1127175514 J * JonT ~jonathan@203-206-176-245.dyn.iinet.net.au 1127175590 M * JonT I'm currently in the process of moving a few legacy vservers to a new one running the 2.0 release. Using the legacy config, I noticed that when I do "ifconfig" within the context, I see the IP of the host machine - is there any way to have this not displayed as I did with the old vserver releases? 1127175639 M * Bertl hey JonT! 1127175659 M * Bertl JonT: yes, but you have to set a flag 'hide_netif' 1127175675 M * JonT Hey Bertl - thanks for your help again! 1127175680 M * Bertl (and IIRC, the legacy config does not support it directly) 1127175711 M * Bertl but you could do it manually in one of the legacy scripts, with vattribute 1127175851 M * JonT I may just convert to the new format - there are about 5 vservers I need to do, but I can probably even script it (with the help of some of the existing scripts) 1127175859 M * Aiken gndmster there was an article on rootprompt.org recently about using rsync and hard links for doing backups 1127175877 M * Aiken have not played with it yet so don't know how the cow link breaking will affect it 1127175907 M * gndmstr will soon find out the backup is almost over :) 1127175916 M * Bertl I assume the CoW magic will be lost ... 1127175923 M * gndmstr i hope not 1127175936 M * gndmstr otherwise the guests will suddenly grow in size 1127175951 M * Bertl my guess: the links will be there, but the iunlink is gone ... 1127175967 M * gndmstr will find out now 1127176054 M * Aiken what about only backing up files where the link has been broken and new files in the guest 1127176055 M * gndmstr hmm how can i see if a link is still a link 1127176066 M * Aiken ls -i file1 file2 1127176071 M * Aiken -i shows the inode 1127176079 M * Aiken if the inode is the same they are still linked 1127176332 M * gndmstr phoenix sbin # ls -li named /home/vservers/template/usr/sbin/named 1127176332 M * gndmstr 34971 -rwxr-xr-x 8 root root 278384 Sep 18 19:35 /home/vservers/template/usr/sbin/named 1127176332 M * gndmstr 34971 -rwxr-xr-x 8 root root 278384 Sep 18 19:35 named 1127176347 M * Bertl now check with showattr 1127176370 M * Aiken create a tar ball of the master and use that to make incremental backups of the cow guest 1127176472 M * gndmstr according to the above, rsync didnt blow up the link.. gonna try showattr 1127176498 M * gndmstr phoenix sbin # showattr named /home/vservers/template/usr/sbin/named 1127176498 M * gndmstr ----UI- named 1127176499 M * gndmstr ----UI- /home/vservers/template/usr/sbin/named 1127176574 M * Bertl looks good :) 1127176609 M * gndmstr yeah and a full backup just finished so it looks like -aH knows how to handle them 1127176634 M * Bertl is the target machine CoW patched too? 1127176653 M * gndmstr no 1127176658 M * gndmstr unfortunately 1127176674 M * gndmstr the target machine is in a position where it cannot be updated 1127176685 M * gndmstr we are working on replacing it with a different system 1127176757 M * gndmstr just have to do some work on the master san and then we can use that for our backups. and im gonna make sure the master san is updated with this kernel 1127176802 M * Bertl well, try to rsync it back to a different dir on the test amchine, no? 1127176865 M * gndmstr eventually.. at this point in the effort its not that critical.. after i finish this minor first host the san is our next step and refining the backup process.. then we will do all testing before continuing to place the critical servers on hosts 1127177056 M * gndmstr if this first server went out it would only take me a few hours to replace it without having any backups.. and the things on it arent critical at this point and wont be until we verify backups... however if i have some time tomorrow i may restore the vservers directory to a different one then change the basedir and try to start them and see what happens :) should be interesting 1127177159 M * gndmstr according to du done on the backup server (its a live backup not tarred. incremental tars are done daily onto a different drive) the template and 3 vservers are only taking up 300mb 1127177201 M * gndmstr i have to look at what tar will do too. may have to not use it and just leave them 'live' 1127179545 J * lilo_ ~lilo@lilo.usercloak.oftc.net 1127179572 Q * lilo Killed (NickServ command used by lilo_) 1127179580 N * lilo_ lilo 1127179608 M * gndmstr do you want to work on the gentoo stop problem tomorrow? i think ill have some time to help tomorrow. today has been a nightmare.. or if you can give me some hints where to start i can do some tonight 1127179738 M * Bertl well, I'd suggest to try with the latest (vs2.1.0-rc2) and active the new flag 1127179748 M * Bertl *sec checking the number* 1127179795 M * gndmstr thats a kernel or utils or both 1127179805 M * Bertl #define VXF_REBOOT_KILL (1ULL<<37) 1127179868 M * Bertl so you best use vattribute --xid --flag ^37 1127179885 M * Bertl (right after guest startup) 1127179946 M * Bertl and then check if a shutdown goes without timeout 1127179971 M * Bertl (this might also be tried with legacy and non-legacy support enabled) 1127180034 M * gndmstr just copied all that into a file to look at tomorrow.. will find the i assume new kernel tomorrow and try it 1127180091 M * Bertl okay, great! will be around at midnight CET ... 1127180123 M * gndmstr ok cool that will give me a few hrs to cry on your shoulder then :) 1127180154 M * Bertl hehe 1127180230 Q * BlueT_ Ping timeout: 480 seconds 1127180276 M * gndmstr where can i find the kernel. its not in hollow's directory 1127180417 M * gndmstr is this it 1127180421 M * gndmstr patch-2.6.13.1-vs2.1.0-rc2.diff 1127180434 M * gndmstr then apply that against a vanilla kernel? 1127180462 M * gndmstr gonna be interesting. i havent run a vanilla kernel in years 1127180730 M * Bertl yep, please 1127180770 M * gndmstr k. will be interesting to see how it performs against a gentoo patched kernel :) 1127180845 M * Bertl I don't think you will see that much difference ... 1127180859 M * Bertl okay, I'm off to bed now ... really tired today ... 1127180881 M * Bertl so have fun, thanks in advance, and good luck with the testing ... 1127180895 T * Bertl http://linux-vserver.org/ | latest stable 2.0, 2.0.1-pre2, 1.2.10, 1.2.11-rc1, devel 2.1.0-rc2 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1127180910 M * Bertl night everyone! 1127180915 M * gndmstr hope that does it... if it does do you think its stable enough to use? 1127180918 N * Bertl Bertl_zZ 1127180918 M * gndmstr night! 1127182080 Q * alexx Ping timeout: 480 seconds 1127182345 Q * gndmstr Quit: using sirc version 2.211+KSIRC/1.3.12 1127183269 Q * no_maam_ Remote host closed the connection 1127183272 J * no_maam ~erik@datenzone.de 1127183862 J * jayeola ~jayeola@host86-134-82-238.range86-134.btcentralplus.com 1127183866 M * jayeola hello chaps 1127183900 M * jayeola um, can any one recommend a stable(ish) patch for 2.6.12.5? 1127184100 N * _nokoya nokoya 1127184560 J * monrad ~monrad@213083190134.sonofon.dk 1127185056 M * jayeola chaps? 1127185556 Q * lilo Remote host closed the connection 1127185579 J * stefani ~stefani@c-24-19-46-211.hsd1.wa.comcast.net 1127185865 P * jayeola 1127185888 J * lilo ~lilo@lilo.usercloak.oftc.net 1127189236 Q * monrad Quit: Leaving 1127189346 Q * JonT Quit: 1127189649 Q * Johnsie Quit: G'bye! 1127189653 J * Johnsie ~john@acs-24-154-53-42.zoominternet.net 1127190118 J * monrad ~monrad@213083190134.sonofon.dk 1127190830 P * stefani parting (is such sweet sorrow) 1127191746 Q * Johnsie Remote host closed the connection 1127193894 J * kliese ~Russell_K@203.185.225.129 1127194024 M * kliese has anyone had experience using omniorb within a vserver? 1127194043 M * kliese I get a strange error "omniORB: Unrecoverable error for this endpoint: giop:tcp:192.168.6.12:33924, it will no longer be serviced." 1127194567 J * dddd44 ~dhb55@h-67-103-176-155.mclnva23.covad.net 1127195191 J * Johnsie ~john@acs-24-154-53-102.zoominternet.net 1127195345 J * andrew_ ~andrew@tlug.sinica.edu.tw 1127195376 Q * AndrewLee Quit: leaving 1127195380 N * andrew_ AndrewLee 1127196048 Q * sannes Ping timeout: 480 seconds 1127196235 M * AndrewLee hello folks 1127197597 M * kliese hello 1127197612 M * kliese It doesn't seem too lively around here. 1127197620 M * AndrewLee I found I can not connect to 127.0.0.1 after I upgraded to 2.6.12 with vserver2 1127197658 M * AndrewLee Does vserver doesn't allow connect to loopback device? 1127197669 M * kliese Yes. That's what the problem seems to be related to. 1127197704 M * AndrewLee kliese: Do you know any work around to solve this problem? 1127197712 M * kliese I think vservers are only allowed to access their specific interface. 1127197729 M * kliese I'm trying to figure that out myself. 1127197770 M * AndrewLee I see. so that means I should change all the programs in guest to use its specific ip address instead. 1127197780 M * AndrewLee kliese: Am I correct? 1127197840 M * kliese Also make sure that services are not running on the host machine that may be binding to all interfaces because that will cause the guests to be unable to bind 1127197873 M * kliese A typical example of a service that binds to all addresses is ssh, so that ssh in a guest won't have any interface to bind to. 1127197889 M * kliese Yes, as far as I can tell, that is correct. 1127198106 M * AndrewLee kliese: Thanks bro. But seems I have so many places that need to modify. 1127198141 M * kliese There is a faq I think. I'll dig it up for you. Hold on. 1127198158 M * AndrewLee kliese: I have several vservers already, and know I have to modify that for each different guest's admins. 1127198215 M * AndrewLee kliese: Wiki is too mess, I have search 127.0.0.1 on the wiki, but didn't find useful answer. 1127198280 M * kliese I agree. The documentation is not very well structured. 1127198285 M * AndrewLee kliese: I think the best way is keep the similar documents as less as possible, otherwise it's worse time for reader. 1127198316 M * AndrewLee kliese: I have sent an email to mailing list, but never shows up, maybe my mail has been blocked. 1127198338 M * AndrewLee kliese: I was want to post my idea for refine the wiki page. 1127198535 M * kliese I couldn't find the page I was looking for, but there is some info about daemons on the host server here: 1127198539 M * kliese http://linux-vserver.org/linux-vserver_administrators_guide 1127198645 Q * ntrs__ Ping timeout: 480 seconds 1127198657 M * AndrewLee kliese: It only mentioned: security 1127198662 M * AndrewLee *do not use local loopback inside a vserver 1127198803 J * alexx ~alexx@proxy.ikse.net 1127198873 Q * alexx Quit: 1127199217 M * kliese another work around is to add 127.0.0.1 to the list of the vserver's IP addresses 1127199283 J * ntrs ~ntrs@68-188-50-87.dhcp.stls.mo.charter.com 1127199397 M * AndrewLee kliese: Does that safe? 1127199429 M * AndrewLee kliese: What's the security reason for do not use local loopback inside a vserver? 1127199430 M * kliese You'll have to evaluate that depending on how your system is used. 1127199493 M * kliese I guess if you use 127.0.0.1 in more that one vserver, you have opened up a common point between the servers, reducing the segregation between the servers 1127199514 M * AndrewLee kliese: Cuase I have been providing vservers for several LUGs in Taiwan on the machine since sarge release. 1127199544 M * AndrewLee kliese: Now I upgrade to vserver2 for a short fix for sarge's security hole. 1127199559 M * AndrewLee kliese: Yes, all of the vservers has used 127.0.0.1 1127199600 M * AndrewLee kliese: If you were me, what will you do? 1127199613 M * kliese I can't really give you any more advice. I'm only a noobie to vservers. Perhaps others here have some advice? 1127199647 A * kliese nudges all of the others in this room that have gone to sleep 1127199954 Q * dddd44 Remote host closed the connection 1127199972 M * AndrewLee kliese: No problem, your advices are really helpful. :-) 1127200146 Q * AndrewLee Quit: leaving 1127200291 J * AndrewLee ~andrew@tlug.sinica.edu.tw 1127200529 M * AndrewLee Can I make an alias ip 127.0.0.1 to the specfic interface in a vserver? 1127200888 M * AndrewLee seems now the mails in mail queue are trying to connect to 127.0.0.1, which I don't know how to modify... 1127201502 Q * AndrewLee Quit: leaving 1127201847 J * AndrewLee ~andrew@linux3.cc.ntu.edu.tw 1127203256 J * sannes ~ace@simula-dhcp-084.simula.no 1127203377 J * prae ~prae@ezoffice.mandriva.com 1127204155 Q * prae Quit: Execute Order 69 ! 1127204256 J * prae ~prae@ezoffice.mandriva.com 1127205342 Q * kliese Quit: ChatZilla 0.9.61 [Mozilla rv:1.7.8/20050718] 1127206439 M * AndrewLee Bertl_zZ: 2.6.12+vs2 brings the local loopback issue, so I am trying to go back to 2.4.x now. I will give you more reports later. 1127206484 M * AndrewLee Bertl_zZ: and I will test the kernel-source-2.6.8 + kernel-patch-vserver from sarge as well. 1127206719 M * AndrewLee Bertl_zZ: BTW, my mail system is down, cause postfix needs 127.0.0.1. So I can not reply the mail to debian util-vserver's maintainer for follow the bug, if you have time, could you please reply the email? I think you would explain that much better than me. :) 1127206736 J * _are_ ~are@p54A09C14.dip0.t-ipconnect.de 1127206746 M * _are_ hi 1127206802 M * _are_ have not been able to keep track due to work overload in recent times. Can anyone give me a short overview (or a link to one) what changes towards 2.1? 1127206865 M * AndrewLee Bertl_zZ: I forgot to mention the email is here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329090 1127207555 J * yarihm ~yarihm@84-74-16-246.dclient.hispeed.ch 1127209077 J * prae_ ~prae@gut75-1-81-57-27-189.fbx.proxad.net 1127209505 Q * prae Ping timeout: 480 seconds 1127209512 M * _are_ df 1127209587 J * maharaja maharaja@ip52.ipax.at 1127209616 J * dddd44 dhb55@60.50.130.237 1127209687 Q * dddd44 Quit: 1127209711 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127209762 M * yarihm is there an official hook in the vserver-tools that would run a script after a vserver has come up? (it was for routing purposes in my case) 1127209964 M * _are_ check http://www.nongnu.org/util-vserver/doc/conf/configuration.html, look for cmd.start 1127210045 M * _are_ actually look for post-start 1127210214 Q * dddd44 Ping timeout: 480 seconds 1127210510 M * yarihm thanks _are_ 1127210755 M * yarihm hmm ... it seems as if this was for "new generation" configs, my debian-sarge has still legacy style ... i guess i'll hack up the init-script a bit 1127210900 M * _are_ oh, I can only advice you to use new-style config. 1127210906 M * _are_ legacy config tends to be really painful 1127210934 M * _are_ and the utils in debian-sarge work fine with new-style config here 1127210986 M * yarihm _are_: yeah, this in fact is one very moment i realize that. it's not that i decided to use legacy-style configs though, it is rather that the debian-vserver-tools (scripts such as newvserver) seem not to have switched to new-style ... 1127211010 M * yarihm OTOH i have not that many vservers yet, so i'll survive it ... 1127211017 M * yarihm maybe things become better with etch 1127211278 M * _are_ i had the advantage when i started with vservers the scripts didn't manage to create a useful config at all and the new-style config had been better documented :-) 1127211357 J * ntrs_ ~ntrs@68-188-50-87.dhcp.stls.mo.charter.com 1127211358 Q * ntrs Read error: Connection reset by peer 1127212703 J * vip-vs ~vince@wc-178.r-195-85-188.essentkabel.com 1127212720 M * vip-vs hi folks! 1127213171 M * AndrewLee vip-vs: hi 1127213870 M * vip-vs hi AndrewLee 1127213895 M * vip-vs Can you tell me what the fourth nummber in this kernel verion means? 2.6.12.4 ? 1127213933 M * vip-vs My debian source has .6, but the kernel patch from the 13thfloor wants to patch .4 to .4-vs20 1127213994 M * AndrewLee vip-vs: I was using the kernel-patch-vserver from sid 1127214002 M * AndrewLee vip-vs: I don't know 1127214027 M * vip-vs ok :) may I should try that to 1127214038 M * vip-vs *maybe 1127214038 M * AndrewLee vip-vs: Best luck! :-) 1127214043 M * vip-vs thnx :) 1127214054 M * AndrewLee vip-vs: You are welcome. :-) 1127214100 M * [MUPPETS]Gonzo If I give a guest an IP, Do I have to set-up the IP on the host as well or shall I not? 1127214251 M * AndrewLee [MUPPETS]Gonzo: I think the vserver [vserver] start will do that for you. 1127214301 M * vip-vs [MUPPETS]Gonzo: yes, vserver will do that for you (if your vconfig is right for you) 1127214305 M * [MUPPETS]Gonzo but the ip must "live" (be life) in the host? 1127214326 M * vip-vs nope, an alias interface will be created 1127214328 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1127214332 M * [MUPPETS]Gonzo ok, thanks 1127214337 M * [MUPPETS]Gonzo I'll try then :) 1127214347 M * daniel_hozac aliases are only used for legacy guests or when explicitly requested ;) 1127214424 M * vip-vs daniel_hozac: how should I call it then? 1127214496 M * [MUPPETS]Gonzo it works :) 1127214605 M * vip-vs [MUPPETS]Gonzo: when you run services like sshd in the host aswell in the guest, you should set the IP for both 1127214635 M * [MUPPETS]Gonzo you mean I should bind the services to the specific ip of the host/guest? 1127214664 M * vip-vs yep, because otherwise you will only be connected to the host 1127214691 M * AndrewLee I think we should improve the documents on wiki 1127214697 M * vip-vs this only happens when you run the same service on both the host and guest (or use the same portnumbers) 1127214702 M * daniel_hozac vip-vs: secondary address. 1127214711 M * vip-vs AndrewLee: guess that would be handy :) 1127214739 M * vip-vs daniel_hozac: ok, will name it that from now on. :) 1127214776 M * AndrewLee vip-vs: Let me resove my mail server's problem first, we can use gobby to work together to improve the documents. 1127214807 M * [MUPPETS]Gonzo I setup the IP on the guest, can ssh to the host but can not connect to the outside? 1127214850 M * daniel_hozac [MUPPETS]Gonzo: SNAT required? 1127214869 M * [MUPPETS]Gonzo nameserver... sorry 1127214921 M * [MUPPETS]Gonzo many snares until everything runs :) 1127215126 M * vip-vs AndrewLee: right now I have to get some work finished :) maybe later this week? 1127215187 M * AndrewLee vip-vs: hopefully before I am going out of town during the weekend. 1127216071 J * lilo_ ~lilo@lilo.usercloak.oftc.net 1127216205 Q * lilo Ping timeout: 480 seconds 1127216657 J * Jani|HG ~mail@G9590.g.pppool.de 1127216659 M * Jani|HG Hi all 1127216774 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127216917 J * VooDooMaster VooDoo@topas.informatik.uni-ulm.de 1127217433 M * [MUPPETS]Gonzo any recommendation for a ftp-daemon which can be bound to a specific ip? I use inetd ATM 1127217782 J * kas_3 tor@tor-irc.dnsbl.oftc.net 1127217954 Q * dddd44 Ping timeout: 480 seconds 1127218064 Q * VooDooMaster Read error: Connection reset by peer 1127218229 N * lilo_ lilo 1127218557 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127218589 Q * kas_3 Ping timeout: 480 seconds 1127218992 M * vip-vs Does anyone knows what standard patches debian applies to the kernel 2.6.12 before it is a debian package? (reffering to: linux-source-2.6.12 (2.6.12-6) Linux kernel source for version 2.6.12 with Debian patches) 1127219044 M * [MUPPETS]Gonzo the patches should be as a patch-file within the package 1127219642 J * kas_3 ~dhb55@tor-irc.dnsbl.oftc.net 1127219709 Q * michal Ping timeout: 480 seconds 1127219837 J * michal ~michal@graffias.estrefa.pl 1127219939 Q * dddd44 Ping timeout: 480 seconds 1127220013 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127220154 Q * kas_3 Ping timeout: 480 seconds 1127220276 J * kas_3 ~dhb55@tor-irc.dnsbl.oftc.net 1127220365 Q * Jani|HG Quit: 1127220659 Q * dddd44 Ping timeout: 480 seconds 1127220683 Q * Aiken Quit: Leaving 1127220948 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127221004 Q * kas_3 Ping timeout: 480 seconds 1127221118 J * kas_3 ~dhb55@tor-irc.dnsbl.oftc.net 1127221504 Q * dddd44 Ping timeout: 480 seconds 1127223633 Q * yungyuc Remote host closed the connection 1127224280 J * yungyuc ~yungyuc@220-135-53-220.HINET-IP.hinet.net 1127225066 Q * Johnsie Quit: G'bye! 1127225081 J * Johnsie ~john@acs-24-154-53-102.zoominternet.net 1127225814 J * lilo_ ~lilo@lilo.usercloak.oftc.net 1127225980 Q * lilo Ping timeout: 480 seconds 1127226892 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127226954 Q * kas_3 Ping timeout: 480 seconds 1127227209 N * Bertl_zZ Bertl 1127227224 M * Bertl morning folks! 1127227523 M * Bertl vip-vs: 2.6.12.4 is/was one of the mainline kernels, they do a baserelease 2.6.12 and a sequence of fixups 2.6.12.1, .2, .3 ... 1127227548 Q * dddd44 Quit: Leaving 1127227556 J * gndmstr ~gndmstr@ip1.pathworx.sbbsnet.net 1127227563 M * Bertl vip-vs: the debian kernel often does not have anything in common with the kernel number (mentioned) 1127227582 M * Bertl (e.g. the 2.6.8 debian kernel was more a 2.6.10-11) 1127227609 J * dddd44 ~dhb55@219.95.198.113 1127227624 M * gndmstr hi all.. Bertl -- I could not get on here earlier so I posted the results of that test you gave me in the mailing list along with some other findings 1127227663 M * Bertl well, good idea, as I wasn't here earlier either :) 1127227668 M * gndmstr to sum it up it didn't work 1127227678 M * gndmstr however vserver guest exec init 0 works perfectly 1127227724 M * gndmstr vserver guest stop run aftter that reports it is not running 1127227779 M * gndmstr and this new kernel and patch are fantastic. noticable performance increase and much smoother 1127228044 M * Bertl maybe a benefit of the mainline kernel? :) 1127228086 M * gndmstr maybe. my buddy in the UK told me he abandoned the gentoo kernels due to too many patches and overhead.. I wasn't sure whether to believe him or not but it seems he is right 1127228173 M * gndmstr i set this new kernel to exactly the settings of the old one which was the gentoo patch vs2.1.0-pre5 and it kicked the system into high gear by comparison 1127228227 M * gndmstr literally shaved a good 10 seconds or more off the loading of kde as well 1127228390 M * Bertl regarding the init 0 inside the guest ... and the tools not doing that ... 1127228465 M * Bertl you are using the 'plain' initstyle, no? 1127228472 M * gndmstr yes 1127228508 M * Bertl there is a runlevel.stop config option 1127228522 M * Bertl you know your start runlevel? 1127228560 M * gndmstr no but it should correspond to standard 'boot' then runlevel 3 1127228571 M * gndmstr the init reports init [3] 1127228576 M * gndmstr as final 1127228607 M * Bertl hmm, could you do the following and upload the output to pastebin.com or so? 1127228626 M * Bertl vserver --debug guestname stop 1127228642 M * Bertl (from outside, guest running of course) 1127228655 M * gndmstr ok im gonna have to set up an account on that.. everyone seems to be using it 1127228680 M * Bertl ah, and please with the reboot_kill flag 1127228716 M * gndmstr ok 1127228756 J * sebd ~seb@maison.ldd.fr 1127228765 M * sebd hello 1127228773 M * gndmstr dont know the effect but i presently have legacy support disabled 1127228924 M * Bertl gndmstr: that is fine! 1127228928 M * Bertl hey sebd! 1127228955 M * vip-vs Hi Bertl :) ...got to goo ... ltr! 1127228980 M * sebd I keep on getting this line in my vservers' syslogs : pam_limits[24947]: setrlimit limit #8 to soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0 1127228989 Q * vip-vs Remote host closed the connection 1127228996 M * sebd what's the capabilities required to avoid it ? 1127229020 M * Bertl well, the problem is more your pam config 1127229040 M * Bertl it seems to insist on raising a limit ... 1127229051 M * sebd alright. 1127229091 M * Bertl let me check what #8 is 1127229114 M * Bertl memlock, interesting ... 1127229157 M * Bertl so it tries to unset the memlock limit (if the #8 is correct) or something else 1127229194 M * Bertl there _are_ capabilities and flags you can give, but in a potential hostile environment you do not want to give them ... 1127229230 M * sebd /etc/pam.d/ssh:26: session required pam_limits.so 1127229310 M * Bertl you can give 'rlimit' ccap (first step) and CAP_SYS_RESOURCE (second step) after that the guest can change all resource limitations (but not the context limits) 1127229338 M * Bertl without that, the guest can only reduce the allowed values ... 1127229362 M * sebd ok, let me try the 'rlimit' ccap. 1127229393 M * gndmstr Bertl: http://pastebin.com/369039 1127229406 M * Bertl tx 1127229467 M * gndmstr no prob.. long output :) 1127229475 J * stefani ~stefani@superquan.apl.washington.edu 1127229535 M * Bertl welcome stefani! 1127229552 M * Bertl gndmstr: could you start it again, including the flag, and then do: 1127229563 M * Bertl # 1127229565 M * Bertl vkill -s INT --xid 85 -- 1 1127229583 M * gndmstr ok 1127229587 M * Bertl (I assume this doesn't change anything inside the guest) 1127229611 M * Bertl but maybe look for log entries (inside via syslog) or so 1127229620 M * gndmstr probably not. this is the test bed so even if it totally destroys it it doesnt matter... 1127229622 M * gndmstr good idea 1127229690 M * gndmstr returned immediately with no output and the guest still runs 1127229705 M * gndmstr checking guest logs 1127229806 M * Bertl hmm ... could you (inside the guest) change the CTRL-ALT-DEL action for init to shutdown? 1127229814 M * gndmstr nothing unusual 1127229828 M * Bertl # Trap CTRL-ALT-DELETE 1127229828 M * Bertl ca::ctrlaltdel:/sbin/shutdown -t3 -r now 1127229837 M * gndmstr ok 1127229878 M * Bertl you have something different in you inittab, right? 1127229888 M * Bertl after that do 'telinit Q' inside the guest 1127229909 M * gndmstr its missing from this inittab 1127229914 M * Bertl okay, great! 1127229947 M * gndmstr re-run the vkill line? 1127229953 M * Bertl yep, please 1127229988 M * gndmstr killed it 1127229996 M * Bertl okay, now try with guest start/stop 1127230006 M * gndmstr took a bit longer than init 0 but it worked 1127230007 M * gndmstr ok 1127230025 M * gndmstr davin vsdavin2 # vserver vsdavin2 start 1127230025 M * gndmstr RTNETLINK answers: File exists 1127230032 M * Bertl yes, 3 seconds longer actually :) 1127230040 M * Bertl (it's the -t3 argument :) 1127230040 M * gndmstr still started it 1127230048 M * gndmstr ahh ok 1127230074 M * gndmstr do the vattribute thing before i run stop? 1127230085 M * Bertl try without first 1127230089 M * gndmstr ok 1127230096 M * Bertl the netlink message is because it didn't shutdown properly 1127230106 M * Bertl (with the kill) 1127230114 M * gndmstr thats it 1127230123 M * gndmstr shut down in about 8 seconds or so with no errors 1127230141 M * Bertl so, conclusion: somebody (maybe Hollow) removed the ctrlaltdel entry in gentoo's inittab 1127230163 M * gndmstr so inittab needs that line. 1127230164 M * gndmstr yeah 1127230166 M * Bertl as the tools currently signal the shutdown with the INT signal 1127230170 M * gndmstr its in the standard host install 1127230185 M * Bertl which just maps to ctrlaltdel for init, it was not executed 1127230210 M * gndmstr no wonder 1127230215 M * gndmstr here is the std gentoo init 1127230216 M * Bertl could you please put this together in a follow-up on that topic? 1127230216 M * gndmstr # What to do at the "Three Finger Salute". 1127230216 M * gndmstr ca:12345:ctrlaltdel:/sbin/shutdown -r now 1127230236 M * gndmstr should it keep the -t3 ? 1127230248 M * Bertl default gentoo should be fine ... 1127230260 M * gndmstr ok 1127230279 M * Bertl guess Hollow considered it useless (because usually hardware related) 1127230298 M * gndmstr Yeah.. easy thing to do 1127230309 M * Bertl okay, so we finally solved the gentoo stop timeout issue :) 1127230314 M * gndmstr :) 1127230324 M * gndmstr init is included in the baselayout i think 1127230334 M * gndmstr ill just leave it generic 1127230343 M * Bertl okay, off now .. back around midnight (or a little later) 1127230351 M * gndmstr ok have fun 1127230354 M * gndmstr thank you! 1127230358 N * Bertl Bertl_oO 1127230363 M * Bertl_oO you're welcome! 1127230664 Q * dddd44 Quit: Leaving 1127230690 Q * SNy Read error: Operation timed out 1127230690 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127230750 J * SNy 713549e1e4@bmx-chemnitz.de 1127231083 Q * ag-2 Quit: NOC cleaning... BBL 1127231533 Q * Johnsie Ping timeout: 480 seconds 1127231586 Q * gndmstr Remote host closed the connection 1127232644 Q * _are_ Quit: bbl 1127234405 J * jayeola ~jayeola@host86-134-82-238.range86-134.btcentralplus.com 1127234548 M * jayeola hi guys. build of a new vserver appears to be ok. however i've used the `testme.sh` script from here:-http://vserver.13thfloor.at/Stuff/SCRIPT/testme.sh 1127234634 M * jayeola sripts says no chcontext in my $PATH, but it's in `/usr/local/foo` hoow do i tell the system/vserver the location of chcontext? 1127234662 M * mnemoc export PATH=$PATH:/usr/local/foo 1127234755 Q * prae_ Quit: Execute Order 69 ! 1127234764 M * jayeola ty! 1127234795 M * jayeola wouls thay be permanent or do i need to include it in root's .bashrc? 1127234809 M * jayeola s,wouls,would 1127234857 M * mnemoc symlinking the binaries from /usr/local/foo/ to /use/local/bin should also work 1127234868 M * jayeola k , thanks 1127234900 M * jayeola bty fwiw i'm using a guide from here:- http://linux-vserver.org/Step-by-Step+Guide+2.6 (all good so far) 1127234983 M * mnemoc i prefer it here: # type -p chcontext 1127234983 M * mnemoc /usr/sbin/chcontext 1127235095 M * jayeola ok - only complaint from the test.sh is this "chbind: vc_set_ipv4root(): Function not implemented 1127235098 M * jayeola chbind failed!" 1127235124 M * jayeola that seems to be a requirement form the kernel, yah? 1127235131 M * jayeola s,form,from 1127235505 Q * jayeola Quit: rebooting vserver 1127236175 J * jayeola ~jayeola@host86-134-82-238.range86-134.btcentralplus.com 1127236240 M * jayeola back again . kernel "CONFIG_VSERVER_LEGACY" =y, does this have anything to do with "chbind: vc_set_ipv4root(): Function not implemented" googled and a few thread say that it does 1127236705 J * Johnsie ~john@acs-24-154-53-42.zoominternet.net 1127236838 J * prae ~benjamin@sherpadown.net 1127236973 J * vip-vs ~vip-vs@cc521104-d.ensch1.ov.home.nl 1127237059 M * vip-vs hi folks 1127237519 M * jayeola does a vserver need lvm? 1127237562 M * TheSeer no 1127237602 A * jayeola is googling for "chbind: vc_set_ipv4root(): Function not implemented" 1127237651 M * jayeola reading an irc session and someone says to check for CONFIG_VSERVER_LEGACY symbol in kernel. done that symbol=y 1127237674 M * jayeola also recommendation was for having lvm. 1127237687 M * mnemoc lvm is always a good thing to have 1127237721 M * jayeola k, granted but cant seem to find a solution for "chbind: vc_set_ipv4root(): Function not implemented" 1127237772 M * jayeola the vserver kernel seems to boot ok, i'm running it now.... 1127237994 J * _are_ foobar@dsl-084-056-151-156.arcor-ip.net 1127238148 Q * AndrewLee Ping timeout: 480 seconds 1127238159 M * daniel_hozac jayeola: what architecture? 1127238173 M * jayeola ii686 i686 1127238188 M * jayeola pIII coppermine laptop 1127238200 M * jayeola just seen symbol "CONFIG_VSERVER_NGNET" 1127238219 M * jayeola bit confusing. does one disable it or what? 1127238241 M * jayeola "This disables the legacy networking API which is required by the chbind tool" 1127238260 M * jayeola ima enable it and see what happens :/ 1127238265 M * daniel_hozac that should be n. 1127238289 M * jayeola phew - that took tow hours >_< 1127238355 M * _are_ oh, when i see 'laptop' is there any work on powermanagement support for vserver? 1127238416 M * daniel_hozac as in? 1127238449 M * jayeola to be honest, i just wanna get this sucker going, will run this all over again on a d-top. not to worried about power for now 1127238477 M * jayeola lappy is for teting/breaking :-) 1127238720 J * kas_3 ~dhb55@tor-irc.dnsbl.oftc.net 1127238782 M * _are_ daniel_hozac: afaik vserver patch had some trouble with at least softwaresuspend patches, but I think also some powermanagement stuff in the mainline kernel. Might be misleaded, though. 1127238799 Q * Bertl_oO Remote host closed the connection 1127238822 J * Bertl_oO ~herbert@212.16.62.52 1127238904 Q * dddd44 Ping timeout: 480 seconds 1127238944 M * jayeola here we go again... 1127238945 J * AndrewLee ~andrew@linux3.cc.ntu.edu.tw 1127238950 Q * jayeola Quit: new kerenl 1127239395 J * ag-2 ag@muaddib.roxor.cx 1127239438 J * jayeola ~jayeola@host86-134-82-238.range86-134.btcentralplus.com 1127239450 M * jayeola heh - the test works, no errors 1127240070 M * jayeola um, it seems as it things are fine. im using this as a guide:-http://linux-vserver.org/Step-by-Step+Guide+2.6 1127240207 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127240278 M * jayeola is this step necessary? "Changing the vserver base path" (from the url) 1127240306 Q * ag-2 Read error: Connection reset by peer 1127240334 Q * kas_3 Ping timeout: 480 seconds 1127240363 J * ag-2 ag@muaddib.roxor.cx 1127241414 J * alexx ~alexx@proxy.ikse.net 1127241898 Q * _are_ Ping timeout: 480 seconds 1127242473 J * kas_3 ~dhb55@tor-irc.dnsbl.oftc.net 1127242828 Q * Johnsie Read error: Connection reset by peer 1127242889 Q * dddd44 Ping timeout: 480 seconds 1127243654 Q * click Remote host closed the connection 1127243710 J * click click@ti511110a080-1724.bb.online.no 1127244541 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127244755 M * jayeola um, is there any way i can install some docs for vserver? 1127244779 M * jayeola like man pages and such? 1127244804 J * VooDooMaster VooDoo@topas.informatik.uni-ulm.de 1127244819 Q * kas_3 Ping timeout: 480 seconds 1127245223 J * kas_3 ~dhb55@tor-irc.dnsbl.oftc.net 1127245559 Q * dddd44 Ping timeout: 480 seconds 1127245733 J * dddd44 U2FsdGVkX1@tor-irc.dnsbl.oftc.net 1127245739 Q * kas_3 Ping timeout: 480 seconds 1127245851 J * kas_3 ~dhb55@tor-irc.dnsbl.oftc.net 1127246135 M * sebd Bertl: thanks for your help ! the 'rlimit' ccap was enough to remove the pam_limits annoying warning on my debian vservers. 1127246150 M * sebd I mean, Bertl_oO 1127246234 Q * dddd44 Ping timeout: 480 seconds 1127246256 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127246359 Q * kas_3 Ping timeout: 480 seconds 1127246420 J * Aiken ~james@tooax6-167.dialup.optusnet.com.au 1127246964 Q * dddd44 Ping timeout: 480 seconds 1127247176 M * jayeola wen i build a vserver, a copy of of the / dir is made on the guest, yah? 1127247198 M * jayeola so how can i install say, debain within fc3? 1127247218 M * daniel_hozac that's only with the copy build method 1127247262 M * jayeola ok, if got this far. would really like to have one distro within another 1127247266 M * daniel_hozac the debootstrap method is the easiest way to install Debian. 1127247303 M * jayeola right - now my main (guest) distro is not debain. i do have apt though and a good repo.... 1127247365 M * daniel_hozac i'm guessing you could install debootstrap on other distros as well. 1127247428 M * jayeola :looking: 1127247786 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127248417 Q * monrad Quit: Leaving 1127248864 Q * yarihm Quit: Leaving 1127249945 Q * dddd44 Remote host closed the connection 1127249963 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127250241 Q * vip-vs Remote host closed the connection 1127250464 Q * dddd44 Ping timeout: 480 seconds 1127250489 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127250516 J * Johnsie ~john@acs-24-154-53-42.zoominternet.net 1127251234 J * kas_3 ~dhb55@tor-irc.dnsbl.oftc.net 1127251423 Q * dddd44 Remote host closed the connection 1127251895 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127252219 Q * kas_3 Ping timeout: 480 seconds 1127252250 J * kas_3 ~dhb55@tor-irc.dnsbl.oftc.net 1127252464 Q * dddd44 Ping timeout: 480 seconds 1127253318 P * stefani I'm Parting (the water) 1127253522 J * dddd44 U2FsdGVkX1@tor-irc.dnsbl.oftc.net 1127253774 Q * kas_3 Ping timeout: 480 seconds 1127254204 Q * dddd44 Ping timeout: 480 seconds 1127254241 N * Bertl_oO Bertl 1127254366 Q * click jupiter.oftc.net neutron.oftc.net 1127254366 Q * prae jupiter.oftc.net neutron.oftc.net 1127254366 Q * nokoya jupiter.oftc.net neutron.oftc.net 1127254366 Q * Hunger jupiter.oftc.net neutron.oftc.net 1127254366 Q * jkl jupiter.oftc.net neutron.oftc.net 1127254366 Q * lonewolff jupiter.oftc.net neutron.oftc.net 1127254366 Q * Getty jupiter.oftc.net neutron.oftc.net 1127254366 Q * sladen jupiter.oftc.net neutron.oftc.net 1127254366 Q * micah jupiter.oftc.net neutron.oftc.net 1127254433 J * dddd44 ~dhb55@tor-irc.dnsbl.oftc.net 1127254507 J * micah_ micah@micha.hampshire.edu 1127254513 Q * Johnsie Quit: G'bye! 1127254663 J * kas_3 ~dhb55@tor-irc.dnsbl.oftc.net 1127254685 J * click click@ti511110a080-1724.bb.online.no 1127254685 J * nokoya young@hi-230-82.tm.net.org.my 1127254685 J * Hunger Hunger.hu@Hunger.hu 1127254685 J * jkl eric@c-71-56-237-229.hsd1.co.comcast.net 1127254685 J * lonewolff ~lonewolff@host86-128-17-74.range86-128.btcentralplus.com 1127254685 J * sladen paul@starsky.19inch.net 1127254685 J * Getty torsten@eisprinzessin.rz.unixnetwork.org 1127254694 M * Bertl welcome sladen! 1127254703 M * Bertl welcome Getty! 1127254765 M * sladen Bertl: I think it was you that left, not me :-) [netsplit] 1127254783 M * Bertl jayeola: do you know the FlowerPage! 1127254804 M * Bertl sladen: yeah, figured that it was mostly netsplit recovery .. but was nice greeting you too :) 1127254873 J * prae ~benjamin@sherpadown.net 1127255030 Q * dddd44 Ping timeout: 480 seconds 1127255586 M * jayeola Bertl: yah - seen the flower page, what of it? 1127255647 M * Bertl you also know the alpha util-vserver page on the wiki? 1127255669 M * Bertl jayeola: it contains a few examples how to bootstrap guests 1127255695 M * Bertl IIRC, there is one for debian woody/sarge too, this should work out of the box for you (debootstrap is fetched if not available) 1127255731 M * Bertl http://linux-vserver.org/alpha+util-vserver 1127255764 M * Bertl (see section Creation/Examples) 1127255917 Q * prae Quit: Pwet 1127256322 M * jayeola ty! 1127256411 M * Bertl yw 1127256489 M * Bertl okay, off to bed for today .... back tomorrow ... 1127256495 N * Bertl Bertl_zZ 1127256944 J * Johnsie ~john@acs-24-154-53-217.zoominternet.net 1127257083 Q * cryo Remote host closed the connection 1127257161 Q * jkl arion.oftc.net neutron.oftc.net 1127257161 Q * nokoya arion.oftc.net neutron.oftc.net 1127257161 Q * click arion.oftc.net neutron.oftc.net 1127257161 Q * Getty arion.oftc.net neutron.oftc.net 1127257161 Q * lonewolff arion.oftc.net neutron.oftc.net 1127257161 Q * sladen arion.oftc.net neutron.oftc.net 1127257161 Q * Hunger arion.oftc.net neutron.oftc.net 1127257252 J * cryo ~say@gw.psoft.od.ua 1127257327 J * click click@ti511110a080-1724.bb.online.no 1127257327 J * nokoya young@hi-230-82.tm.net.org.my 1127257327 J * Hunger Hunger.hu@Hunger.hu 1127257327 J * jkl eric@c-71-56-237-229.hsd1.co.comcast.net 1127257327 J * lonewolff ~lonewolff@host86-128-17-74.range86-128.btcentralplus.com 1127257327 J * sladen paul@starsky.19inch.net 1127257327 J * Getty torsten@eisprinzessin.rz.unixnetwork.org 1127257700 Q * jkl jupiter.oftc.net neutron.oftc.net 1127257700 Q * nokoya jupiter.oftc.net neutron.oftc.net 1127257700 Q * click jupiter.oftc.net neutron.oftc.net 1127257700 Q * Getty jupiter.oftc.net neutron.oftc.net 1127257700 Q * lonewolff jupiter.oftc.net neutron.oftc.net 1127257700 Q * sladen jupiter.oftc.net neutron.oftc.net 1127257700 Q * Hunger jupiter.oftc.net neutron.oftc.net 1127257828 J * jkl eric@c-71-56-237-229.hsd1.co.comcast.net 1127257829 J * sladen paul@starsky.19inch.net 1127257830 J * Hunger Hunger.hu@Hunger.hu 1127257837 J * click click@ti511110a080-1724.bb.online.no 1127257838 J * nokoya young@hi-230-82.tm.net.org.my 1127257854 J * Getty torsten@eisprinzessin.rz.unixnetwork.org 1127257864 J * lonewolff ~lonewolff@86.128.17.74 1127259348 Q * Johnsie Ping timeout: 480 seconds 1127260167 J * Johnsie ~john@acs-24-154-53-217.zoominternet.net 1127260252 J * gndmstr ~gndmstr@ip1.pathworx.sbbsnet.net 1127260342 M * gndmstr I'm having trouble getting apache to work. It loads without error but when I try to contact it from remote it says connection refused. I may have a config error in it, but is there anything in the vserver system by default that would prevent this from working? or do I simply have some 'normal' problem to debug?