1123632168 J * ntrs_ ~ntrs@Dardeene-68.188.50.87.charter-stl.com 1123632168 Q * ntrs Read error: Connection reset by peer 1123632221 J * goku ~beef.junk@71-36-68-111.slkc.qwest.net 1123632614 J * ntrs ~ntrs@Dardeene-68.188.50.87.charter-stl.com 1123632614 Q * ntrs_ Read error: Connection reset by peer 1123632948 Q * goku Ping timeout: 480 seconds 1123633181 J * goku ~beef.junk@71-36-68-111.slkc.qwest.net 1123633571 Q * prae Quit: Pwet 1123633638 M * goku I'm having problems with linux-vserver 2.0; util-vserver .30.208; kernel 2.6.12.4 - whenever I try to run vprocunhide, it throws a bunch of "/proc/XXX: bad address" errors. testme.sh passes. see http://pastebin.com/333356 for what it throws. any ideas? 1123633801 M * daniel_hozac what compiler are you using? 1123633821 Q * ntrs Read error: Connection reset by peer 1123633833 M * goku gcc 4.0 1123633842 J * ntrs ~ntrs@Dardeene-68.188.50.87.charter-stl.com 1123633897 M * daniel_hozac gcc 4.0.0 compiled by yourself? 1123633994 M * goku yes, I tried removing optimizations "-O2", but that didn't do anything. it compiles clean, and passes a make check 1123633998 M * Doener` hm, only saw that on alpha(?) before... 1123634028 M * Doener` at least it was some non x86 arch 1123634046 M * goku Doener`: yeah, this is an old original athlon K7 1123634070 M * Doener` well, that is x86 ;) 1123634073 M * goku *nod* 1123634150 M * goku I don't know if this may have any bearing, but it has debian unstable (sid) on it. 1123634175 M * daniel_hozac might want to update to gcc 4.0.1 at least. 1123634268 M * goku oops. sorry. I lied earlier. dpkg says it's gcc 4.0.1 1123634281 M * daniel_hozac so it's provided by your distribution? 1123634285 M * goku yeah 1123634336 M * daniel_hozac release? 1123634373 M * goku what are you referring to? 1123634384 M * daniel_hozac the complete version of the gcc you're using. 1123634421 M * goku ii gcc-4.0 4.0.1-3 The GNU C compiler 1123634427 M * goku like that? 1123634434 M * daniel_hozac exactly. 1123634945 N * Bertl_oO Bertl 1123634956 M * Bertl evening folks! 1123635012 M * Doener` evening Bertl! 1123635156 M * goku daniel_hozac: any idea on that? 1123635189 M * daniel_hozac i have no ideas, i just get as much info as possible :) 1123635231 P * stefani parting (is such sweet sorrow) 1123635238 M * goku any idea where I might go for an answer? vserver mailing list perhaps? 1123635254 M * Doener` asking Bertl usually is quite a good idea ;) 1123635313 M * Bertl goku: please try the following: 1123635338 M * Bertl showattr /proc/version 1123635371 M * goku piccolo:~# showattr /proc/version 1123635371 M * goku vc_get_iattr(): Bad address 1123635371 M * goku ERR /proc/version 1123635391 M * goku that looks like a more familiar error... I've been bo 1123635402 M * goku pouring over vserver stuff for a bit 1123635435 M * Bertl okay, could you upload the showattr binary somewhere (or dcc it to me?) 1123635450 M * goku sure... one sec 1123635768 M * goku Bertl: DCCing.. awaiting reply 1123635781 M * Bertl DCC no file offered by goku 1123635842 M * Bertl goku: plz try again ... 1123635973 M * Bertl hmm ... looks like some firewall is in the way ... 1123636061 P * Matthew-1 1123636145 M * Bertl okay .. so we now know that your userspace binary is broken ... 1123636146 M * Bertl ./showattr /proc/version 1123636147 M * Bertl vc_get_iattr(): Bad address 1123636147 M * Bertl ERR /proc/version 1123636164 M * Bertl showattr /proc/version 1123636164 M * Bertl Awh-ui- /proc/version 1123636187 M * Bertl what distro is that? 1123636196 M * goku debian unstable (sid) 1123636217 M * Bertl how did you build the tools? 1123636244 M * goku just ./configure; make; make check; make install; make install-distribution 1123636264 M * goku compiled clean and passed the make check 1123636276 M * Bertl okay, after the configure, did you get any warnings? 1123636299 M * Bertl could you do the configure again, and upload the last page of output (about 40 lines or so) 1123636308 M * goku nothing, just the standard info (binaries are in here, this is there, etc) 1123636313 M * goku sure 1123636398 M * goku http://pastebin.com/333377 1123636537 M * Bertl okay, looks like the gcc 4.0.2 debian unstable is using is just broken ... 1123636552 M * Bertl is it possible to downgrade to some 3.3.x based gcc? 1123636558 M * goku yeah, no problem 1123636576 M * goku I'll downgrade & see what happens 1123636627 M * daniel_hozac or upgrade to the latest. 1123636729 M * Bertl I'm not really fond of the 4.x branch for now ... last time I tried (4.0.1) it did get half of the kernel archs wrong (usually internal compiler errors) 1123636996 Q * goku Quit: 1123637396 M * Bertl okay, I'm off to bed .. a little tired for now ... when goku returns, he very likely will report success ... should I be wrong there, please try some variations on the build env, like binutils or dietlibc too ... 1123637420 M * Bertl daniel_hozac: thanks for 'collecting information' ... you are doing a great job! 1123637428 M * daniel_hozac good night. 1123637433 M * daniel_hozac heh, thanks. 1123637443 M * Bertl night everyone ... cya tomorrow ... 1123637453 N * Bertl Bertl_zZ 1123638080 J * Rama ~nugzz@CPE0010b5002482-CM000f212f9dd2.cpe.net.cable.rogers.com 1123638123 M * Rama Hey, with the 2.0 patch, any reason why I might be getting the "it's not a bzip2 file" error? 1123638173 A * Rama has e2fsdevel installed 1123638912 M * Doener` Hollow: why does libvserver need linux headers 2.6.12? 1123639317 M * Rama Are there any mirrors for patch-2.6.12.4-vs2.0.diff? 1123643051 J * goku ~beefjunk@71-36-68-111.slkc.qwest.net 1123643404 Q * daniel_hozac Ping timeout: 480 seconds 1123646246 Q * Rama Quit: 1123647386 J * Waktugal ~Wellhest@cpe.atm4-0-1191200.0x50a6ca0e.hrnxx4.customer.tele.dk 1123648187 Q * goku Ping timeout: 480 seconds 1123648748 Q * keyser_soze Quit: Abandonando 1123653189 J * Aiken_ ~james@tooax6-076.dialup.optusnet.com.au 1123653561 Q * Aiken Ping timeout: 480 seconds 1123655484 M * eyck wazzaaaa 1123656494 P * click 1123657648 J * id_ ~id@p54A06BCA.dip.t-dialin.net 1123657659 M * id_ morning 1123658074 J * electrodib ~dib@ADijon-153-1-5-201.w83-196.abo.wanadoo.fr 1123658391 Q * electrolinux Ping timeout: 480 seconds 1123659360 Q * _nokoya Ping timeout: 480 seconds 1123659603 J * _nokoya young@hi-230-82.tm.net.org.my 1123660281 Q * electrodib Ping timeout: 480 seconds 1123660666 J * dlp ~ddlp@tangerine.chiccp.net 1123661306 J * hound ~TheAir@66.239.30.194.ptr.us.xo.net 1123661446 M * hound I am tearing my hair how trying to understand how vserver work with networking. I have this problem where I'm trying to host a courier imap server, but you can't connect to the daemon with my firewall up. I see in my firewall logs blocked packets from 127.0.0.1 to 192.168.1.83 (my vserver) to sunrpc 1123661503 M * hound now I can't figure out how to allow it to pass those packets 1123661748 M * hound ohhh. Well It's not REALLY my lo interface 1123661776 M * hound something added 127.0.0.1 to my ethernet device, I wish it wasn't even using it really but I haven't found any config files that let me change it 1123661957 J * electrolinux ~dib@ADijon-153-1-50-102.w81-51.abo.wanadoo.fr 1123662116 M * hound Does anyone have any experience setting up courier in a vserver behind a firewall? It appears it's functional but it sits around waiting on RPC and when that's done it tries to connect to 613 whatever that is. 1123662143 M * hound Maybe I should flat out deny the connection so it doesn't wait so long, and see if I stop having 127.0.0.1 problems. 1123662259 M * anonymousc inside the vserver - what ip does courier imap listen on? 1123662270 M * hound 192.168.1.83 1123662284 M * anonymousc and what ip are you trying to connect from? 1123662352 M * hound 192.168.1.84 (vserver host machine) 1123662390 M * anonymousc can you ping 192.168.1.83 from the vserver host machine? 1123662394 M * hound I can actually connect to the courier deamon, but something else is wrong where it won't send me my data 1123662409 M * hound yup, sure can 1123662426 M * anonymousc is the imap store local of stored on nfs? 1123662435 M * anonymousc *or* stored on nfs 1123662453 M * hound no it's local 1123662475 M * hound DENY IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=192.168.1.83 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=22016 DF PROTO=TCP SPT=37798 DPT=111 WINDOW=32767 RES=0x00 SYN URGP=0 1123662483 M * anonymousc and what are your iptables rules? 1123662547 M * hound There's a lot of them, but the one that denies it is just a deny all rule. 1123662592 M * anonymousc so when iptables is disabled you can connect no problem? 1123662594 M * hound When I add 127.0.0.1 to lo to allow it to connect to sunrpc whenever it likes, it still doesn't get by 1123662596 M * hound yup 1123662613 M * anonymousc courier doesn't use rpc (not to my knowledge anyway) 1123662685 M * hound okay let me do some searching around on that, I have been and haven't come up with much. It's definietly the act of connect to the imap daemon that's doing it, and I'd just as much rather it didn't use it. 1123662706 M * hound I do see in ifconfig -a eth0:FWB2 with an ip address off 127.0.0.1 1123662734 M * hound kinda odd? I don't know how aliases get created or why I only have FWB1 and 2 yet multiple vservers that work fine and aren't listed. 1123662806 M * anonymousc is this new-style vserver config? 1123662823 M * hound new-style? not familiar with the term 1123662850 M * hound I do have a .conf file for all the vservers that don't show up 1123662863 M * hound and the ip address that shows up at eth0:FWB1 isn't even started! 1123662871 M * anonymousc /etc/vservers//apps|fstab|interfaces|name|run|uts|vdir or just a vservers.conf file? 1123662885 M * anonymousc grr /etc/vserver/*vservername*/whatever 1123662887 M * hound errr 1123662891 M * hound I have both. oops 1123662901 M * anonymousc 2.4 or 2.6 kernel? 1123662908 M * hound 2.6 1123662934 M * anonymousc util-vserver version? 1123662963 M * hound 0.30.204-5sarge2 1123662993 M * anonymousc mmm 1123663005 M * hound in the new style config I have vserver/interfaces/dev set to eth0, and interfaces/dev/0/ip set to the ip 1123663024 M * hound and that's it. same for all of them. dunno why I get strange stuff on ifconfig on servers that aren't even started 1123663030 M * anonymousc yup - have you got 'name' and 'netmask' in there too? 1123663088 M * hound if you meen in interfaces/dev/0 ? no. I have a /etc/vserver/vservername/name file 1123663096 M * hound mean* 1123663103 M * hound should I? 1123663110 M * anonymousc yeah - i mean in separate files. 1123663145 M * hound right 1123663151 M * anonymousc what happens when you put an explicit allow all rule in the traffic between the vserver and vserver host ips? 1123663172 M * hound doesn't help or matter 1123663182 M * hound because it's trying to go from 127.0.0.1 not my host server ip 1123663234 M * hound tried it though 1123663248 M * hound what should name be? is that hostname, domainname? 1123663384 M * anonymousc frmo the flower page: name 1123663384 M * anonymousc 1123663384 M * anonymousc When this file exists, the interface will be named with the text in this file. Without such an entry, the IP will not be shown by ifconfig but by ip addr ls only. Such a labeled interface is known as an "alias" also (e.g. 'eth0:foo'). 1123663459 M * hound gotcha. thanks 1123663506 M * anonymousc does that explain your ifconfig issues? 1123663587 M * hound no :) now I get eth0:name which is handy when I forget what ip goes where, but I still have those FWB names, which must be created by my firewall config app firewall builder. 1123663619 M * hound I'm guessing when the server isn't started and I try to enable rules for it, the script creates the alias for me 1123663640 M * hound so yea I guess it kinda does explain my ifconfig issues 1123663752 M * anonymousc ah - i assumed you had created them. you can use pre and post start scripts to add and remove firewall rules when vservers are started and stopped: /etc/vservers/*vservername*/scripts/pre-start and /etc/vservers/*vservername*/scripts/pre-stop 1123663838 M * hound oh great 1123663883 M * anonymousc here's the docs from the flower page: (warning - long) 1123663886 M * anonymousc /etc/vservers/vserver-name/scripts 1123663886 M * anonymousc 1123663886 M * anonymousc A directory for scripts. By default, when one of these scripts will be executed, the execution of defaultscripts (within .../.defaults/scripts) will be skipped. To execute them nevertheless, the $DONT_SKIP_DEFAULTS environment variable must be set by one of the in-shellcontext scripts (the non-executable ones). 1123663886 M * anonymousc post-start 1123663886 M * anonymousc 1123663887 M * anonymousc The scriptlet which will be executed after the vserver has been started. 1123663887 M * anonymousc post-stop 1123663889 M * anonymousc 1123663889 M * anonymousc The scriptlet which will be executed after the vserver has been stopped, but before the directories will be umounted and the the interfaces disabled. 1123663891 M * anonymousc postpost-stop 1123663891 M * anonymousc 1123663893 M * anonymousc The scriptlet which will be executed after the vserver has been stopped completely. 1123663893 M * anonymousc pre-start 1123663895 M * anonymousc 1123663895 M * anonymousc The scriptlet which will be executed after network-interfaces were enabled and the directories mounted, but before the vserver itself has been started. 1123663897 M * anonymousc pre-stop 1123663897 M * anonymousc 1123663899 M * anonymousc The scriptlet which will be executed before the vserver will be stopped. 1123663899 M * anonymousc prepre-start 1123663901 M * anonymousc 1123663901 M * anonymousc The scriptlet which will be executed before the network-interfaces are enabled and the directories are mounted." 1123663903 M * anonymousc /etc/vservers/vserver-name/scripts/post-start.d 1123663903 M * anonymousc 1123663905 M * anonymousc Repository of post-start like scripts 1123663905 M * anonymousc script 1123663907 M * anonymousc 1123663907 M * anonymousc See post-start. 1123663909 M * anonymousc /etc/vservers/vserver-name/scripts/post-stop.d 1123663909 M * anonymousc 1123663911 M * anonymousc Repository of post-stop like scripts 1123663911 M * anonymousc script 1123663913 M * anonymousc 1123663913 M * anonymousc See post-stop. 1123663915 M * anonymousc /etc/vservers/vserver-name/scripts/postpost-stop.d 1123663915 M * anonymousc 1123663917 M * anonymousc Repository of postpost-stop like scripts 1123663917 M * anonymousc script 1123663919 M * anonymousc 1123663919 M * anonymousc See postpost-stop. 1123663921 M * anonymousc /etc/vservers/vserver-name/scripts/pre-start.d 1123663921 M * anonymousc 1123663923 M * anonymousc Repository of pre-start like scripts 1123663923 M * anonymousc script 1123663925 M * anonymousc 1123663925 M * anonymousc See pre-start. 1123663927 M * anonymousc /etc/vservers/vserver-name/scripts/pre-stop.d 1123663927 M * anonymousc 1123663929 M * anonymousc Repository of pre-stop like scripts 1123663929 M * anonymousc script 1123663931 M * anonymousc 1123663931 M * anonymousc See pre-stop. 1123663933 M * anonymousc /etc/vservers/vserver-name/scripts/prepre-start.d 1123663933 M * anonymousc 1123663935 M * anonymousc Repository of prepre-start like scripts 1123663935 M * anonymousc script 1123663937 M * anonymousc 1123663937 M * anonymousc See prepre-start. 1123663939 M * anonymousc mm - why not just go here and have a read: http://www.nongnu.org/util-vserver/doc/conf/configuration.html 1123663943 M * anonymousc preferably with a browser that you can choose the stylesheet to view 1123663951 Q * electrolinux Ping timeout: 480 seconds 1123663971 M * hound heh 1123663972 M * hound yea 1123663993 M * eyck cool 1123663993 M * hound page really jumps out at you 1123664231 M * anonymousc yeah - you really need to choose the 'boring' style sheet 1123664310 M * eyck flower page rocks. 1123664364 M * eyck well, usually I use links and didn't know what people were talking about until one day I stumbled upon it with galeon ;) 1123664439 M * hound Oh I hate famd, I wonder if it really know what's going on in my vserver if I am running it on the host server, anyone know? 1123664477 M * hound This is what's happening I believe, imap wants to connect to rpc to know how to find famd, and when it finds famd it does something THEN things at least start to get sent over the network 1123664630 M * anonymousc mmm - learn something everyday - courier famd integration... 1123664698 M * anonymousc Some FAM configuration use portmapper, so you will need to have portmap running also. You can also see "man 8 imapd" for more information. 1123664703 M * anonymousc so there's the rpc stuff 1123664853 M * anonymousc might need to add port 391002 to the firewall stuff 1123664859 M * hound :-O 1123664861 M * hound what's that? 1123664874 M * anonymousc FAM uses RPC, and is usually started by a superserver such as inetd or xinetd. 1123664875 M * anonymousc To manually add FAM: 1123664875 M * anonymousc 1. Add FAM to your portmapper 1123664875 M * anonymousc Add this line to /etc/rpc: 1123664875 M * anonymousc sgi_fam 391002 famd # File Alteration Monitor 1123664885 M * hound ohh yea. 1123664889 M * anonymousc mmm - that not a port number :) 1123664908 M * anonymousc rpc number more like 1123664921 M * anonymousc rpc sucks for firewalls 1123664934 M * hound right it does! 1123664949 M * hound I am trying to determine if it works fine off the host server's famd. 1123664987 M * anonymousc does fam-enabled courier offer much better performance than not? 1123664987 M * hound or if I can even run famd in a vsever, doubt it 1123665001 M * hound I think it's part of the imap specification 1123665009 M * hound I'd be fine with turning it off if I can figure it out 1123665025 M * hound think the server is supposed to notify the client when the server changes an open folder 1123665101 M * hound looks like I'll have to rebuild courier if I got that route 1123665102 M * anonymousc nup - courier can certainly run without it. famd is a way for the imap daemon to notice that the filesystem has changed without having to poll it 1123665147 M * hound okay done deal. recompiling now 1123665313 M * anonymousc no need to recompile 1123665326 M * anonymousc Setting the IMAP_ENHANCEDIDLE to 1 in /usr/lib/courier-imap/etc/imapd 1123665327 M * anonymousc enables realtime concurrent folder status updates. When relatime 1123665327 M * anonymousc folder status updates are enabled all IMAP mail clients that have the 1123665327 M * anonymousc same folder open will be immediately notified of any changes to the 1123665327 M * anonymousc folderās contents. 1123665332 M * anonymousc so set this to 0 1123665334 M * anonymousc presumably. 1123665419 M * anonymousc checkout the man page for imapd - there's a section on IMAP_ENHANCEDIDLE of interest 1123665470 M * hound ah I had read about that but didn't think it would keep it from using famd 1123665476 M * hound i'll try that 1123665534 M * hound ah already set to 0 1123665549 M * anonymousc mmm - grr. recompile. 1123665627 M * anonymousc mmm - check this page: http://www.trekweb.com/~jasonb/articles/exim4_courier/courierimap.html 1123665640 M * anonymousc If you choose not to install fam, you can still use IMAP_ENHANCEDIDLE, but instead Courier IMAP will poll for changes every 60 seconds for folders opened by IMAP clients 1123665653 J * obi ~obi@asus.saftware.de 1123665956 M * hound yea, it seems like it'll open a folder eventually after a couple of minutes when it's given up on famd 1123665964 M * hound or portmapper for that matter 1123666224 M * hound heh that's why I have firewall setup on the loopback interface, I don't want vservers connecting to the host daemons. wth 1123666433 J * lilo_ ~lilo@lilo.usercloak.oftc.net 1123666487 M * hound Yea that was an easier fix, I rejected any access to portmapper. 1123666512 M * hound instead of simply deny, so it didn't take incredibly long to realize there was no famd 1123666541 M * hound thanks for you help, couldn't have gotten so far without it 1123666632 Q * lilo Read error: Connection reset by peer 1123666772 M * hound it could have been that a restart of courier with the firewall on may have done it too, not curious enough to test it 1123667396 Q * hound Quit: Leaving 1123667684 N * Bertl_zZ Bertl 1123667730 M * Bertl morning folks! 1123667730 J * Doener_ ~doener@p548754A5.dip.t-dialin.net 1123667758 M * anonymousc morning bertl 1123667800 M * Vudumen hi Bertl :) 1123667814 M * Bertl hey anonymousc! Vudumen! 1123667817 M * Vudumen is 2.0 stable the latest or do you have any "sweeties" for this release? :) 1123667890 M * Bertl hmm ... I'm working on the next devel release (if you are referring to that) 1123668013 M * obi does 2.0 already support a private loopback interface per vserver? 1123668069 J * electrolinux ~dib@ADijon-153-1-5-87.w83-196.abo.wanadoo.fr 1123668167 Q * Doener` Ping timeout: 480 seconds 1123668303 M * obi i.e. "NGNET" 1123668533 M * Bertl obi: no, ngnet is something for the devel/experimental branches 1123668543 M * Bertl welcome electrolinux! 1123668583 M * DaPhreak morning Bertl :) 1123668676 M * Bertl morning DaPhreak! 1123669280 M * Bertl hmm, seems Rama had troubles with the patch (or something else) 1123669315 M * Bertl could somebody please check the patch links on 13thfloor.at for me? 1123669329 M * Bertl (for the 2.0 release, that is) 1123669405 M * DaPhreak just a second 1123669406 M * anonymousc gz and bz2 files work for me 1123669463 M * Vudumen Bertl: hmm. the patch in the .gz seems to be broken for me 1123669467 M * Vudumen the .diff works 1123669490 M * Bertl interesting, broken means? 1123669505 M * Vudumen patch sais something about garbage at the end of line 1123669508 M * Vudumen or something similar 1123669522 M * Bertl hmm, command line? 1123669539 M * Vudumen zcat ../patch-2.0.......gz | patch -p1 1123669545 M * Vudumen in /usr/src/linux-... 1123669644 M * DaPhreak Bertl: the links themselves are fine .. now checking the patches themselve 1123669749 M * DaPhreak Vudumen: works fine here .. 1123669766 M * Vudumen hmm interesting. i'll check it after the kernel complies 1123669769 M * Vudumen compiles 1123669781 M * Bertl hmm, yeah, I unpacked .bz2 and .gz and they are identical to the diff 1123669792 M * Bertl (well, kind of expected :) 1123669864 M * Bertl anyway, thanks for checking ... 1123670407 M * Bertl hmm, seems like the perfect time to dig into udev (for embeded) or to start maintaining devfs patches :/ 1123670444 M * DaPhreak heh, yeah ... 2.6.13 will have the Kconfigs removed :) 1123670481 M * Bertl hmm, only the config? 1123670597 M * Bertl does anybody know where the home of udev is? 1123670613 M * DaPhreak http://www.kernel.org/pub/linux/utils/kernel/hotplug/udev.html 1123670771 M * DaPhreak Bertl: http://www.kroah.com/log/2005/07/29/ "Kernel Summit" 1123670779 M * DaPhreak No one objected (Andrew's worry is that people are relying on it, but aren't speaking up. Hopefully the 2.6.13 release will flush these people out of the woodwork, as that kernel just disables the config option for devfs, but the code is still present.) 1123670807 M * Bertl excellent, so I will turn it on again for now :) 1123670835 M * DaPhreak heh :) 1123670847 M * DaPhreak udev isn't that bad :) 1123670859 M * DaPhreak but a static dev is even sufficent (at least for me) 1123670872 M * Bertl hmm .. you want to do a version for the QEMU test image? 1123670933 M * Bertl http://vserver.13thfloor.at/Stuff/QEMU/TEST_32M_public.img.bz2 1123671031 M * DaPhreak *hrm* of the udev one ? or the static dev thingy ? 1123671093 M * Bertl whatever gives me devfs style devices in /dev with short boot time and the ability to --bind mount (if not mount) the stuff somewhere else 1123671122 J * Blogmeister ~Blogmeist@p548781A7.dip0.t-ipconnect.de 1123671123 M * DaPhreak what devices do you need in that qemu image ? 1123671133 M * Bertl whatever the kernel provides ... 1123671155 M * Bertl kernels are monolithic except for 1-2 test modules 1123671167 M * electrolinux hello everybody! 1123671175 M * Bertl welcome Blogmeister! 1123671211 P * Blogmeister 1123671271 M * electrolinux need some help for setting up network in vservers... when i remove the interface dir, the vserver can connect to the net, but don't have ip 1123671295 M * Bertl what's your setup? (short description) 1123671368 M * electrolinux host is gentoo, kernel is 2.6.12, vserver is 0.30.208 1123671384 M * Bertl k, and your network setup? 1123671414 J * Neubix ~brian@p54B0770E.dip.t-dialin.net 1123671414 M * electrolinux for the host, or a vserver ? 1123671418 M * Neubix hello 1123671423 M * Bertl welcome Neubix! 1123671430 M * Neubix Hi herbert :-) 1123671436 Q * id_ Ping timeout: 480 seconds 1123671444 M * Bertl electrolinux: well, best for both, you can mask sensitive information with 'xxx' or 'yyy' 1123671524 M * Neubix debian-newvserver.sh error Must be run from the host server (security context 0) on a "vserver/ctx-patch" enabled kernel.. See: http://www.solucorp.qc.ca/miscprj/s_context.hc.. I found only patches for 2.4 .. I use the new 2.6 kernel ... 1123671547 M * Bertl throw it away .. (the debian-newserver.sh) 1123671582 M * renihs hi Bertl! 1123671589 M * Bertl hey renihs! 1123671594 M * renihs :) 1123671613 M * Bertl Neubix: util-vserver provides a 'build' command, which allows you to build a guest ... 1123671643 M * Neubix ok .. I try :-) 1123671662 M * Bertl Neubix: have a look the the wiki page, there are some examples 1123671678 M * Bertl http://linux-vserver.org/alpha+util-vserver 1123671727 M * Neubix ok, thanx Herbert 1123671735 M * Bertl you're welcome! 1123671866 M * renihs btw, i just finished a gentoo vserver livecd (actually an irproute2 router with tc) with a prebuild (only 5 packages installed) vserver template 1123671879 M * renihs could that maybe usefull to anyone here? 1123671891 M * renihs nice to try out of the box 1123671907 M * DaPhreak renihs: could you pack it to somewhere (http, ftp) ? 1123671907 M * Bertl I guess so ... maybe post it to the ML? 1123671917 M * renihs ML? 1123671922 M * Bertl Mailing List ... 1123671925 M * renihs ah :) 1123671934 M * renihs ok, i ll do that right away :) 1123671941 M * DaPhreak renihs: could you pack it to somewhere (http, ftp) ? 1123671957 M * renihs DaPhreak, ya, ofc, thought of seeding it with torrent 1123671963 M * renihs but ftp/http is no problem either 1123671968 M * renihs not fast though 1123671975 M * DaPhreak yeah .. would but it to my dev-space :) 1123671978 J * id_ ~id@p54A058E9.dip.t-dialin.net 1123671992 M * Bertl morning id_! 1123671995 M * electrolinux Bertl: http://electrolinux.pastebin.com/333604 1123671995 M * renihs i didnt catch that :) 1123672037 M * DaPhreak renihs: if you put it somewhere, i'll download it and see if Hollow or I have a purpose for that :) 1123672054 M * Bertl electrolinux: okay, and the guest uses which ip? 1123672085 M * renihs DaPhreak, k, just a min, i will check through to see if i missed something important and make a small readme 1123672104 J * lonewolff ~lonewolff@host86-128-17-74.range86-128.btcentralplus.com 1123672129 M * Bertl welcome lonewolff! 1123672179 M * electrolinux Bertl: dev:eth0 ip:192.168.1.200 1123672219 M * Bertl okay, and how do you reach the outside (internet)? 1123672242 M * Bertl (I assume via the ppp) 1123672256 M * electrolinux yes 1123672282 M * Bertl so the case is simple, when you work on the host, it doesn't use your private ip for outgoing stuff, but instead the ppp ip 1123672319 M * Bertl inside the vserver guest nobody is allowed to use the ppp ip, of course ... so it will use the private ip for outgoing stuff 1123672332 M * Bertl (you can easily check that with tcpdump on the ppp interface 1123672336 M * lonewolff Bertl: thankyou :) 1123672362 M * lonewolff i am currently weighing up different vm/vserver implementation for a new webserver 1123672365 M * Bertl electrolinux: to make it work, you simply use SNAT on outgoing packets to change the private ip of the guest to the ppp ip ... 1123672386 M * Bertl lonewolff: vm/vserver implementation? 1123672454 M * lonewolff Bertl: well i've been looking a UML, Xen and linux-vserver 1123672474 M * lonewolff to allow me to run virtual servers for my clients 1123672503 M * Bertl which is a good idea to do ... as they are somewhat related but also complementary in many ways ... 1123672606 M * lonewolff i'm leaning towards vserver at the moment, as the other two run multiple kernels, therefore increasing system load, and i dont think multiple kernels are necessary in a webhosting environment 1123672627 M * Bertl usually they are not (for web hosting and similar) 1123672659 M * Bertl also you can make good use of the resource sharing available in linux-vserver (if you set up the guests properly) 1123672713 M * DaPhreak Bertl: the vx_rmap_pid was where ? in linux/vs_cvirt.h ? 1123672726 M * Bertl yep, that should suffice IIRC 1123672747 M * lonewolff yeah, i'm just reading thru the website now, not much is required, just the ability to have its on public ip and for each client to be root on their own server, installing what they want etc, but not allowing them to break the actuall pysicial server :) 1123672777 M * Bertl sounds like a perfect match so far ... 1123672900 M * lonewolff it does look like the best for what i need at the moment, and whats more it looks nice and easy to get up and running 1123672930 M * Bertl so what are you waiting for? get your test box ready :) 1123673011 M * lonewolff the test box is next to me at the moment :P 1123673255 M * lonewolff just reading the debian vserver howto and then i shall have a play :) 1123673297 M * Bertl k, just make sure not to use the outdated/broken debian sarge versions ... 1123673323 M * lonewolff ah ok 1123673378 M * Bertl ah, and IIRC, don't use the gcc-4.0.x from unstable either ... it's broken too :) 1123673434 M * lonewolff http://deb.riseup.net/vserver/preparing/ <<< will follwing that howto work do you think? 1123673461 M * Bertl sec ... 1123673490 M * Bertl hmm, I would not suggest to do that ... well, some parts are fine 1123673496 M * renihs DaPhreak, i ll put that iso online sometime today, completely forgot to emerge the latest vserver-sources :), my kernel is still -rc8 1123673523 M * DaPhreak heh :) 2.0 is in (as of 2005/08/08) ;) 1123673524 M * Bertl lonewolff: but a) I'd suggest to get the stable release vs2.0 for 2.6.13.x 1123673542 M * Bertl and a vanilla kernel (from kernel.org) 1123673575 M * Bertl lonewolff: or one of the uploaded/provided vserver kernels (don't know where they are, actually) 1123673598 M * Neubix yes vserver build ist running .. but after install I try to start and i get vc_new_s_context(): Function not implemented .., Neubix the newbi .. :-/ 1123673605 M * Bertl lonewolff: make sure that you install util-vserver 0.30.208 (not the default 204) 1123673664 M * Bertl lonewolff: the barrier stuff isn't really required ... and IIRC the default for debian is somewhere in /var/lib/vservers ... but you can change that as shown in that howto 1123673682 M * Bertl the sshd part is fine ... 1123673701 M * lonewolff Bertl: thanx, i shall key a vanilla kernel and the patches and compile that then, instead of using the debian stuff 1123673713 M * lonewolff s/key/get 1123673715 M * Bertl it's usually easier ... 1123673754 M * lonewolff can the vserver's name have a . in it? 1123673780 M * Bertl I suppose so .. they are used for dirs and for lookup only ... 1123673780 M * renihs yah 1123673797 M * renihs mine are all called bla.location 1123673801 M * renihs seems to work 1123673817 M * Bertl but I heard that using a dash is not advised ... 1123673859 M * lonewolff *makes a note* 1123673870 M * lonewolff 'tis a very helpfull irc channel you have here :) 1123673874 M * lonewolff thankyou for all the help 1123673894 M * Bertl you're welcome! and have fun! 1123673903 M * Bertl (feel free to hang around) 1123673913 M * lonewolff i will do, thanks 1123673941 M * lonewolff might be able to offer help, after i've had some experience of it 1123674071 M * Bertl sure, that's the idea ... (see topic) 1123674138 M * Neubix herbert, you have a tip about vc_new_s_context(): Function not implemented .., 1123674194 M * Bertl hmm, yeah, most likely: get newer tools or enable legacy support ... less likely: patch your kernel :) 1123674234 M * Bertl Neubix: best you give this script a spin and upload the output somewhere: http://vserver.13thfloor.at/Stuff/SCRIPT/testme.sh 1123674332 M * Neubix Linux-VServer Test [V0.13] Copyright (C) 2003-2005 H.Poetzl 1123674332 M * Neubix chcontext: vc_new_s_context(): Function not implemented 1123674332 M * Neubix chcontext failed! 1123674332 M * Neubix chbind: vc_set_ipv4root(): Function not implemented 1123674332 M * Neubix chbind failed! 1123674334 M * Neubix Linux 2.6.8-2-386 i686/0.30.208/0.30.208 [Ea] (0) 1123674337 M * Neubix VCI: 1123674341 M * Neubix --- 1123674343 M * Neubix vserver:/home/vservers# 1123674377 M * Neubix ohh ... fuck .. i have boot with a wrong kernel .. 1123674380 M * Neubix sorry 1123674392 M * renihs looks like :) 1123674429 M * Neubix :-) 1123674466 M * Bertl np 1123674495 M * Neubix now first I edit my grup config file *smile* 1123674567 Q * VooDooMaster Quit: Nettalk6 der Freeware IRC-Client 1123675167 M * renihs grub?group? 1123675177 M * Bertl grub! :) 1123675186 M * renihs ah :) 1123675266 M * Neubix grub .. yes ... *ohhh ..... 1123675271 M * Neubix :-) 1123675281 M * Neubix ok, next .... chbind: vc_set_ipv4root(): Function not implemented 1123675281 M * Neubix chbind failed! 1123675679 M * Bertl let's consult the testme.sh again ... 1123675693 M * Bertl (maybe via pastebin.com or so) 1123675737 M * Neubix vserver:/home/vservers# ./testme.sh 1123675737 M * Neubix Linux-VServer Test [V0.13] Copyright (C) 2003-2005 H.Poetzl 1123675737 M * Neubix chcontext is working. 1123675737 M * Neubix chbind: vc_set_ipv4root(): Function not implemented 1123675737 M * Neubix chbind failed! 1123675738 M * Neubix Linux 2.6.12.4-vs2.0 i686/0.30.208/0.30.208 [Ea] (0) 1123675739 M * Neubix VCI: 0002:0001 273 030000f2 1123675741 M * Neubix --- 1123675743 M * Neubix vserver:/home/vservers# 1123675815 M * Bertl hmm, seems you disabled LEGACYNET? 1123675843 M * Neubix in kernel config ? 1123675853 M * Bertl grep VSERVER_LEGACYNET .config (yep in kernel .config) 1123675864 M * Neubix ok, mom 1123675873 M * Bertl you might read up on the help text there :) 1123675929 M * renihs hmm i guess my vserver livecd really would be quicker in some ways, boot -> extract template, start template :) 1123675934 M * Neubix grep VSERVER_LEGACYNET .config .. no output .. hmmmm 1123675947 M * renihs looks like its disabled 1123675961 M * renihs did u ever do a make menuconfig in there? 1123676028 M * Neubix yes, it is ! 1123676037 M * Neubix I create a new one .. 1123676128 M * Bertl renihs: even if you don't do make *config, the build system will do it on your behalf, and set reasonable defaults 1123676147 M * renihs hmm good to know 1123676152 M * renihs but thats new? 1123676173 M * Bertl the build system thing? 1123676202 M * renihs no i mean, doesnt it create all kinds of files when doing make menuconfig? 1123676233 M * Bertl yes, and if not done before, the build system will invoce 'make oldconfig' ... 1123676252 M * renihs and if there never was an oldconfig? clean extracted kernel for example? 1123676271 M * Bertl then it will build the default config .. IIRC .. 1123676295 M * renihs :) 1123676296 M * renihs l 1123676298 M * renihs k 1123676367 M * renihs hmm for some reasons the normal gentoo-sources-2.6.12-r8 seems to be masked, grumbl 1123676435 M * Bertl but, what might be interesting (if somebody wants to give it a try) is: what defaults do we get in the following cases (regarding linux vserver): make defconfig, make allnoconfig, make oldconfig with an empty .config 1123676440 M * Neubix testme.sh all success :-) 1123676444 M * Neubix but vserver:/home/vservers# vserver vhost1 start 1123676445 M * Neubix /proc/uptime can not be accessed. Usually, this is caused by 1123676445 M * Neubix procfs-security. Please read the FAQ for more details 1123676461 M * Bertl Neubix: run vprocunhide 1123676474 M * Bertl (and add it to your init.d runlevel stuff) 1123676536 M * Bertl i.e. usually it is installed by the tools and run on reboot 1123676546 M * Neubix yes .. thanx :-) 1123676628 M * Bertl yw 1123676884 M * lonewolff im im going to be running between say 20-30 vservers on each of these boxes (p4 3GHZ 1gb ram), and the vservers will just be running webhosting stuff, apache, mysql etc, how much swap space should i give the system (i know usually you would give it 2gb, but just wondered whether with it running vservers, it should allocate more) 1123676911 M * renihs 30 vservers on a 1gb box? 1123676912 M * renihs :) 1123676922 M * renihs thats cute 1123676955 M * renihs i only have 7 on a 1gb box, and there are only 2 webservers and they eat a lot ram :) 1123676963 M * Bertl well, let's put it this way, the upper limit reported yet is about 150 guests on a 3GB dual CPU machine ... 1123676969 M * renihs cool 1123676972 M * renihs so many? 1123676998 M * Bertl yes, lycos was pushing the limits :) 1123677048 M * lonewolff to be perfectly honest, i want to squash as many as possible onto each box, but still have it usable, less servers = less cost afterall 1123677055 M * Bertl lonewolff: I'd say you can compensate for missing ram with a reasonably large swap file 1123677077 M * Bertl the typical web server does not run all the time ... 1123677082 M * lonewolff Bertl: how much ram would you recomend? 1123677091 M * renihs as much as possible :) 1123677092 M * lonewolff i could put 2gb in each machine without too much bother/cost 1123677104 M * Bertl yeah, on x86 up to 3GB make sense ... 1123677132 M * Bertl lonewolff: so adding memory will most likely benefit you best ... 1123677168 M * lonewolff Bertl: as always ;), its just a case of balancing it against cost hehe 1123677203 M * Bertl well, I'd suggest putting 2GB into one box, and run it with 2GB and 1GB for testing 1123677213 M * Bertl (you can limit the physical memory on bootup) 1123677226 M * lonewolff aha, that sounds like a plan 1123677267 M * Bertl if you figure that it works reasonably well with 1GB, you use that for the others ... if not, you know what to upgrade ... 1123677275 M * lonewolff yeah 1123677301 M * Bertl with 2GB memory, make sure to disable highmem and enable a 1/3 split (instead of the 3/1) 1123677324 M * lonewolff okely dokely 1123677339 M * lonewolff at least i have plenty of time to test this out, and have a play before they go live 1123677367 M * Bertl that's always an advantage ... 1123677412 M * DaPhreak oh boy .. i need some fast hdd/cpu ... :P 1123677447 M * DaPhreak "LD vmlinux" takes ages .. 1123677449 M * renihs bah me too 1123677486 M * renihs and i am already on 15rpm scsi disks 1123677522 M * DaPhreak nah .. crappy 5200rpm laptop hard disk 1123677555 M * Bertl DaPhreak: wrong approach, get more memory, do it there := 1123677598 M * DaPhreak heh :) yeah ... would also be an idea :) tmpfs ;) 1123677624 M * DaPhreak but that would need ~2G RAM ... and thats really expensive for laptops these days :) 1123677686 M * renihs DaPhreak, i ususally mount a real fast network share on my lappi 1123677694 M * renihs and do the compiling there :) 1123677709 M * DaPhreak Bertl: that QEMU image you posted earlier, is a plain loop image ?! 1123677713 M * renihs i compiled 2000 packages that way on my pentium-m 1.4 1123677737 A * DaPhreak has no real fast network share ... 1123677741 M * renihs :( 1123677751 M * Bertl DaPhreak: it's a harddisk image with a single partition 1123677753 M * DaPhreak but I keep that ramfs/tmpfs in mind :) 1123677765 M * DaPhreak but i could mount it via loop ? 1123677782 M * renihs if its iso :) 1123677790 M * Bertl DaPhreak: yes, but you need to get the offset right 1123677815 M * Bertl http://vserver.13thfloor.at/Stuff/QEMU/gohd.sh <- check this 1123677859 M * DaPhreak *uh* Bertl make that 3GB RAM :P 1123678047 A * Bertl makes it 3GB ram :) 1123678096 M * DaPhreak which is nearly impossible for a laptop ;) 1123678123 M * renihs hmm say guys, did u ever hear about a cpu damaged to much for beeing able to compile anything but not damaged enough to run every binary stable? 1123678134 M * Bertl ah, nothing is impossible, just very unlikely ... 1123678140 M * renihs k ... 1123678163 M * Bertl renihs: hmm, that comment was actually on the memory issue ... 1123678166 M * DaPhreak renihs: does the compilation result in a segfault ? 1123678171 M * renihs yah 1123678173 M * renihs often 1123678177 M * DaPhreak as Bertl said :) 1123678179 M * renihs internal compiler error too 1123678182 M * DaPhreak memory is the key ;) 1123678192 M * renihs na the memory is ok 1123678205 M * renihs memtest a few days should see it? ecc ram too 1123678214 M * DaPhreak Bertl: show me some 2G SO-DIMM's ;P I've never found/seen one 1123678221 M * renihs they dont exist :) 1123678244 M * renihs or at least, not for me they do 1123678276 M * renihs pff, now i should start working on my xbox livecd :) 1123678279 M * Bertl http://quicklinks.infineon.com/2gb-so-dimm/ 1123678291 M * renihs i figure xboxes are great wireless access points :) 1123678346 M * Bertl sorry, wrong link :) 1123678347 M * renihs hmm i doubt those 2GB thingies get shipped :) (in reallity) 1123678351 M * Bertl http://www.physorg.com/news224.html 1123678396 M * Bertl that's almost a year ago, so I guess they are out there, no? 1123678429 M * renihs hehe doubtfull 1123678435 M * lonewolff biggest i've ever seen is 1gb so-dimm modules 1123678448 M * renihs yah :), and they are hard to get 1123678453 M * renihs (and replace) 1123678459 M * lonewolff nah, crucial sell them 1123678490 M * renihs hmm my max mem is 2gb, and i use those ugly cheap 512 :) 1123678520 M * lonewolff same for my laptop, max mem 2gb but i have 2*512MB so-dimms installed 1123678526 M * lonewolff i am considering upping to 2gb tho 1123678645 M * Bertl wearables will change that pretty soon ... you can fit so much more into an average sized military backpack :) 1123678684 M * lonewolff well, I not appear to have a working vserver, that was exceptionally easy :) 1123678687 M * lonewolff now* 1123678731 M * renihs yah, its soo easy i was too very doubtfull anything works 1123678798 M * renihs no error -> cant work :) 1123678808 M * lonewolff ;O) 1123678816 M * Bertl ah, well, you can set some options to get various errors :) 1123678822 M * renihs hehe 1123678827 A * lonewolff plays with quotas 1123678836 M * Bertl lonewolff: disk limits? 1123678843 M * renihs yah, just wanted to suggest that, make some (fake) errors so the users arent so worried 1123678856 M * Bertl something like: 1123678859 M * renihs (because of missing errors they are used to so much) 1123678870 M * lonewolff Bertl: yes, limiting the amount of space available to the vserver 1123678886 M * renihs lonewolff, i use images 1123678888 M * Bertl kernel panic!keep in mind, we only panic once at startup to satisfy customers ... have a nice day ... 1123678897 M * renihs 800mb image for example, and loopmount it to the /vserver/bla 1123678908 M * renihs -> no problems in recovery, no tricky quotas 1123678919 M * lonewolff this seems quite easilly actuallyu 1123678921 M * renihs dunno if that can be applied to your scenario 1123678927 M * Bertl renihs: I'd suggest looking at lvm, it's less overhead ... 1123678935 M * renihs Bertl, hmm 1123678942 M * renihs didnt touch lvm since quite some time 1123678945 M * Bertl in addition, disk limits on a shared partition allow for even less overhead 1123678946 M * lonewolff i just have vservers in /vserver/servername/stuff 1123678975 M * lonewolff that way (i assume) i can increase discspace available easilly if a customer asks 1123678992 M * lonewolff and that seems like that case :) i am very much liking this 1123678994 M * Bertl lonewolff: so as you want to use the resources in an efficient way, you will want to go for a shared partition ... 1123679033 M * lonewolff Bertl: do you mean like what i have? where al vservers are stored in folders on one partition? 1123679040 M * Bertl yep 1123679061 M * lonewolff yeah:) thats what im doing, then i can increase the size easilly 1123679093 M * Bertl yes, also keep in mind, that it better be a different partition than the root partition 1123679099 M * lonewolff /vservers is actually a 250gb SATA hard drive :) 1123679102 J * keyser_soze ~cimarron@host30.201-252-10.telecom.net.ar 1123679114 M * lonewolff and the main system boots off a seperate 40GB drive 1123679136 M * Bertl lonewolff: because you want to mount it with tagxid (as option) and remount does not allow this, for sanity reasons ... 1123679192 M * renihs hmm thats why i like livecds, no hard disk requiered for main system :( 1123679216 M * lonewolff renihs: but cd-rom drive required 1123679220 M * renihs (copy2ram) wastes a bit but bla 1123679224 M * renihs lonewolff, true :) 1123679227 M * lonewolff low profile cd-rom's cost a bomb 1123679241 M * renihs they would be dead after a month too 1123679248 M * renihs running an os from cd 1123679253 M * lonewolff yeah 1123679282 M * lonewolff im using 1U custom built rackmount systems, trying to keep cost to the minimum for what i need 1123679288 M * Bertl go for solid state and run it in memory :) 1123679290 M * renihs but a livecd is nice, no matter which box, just plug in cd and the data harddrive and system recovery is finished :) 1123679309 M * renihs low cost, student solution :) 1123679324 M * Bertl a vserver host system can be smaller than 16MB ... 1123679332 M * renihs it can??? 1123679333 M * renihs hmm 1123679341 M * renihs mine is compressed around 100mb :) 1123679352 M * renihs (mini gentoo with some usefull stuff) 1123679353 A * lonewolff uses solid state CF memory on his dns servers 1123679414 M * lonewolff my vserver i just installed is 80mb (base debian with apache2/evim4/mysql) 1123679421 M * lonewolff exim even 1123679488 M * renihs grumbl 1123679509 M * renihs i only have some routing, network stuff, a mini http and snmp and mrtg 1123679512 M * renihs and rrdtools 1123679518 M * renihs and its much bigger ;( 1123679528 M * lonewolff base debina install is 65mb 1123679536 M * lonewolff (and i cant type today) 1123679540 M * renihs :) 1123679562 M * renihs http://ifaq.wap.org/sex/geekguide.html <--- whoever posted this here, ...its great :) 1123679593 M * renihs just found in my log :) 1123679626 M * lonewolff hmmmm, my dns is slow to do lookups today *hits it* 1123679676 M * renihs full pipe? 1123679722 M * Bertl renihs: seems like matti is responsible (http://irc.13thfloor.at/LOG/2005-08/LOG_2005-08-07.txt) 1123679729 M * lonewolff doubt it, the dns is sitting next to me on the same network 1123679751 M * lonewolff probably ipv6 being a pain again 1123679817 M * lonewolff or of course, that this machine has suddenly decided to get its dns info from dhcp and is now using an external server GRRR 1123679849 M * renihs Bertl, yup, matti is the guy 1123679869 M * renihs very cool article, laughed my ass off 1123679880 M * Bertl yeah, quite funny ... 1123679888 M * renihs i even printed it out and gave it to my gf 1123680080 M * lonewolff well, now that i've got to grips with this vserver lark, i just need to design and build the new server (the fun bit) 1123680238 M * Bertl lonewolff: once you are happy with your setup, you might consider adding yourself to the happy providers/users page ... 1123680257 M * lonewolff Bertl: once i've gone live i will do that :) 1123680275 M * Bertl (of course, same goes for all the other folks around here, if they didn't do so already) 1123680336 M * renihs what happy providers/users page? 1123680339 M * Bertl DaPhreak: any issues with the image? 1123680377 M * sid3windr renihs: on the wiki :) 1123680388 M * renihs sid3windr, ah thx 1123680390 M * Bertl http://linux-vserver.org/VServer+Hosting and http://linux-vserver.org/VServer+Users (it's under Public Relations on the main wiki) 1123680491 Q * atsab Read error: Connection reset by peer 1123680500 J * atsab ~as@lotes.vtu.lt 1123680507 M * Bertl wb atsab! 1123681056 J * daniel_hozac ~daniel@c-6f1472d5.010-230-73746f22.cust.bredbandsbolaget.se 1123681073 M * Bertl wb daniel_hozac! 1123681085 M * daniel_hozac thanks! 1123681366 Q * Aiken_ Ping timeout: 480 seconds 1123681856 M * Neubix ok, nwo I can start my vserver. but I have no IP-Address inside .. installe with vserver vhost2 build -m debootstrap --hostname vhost2.mynet.local --netdev eth0 --interface 192.168.0.108/24 --context 42 -- -d sarge -m ftp://ftp.debian.org/debian 1123681899 M * Bertl try 'ip addr ls' inside .. you have an ip address there :) 1123681939 M * sid3windr so, now that 2.0 is out, I guess 2.0.1 will follow soon after more people tested it? :) 1123681957 M * Bertl Neubix: if you want an ip alias (which can also be seen by the ancient ifconfig tool) then you have to make that --interface hansi=192.168.0.108/24 1123681960 M * sid3windr but what I actually wanted to ask, will more be done on ngnet territory? :) 1123681985 M * Neubix ok, thanx :-) 1123681987 M * Bertl sid3windr: surprisingly there are no bug reports yet ... 1123682006 M * Bertl sid3windr: and yes, I guess ngnet is something we will work on ... 1123682087 M * Neubix ahh, with netstat I see my IP ;-) 1123682198 M * Neubix Herbert, is in the stable 2.0 (kernel 2.6) any Disk Limit / Quota solution inside ? 1123682230 M * Bertl disk limits (on shared partition) yes, quota (user and group for inside the guests) only on a separate partition per guest 1123682278 M * Neubix on shared partition ? only on a separate partition per guest ? I don't understand this .. 1123682298 M * Bertl okay, I'll explain ... 1123682307 M * Neubix in german ;-) ?? 1123682341 M * Bertl shared partition: you put your 'guests' on let's say /vservers which is a single large filesystem mounted there (for example a real hd partition, with ext2) 1123682362 M * TheSeer .oO( ext3 ) 1123682369 M * Neubix ok .. understand 1123682381 M * Bertl separate partition: you have a separate lvm or loopback device for each guest .. which you mount on /vservers/ ... 1123682420 M * Bertl disk limits: those are total disk space and inode limits on a (typically shared) partition 1123682467 M * Bertl user/group quotas: those are per user (or group) quotas as we know them from unix since hmm ... ever ... they are only supported on separate partitions (for now) 1123682510 M * Neubix separate partitions with LVM eg .. ? 1123682528 M * Bertl yep, lvm, evms, loop, real disk partition ... whatever 1123682552 M * Neubix user/group quotas are running inside the vhost ? 1123682646 M * Bertl yes, as you have them on 'normal' servers .. in general, if you do not know them, you do not need them :) 1123682664 M * Neubix :-) 1123682689 M * Neubix ok, thanx for the infos .. now I habe I long night *smile* 1123682712 M * Bertl you're welcome! enjoy! 1123683023 M * Bertl let me tell you, it's not the best idea to use a shell variable called PATH (for other purposes than the originally intended) :) 1123683035 M * sid3windr :) 1123683295 J * stephenM ~stephen@user-6228.lns3-c8.dsl.pol.co.uk 1123683297 M * stephenM hi all 1123683306 M * Bertl welcome stephenM! 1123683317 M * stephenM I've just built a vserver, but when I try and enter it, it says it's not running - when I try and stop it, it says it's not running 1123683323 M * stephenM but when I try and start it... it says it's running! 1123683326 M * stephenM any ideas? :) 1123683352 M * Bertl hmm, let's start with something simple, like: http://vserver.13thfloor.at/Stuff/SCRIPT/testme.sh 1123683354 M * stephenM also at the end of the build process I get a load of "vcontext: vc_create_context(): File exists" 1123683368 M * Bertl (upload the output somewhere, e.g. pastebin.com) 1123683370 M * stephenM I have to physically reboot the machine, then it starts working 1123683416 M * stephenM http://pastebin.com/333725 1123683469 M * Bertl tx 1123683480 M * Bertl what command did you use to create the guest context? 1123683524 M * stephenM vserver vservertest build -m yum --hostname vserver.com --interface domain=eth0:192.168.1.16/24 --initstyle sysv --context 510 --force -- -d centos4 1123683544 M * stephenM everything works fine once I've rebooted the box 1123683652 M * daniel_hozac i bet there's a left over minilogd process in the 510 context :) 1123683680 M * stephenM the trouble is, I can't find a way to forcibly kill the vserver 1123683685 M * stephenM it shows as running in vserver-stat 1123683687 M * stephenM but with no name 1123683712 M * stephenM 1 process running apparently 1123683722 M * Bertl hmm .. are you using debian? 1123683738 M * stephenM no, centos 1123683743 M * stephenM host: centos 4.1 1123683753 M * Bertl k, what gcc does that use? 1123683757 Q * monrad Ping timeout: 480 seconds 1123683772 M * stephenM gcc-3.4.3-22.1 1123683788 M * Bertl daniel_hozac: minilogd sounds like a good bet, but why should the tools report it stopped? 1123683821 M * stephenM Bertl: I think that's happening because when it was started, it wasn't assigned a name 1123683825 M * Bertl maybe the yum is of the broken kind? (IIRC enrico had some patches) 1123683825 M * stephenM the name column is empty 1123683835 M * stephenM yeah it gave me warnings about that 1123683845 M * stephenM do I need to compile yum from scratch with those patches? 1123683861 M * Bertl well, it should fix some (maybe your?) issues ... 1123683897 M * stephenM where do I get the source for yum? 1123683910 M * Bertl from your distro? 1123683943 M * Bertl (probably some yum-%version.src.rpm ) 1123683962 M * renihs what the heck is yum??? 1123683970 M * renihs binary packaging system? 1123683992 M * Bertl yep, something like urpmi or apt-get (rpm) 1123684003 A * renihs shiffers 1123684009 M * stephenM renihs: it was created for redhat-like systems when redhat stopped the free up2date 1123684013 M * stephenM IIRC 1123684017 M * renihs aah :) 1123684033 M * renihs i heard it once, couldnt place it 1123684174 N * _nokoya nokoya 1123684285 M * stephenM does anybody know how I compile yum? I've got the source, but 'make' does nothing, 'make install' supposedly works, but now yum is broken :| 1123684296 M * stephenM hmm, I can rpmbuild can't I 1123684298 M * stephenM forgot about that 1123684330 M * Bertl yep, just install the source rpm, add the patch(es) to the spec file and rebuild it 1123684373 M * stephenM can you remind me of the build command? 1123684402 M * Bertl rpm -ba /path/to/spec (here, mandrake) 1123684856 Q * stephenM Ping timeout: 480 seconds 1123684991 Q * electrolinux Ping timeout: 480 seconds 1123685632 J * monrad ~monrad@213083190130.sonofon.dk 1123685707 J * mtu ~mbueker@p5483257C.dip0.t-ipconnect.de 1123685713 M * Bertl welcome monrad! mtu! :) 1123685718 M * mtu heh 1123685756 M * mtu i just popped in to invite all distcc users in here to join the newly-opened #distcc here on oftc :) 1123685790 M * Bertl (as some of us are using distcc, I thought this might be appropriate :) 1123685804 M * mtu hope so :) 1123685838 N * pg`aw|cereal pg|cereal 1123685861 M * Bertl wb pg|cereal! 1123685912 Q * lonewolff Read error: Connection reset by peer 1123686024 P * mtu 1123686117 Q * monrad Ping timeout: 480 seconds 1123686396 J * lonewolff ~lonewolff@host86-128-17-74.range86-128.btcentralplus.com 1123687057 J * electrolinux ~dib@ADijon-153-1-15-20.w83-196.abo.wanadoo.fr 1123687159 Q * lonewolff Quit: Changing server 1123687511 M * electrolinux routing problem: host default route is via ppp0. When starting vserver without any interface, it can connect to networks. But when started with an ip on eth0, it can't... 1123687558 M * Bertl electrolinux: probably a iptables issue, do you SNAT the ip of the guest? 1123687658 J * lonewolff ~lonewolff@host86-128-17-74.range86-128.btcentralplus.com 1123687670 M * Bertl wb lonewolff! 1123687683 M * electrolinux using shorewall, it seems it's done in the shorewall/masq: INTERFACE:ppp0, SUBNET:192.168.1.0/24 1123687684 M * lonewolff thankyou 1123687705 M * lonewolff net connection went a bit mad for a while there 1123687707 M * Bertl electrolinux: MASQUERADE won't work, you have to use SNAT for that 1123687733 M * Bertl electrolinux: MASQ only works on _forwared_ packets not on host generated ones ... 1123687799 M * electrolinux i agree, but the shorewall said that SNAT is done in that file :-) 1123687815 M * electrolinux but maybe not the way i've done... 1123687821 M * Bertl well, just check with tcpdump -vvnei on ppp0 :) 1123687839 M * electrolinux from host or inside vserver ? 1123687848 M * Bertl on the host 1123687889 Q * DuckMaster Quit: Leaving 1123687909 M * electrolinux ok. see you later (emerge tcpdump...) 1123687919 J * monrad ~monrad@213083190130.sonofon.dk 1123688663 Q * keyser_soze Quit: Abandonando 1123688698 M * electrolinux Bertl: http://electrolinux.pastebin.com/333785 not shure it's a correct capture... 1123688791 M * Bertl # 1123688791 M * Bertl 15:07:55.958529 > 0800 76: IP (tos 0x0, ttl 64, id 35597, offset 0, flags [DF], 1123688794 M * Bertl # 1123688797 M * Bertl length: 60) 192.168.1.200.1944 > 213.251.190.162.80: S [tcp sum ok] 4230915225: 1123688800 M * Bertl # 1123688802 M * Bertl 4230915225(0) win 5808 1123688803 J * stephenM ~stephen@user-6228.lns3-c8.dsl.pol.co.uk 1123688807 M * Bertl looks like 192.168.1.200 is trying to reach the outside ... 1123688812 M * Bertl wb stephenM! 1123688815 M * stephenM lo :) 1123688815 M * stephenM cut off 1123688832 M * stephenM i've got another problem... when I try to stop a vserver, it gets stuck at "Starting killall" 1123688834 M * stephenM it just hangs there 1123688879 M * Bertl stephenM: you have the testme.sh output at hand (url)? 1123688892 M * stephenM all the tests pass 1123688898 M * daniel_hozac stephenM: that sounds like the infamous minilogd. 1123688907 M * Bertl electrolinux: so you really need an SNAT rule there ... 1123688926 M * stephenM yeah I keep killing minilogd but it restarts itself 1123688957 M * Bertl electrolinux: something like: iptables -t nat -I POSTROUTING -s 192.168.1.200 -j SNAT --to 193.253.160.3 1123688999 M * Bertl stephenM: I'm not so interested in the test, but in the kernel version/flags/tools 1123689016 M * stephenM http://pastebin.com/333725 1123689124 M * Bertl hmm ... you do a vserver stop, and it shuts down the services, but it hangs on 'starting killall' (inside the guest) 1123689146 M * Bertl and you don't get a timeout (after usually 30 seconds) where the guest is force killed? 1123689474 M * electrolinux Bertl: Ok :-) my shorewall/masq line was missing an ADDRESS, the external one, for SNAT to function. 1123689497 Q * stephenM Ping timeout: 480 seconds 1123689500 M * Bertl electrolinux: so it works now, I assume? 1123689528 M * electrolinux yes, thanks! 1123689535 M * Bertl yw, np! 1123689636 M * electrolinux just need to find a shorewall guru now, because i need to change this (shorewall/masq) line each time my provider reset the link and the IP change (once a day) 1123689669 M * renihs use MASQUERADE 1123689702 M * electrolinux yes ? can you explain a bit more ? 1123689738 M * renihs SNAT/MASQUERADE, quiet the same, (snat is faster/better?), masquerade takes the ip addr in use, so u dont have to define the snat ip 1123689772 M * renihs iptabesl -t nat -A POSTROUTING -i ethx -s something -o ethy -j MASQUERADE for example 1123689794 M * renihs its the same, u just dont need the ip before, good for dynamic ips etc 1123689810 M * Bertl renihs: yes, indeed, but you have no input interface for those packets :) 1123689819 M * renihs hmm indeed 1123689823 M * renihs i just realised that 1123689836 M * Bertl renihs: and therefor you have no forwarding which leads to no masquerading :) 1123689849 M * renihs :) 1123689857 M * renihs grumbl 1123689883 M * Bertl electrolinux: I would do this simple SNAT rule outside of shorewall, in the scripts run for the ppp link (when it changes) 1123689884 M * renihs hmm than add a grep/cut line which finds your ip on firewall startup 1123689920 M * Bertl electrolinux: if you want to you can even define a 'special' to be SNATed private network for this purpose ... 1123690004 M * electrolinux sounds good. I just need that SNAT thing for vservers, so i'm interested. how do i make ? 1123690014 J * stefani ~stefani@superquan.apl.washington.edu 1123690028 M * Bertl I guess your pppd calls some ppp-up/down scripts ... 1123690033 M * Bertl welcome stefani! 1123690061 M * Bertl electrolinux: that would be the perfect place to put an -I or -D rule into the nat table 1123690111 M * stefani Bertl: watched WTH video yesterday. 1123690143 M * Bertl and, how is it? (still didn't get around watching it) probably my spoken english is terrible :/ 1123690170 M * stefani not too bad. you walk a bit, 1123690226 M * Bertl yeah, if I had noticed that they are taping me, I'd probably stayed in one place ... 1123690275 M * electrolinux Bertl: thanks for all. I'll try something like that. 1123690292 M * Bertl electrolinux: my pleasure! 1123691038 J * logger ~rs@vds.pas-mal.com 1123691271 J * stephenM ~stephen@user-6228.lns3-c8.dsl.pol.co.uk 1123691279 M * stephenM bloody connection :| 1123691468 Q * Neubix Quit: Verlassend 1123691802 Q * stephenM Ping timeout: 480 seconds 1123692391 M * Beave WTH == What The Hack? 1123692397 M * Bertl yup 1123692405 M * Beave ah. nice. Sounded like fun. 1123692475 M * Bertl and for those who like fun: http://vserver.13thfloor.at/Experimental/patch-2.6.13-rc6-vs2.1.0-pre1.diff 1123692503 T * Bertl http://linux-vserver.org/ | latest stable 2.0, 1.2.10, devel 2.1.0-pre1 -- He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1123692540 M * Bertl as some folks might be interested, this version includes BME and a working? version of the COW link breaking stuff ... 1123692586 M * daniel_hozac cool! 1123692602 M * Beave Bertl : Did you show off any vserver fun at WTH? I listened to off the hook, and WTH sounds like much more of a "sane" conf. (ie - fun) 1123692621 M * Beave I did defcon this year, which is always a mess. 1123692663 M * Bertl Beave: no, time was short, I just introduced the thing ... but if everything works out as planned, we will do some longer workshop at EasterHegg 2006 :) 1123692711 M * Beave cool. 1123692847 M * Bertl okay, folks, have fun ... I'm off for now ... back later ... 1123692855 N * Bertl Bertl_oO 1123693098 J * stephenM ~stephen@user-6228.lns3-c8.dsl.pol.co.uk 1123693582 Q * stephenM Ping timeout: 480 seconds 1123696527 M * eyck Bertl_oO: any chance for 1.2.11 this year? 1123696642 M * daniel_hozac a release just for the sake of a release, or what? 1123697469 M * eyck a release to fix security problem. 1123697807 J * keyser_soze ~cimarron@host241.201-252-21.telecom.net.ar 1123697821 M * eyck I've been promised 1.2.11 some time ago... 1123698354 M * sid3windr security problem? 1123698808 Q * romke Quit: leaving 1123703490 N * Bertl_oO Bertl 1123703513 M * Bertl eyck: please remind me of the security problem with 1.2.10 ... 1123703895 M * electrolinux has somebody installed a gentoo vserver ? I look for sharing the big portage tree between vservers, with one allowed to modify it with rsync. Any idea ? 1123703929 M * FaUl Bertl: is there achangelog? whats new with vs2.1.0-pre1? 1123704002 M * sid3windr Bertl: possibly the races enrico posted to the ml, which were stated to NOT be fixed ;) 1123704053 M * FaUl electrolinux: mount ro in 2 v servers, rw in one with bind 1123704115 M * Hollow Bertl: is there a changelog for 2.1.0? 1123704121 M * Hollow oh 1123704122 M * Hollow *g* 1123704125 M * Hollow read before write 1123704136 M * FaUl Hollow: hehe 1123704244 M * Bertl FaUl, Hollow: read the backlog (or the irc log :) 1123704279 M * Bertl sid3windr: hmm, those are not really kernel specific ... IIRC 1123704303 M * sid3windr Bertl: true 1123704310 M * Bertl electrolinux: Hollow/Faul are probably the folks you want to ask here ... 1123704315 M * sid3windr Bertl: they're in the tools for the legacy config... 1123704327 M * sid3windr so indeed no reason for 1.2.11 :| 1123704359 M * Bertl that's why I'm asking for some memory refresh ... 1123704379 M * electrolinux FaUl: do i need a special mount command ? or does the mount be made before the vserver start ? i've tried mount -o bind dir vserver/dir, but notihing showed in vserver (started before the mount) 1123704397 M * FaUl electrolinux: you have to restart it 1123704421 M * electrolinux k, trying so 1123704507 M * Bertl FaUl: hmm, how do you rw/ro bind mounts with vanilla/vs2.0? 1123704515 M * Bertl +do 1123704550 M * FaUl Bertl: i guess mount -o bind,ro /foo /mnt/foo 1123704558 M * FaUl Bertl: is this not possible/ 1123704572 M * Bertl if it were, then I would not have to maintain the BME patches :) 1123704612 M * FaUl Bertl: ah, ok, learned something again ;-) 1123704633 M * Bertl it succeeds, even get's reported correctly, but fails silently :/ 1123704670 M * Bertl kernel folks do not see it as bug ... probably a feature :) 1123704671 M * FaUl Bertl: ok, so i'm happy that i never used that on importent servers ;-) 1123704682 J * sOCiETY society@p549AD008.dip.t-dialin.net 1123704686 M * sOCiETY hi 1123704687 M * FaUl Bertl: super 1123704691 M * Bertl welcome sOCiETY! 1123704695 M * FaUl hi sOCiETY 1123704707 M * sOCiETY arg i hate perl :) 1123704726 M * Bertl well, just avoid it :) 1123704746 M * sOCiETY Bertl : <- hebert? 1123704747 M * sOCiETY :) 1123704771 M * Bertl if that was a question, then yes :) 1123704795 M * sOCiETY Bertl: ahh ok bin der der die mail mit dem pda interface geschrieben hat. 1123704803 M * FaUl sOCiETY: you can use ruby as well, or tcl ;-) 1123704815 M * FaUl englisch bitte :-P 1123704817 M * sOCiETY FaUl: nonono :) I LOVE PERL :) 1123704821 M * sOCiETY FaUl: sicher :) 1123704842 M * Bertl sOCiETY: channel language is english, a lot of folks read the channel (or the logs) and german just confuses most of them :) 1123704865 M * sOCiETY i know :) just for the logs: i am the on with writtes the pda interface :) 1123704879 M * sOCiETY my bad english 1123704891 M * Bertl excellent! so you came here to announce the first GPL release? 1123704924 M * sOCiETY hahahahaha 1123704935 M * sOCiETY not now first i need to work correnctly 1123704982 M * sOCiETY maybe there a some dude with want to help me doing it 1123705004 M * sOCiETY currently all the thing work with a mysql dbase 1123705022 M * sOCiETY the deamon looks into it to see what he need to do 1123705047 M * sOCiETY every call he makes a vserver status to get informations about processes and uptime 1123705050 M * Bertl I guess many folks might help you/join such a project .. but usually the first step is to make a project public ... otherwise folks won't code with/for you ... 1123705069 M * sOCiETY hmmm :) 1123705080 M * Bertl at least I would not code on something with unknown future ... 1123705090 M * sOCiETY :) 1123705105 M * sOCiETY It will released as GPL maybe tonight :) 1123705119 M * sOCiETY but i got now documentation or something 1123705132 M * sOCiETY now=no 1123705330 M * electrolinux Hollow: are you the author of the *good* vserver-howto.xml ? 1123705562 M * Bertl sOCiETY: doesn't matter if there is docu or not ... usually programmers can read the code ... (although perl might be an issue here :) 1123705615 M * Bertl sOCiETY: but hey, it's your choice, I just told you my opinion on that issue ... 1123705617 Q * sOCiETY Ping timeout: 480 seconds 1123705787 M * Hollow electrolinux: yep 1123705818 J * sOCiETY society@p549AD008.dip.t-dialin.net 1123705820 M * sOCiETY arg 1123705823 M * sOCiETY bad t-offline 1123705829 M * Bertl wb sOCiETY! 1123705841 M * sOCiETY Bertl: wanna see the system live? 1123705842 M * Hollow pink panther... ;) 1123705854 M * Bertl sOCiETY: sure ... 1123705870 M * sOCiETY it works with ie, too 1123705876 M * sOCiETY but its optimized for pocketpcs 1123705940 M * Bertl sOCiETY: I have no IE here :) 1123705988 M * sOCiETY hihi 1123705992 M * sOCiETY FireFox :) 1123706129 M * electrolinux Hollow: thanks for it, helped me a lot to get started. One thing is yet to do with my first vserver: it is always stopped with a timeout and SIGKILL. How investigate what's wrong ? 1123706175 M * Hollow electrolinux: this behaviour is correct, though it is wrong, but it's a bug in the utils start/stop process 1123706184 M * Hollow the vserver iss topped correctly nevertheless 1123706210 M * Hollow it just kills init in the end because it waits for an event which will never occur 1123706593 M * Bertl Hollow: IIRC electrolinux reported that it is not killed at all, right? 1123706632 M * Hollow electrolinux: is init killed? 1123706649 M * electrolinux how can i be sure ? 1123706677 M * Hollow "vps ax" on the host 1123706799 M * electrolinux vserver init IS killed, yes 1123706802 Q * sOCiETY Ping timeout: 480 seconds 1123707000 M * Bertl electrolinux: so noting remains after 30 seconds or so, right? 1123707005 M * Bertl *nothing 1123707029 M * electrolinux right! 1123707040 M * Bertl okay, I'm happy with that, thanks :) 1123707125 M * electrolinux what about BME patches needed for mount -o bind,ro/rw ? It seems working for me, or is gentoo-vserver already using those patches ? 1123707151 M * Bertl could be, hollow was always adding some stuff :) 1123707172 M * Bertl electrolinux: probably best to read the 'how is it called?' 1123707237 M * Hollow electrolinux: yup, they are included, look at http://dev.gentoo.org/~hollow/vserver/patches/ 1123707324 M * electrolinux great! 1123707356 M * Hollow sure ;) 1123707385 M * Hollow vserver-sources also use genpatches, so it's just like gentoo-sources + vserver 1123707785 M * Hollow btw: if someone wants to help with gentoo vserver things: http://home.xnull.de/work/gentoo/vserver/TODO ;) 1123709693 M * Bertl okay, guess I'm off to bed for now ... maybe back later tonight ... 1123709710 M * Bertl have a good one everyone! cya 1123709715 N * Bertl Bertl_zZ 1123710302 J * Aiken ~james@tooax8-043.dialup.optusnet.com.au 1123712636 Q * keyser_soze Quit: Abandonando