1121389238 J * eXplasm2 explasm@p549F786E.dip.t-dialin.net 1121389677 Q * eXplasm Ping timeout: 480 seconds 1121390136 Q * aba Ping timeout: 480 seconds 1121390343 J * aba ~aba@eos.turmzimmer.net 1121390550 M * Rushmoom Hmm, my vservers sometimes seem to have trouble releasing their IP-adresses: http://lukas-graf.ch/tmp/vserver-issue-rnetlink/ 1121390619 M * Bertl most likely an issue with userspace tools atm 1121390641 M * Rushmoom Something to worry about, or can I ignore this atm? 1121390678 M * Bertl I hope it will be fixed soon, but best file a bug report to savannah (for util-vserver not using the context wait feature properly) 1121390720 M * Rushmoom Ok, I'll do so. 1121390744 M * Bertl tx 1121390913 M * Rushmoom Thank you, it's a relief for me to know it's not (necessarily) due to a misconfiguration on my fault. Because I'm experiencing some other *very* weird things, which I'm trying to narrow down do something sensible %-( 1121390938 M * Rushmoom s/do/to 1121391056 M * Bertl well, thing is, the tools do some kind of synchronization, which isn't up to date anymore 1121391094 M * Bertl so the issues are likely to come from there, but they might be caused by something different too 1121391131 M * Rushmoom Hmm.. 1121391190 M * Rushmoom The other thing is, in short, that my "less" get's broken by executing (to me) completely unrelated commands: 1121391250 M * Rushmoom First by executing CA.pl for issuing SSL Certificates: I execute the script, it hangs, CTRL-C, after that "less" is broken 1121391304 M * kestrel Build and Testing Date 09-Jul-2005 1121391308 M * Rushmoom Or I setup MySQL (just the ebuild config, setting passwort for root account, logging in once into DB). -> "less" breaks. Both scenarios are 100% reproducible 1121391312 M * kestrel whoops 1121391334 M * Bertl hey kestrel! 1121391366 M * Rushmoom I got two backups of a VServer here: One before issuing some of these commands, and one after, when it's broken. 1121391371 M * Bertl Rushmoom: okay, can you upload the output of testme.sh for me? 1121391393 M * Rushmoom Sure... 1121391577 M * Rushmoom Hmm.. testme.sh hangs after that: http://42.vg/69970 1121391742 M * Bertl are you running it on the host (as root)? 1121391776 M * Rushmoom D'oh, accidently executed it on the guest, sorry :-( 1121391785 M * Rushmoom (Too many sessions open :)) 1121391806 M * Rushmoom Looks good to me: http://42.vg/69972 1121391841 M * Bertl okay, any chance to upgrade to 2.6.12.2/vs2.0-rc7 = 1121391846 M * Bertl s/=/?/ 1121391917 M * Rushmoom How about 2.0_rc6? Because rc7 in not in the Gentoo portage yet.. 1121391955 M * Bertl hmm, yeah, might work ... just don't do sysctl -a then :) 1121391990 M * Rushmoom Hmm, why not? :-) 1121392050 M * Bertl because it was broken in rc6 (and some time before) 1121392085 M * Rushmoom Oh, ok, I'll try to avoid it :) Upgrading should be no problem, the server is not productive yet.. 1121392141 M * Rushmoom But I'm still investigating the whole thing anyway, tomorrow I can post some more information... 1121392151 M * Rushmoom Thanks for your advice! 1121392172 M * Bertl but I guess I know what your cert issues are :) 1121392196 M * Bertl they are probably completely unrelated ... 1121392219 M * Rushmoom Really? I'd appreciate any hint, I'm completely lost on this subject :) 1121392246 M * Bertl IMHO you exhaust the entropy pool, and as such certs use strong cryptography, the key/cert generation stops until the pools are filled up again ... 1121392283 M * Bertl most likely your server has no good entropy source (like keyboard or mouse :) 1121392302 M * Bertl and so it takes some time (once the pools are empty) 1121392317 M * Rushmoom Hmm, could this be related to INIT saying "no more processes left on this runlevel"? 1121392355 M * Bertl I think not, this sounds more like a shutdown message 1121392366 M * Rushmoom Ok :) 1121392391 M * Bertl but you could try to intentionally empty the entropy pools by reading from /dev/random 1121392409 M * Bertl and see if that 'blocks' your 'considered working' cert creation ... 1121392410 M * Rushmoom But when generating the certs, the freeze occurs when the file is beeing written, i.e. after the key-generation, if i understand this right... 1121392482 M * Rushmoom Hmm, I'll try that, but that's going to be hard, because it's a matter of 1/10 seconds after starting the command until it freezes... 1121392500 M * Bertl but well, maybe you want to describe the "less" is broken part a little more detailed 1121392516 M * Rushmoom Sure, sorry, I left that until now because it's.. weird.. 1121392534 M * Rushmoom First, I noticed the problem by "man [anything" failing: 1121392636 M * Rushmoom http://42.vg/69975 1121392678 M * Bertl hmm, you say you can reproduce this easily? 1121392691 M * Rushmoom man flashes up for 1/100s, displaying the righ (!) manpage, and disappears 1121392703 M * Rushmoom Yes, 100% reproducible 1121392726 M * Rushmoom After googling on this message, I noticed often this is caused by a "broken" less 1121392751 M * Rushmoom And yes, that's the cause, "less [anything]" flashed up quickly, and dies with statuscode 1 1121392754 M * Bertl okay, please get the 2.6.12.2-vs2.0-rc6/7 installed and let me know when you are at this point ... 1121392775 M * Rushmoom But how to debug "less"? strace doesn't give anything valuable to me... 1121392792 M * Bertl I would like to do some tests with you on that ... 1121392812 M * Rushmoom Googling again showed that sometimes this is related to trouble on systems that still use devfs instead of udev 1121392821 M * Rushmoom Of course, I'm very open for that! 1121392824 M * Bertl ah, please enable the vserver debugging options 1121392857 M * Bertl CONFIG_VSERVER_DEBUG=y 1121392857 M * Bertl CONFIG_VSERVER_HISTORY=y 1121392872 M * Bertl (and also the kernel DEBUG/SYMBOL options) 1121392898 M * Bertl CONFIG_DEBUG_KERNEL=y 1121392903 M * Bertl CONFIG_DEBUG_BUGVERBOSE=y 1121392903 M * Bertl CONFIG_DEBUG_INFO=y 1121392991 M * Rushmoom The first two lines go to /etc/vservers.conf, and the next third to Kernel-.config, right? 1121393005 M * Bertl no they are all kernel .config options 1121393012 M * Rushmoom Ah, ok. 1121393167 M * Rushmoom Do you happen to know which name CONFIG_DEBUG_BUGVERBOSE has in menuconfig?.. 1121393241 M * Rushmoom Nevermind, just set it in the File... 1121393300 M * Rushmoom Ok, Building. Do you have the time to check on this now, or should we do it some other time? 1121393413 M * Bertl no, now is perfectly fine ... 1121393445 M * Rushmoom Oh, wait, I didn't read your line about rc7 1121393460 M * Rushmoom Im compiling rc4-r1 at the moment... 1121393469 M * Bertl hmm, please don't :) 1121393488 M * Rushmoom So I'll fetch the new sources, and will tell you when I'm ready 1121393490 M * Bertl a lot of stuff changed, and I'm using the rc7 source atm ... 1121393521 M * Bertl the config should be fine for the 2.6.12.2-vs2.0-rc6/7 ... 1121393541 M * Rushmoom Would be rc6 for me, compiling sources without an proper ebuild isn't something I think I'll manage without hassles ;-) 1121393770 M * Bertl np, rc6 and rc7 are reasonably similar ... 1121393786 M * Rushmoom Ok, then I'll fire up rc6 in a few minutes... 1121395215 J * Doener_ ~doener@p54875283.dip.t-dialin.net 1121395223 M * Bertl welcome Doener_? 1121395295 J * encKe` ~encKe`@adsl-69-154-41-138.dsl.mdldtx.swbell.net 1121395305 M * Bertl welcome encKe`! 1121395329 P * encKe` 1121395638 Q * Doener` Ping timeout: 480 seconds 1121395668 M * Rushmoom Ok, 2.6.12-vs2.0-rc6 is booting... 1121395675 M * Bertl excellent! 1121395689 M * Rushmoom Up! 1121395698 M * Rushmoom Shall I start the broken vserver? 1121395719 M * Bertl yes, please do whatever is necessary to get to the 'failing less' 1121395736 M * Rushmoom Hehe, works :) 1121395778 M * Rushmoom Seems to be solved with the upgrade, the usual steps to reproduce the error do not work 1121395797 M * Bertl :) 1121395822 M * Rushmoom Yep, I got three backups of vservers which I used to reproduced it, all work :) 1121395839 M * Rushmoom So, for me that's good, for tracking down the issue it's not ;-) 1121395844 M * Bertl good, issue solved ... 1121395879 M * Rushmoom Looks like it :) 1121395882 M * Bertl well, you can now start a binary search between both kernels (and all involved patches) 1121395895 M * Bertl if you are really keen on that ... 1121395896 M * Rushmoom Yeah, I already tried that 1121395905 M * Rushmoom That's another thing I wanted to ask: 1121395918 M * Rushmoom I did a diff -r on the two /vserver/.. trees 1121395932 Q * _are_ Ping timeout: 480 seconds 1121395948 M * Rushmoom But all files that differed, were irrelevant (logfiles, /var/run/... stuff, ...) 1121396006 J * _are_ ~are@dsl-084-056-151-177.arcor-ip.net 1121396009 M * Bertl well, I don't think that they are really part of that issue, but who knows ... 1121396042 M * Rushmoom Oh, wait, you meant between 2.6.11.12-vs2.0-rc4-r1 and 2.6.12-vs2.0-rc6 1121396051 M * Bertl yep 1121396078 M * Rushmoom What I tried was comparing the two vservers, one working, one broken, identical except the things done by CA.pl 1121396108 M * Rushmoom So they should at least differ in the file that causes the less-breakage 1121396237 M * Rushmoom I don't unterstand why this "thing" doesn't show up in a binary compare, but I also can't image anything out of the /vserver/.. causing the error... 1121396526 M * Rushmoom But I think I'll give your entropy pool guess a try. Is that right, I should try reading from /dev/random, on a working vserver, whilst executing the cryptographic stuff for generating the key to reproduce the error? 1121396610 M * Rushmoom (All on a 2.6.11.12-vs2.0-rc4-r1, of course) 1121396616 M * Bertl yes, start some dd or such which 'consumes' data from /dev/random 1121396620 M * Bertl (on the host) 1121396694 M * Rushmoom Is it ok, to start reading from /dev/random before (and keep reading)? 1121396744 M * Rushmoom Or should it start while the other operation is in progress...) 1121396763 M * Bertl yeah, keep reading ... 1121396809 M * Rushmoom Ok, then I'll try that tomorrow I think. For now I'm very happy that the issue disappeared, this was really freaking me out :-) 1121396878 M * Rushmoom Thanks again for the help :) 1121397085 M * Bertl you're welcome! 1121397748 Q * virtuoso Ping timeout: 480 seconds 1121402422 Q * _are_ Ping timeout: 480 seconds 1121403599 M * DaPhreak lo Bertl :) 1121403604 M * Bertl hey DaPhreak! 1121403612 M * DaPhreak still awake ?! :) 1121403620 M * Bertl yep 1121403631 M * Rushmoom me too :) 1121403641 M * DaPhreak you've got a _really_ weird sleep-rythm ;) 1121403649 M * Bertl thanks! 1121403653 M * DaPhreak :) 1121403654 M * Rushmoom lol :) 1121403669 M * Hollow moin 1121403675 M * DaPhreak lo Hollow, Rushmoom 1121403676 M * Bertl morning Hollow! 1121403691 M * Rushmoom Morning everybody :) 1121403836 M * Rushmoom Bertl, bad news btw: The issue isn't solved, after stopping the vservers, and restarting, the whole behaviour re-appeared, and hasn't gone since then 1121403901 M * Rushmoom But I'll contact you on this matter later today, I really have to go to bed now, birds are already whistling ;-) 1121403919 M * Bertl Rushmoom: just a short question 1121403934 M * Bertl do you by any chance use dynamic xids? 1121403957 M * Bertl (output of vserver-stat would be sufficient, I guess) 1121403965 M * Rushmoom xid = context id? 1121403970 M * Bertl yep 1121403988 M * Rushmoom No, static ones, set at vserver-build time 1121404007 M * Bertl okay, then have a good night! 1121404059 M * Rushmoom Thanks, you too when you finally get to sleep :) 1121404081 M * Rushmoom Bye everyone... 1121404084 M * Bertl cya 1121404092 N * Rushmoom Rushmoom_zZ 1121404161 M * Hollow Bertl: i removed all the EFAULTs from the lib 1121404264 M * Bertl hmm, yeah, I had some more 'comments' ... 1121404282 M * Bertl could you give me the url once again? 1121404301 M * Bertl ah, no, found it ... 1121404315 M * Bertl struct vcmd_ctx_create res; 1121404322 M * Bertl why is this called 'res' for example? 1121404387 M * Hollow dunno 1121404391 M * Hollow ask doener 1121404419 M * Hollow but why not? 1121404420 M * Bertl okay, IMHO it's just confusing to call something 'passed' to the kernel 'res'(ult) 1121404439 M * Hollow heh, i interpreted it as resource 1121404441 M * Hollow ;) 1121404458 M * Bertl maybe it's that .. don't know ... was just my first association 1121404465 M * Hollow the results are passed to rc 1121404496 M * Bertl struct vx_caps 1121404503 M * Bertl those are userspace structs, right? 1121404515 M * Hollow yep 1121404528 M * Bertl where are they defined? 1121404547 M * Hollow lib/vserver.h 1121404572 M * Bertl hmm, but that isn't included in context.c for example? 1121404582 M * Hollow it is.. 1121404591 M * Bertl ah, as "vserver.h" ? 1121404595 M * Hollow context.c line 31 1121404597 M * Hollow yup 1121404624 M * Hollow look at Makefile.am where the include path is set... 1121404642 M * Hollow ehm 1121404655 M * Hollow wrong 1121404685 M * Bertl I found it, but it seems to 'incorporate' the existing vserver.h 1121404689 M * Hollow include path seems to work out-of-the-box ;) 1121404696 M * Bertl which is not really a problem .. 1121404698 M * Hollow which exisiting vserver.h? 1121404738 M * Bertl the syscall one :) 1121404773 M * Hollow hm, yeah... file naming is a bit different 1121404779 M * Bertl np 1121404781 M * Hollow though your syscall wrapper is still included 1121404787 M * Hollow in syscall-alternative.h 1121404796 M * Bertl yeah, like enrico does it ... 1121404799 M * Hollow yep 1121404812 M * Hollow i commited basic dietlibc support last evening 1121404821 M * Bertl hmm? 1121404831 M * Hollow you can build it with dietlibc ;) 1121404837 M * Hollow ./configure --enable-dietlibc 1121404842 M * Bertl ah, okay ... 1121405086 M * Bertl int vx_get_vhi_name(xid_t xid, uint32_t field, char *name, size_t len) 1121405096 M * Bertl name[len] = '\0'; 1121405103 M * Bertl looks like a bug to me ... 1121405145 M * Hollow len-1? 1121405165 M * Bertl yep, or leave it unterminated as the original 1121405169 M * Hollow though i'm not sure why doener added \0 anyway 1121405297 M * Hollow strncpy(name, res.name, len); 1121405298 M * Hollow Bertl: so it's ok to just use: 1121405301 M * Hollow grr 1121405306 M * Hollow other way round ;) 1121405325 M * Bertl yeah, well, depends on 'how' you define that function 1121405339 M * Bertl the kernel will 'just' do that with the max len for those 1121405356 M * Bertl userspace 'might' want a zero terminated string 1121405379 M * Hollow hm 1121405406 M * Bertl emphasis on 'might' ... 1121405683 M * Bertl another suggestion: I would consider an 'error code' library/interpretation/whatever routine, like strerror 1121405712 M * Bertl (which knows how to interpret error codes, depending on the syscall command or category) 1121405772 M * Hollow Bertl: the tools use perror to print syscall errors 1121405800 M * Bertl yeah, but, "file not found" might be confusing as result of ctx_migrate, no? 1121405837 M * Bertl (just to give an example :) 1121405843 M * Hollow hm, yeah... 1121405866 M * Hollow i'm fine with these, but we can do a wrapper as well 1121405922 M * Bertl it's probably fine if the 'wrapper' falls back to perror/strerror if there is no special meaning ... 1121406043 M * Bertl but as I said, just a suggestion, because it's one of the most confusing things about util-vserver right now 1121406098 M * Hollow Bertl: i'll look at it 1121406149 M * Hollow Bertl: strncpy is fixed 1121406341 Q * kestrel Quit: No windows for this server 1121407350 J * Blogmeister ~Blogmeist@site.lycos.de 1121407402 P * Blogmeister 1121409653 M * Aiken Berlt you still around? 1121409657 M * Bertl yep 1121409676 M * Aiken I have been playign with dietlibc-0.29/alpha/sigaction.c 1121409707 M * Aiken instead if changing the signal.h 1121409722 M * Aiken http://pastebin.com/313767 1121409763 M * Aiken trying an idea, doing translation of arguments for rt_sigaction in sigaction.c and leaving signal.h presenting the same interface as glibc 1121409787 M * Aiken all this so lockfile will work without segfaulting :) 1121409788 M * Bertl hmm, IIRC, fefe did already respond to that 1121409797 M * Bertl sec 1121409807 M * Aiken I have a reply from him 1121409831 M * Aiken basically I am not sure about presenting a different interface than glibc so was trying something different 1121409865 M * Aiken that change you originally told me try has been commited to cvs 1121409932 M * Bertl hmm ... he writes 1121410021 M * Bertl (in 20050713074102.GA12737@codeblau.de) 1121410028 Q * brc Ping timeout: 480 seconds 1121410043 M * Bertl So they basically all agree: first mask, then flags. However, the size 1121410043 M * Bertl of sa_flags differs. I will make it unsigned int in the diet libc. 1121410081 M * Aiken did you read my reply to that? 1121410127 M * Bertl no, did you reply to the list? 1121410134 M * Aiken yes 1121410154 M * Aiken oh, maybe not 1121410172 M * Aiken seem when I hit reply the reply was sent to him not the list :( 1121410173 M * Bertl bounce/forward me the mail then please 1121410188 M * Bertl *wordshuffle* 1121410253 M * Aiken felix-dietlibc@fefe.de is where my reply went so maybe it was the list 1121410258 M * Aiken Ill forward my reply to you 1121410993 M * Aiken the end result is the change you and (I think) Doener suggested has been commited 1121411136 M * Bertl hmm, I'm confused ... 1121411141 M * Aiken ? 1121411160 M * Bertl IIRC, doener suggested to swap flag/mask 1121411173 M * Bertl that did work (after a test) 1121411177 M * Aiken yes 1121411200 M * Bertl but felix wrote that the arguments are in 'proper' order, just the size is bad, no? 1121411214 J * erwan_ho ~erwan@konilope.dyndns.org 1121411264 M * Aiken just sent you his reply to my email 1121411295 M * Aiken the problem is the kernel sigaction and the user sigaction have a different order 1121411306 M * Aiken as well as the size 1121411351 M * Aiken even when he fixed the size to match that of glibc and the user sigaction it still did not work because of the difference in order 1121411479 M * Aiken from what I can see glibc -> alpha.sigaction does some processing before the normal glibc sigaction which then does something simillar to my code snippet via pastebin 1121411555 M * Bertl okay, I guess I got it now ... 1121412053 J * virtuoso_ ~s0t0na@80.253.205.251 1121412099 Q * erwan_ho Remote host closed the connection 1121412269 N * virtuoso_ virtuoso 1121413047 M * Bertl okay, I'm finally off to bed now ... have a nice whatever everyone! 1121413055 M * Aiken bye 1121413057 N * Bertl Bertl_zZ 1121415716 Q * Aiken Quit: Leaving 1121416080 J * _are_ ~are@gateway-dsl.lihas.de 1121416767 J * erwan_taf ~erwan@81.80.43.77 1121417204 J * prae ~prae@ezoffice.mandriva.com 1121419339 J * renihs ~renihs___@193.170.52.70 1121420561 J * alexx ~alexx@82.225.136.176 1121423092 Q * Vudumen Ping timeout: 480 seconds 1121424320 Q * Hunger Remote host closed the connection 1121424535 J * Hunger Hunger.hu@Hunger.hu 1121424640 J * Vudumen vudumen@perverz.hu 1121426081 J * SNy 3978838b85@bmx-chemnitz.de 1121426110 M * SNy 'lo 1121426130 M * SNy did anyone ever run chrootkot in a vserver instance? 1121426141 M * SNy chkrootkit, even 1121426142 M * renihs not yet :) 1121426169 M * SNy it complains that SIGINVISIBLE is detected 1121426180 M * SNy and therefore the Adore LKM is running 1121426191 M * SNy which is very probably a false alarm 1121426231 M * SNy anyway, there might be some issue to resolve and report to linux-vserver or the chkrootkit authors 1121426246 M * SNy or (as douglas adams would have stated) both 1121426286 M * renihs hmm its running now 1121426302 M * renihs Checking `chkutmp'... The tty of the following user process(es) were not found 1121426302 M * renihs in /var/run/utmp 1121426305 M * renihs thats the only error i get 1121426309 M * SNy really 1121426318 M * SNy I must be running an old version then or something 1121426334 M * renihs Checking `write'... fopen: No such file or directory 1121426334 M * renihs /usr/bin/ls: write: No such file or directory 1121426336 M * renihs and these 2 1121426351 M * renihs chkrootkit-0.45 1121426385 M * SNy mfriede:/home/mfr/tests/chkrootkit-0.45# uname -r 1121426386 M * SNy 2.4.24-vs1.26 1121426423 M * SNy Checking `bindshell'... INFECTED (PORTS: 465) 1121426423 M * SNy Checking `lkm'... SIGINVISIBLE Adore found 1121426424 M * SNy chkproc: Warning: Possible LKM Trojan installed 1121426432 M * renihs vserver 2.6.11.12-vs2.0-rc4.sth-doebling #4 SMP 1121426433 M * SNy port 465 is smtps 1121426544 M * renihs hmm strange, cant be that it just looks on the opened port :) 1121426591 M * SNy that's not the issue anyway 1121426602 M * SNy the issue is with the SIGINVISIBLE 1121426609 M * SNy the test for that is kinda strange 1121426616 M * SNy kill(1, 100); 1121426627 M * SNy if (errno == 3) -> "SIGINVISIBLE" 1121426629 M * SNy etc. 1121426676 M * renihs hmm maybe that works better in later versions or 2.6, dunno 1121426807 N * cereal pg`aw|cereal 1121426817 Q * virtuoso Ping timeout: 480 seconds 1121426859 J * virtuoso ~s0t0na@80.253.205.251 1121428123 J * zimbo ~zimbo@callisto.dom.bonis.de 1121430617 Q * albeiro Ping timeout: 480 seconds 1121430998 J * albeiro ~albeiro@graffias.estrefa.pl 1121431073 P * erwan_taf Leaving 1121432110 J * brc bruce@201008088244.user.veloxzone.com.br 1121433487 Q * FaUl Ping timeout: 480 seconds 1121435415 J * FaUl ~immo@ip88.164.1211G-CUD12K-01.ish.de 1121435557 J * wurd ~kvlt@modemcable181.93-202-24.mc.videotron.ca 1121435579 M * wurd Hi, is there a way to find out if my kernel is ready for running vservers? 1121435751 M * renihs if u ask that question, it most likely is not 1121435855 M * DaPhreak wurd: 1. you could try http://vserver.13thfloor.at/Stuff/SCRIPT/testme.sh 1121435879 M * DaPhreak 2. cat /proc/sys/kernel/vshelper 1121435993 M * wurd chcontext: vc_new_s_context(): Function not implemented 1121436042 M * wurd chcontext failed! / chbind: vc_set_ipv4root(): Function not implemented / chbind failed! / Linux 2.6.3-25mdk i686/0.30.204/0.30.204 [Ea] (0) / VCI: 1121436471 M * renihs i know, i leave nextdoors 1121436473 M * TheSeer like in hamburg it's 28°C and plain sun ;) 1121436482 M * renihs but the sun is shining and i dont see clouds on rada 1121436483 M * renihs r 1121436493 M * TheSeer blue sky here too 1121436559 M * renihs pff, is that enrico guy on holiday? :) 1121436663 M * renihs hmm just noted that my "bug" #13697 is the only one asigned :) 1121437005 M * wurd do you think theres a patched kernel available for download somewhere? 1121437011 M * wurd that would work with my mandrake 1121437040 M * renihs wurd: see if there is a mandrake vserver ready kernel, if not u are pretty much in problems i am afraid 1121437049 M * wurd haha 1121437049 M * wurd why? 1121437053 M * renihs dunno if u can use a kernel from kernel.org without probs on mandrake 1121437114 M * renihs i guess trying cant hurt :) 1121437151 M * daniel_hozac i think someone announced a Mandrake kernel RPM on the list very recently. 1121437196 M * daniel_hozac http://archives.linux-vserver.org/200507/0064.html 1121437257 M * wurd thanks!! 1121437260 M * wurd and hi :) 1121437270 M * wurd you've helped me before 1121437279 M * wurd maybe 3 months ago 1121437393 M * wurd do any of you know if the vservers support multiprocessors? 1121437405 M * daniel_hozac of course. 1121437431 M * wurd including that kernel you just gave me the url to? 1121437442 M * daniel_hozac that i do not know. 1121437455 M * wurd but they generally do? 1121437542 M * daniel_hozac it depends on how the kernel was compiled. 1121438816 J * Blogmeister ~Blogmeist@site.lycos.de 1121438951 P * Blogmeister 1121439613 Q * _are_ Ping timeout: 480 seconds 1121439770 Q * wurd Quit: as 1121440743 J * Val ~sval@v41.ath.cx 1121440756 M * Val Hi 1121440945 M * DaPhreak lo Val 1121441288 M * Val Hi DaPhreak :) 1121441393 M * Val hum... does anybody tested nfs user kernel server and got getattr pb, and then stale nfs handles in clientside (different physical host) ? 1121441541 J * _are_ ~are@dsl-084-056-151-177.arcor-ip.net 1121441706 M * Val hum 1121441717 M * Val rpc.lockd doesn't start inside vserver 1121441736 M * _are_ Val: correct, and if it does, it won't work in my experience 1121441755 M * Val yes, 'm looking your irc comment :( 1121441786 M * Val _are_ : did you get a nfs server working well inside a vserver ? 1121441805 M * _are_ well, I run 1 NFS server userspace without locking. it works fine 1121441813 M * Val ok 1121441822 M * _are_ and 1 i run outside the vservers on the main host, that one works with locking. 1121441823 M * Val so i should disable locking 1121441830 M * _are_ (different hosts I speak about) 1121441874 M * Val ok 1121441902 M * Val did the first serve other physical hosts (on the lan) ? 1121441964 M * Val because i get a lot of : "NFS call getattr" "getattr failed, error=-11" on client side 1121441995 M * Val and then Stale NFS file handle 1121441995 M * _are_ ehh? yes, ofc, no point in using nfs on the same mamchine, we have mount --bind for that 1121442010 M * _are_ some IRIX clients and some linux clients 1121442015 M * Val :( 1121442016 M * _are_ and som HP-UX clients 1121442089 M * Val no special configuration tricks ? 1121442094 M * _are_ btw, has something changed regarding 127.0.0.1 in the past few months? I built a vserver as mail server and it indeed claims there are connections on 127.0.0.1 1121442102 M * _are_ no, no tricks 1121442123 M * Val what are your nfs mount options ? 1121442135 M * _are_ if 127.0.0.1 works, most likely samba locks will work and possibly rpc.statd locks 1121442143 N * Bertl_zZ Bertl 1121442154 M * Val hi Bertl ! =) 1121442155 M * Bertl morning folks! 1121442187 M * Val _are_ : i currently use "rw,nosuid,nodev,nfsvers=2,tcp,posix,intr,soft,rsize=8192,wsize=8192" 1121442193 M * _are_ exports: /data/cam/nc-daten/c600 10.1.7.1(rw,insecure,async) 1121442212 M * Val because nfsvers=3 isn't available when using nfs user server 1121442221 M * _are_ 10.1.1.1:/data/save /opt/transfer2 nfs vers=3,soft,intr,bg,rw,suid 0 0 1121442232 M * _are_ works 1121442248 M * _are_ vers=3, not nfsvers=3, btw 1121442267 M * _are_ this is the fstab entry on a HP-UX 10.20 machine, btw 1121442271 M * _are_ Hi Bertl 1121442318 M * Val _are_ : ok thx, i'll try it now 1121442389 J * Blogmeister ~Blogmeist@site.lycos.de 1121442450 P * Blogmeister 1121442459 M * Val mount: RPC: Program/version mismatch; low version = 1, high version = 2 1121442500 M * Val well, retryin without nfsv3 flag 1121442562 M * _are_ well, I am no hp-ux expert, so might be i miss the drop of version there 1121442724 M * Bertl Val: might consider updating the userspace tools 1121442738 M * Val Bertl : what ? why ? 1121442748 M * Bertl Program/version mismatch 1121442776 M * Bertl it's usually caused by 'mount' or whatever using 'old' RPC interfaces 1121442791 M * Val Bertl : well, no, in fact you can't do nfsv3 with user space nfs kernel server, this is not a client fault 1121442824 M * Bertl 'user space nfs kernel server'? 1121442829 M * Val And as i want my nfs server inside a vserver i have to serve nfs with user space nfs server 1121442832 M * Val oops 1121442838 M * Val remove "kernel" word ;-) 1121442895 M * Bertl so userspace server does only support nfs v2? 1121442922 M * Val it does, bot not nfsv3 1121442935 M * Val ooops 1121442936 M * Val yes 1121442940 M * Val sorry 1121442990 M * Bertl http://unfs3.sourceforge.net/ 1121443173 M * _are_ Bertl: anything about locking? I have seen a 'postfix' getting connects from 127.0.0.1 within a vserver yesterday (according to the logs) 1121443213 M * _are_ my last status is all to/from 127.0.0.1 gets D/SNATed 1121443256 M * Bertl _are_: how is 'locking' related with 127.0.0.1 1121443282 Q * prae Quit: Execute Order 69 ! 1121443342 M * _are_ Bertl: e.g. samba tries doing locking via 127.0.01 an dthe samba lock code complained about the lock call not coming from 127.0.0.1, there is a samba patch for this on the wiki 1121443424 M * Bertl obviously I'm missing something ... 'locking' IMHO is done via 'locks' 1121443453 M * _are_ Bertl: seems samba asks itself to place the lock via network 1121443466 M * Bertl okay, that is fine, no? 1121443502 M * _are_ well, 127..01 is hardcoded in samba and 127.0.0.1 gets remapped -> lock request fails 1121443509 M * _are_ this has been my last status 1121443519 M * Bertl okay, so a samba bug :) 1121443533 M * _are_ but yetserday I have seen a postfix getting connected from one of its sub-daemons on 127.0.0.1 1121443534 M * Bertl s/bug/deficiency/ 1121443567 M * _are_ and I assumed 127.0.0.1 just is not possible to be used as 127.0.0.1 within a vserver, it always gets translated 1121443596 M * Bertl depends, there _are_ a bunch of possibilities to get that 1121443609 M * Bertl - 127.0.0.1 is part of the ip subset 1121443620 M * Bertl - the packet comes from the host, not the guest 1121443624 M * _are_ well, no, 127.0.0.1 is not assigned to the vserver 1121443631 M * _are_ and packet came from guest 1121443634 M * Bertl - the packet is created as raw packet ... 1121443647 M * _are_ doubt that, no raw-cap given to vserver 1121443654 M * Bertl - there is a bug in the rewriting :) 1121443665 M * _are_ or alternativly the log message is buggy 1121443685 M * _are_ will sit at that box again monday and have a look at it 1121443699 M * _are_ erm, tuesday 1121443756 M * Bertl okay, some tcpdump might be really interesting ... 1121443962 M * Bertl okay, off for now ... dinnertime ... 1121443980 N * Bertl Bertl_oO 1121444297 J * zimbo ~zimbo@callisto.dom.bonis.de 1121446049 Q * Val Quit: test 1121446228 Q * DaPhreak Quit: restarting 1121446246 J * DaPhreak ~phreak@styx.xnull.de 1121446280 Q * DaPhreak Quit: 1121446355 J * DaPhreak ~phreak@styx.xnull.de 1121447140 J * Val ~val@v41.ath.cx 1121447186 M * Val YES ! 1121447200 M * Val "insecure" on server-side was the trick 1121447214 M * Val _are_ : many thanks ! :) 1121447525 M * Val arg 1121447568 M * Val nfs still craching :( 1121447615 M * _are_ :-> 1121447656 M * _are_ insecure accepts clients with source ports >1024, in todays times a stupid security measure 1121448029 J * geoffrey nobody@anklebiter.ticom.com 1121448130 M * geoffrey Has anyone used the vserver stuff with FC4? Are there any issues that need to be watched for when setting up the host and guests? 1121448299 Q * Val Quit: grmble 1121448539 J * Val ~lval@v41.ath.cx 1121448927 M * Val did someone test XFree86 inside a vserver ? 1121448973 M * Loki|muh yeah, I heard here about it 1121448990 M * Val http://www.paul.sladen.org/vserver/archives/200202/0190.html 1121448994 M * Loki|muh it works, but I think the guy said that it is not secure 1121449003 M * Val i did it too with 2.4.X vs 1121449033 M * Val but, i don't know if it is possible with 2.6.X vs ... 1121449064 M * Val i got "xf86EnableIOPorts: failed to set IOPL for I/O (Operation not permitted)" 1121449256 M * Val hum /dev missing files pb 1121449430 M * Val Allow ioperm/iopl access : CAP_SYS_RAWIO 1121449460 M * Val ...is it a big security hole ? 1121449658 M * _are_ yes, can writ directly to block devices -> could e.g. wipe the disk or implement a filesystem driver in serspa e to alter all other servers filesystems 1121449660 M * Val hum... yes, xfree need /dev/mem access 1121449762 M * Val and then it works... 1121449765 M * Val well 1121449799 M * Val too insecure :( 1121453669 P * geoffrey Leaving 1121456672 Q * renihs Ping timeout: 480 seconds 1121456906 J * renihs ~renihs___@193.170.52.70 1121456961 J * jayeola ~jayeola@host-84-9-109-154.bulldogdsl.com 1121458903 Q * jayeola Quit: leaving 1121459271 J * psy ~kvirc@212.203.31.1 1121459307 Q * Val Quit: test 1121460777 J * yarihm ~yarihm@80-218-5-17.dclient.hispeed.ch 1121461150 J * Val ~val@v41.ath.cx 1121461257 Q * alexx Read error: Connection reset by peer 1121461294 Q * Val Quit: 1121461397 Q * TheSeer Quit: Client exiting 1121461483 J * jonsmel_zZ ~jscottorn@209.33.206.3 1121461491 N * jonsmel_zZ jonsmel 1121461501 M * jonsmel hello all 1121461733 N * Bertl_oO Bertl 1121461745 M * Bertl evening folks! 1121461752 M * jonsmel Hi there bert 1121461764 M * ddlp hello, trying with debian kernel-2.6.11-7 and vserver patch 1.9.5.5 1121461779 M * Bertl hey jonsmel! how's it going? 1121461793 M * jonsmel good, you? 1121461796 M * Bertl ddlp: hmm, why not 2.6.12.2 and vs2.0-rc7 ? 1121461800 J * TheSeer ~theseer@border.office.salesemotion.net 1121461813 M * Bertl wb TheSeer! 1121461814 M * ddlp Bet: that will be my next try 1121461818 M * TheSeer thanx :) 1121461823 M * ddlp s/Bet/Bertl 1121461824 M * Rushmoom_zZ Hello Bertl! 1121461832 M * Bertl morning Rushmoom_zZ! 1121461838 M * TheSeer amazing, even in linux sometimes a reboot magically solves problems ;> 1121461838 N * Rushmoom_zZ Rushmoom 1121461861 M * jonsmel Bertl: question, when I try to ssh to a vserver I can get the login and passwd but it then says stdin is not a tty 1121461865 M * jonsmel any thoughts 1121462184 M * ddlp Bertl: now i have a box here that i can use for some testing 1121462315 M * Bertl jonsmel: hmm, maybe permissions of /dev/pts are not proper for your sshd? 1121462322 M * Bertl ddlp: great! 1121462354 M * Bertl TheSeer: hmm, AFAICR rebooting does just paper over real issues, not solve them :/ 1121462494 M * TheSeer Bertl: well.. true.. 1121462506 M * TheSeer but i sure as hell am not going to debug eclipse to find the memory leak ;> 1121462994 J * are|lunch foobar@dsl-084-056-151-245.arcor-ip.net 1121463027 M * Bertl hey are|lunch! 1121463382 Q * _are_ Ping timeout: 480 seconds 1121463947 Q * renihs Ping timeout: 480 seconds 1121463953 Q * psy Quit: KVIrc 3.2.0 'Realia' 1121464463 J * renihs ~renihs___@193.170.52.70 1121465262 J * Aiken ~james@tooax6-134.dialup.optusnet.com.au 1121465753 M * Bertl k, off again .. back later ... 1121465759 N * Bertl Bertl_oO 1121465959 M * DaPhreak question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and 1121465967 M * DaPhreak *grr* 1121465971 T * DaPhreak http://linux-vserver.org/ | latest stable 1.2.10, devel 1.9.5, 2.0-rc6, ng9.5 -- He who asks a 1121465974 M * DaPhreak question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and 1121466010 M * daniel_hozac rc7 ;) 1121466014 T * DaPhreak http://linux-vserver.org/ | latest stable 1.2.10, devel 1.9.5, 2.0-rc7, ng9.5 -- He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1121466026 M * DaPhreak heh .. yeah .. 1121466035 M * DaPhreak saw that 2 minutes ago :) 1121470547 Q * Rushmoom Quit: 1121470947 Q * renihs Ping timeout: 480 seconds 1121471426 J * Val ~val@v41.ath.cx