1128127146 Q * Greek0 Remote host closed the connection 1128128626 J * prae ~benjamin@sherpadown.net 1128128837 Q * prae Quit: 1128128872 N * Bertl_oO Bertl 1128129449 M * Bertl okay, night everybody ... cya tomorrow! 1128129455 N * Bertl Bertl_zZ 1128129968 Q * eyck Read error: Connection reset by peer 1128130392 N * lilo_ lilo 1128132528 J * Lunar^ ~lunar@poivron.org 1128133075 P * Getty 1128138473 J * sebi_ ~sebi@C4922.c.strato-dslnet.de 1128138583 Q * sebi Ping timeout: 480 seconds 1128140392 J * Aiken ~james@tooax6-107.dialup.optusnet.com.au 1128145760 J * dddd44 dhb55@218.111.178.26 1128145895 Q * dddd44 Read error: Connection reset by peer 1128149118 J * douglas ~douglas@douglas.user.oftc.net 1128149124 M * douglas hey 1128150110 Q * Aiken Ping timeout: 480 seconds 1128150869 J * eyck eyck@81.219.64.71 1128152820 J * Aiken ~james@tooax6-132.dialup.optusnet.com.au 1128155711 N * liquid__ liquid 1128159809 M * Lunar^ The vserver patch is compatible with suspend2 if someone cares 1128160072 J * prae ~benjamin@sherpadown.net 1128161370 Q * Aiken Quit: Leaving 1128161705 Q * prae Quit: Pwet 1128161748 M * Hollow Lunar^: i.e. after wake-up the guests are still running? 1128161839 M * Lunar^ Hollow: yep 1128161869 M * Hollow good to know, thx 1128161873 M * Lunar^ I had to manually apply some part of the vserver patches, but it was nothing really 1128161895 Q * douglas Ping timeout: 480 seconds 1128161898 M * Lunar^ Who is responsible for usermode tools? 1128161911 M * Lunar^ I'd like to fix the configure script issue on powerpc 1128162003 M * intrigeri Lunar^, Enrico 1128162022 M * intrigeri Lunar^, 1128162068 M * Lunar^ intrigeri: is he on IRC? 1128163368 J * Greek0 ~greek0@85.255.145.201 1128164125 Q * Greek0 Remote host closed the connection 1128164137 J * Greek0 ~greek0@85.255.145.201 1128167063 J * prae ~benjamin@sherpadown.net 1128172960 J * dddd44 dhb55@218.111.178.26 1128173336 Q * dddd44 Read error: Connection reset by peer 1128173723 J * dddd44 ~dhb55@218.111.178.26 1128178177 J * yarihm ~yarihm@84-74-18-28.dclient.hispeed.ch 1128178372 J * tomi ~tomi@pha-84-242-95-4.nat.karneval.cz 1128180651 J * jdgiguere ~geom@Toronto-HSE-ppp3769433.sympatico.ca 1128181182 M * intrigeri Lunar^, dunno 1128183017 J * jdgiguere_ ~geom@HSE-QuebecCity-ppp3504199.sympatico.ca 1128183219 M * jdgiguere_ hi all, can someone point me docs about vserver routing on host connected via PPP 1128183380 Q * jdgiguere Ping timeout: 480 seconds 1128183444 N * jdgiguere_ jdgiguere 1128183843 J * jdgiguere_ ~geom@Toronto-HSE-ppp3772251.sympatico.ca 1128183905 J * geom__ ~geom@HSE-Toronto-ppp135363.sympatico.ca 1128184043 Q * nox Ping timeout: 480 seconds 1128184285 Q * jdgiguere Ping timeout: 480 seconds 1128184345 Q * jdgiguere_ Ping timeout: 480 seconds 1128184414 N * geom__ jdgiguere 1128184602 N * Bertl_zZ Bertl 1128184614 M * Bertl evening folks! 1128184637 M * Bertl jdgiguere: routing is the same as without linux-vserver, what issues do you encounter? 1128184639 J * nox ~nox@noxlux.de 1128184676 M * Bertl Lunar^: unfortunately Enrico doesn't show up on IRC anymore ... 1128184698 M * Bertl Lunar^: but filing a bug report plus patch to savannah is a good idea ... 1128184844 M * jdgiguere Bertl, I can't connect to any host outside my private network 1128184871 M * Bertl you mean from inside a guest? 1128184914 M * jdgiguere my vserver host is also my dhcp/gateway for my network 1128184929 M * Bertl which is quite fine ... 1128184977 M * jdgiguere from my server, I can ping every host on my network, but none from public internet 1128184983 M * jdgiguere from my vserver 1128185019 M * Bertl okay, we call the vps 'guests' to simplify talking about 1128185033 M * Bertl and the physical server, 'host' 1128185067 M * Bertl well, it is not unexpected, and just depends on your network config 1128185108 M * Bertl but I agree, for most folks it's not obvious either ... let me give you an example: 1128185142 M * Bertl on the host: 'ping -c 2 www.google.com' works, yes? 1128185149 M * jdgiguere yes 1128185162 M * Bertl now take one of the IPs of your guests and do: 1128185181 M * Bertl on the host: 'ping -c 2 -I www.google.com' 1128185210 M * jdgiguere 100% packet lost 1128185220 M * Bertl see, that's what happens to your guests too :) 1128185254 M * Bertl you can fix that with a proper SNAT configuration 1128185254 M * jdgiguere not so surprisingly... :-) 1128185275 M * daniel_hozac Bertl: is this still an issue in 2.6.13+? i remember reading something about MASQUERADE doing local packets as well. 1128185299 M * Bertl iptables -t nat -I POSTROUTING -s -j SNAT --to 1128185336 M * Bertl daniel_hozac: well, you need a rule in any case, and IMHO masquerading is the wrong approach, as you do not have the masquerading problem here 1128185376 M * Bertl daniel_hozac: I remember a bunch of different 'masquerade' for local packets approaches and it might be that they found their way into mainline ... 1128185389 M * daniel_hozac but then the typical iptables -t nat -A POSTROUTING -o -j MASQUERADE rules would catch the local packets. 1128185400 M * jdgiguere great Bertl ! 1128185433 M * Bertl daniel_hozac: well, yes, as well as any local network packet too (unfortunately :/) 1128186256 M * jdgiguere brb :-) 1128186261 Q * jdgiguere Quit: :-) 1128186479 Q * tomi Quit: Ukončuji 1128187513 M * Greek0 probably a dumb question, and no, I haven't checked anything, but what is the huge blocker with psutils <-> vserver interaction? 1128187525 M * Greek0 at least the procps stuff should work fine when executed in ctx 1 1128187643 M * Bertl yes, but you might also want to get xid information, no? 1128187834 M * Greek0 yep, as said, I haven't thought too much before asking ;) 1128187842 M * Bertl np :) 1128188596 M * Bertl Greek0: a lot of tools can benefit from xid awareness, and daniel has done a bunch of patches for some of them 1128188614 M * Greek0 ic 1128188685 M * Greek0 well, kind of a PITA if all users had to use "our" tools, or at least recompile the tools 1128188712 M * Bertl well, I guess for a special host distro that would not hurt too much 1128188737 M * Bertl and OTOH, some tools could be 'copies' of the original ones, and/or patches to packages ... 1128188793 M * Greek0 yep. I don't mean that it's hard to do in any way, it's just that it's a pain that you have to do it. 1128188825 M * Greek0 (not that I see a good solution) 1128188830 M * Bertl ah, well, there is no 'must', it's more the 'can' part 1128188879 M * Greek0 mm 1128188882 M * Bertl and if done properly, it might even be possible to convinve some package maintainers to add options/checks for xid aware stuff 1128188905 M * Bertl e.g. in gentoo this would be easy to do/add 1128188980 M * Greek0 well, probably in debian too by some nice and charming prodding of the maintainer ;) 1128189138 M * daniel_hozac Debian is binary packages though, i doubt you'll get the coreutils maintainer to agree to requiring util-vserver-lib ;) 1128189164 M * Greek0 ah, didn't know you depended on that 1128189181 M * Greek0 but at least parsing /proc//[nv]info would be possible 1128189219 M * daniel_hozac true. 1128189578 M * Johnsie I have a Gentoo host question... 1128189587 M * Johnsie I have a system that I guess crashed last night... 1128189601 M * Johnsie And it's sitting 2000 miles away at a login prompt...hah 1128189610 M * Johnsie The hosting provider doesn't know doodly about Gentoo. 1128189631 M * Johnsie What would be the easiest way to get the host to respond to serial console access? 1128189666 M * Johnsie I'm pretty sure I setup serial access, but is there any way I can have this idiot technician give it a jab? 1128189687 M * Bertl hmm, well, the main question is, is there a serial console? 1128189694 M * Johnsie There was. 1128189703 M * Johnsie It worked until I rebooted. 1128189713 M * Johnsie And no changes were made. :/ 1128189716 M * Bertl aha, who maintains the other end? 1128189735 J * liquid_ ~liquid@p54976ED5.dip.t-dialin.net 1128189739 M * Johnsie Who's the hosting provider? 1128189754 M * Johnsie Or who tends to the system on a daily basis? 1128189784 M * Bertl hmm, now I'm confused ... 1128189798 M * Johnsie I have a system that I rent from ThePlanet in Dallas, TX. 1128189807 M * Johnsie I have Gentoo loaded on it. 1128189808 Q * prae Quit: Pwet 1128189812 M * Bertl basically serial console is something you enable on machine A and access via machine B 1128189830 M * Johnsie I made no package or kernel updates and I do have with my plan, an option to login from the serial console. 1128189856 M * Bertl machine B might be a) a real serial terminal, b) another computer, c) some ILO or console server 1128189860 M * Johnsie I have GRUB setup to give me 9600-8-N-1 at boot, but beyond that, I'm told it boots but sits at a prompt. 1128189886 M * Johnsie Booting again is of no help either, I might add. 1128189928 M * Bertl but the grub appears on the 'serial console' whatever that is in your case? 1128189939 M * Johnsie Yes. 1128190039 M * Bertl okay, what kernel command line options does your grub config have? 1128190175 Q * liquid Ping timeout: 480 seconds 1128191386 M * Johnsie Sorry, I was away for a bit. 1128191406 M * Bertl np 1128191411 M * Johnsie I'm not too sure, Bertl, I can't get access at the moment. 1128191420 M * Johnsie It's acting flaky. 1128191475 M * Bertl how do you access the console? 1128191663 M * Johnsie I SSH through another system they have setup. 1128191667 M * Johnsie It has serial access. 1128191693 M * Johnsie Well, rather, this system is some type of terminal server. 1128191721 M * Johnsie It's not another regular system to which I have any means of changing its configuration to assist me with matters. 1128192216 M * Bertl i.c 1128192279 M * Johnsie Well, worst case, I'll have them copy drive contents to my NAS account there. 1128192373 M * Bertl okay, the grub config file, could you uplaod it somewhere? 1128194402 J * jdgiguere ~geom@HSE-Toronto-ppp135516.sympatico.ca 1128194555 M * jdgiguere Hi all 1128194633 M * jdgiguere I would appreciate to have an advice on using SNAT when your destination is a dynamic IP... 1128194686 M * jdgiguere is putting the iptables command in a cron job the best solution ? 1128194705 M * daniel_hozac putting it in your ppp/dhcp client scripts would be even better. 1128195265 M * jdgiguere daniel_hozac, is /etc/ppp/if-up.d/ the right place to put script to be run everytime IP change ? 1128195298 M * jdgiguere ip-up.d 1128195401 J * IEF ~ief@cp115413-b.landg1.lb.home.nl 1128195449 M * Bertl welcome IEF! :) 1128195480 M * Bertl jdgiguere: either that or the ppp script itself! 1128195544 M * Bertl IEF: 2.6 kernel? and what host distro? 1128196078 M * IEF yeah. FC4. 1128196112 M * IEF building kernel now 1128196136 M * IEF O_o ran out of diskspace =/ 1128196160 J * ^WinZiP SM@85-65-208-175.barak-online.net 1128196164 J * [Act]ViPeR ~Tomer@bzq-84-110-10-50.red.bezeqint.net 1128196166 M * [Act]ViPeR {I'm Using Viper Script ²°°³ Made By ViPeR} 1128196168 M * Bertl welcome ^WinZiP! 1128196181 M * ^WinZiP thank you Bertl 1128196181 M * Bertl welcome [Act]ViPeR! 1128196192 M * IEF don't you just hate it when that happens. 1128196202 M * [Act]ViPeR 10x :] 1128196205 M * Bertl the disk space issue? 1128196221 M * IEF yep. 1128196227 M * IEF only a 6 gb VM 1128196228 M * ^WinZiP i hate the networking more. 1128196233 M * mnemoc or scripts auto-introducing theirselves? 1128196240 M * IEF both. 1128196241 M * IEF :) 1128196246 M * mnemoc :) 1128196273 M * Bertl well, that's the advantage of shared disk spaces compared to UML/VMware virtual disks ... 1128196292 M * IEF sure is 1128196298 M * IEF I can't expand it now 1128196301 M * IEF which simply sucks 1128196304 M * Bertl IEF: but you can compile the kernel outside too 1128196317 M * ^WinZiP Bertl 1128196326 M * Bertl yup? 1128196328 M * ^WinZiP can i run Vserver without tocuhing original kernel? and not rebooting? 1128196339 M * IEF um no. 1128196349 M * Bertl not on the host, but inside UML e.g. 1128196354 M * ^WinZiP 21:52:21 up 52 days, 16:21, 5 users, load average: 2.55, 2.41, 2.36 1128196357 M * ^WinZiP busy machine 1128196359 M * [Act]ViPeR Bertel > i want to build php interface to Vserver, do you havw some help guide? 1128196377 M * [Act]ViPeR have* 1128196385 M * Bertl [Act]ViPeR: we have a lot of stuff for that, e.g. a library 1128196408 M * Bertl but probably the first approach is better done with cli wrappers 1128196421 M * IEF exactly. 1128196438 M * Bertl (for all confused souls here) we were talking about a web/php frontend for linux virtualizations 1128196452 M * Bertl (on the openVZ channel, and now moved here) 1128196462 M * ^WinZiP the only thing 1128196464 M * IEF CLI wrappers can be done easily. 1128196466 M * ^WinZiP who bothers me about Vserver 1128196468 M * [Act]ViPeR i need something to start with 1128196479 M * ^WinZiP is the lake of good networking. 1128196494 M * Bertl [Act]ViPeR: what about a few conceptional documents first? 1128196497 M * ^WinZiP and take lake of good Disk space allocation. 1128196512 M * Bertl ^WinZiP: hmm? please elaborate? 1128196536 M * Bertl [Act]ViPeR: http://linux-vserver.org/ 1128196541 M * ^WinZiP Bertl, lets assume i give a VPS guest, 5gb of space, month after the clients wants 10gb of space. what would i do? 1128196553 M * [Act]ViPeR Bertl: ok i will see 1128196554 M * Bertl raise the disk limit, of course? 1128196556 M * ^WinZiP +, its hard to configure a good - working outside ip . i tried that few times. 1128196563 M * Bertl [Act]ViPeR: http://linux-vserver.org/Linux-VServer-Paper 1128196578 M * ^WinZiP Bertl, the last time i testes vserver was about 6 months ago 1128196581 M * ^WinZiP anything changed since 1128196581 M * ^WinZiP ? 1128196587 M * Bertl I'd say a lot ... 1128196606 M * ^WinZiP HMMMMMMMMMMMMM beta. i will install an Linux OS inside of my VMWAre server 1128196613 M * ^WinZiP and re-test linux-vserver 1128196614 M * mnemoc and LVM ) 1128196616 M * ^WinZiP i realy want to take it Public. 1128196622 M * IEF that's what I'm doing right now. 1128196632 M * IEF building a vserver host system inside VMWare GSX VM 1128196654 M * ^WinZiP IEF, the problem is not in beta envoriment, the problem is when you are in production envoriment. 1128196659 M * ^WinZiP and clients are MAD 1128196659 M * Bertl wibble: http://linux-vserver.org/Release+FAQ 1128196670 M * IEF I know. 1128196670 M * Bertl *sorry* ^WinZiP: http://linux-vserver.org/Release+FAQ 1128196678 M * ^WinZiP thank you bertl. 1128196692 M * IEF I was talking about building an environment for a web frontend 1128196722 M * ^WinZiP . There are Context Quota & Context Limit as well as Memory Limits and a lot of minor feature/enhancement patches available from Herbert. Alex has made available patches for Red Hat kernels in the past. See the Documentation page for links 1128196732 M * ^WinZiP why making so many patches, why not making a COMPLETE solution. 1128196747 M * ^WinZiP a code , that is availble at once, with all good Fetures. 1128196752 M * Bertl linux-vserver 2.0 has all that ... 1128196757 M * ^WinZiP alredy built in? 1128196760 M * ^WinZiP wow, im testing it now. 1128196764 M * Bertl yep, check the list ... 1128196826 M * IEF *zzz* kernel compile takes forever.. 1128196826 M * Bertl and it's also used in many places (see the list of hosting providers) 1128196866 M * ^WinZiP bertl 1128196876 M * ^WinZiP the problem is, they got an Admin interface, we dont. 1128196880 M * ^WinZiP + Client interface. 1128196886 M * ^WinZiP thats why we need GPL Stuff like that. 1128196922 M * Bertl some of them have, others do not need it ... but I agree, a control/admin/customer interface is something desireable ... 1128196962 M * Bertl [Act]ViPeR: if you have any linux-vserver related questions, feel free to ask ... 1128197040 M * Bertl [Act]ViPeR: most folks will also be able to help with unix/network related stuff here ... 1128197043 M * ^WinZiP he will, he is now going to sleep, when he wake up he starts working. 1128197071 M * ^WinZiP let me just install a guest on vmware to test this new Vserver. 1128197077 M * ^WinZiP i hope its good as you say :) 1128197104 M * Bertl well, I'm pretty sure it is ... but if not, let's make it better :) 1128197138 M * ^WinZiP :) 1128197166 M * ^WinZiP I always wanted a VPS System, wich has all fetures built in, with easy shell script to setup and start working 1128197172 M * ^WinZiP but its too good to be true :) 1128197196 M * IEF well there are 1128197199 M * IEF just not GPL =) 1128197210 M * ^WinZiP thats a shame :\ 1128197215 M * ^WinZiP so many developers 1128197218 M * IEF my point exactly 1128197220 M * ^WinZiP friends, communites. 1128197228 M * ^WinZiP and we stay in the same place for years now. 1128197326 M * ^WinZiP Bertl 1128197336 M * ^WinZiP wich dist will work BEST with Vserver 2.0? 1128197371 M * michal Bertl: have you been testing vserver on mips machines ? 1128197388 M * Bertl it is supposed to work on any distro, the tools are developed on FC*, but the debian and gentoo community is strong 1128197441 M * Bertl michal: Greek0 was doing some testing with mips but IIRC nothing final yet 1128197469 M * michal mips arch is a difficult one as i can see from my rsbac tests 1128197495 M * michal kernel is quite doable, but syscalls / 64bit kernel / 32 bit userland is messy 1128197511 M * michal and heh, every mips is like another arch in fact 1128197627 M * Bertl yeah, but the syscall interface is fairly 32/64 bit agnostic 1128197639 M * michal that's good 1128197643 M * Bertl (see x86_64 and ia32 support) 1128197663 M * Bertl you can use both interfaces (64/32) on x86_64 to reach the kernel 1128197729 M * michal (in fact we support sparc 32/64 bit, 32/64bit x86, but on mips strace shows me that syscall is beeing called... without any arguments at all ;p) 1128197757 M * michal and i was told, that developing for mips requires magic skills ;) 1128197763 M * Greek0 . 1128197790 M * Bertl michal: ah, rsbac? sounds interesting ... didn't know you were doing this ... 1128197809 M * michal yep 1128197825 M * michal we have three people in development team 1128197836 M * Greek0 hmm 1128197841 M * michal i am developing for over a year, using from over a 1.5 1128197872 M * Bertl michal: so how is rsbac/linux-vserver integration? 1128197903 M * michal i am going to start new kernel branch with rsbac + pax + vserver soon 1128197908 M * michal and maintain it 1128197921 M * Bertl sounds great, count me in ... 1128197924 M * michal but first i need some one small feature in rsbac to ma intergation work better 1128197927 M * Greek0 michal: for the syscall stuff you could look into bertl's cross-arch syscall.h file 1128197927 M * michal thx :) 1128197953 M * Bertl yeah, I guess the shiny syscall wrapper is fairly complete ... 1128197964 M * michal Greek0: you think ? i'll do, it is in vserver kernel patch / utils, where ? 1128197977 M * mnemoc Bertl: why rsbac+pax and not grsec+pax? 1128198006 M * Greek0 michal: http://vserver.13thfloor.at/Experimental/SYSCALL/syscall_shiny7.h 1128198019 M * michal indeed shiny ! 1128198037 M * Greek0 but I think in that version bertl hasn't merged my mips patch.. 1128198055 M * Bertl nope, not yet ... 1128198063 M * michal http://www.rsbac.org/documentation/different_models/um <- i need to make it per vserver context possible and thatn we are going 1128198112 M * michal easy, we already designed it in that way it will be possible to have several lists with necesary data, which can be per (like, chroot, jail, vserver) 1128198119 M * Greek0 michal: http://greek0.net/div/vserver/syscall_shiny7-mips.2.diff <-- that's the mips patch in case you're interested 1128198142 M * Greek0 tested on mipsel O32 ABI, but I'm pretty confident it should work on N32/*64 too 1128198205 M * michal i'll show you some piece of breakage 1128198210 M * michal on ppc 1128198213 M * michal SYS_224(0x10300, 0x21, 0x7fa131d8, 0x18, 0x7fa13218) = 0 1128198217 M * michal so properly 1128198226 M * michal on mips 1128198228 M * michal SYS_4221() = -1 ERRNO_1018 (Unknown error 1018) 1128198243 M * Greek0 with your syscall stuff or with shiny? 1128198246 M * michal -1018 is invalid argument, obviously, argument has vanished ;p 1128198256 M * michal iwth our rsbac 1128198302 M * Greek0 strange. actually no matter _what_ abi, you should at least always have 4 valid (though perhaps non-sensical) arguments. 1128198313 M * Greek0 since the first 4 args are passed in registers on all mips ABIs 1128198326 M * michal strange indeed 1128198386 M * Greek0 hmm... mips has this strange linux-ABI, where linux syscall start somewhere at 4K or sth like that for compatibility reasons 1128198403 M * michal yes, O32 starts from 4000 1128198431 M * michal well, i got proper number (4221) 1128198501 M * michal i wonder how are you using this syscall header 1128198517 M * Greek0 mom 1128198520 M * Bertl there is an example ... 1128198540 M * michal found it 1128198548 Q * jdgiguere Quit: Thanks guy :-) 1128198563 M * Bertl michal: do you pass structures to the kernel? 1128198579 M * michal hm, let me think, i do 1128198582 M * Greek0 http://greek0.net/div/vserver/example 1128198604 M * Bertl michal: are they byte/bit aligned and strong typed? 1128198621 M * Greek0 man, that file is evil 1128198635 M * michal duno about aligning (we are not doing anything about it, so only gcc, not changing anything manualy) 1128198644 M * michal what do you mean by strong typed ? 1128198647 A * Greek0 should really work on the quality of his off-the-cuff- and test-code 1128198670 M * Bertl michal: can you show me the syscall and the passed structures? (e.g. via pastebin.com)? 1128198680 M * michal sure, sec... 1128198817 M * michal http://pastebin.com/379966 1128198819 M * michal here you are 1128198827 M * michal i am not really into syscalls, sorry :/ 1128198940 M * Bertl okay, I'd like to see the rsbac_syscall_arg_t union declaration too ... 1128198944 M * michal and in fact it is multiplexer to few other syscalls 1128198972 M * Bertl you might want to look into the linux-vserver 'switch' (a multiplexer too) 1128199007 M * ^WinZiP Bertl 1128199039 M * ^WinZiP Why it is so complicated to allow networking. all i want is to bridge interface ethX to the vps with defined IP (normal internet fixed ip) 1128199048 M * ^WinZiP like vmware does. 1128199077 M * Bertl ^WinZiP: it's not complicated, it's just easier to use the existing linux-networking ... 1128199090 M * Bertl (besides it also reduces overhead) 1128199096 M * ^WinZiP oh. 1128199105 M * Bertl while VMware and UML has to accept the additional overhead 1128199120 M * ^WinZiP but bertl, in a production enovirment messing with all those stuff omg. 1128199151 M * Bertl well, are you talking about testing it, or deploying it? 1128199157 M * ^WinZiP do you have a latest howto to get up and runing with FC? Deploying it. 1128199190 M * Bertl there is a good getting started guide 1128199202 M * michal in fact (since it is just bunch of another structs) could you please look at download.rsbac.org/code/v1.2.5/rsbac-admin-1.2.5.tar.bz2 ? 1128199213 M * Bertl ^WinZiP: http://linux-vserver.org/Step-by-Step+Guide+2.6 1128199215 M * michal there you will find all declarations 1128199229 M * ^WinZiP great. 1128199229 M * Bertl michal: k :) 1128199246 M * michal inside, in main/headers and libs dir 1128199283 M * michal i have made asm-mips64 dir for which tools build system were looking by symlinking it to asm-mips 1128199302 M * michal because there is not asm-mips64 in the kernel 1128199415 M * Bertl well, most of your structures are not 32/64 bit agnostic 1128199433 M * Bertl (so they will break if the interface changes) 1128199453 M * IEF oh my gawd. 1128199456 M * IEF kernel still building. 1128199474 M * IEF I should install FC4 natively and build from there 1128199491 M * michal uh, that's bad 1128199492 M * Bertl michal: also pointers to other structures are problematic ... maybe the kernel gets completely wrong addresses 1128199504 M * IEF better yet, on a 8-way opteron. let's do that. 1128199513 M * Bertl IEF: yeah, sounds cool! 1128199550 M * michal Bertl: you've made me woried ;) so, what can i do to change it ? 1128199580 M * Bertl michal: first, do you really need that many structures? 1128199637 M * michal Amon (rsbac author) choice, well, it simplifies many things (like coding)C 1128199643 M * michal (uh, sorry, lag) 1128199696 M * Bertl well, linux-vserver uses c99 types where possible, to avoid 32/64 bit issues 1128199733 M * mnemoc michal: you splitted the userspace tools... is -common only needed by -admin or also by kernel? 1128199733 M * Bertl this, and avoiding pointers inside the structs, makes it fairly portable and type size agnostic 1128199767 M * michal -common is include/rsbac and rsbac dirs, our kernel independent code 1128199781 M * mnemoc part of the patch? 1128199784 M * michal -admin are userspace tools, you also need a patch 1128199788 M * michal patch is separate 1128199794 M * michal well, just get prepatched kernels 1128199794 M * mnemoc ok 1128199806 M * mnemoc not when you distribute rsbac ;) 1128199857 M * IEF ok. gonna get some sleep now. I'll start my vserver testing tomorrow, and have a look at where to start writing a webinterface 1128199869 M * IEF and get going from there. 1128199869 M * Greek0 there is a webinterface 1128199873 M * IEF where? 1128199876 M * Bertl IEF: sounds good! 1128199881 M * Greek0 I don't know how complete it is, however 1128199894 M * Bertl yeah, the OpenVPS, I mentioned 1128199902 M * IEF oh ok 1128199910 M * IEF I'll install that as well. see how far along they are. 1128199914 M * Greek0 http://www.openvps.org/Plone 1128199920 A * michal analyzing vserver code 1128200013 M * IEF good night everyone. 1128200020 M * michal night IEF 1128200046 M * Bertl IEF: good night! 1128200049 M * Bertl michal: http://www.13thfloor.at/vserver/s_rel26/v2.0/split-2.6.12.4-vs2.0/08_2.6.12.4_switch.diff.hl 1128200084 Q * IEF Quit: Zzz... 1128200110 M * Bertl michal: and http://www.13thfloor.at/vserver/s_rel26/v2.0/split-2.6.12.4-vs2.0/27_2.6.12.4_cmdef.diff.hl 1128200150 M * michal thx, will have a nice reading ;) 1128201003 M * michal --- linux-2.6.12.4/kernel/vserver/legacynet.c 1970-01-01 01:00:00 +0100 1128201013 M * michal hoho, quite legacy indeed ;p 1128201187 M * michal ok, thank for some ideas and comments, i'll talk to Amon about few things... 1128201316 M * Bertl michal: btw, where it makes sense to integrate rsbac/pax/linux-vserver, we should consider that too ... 1128201375 M * michal exactly. UserManagment obviously, any other usable things also. 1128201409 M * Bertl I assume that a lot of areas could benefit from mutual awareness 1128201452 M * michal i would be very pleased from that cooperation. 1128201453 M * Bertl okay, keep me updated ... 1128201463 M * michal i'll do :] 1128201476 M * Bertl because folks here always try to integrate grsec/rsbac/pax or whatever ... 1128201512 M * Bertl so I _assume_ there is some demand .. so it makes sense to make a proper integration where possible 1128201633 M * michal quite a few people asking about vserver on #rsbac, so yeah, you are right 1128201902 M * michal ok, bbl 1128201908 M * Bertl k, cya! 1128202774 M * ^WinZiP Bertl 1128202782 M * ^WinZiP do you have a Prebuilt 2.0 kernel? 1128202785 M * ^WinZiP 2.6? 1128202813 M * Bertl yeah, a bunch of them, but you will not be happy with them :) 1128202856 M * Bertl most are QEMU kernels and a few ppc kernels too 1128202886 M * ^WinZiP oh. 1128202888 M * ^WinZiP can i download 1128202893 M * ^WinZiP http://www.13thfloor.at/vserver/s_rel26/v2.0/patch-2.6.13.2-vs2.0.diff.bz2 1128202895 M * ^WinZiP is this good? 1128202922 M * Bertl yep, that is the 2.0 patch for 2.6.13.2 kernels 1128202935 M * Bertl (from kernel.org) 1128202940 M * ^WinZiP great. 1128202959 M * Bertl hmm, sec 1128202989 M * Bertl there is no such patch there ... or? 1128203022 M * Bertl but you can use that one for 2.6.13.2: 1128203023 M * Bertl http://vserver.13thfloor.at/Experimental/patch-2.6.13.2-vs2.0.1-pre2.diff.bz2 1128203075 M * ^WinZiP bzip2: ../patch-2.6.13.2-vs2.0.diff.bz2 is not a bzip2 file. 1128203077 M * ^WinZiP bertl 1128203128 M * Bertl ^WinZiP: because there is no such patch there ... it's just a 'not-found' message, I guess 1128203133 M * ^WinZiP omg 1128203133 M * ^WinZiP ok 1128203160 M * Bertl take the one I mentioned above ... 1128203177 M * ^WinZiP got it 1128203278 M * ^WinZiP patched ok 1128203282 M * ^WinZiP now ill config and build kernel. 1128203293 M * Bertl do you have an existing kernel .config? 1128203315 M * Bertl if so, just copy that one into the kernel tree and do 'make oldconfig' 1128203324 M * Bertl (it will just ask the new stuff) 1128203583 M * ^WinZiP yah 1128203584 M * ^WinZiP i have 1128203595 M * ^WinZiP i use this technic for years now 1128203596 M * ^WinZiP :D 1128203602 M * Bertl good :) 1128203802 M * ^WinZiP my dual xeon is busy today lol 1128203809 M * ^WinZiP Bertl 1128203839 M * ^WinZiP I will dedciate my new P4 3.0ghz 1mb cache 80gb sata 2gb ram for VServer-vps's. i hope it will work well. 1128203919 M * Bertl given that you set it up properly, I guess so ... 1128203963 M * ^WinZiP i dont have luck with those things. ill get to the networking/qouting and get stuck. 1128204010 J * Blissex pcg@82-69-39-138.dsl.in-addr.zen.co.uk 1128204016 M * ^WinZiP Bertl you should sell an Installation/Setting up/ some bash Configurator for those company's who wish to sell VPS Based on Vserver. 1128204069 M * Bertl well, you can get a lot of help here .. so I guess it's not that critical 1128204092 M * ^WinZiP yeah but you can make a good money based on setting up systems. 1128204102 M * ^WinZiP and still give Vserver GPL freedom. 1128204118 M * Bertl you can 'buy' consulting time from me, if you like :) 1128204125 M * ^WinZiP Oh realy :) 1128204143 M * ^WinZiP if it wont go smooth enugh, i will probadly do that heh. 1128204156 M * Bertl feel free to do so ... 1128204175 M * ^WinZiP damn Virtuzzo, if they only gaved good Leasing price. 1128204185 M * ^WinZiP way too expansive , a buck for each Hz. 1128204241 M * Bertl that's quite a lot ... 1128204255 M * ^WinZiP yes it is. a Dual xeon 3.06ghz do you know how much will you pay for that. 1128204263 M * ^WinZiP i dont know if it will return the investment. 1128204291 M * ^WinZiP you should be competitve in order to still be online in the hosting world. 1128204308 M * ^WinZiP I Currently use VMware gsx, wich is quite slow. 1128204356 M * Bertl how many guests can you put on that? 1128204363 M * ^WinZiP max 4-5. 1128204375 M * ^WinZiP and its slow like hell. 1128204384 M * Bertl wow, and you even have to pay for the product :) 1128204391 M * ^WinZiP execly. 1128204397 M * ^WinZiP this Virtuzlation tech is sucks 1128204413 M * ^WinZiP its good for one VM only. 1128204414 M * Bertl ever considered Xen? 1128204426 M * ^WinZiP yeah, but the Installation and lack of GUI tools make me very unahppy about it. 1128204443 M * Bertl ah, VMware GSX comes with gui? 1128204447 M * ^WinZiP A 1128204447 M * ^WinZiP GRET 1128204449 M * ^WinZiP GREAT 1128204449 M * ^WinZiP GUI 1128204453 M * ^WinZiP KVM -like gui. 1128204457 M * ^WinZiP do you know what KVM is? 1128204471 M * Bertl yeah, the remote switch, no? 1128204477 M * ^WinZiP yes. i got a Console access 1128204480 M * ^WinZiP to install os's from ISOS 1128204481 M * ^WinZiP and more. 1128204486 M * ^WinZiP I can install any os in minuts. 1128204498 M * ^WinZiP Multiple os's , RAM Setting is a ease. 1128204504 M * ^WinZiP disks limiations, and much more. 1128204534 M * ^WinZiP networking? Just chose: Brigdge vm0 to eth0 and you are done. 1128204538 M * Bertl i.c. well hopefully the soon-to-be-coming frontends will support similar for linux-vserver 1128204551 M * ^WinZiP this will be great. 1128204560 M * ^WinZiP it will be a death kick for Vmware. 1128204563 M * ^WinZiP and Virtuzzo. 1128204586 M * ^WinZiP on the linux env. 1128204598 M * Bertl well, I'm more than satisfied if it is useful :) 1128204625 M * ^WinZiP IT is. do you know how much good things can it bring? 1128204636 M * ^WinZiP You can sell hounders of VPs's by clustering servers 1128204648 M * ^WinZiP Take a set of 6-7 P4 servers or 2-3 Xeon servers, and start selling :) 1128204711 M * ^WinZiP you can develop in a Safe envoirment, try new things. and much more ... but it will take time. Vserver is not yet for heavy production i think. 1128204743 M * Bertl well, some providers think differently ... 1128204760 M * ^WinZiP hmm, i didnt test it rughly yet. 1128204772 M * ^WinZiP i will test it now. with MySQL + Directadmin php apache 1128204772 M * ^WinZiP etc. 1128204782 M * Bertl (e.g. lycos with around 100 guests on a larger machine) 1128204798 M * ^WinZiP omg. 1128204805 M * ^WinZiP tell me something 1128204818 M * ^WinZiP Linode.com 1128204820 M * ^WinZiP what are they using? 1128204825 M * ^WinZiP they got PERFACT control panel 1128204844 M * ^WinZiP UML :\ 1128204864 M * ^WinZiP We've built the Linode Platform Manager (LPM), the online control panel that let's you perform every action you would with a physical machine, except well, it's virtual. It's like your PC BIOS and your boot manager rolled into one. 1128204867 M * ^WinZiP so great. 1128204902 M * ^WinZiP http://www.linode.com/products/controlpanel.cfm 1128204904 M * ^WinZiP take a look. 1128204927 M * Bertl yeah, something like this would be good for linux-vserver 1128204941 M * ^WinZiP good? It will be best! 1128204960 M * ^WinZiP imaging, opening a servers in a click, Create multiple os's. 1128205002 M * Bertl yeah, sounds great! looking forward to it ... 1128205034 M * ^WinZiP hmm i hope viper can do something about it. how about that 1128205035 M * ^WinZiP new project 1128205037 M * ^WinZiP OpenVPS? 1128205043 M * ^WinZiP does it got something realy working? 1128205107 M * Bertl I have to admit, I never got around testing it ... 1128205118 A * Bertl is more the cli type ... 1128205127 M * ^WinZiP heh you like those stuff huh. 1128205133 M * ^WinZiP i love Gui's :) 1128205136 M * ^WinZiP i can work with cli 1128205136 M * ^WinZiP but 1128205140 M * ^WinZiP dont know, its old. 1128205222 A * ^WinZiP still waiting for the kernel to compile 1128205236 M * ^WinZiP i hate vmware :\ 1128205412 M * Bertl when I need system virtualization, I usually use QEMU 1128205448 M * ^WinZiP qemu is good, but still - you need to work hours to get networking up and runing. 1128205479 M * Bertl hmm, works out of the box here .. but YMMV 1128205496 M * ^WinZiP well i only tried it on servers, not in home. 1128205500 M * ^WinZiP im not using linux at home since 1128205504 M * ^WinZiP Caldera OpenLinux died. 1128205608 M * ^WinZiP omg i got a chargeback. lol i hate when it happens. 1128205642 M * Lunar^ Bertl: I don't know what's the best idea to solve this 1128205667 M * Lunar^ Bertl: it's in m4/ensc_syscallnr.m4 1128205686 M * Bertl Lunar^: tell me more ... 1128205692 M * Lunar^ Bertl: in case the kernel headers are not patched, the syscall defaults to 273 1128205702 M * Lunar^ Bertl: which isn't right on powerpc, as you said 1128205728 M * Bertl hmm, strange ... I provided a proper solution back then, maybe that should be integrated? *sec looking* 1128205794 M * Bertl http://vserver.13thfloor.at/Experimental/SYSCALL/vserver.h 1128205857 M * Lunar^ Bertl: so the m4/ensc_syscallnr.m4 should be rewritten to use this file? 1128205884 M * Bertl IMHO it's much better to use something like this, regardless of kernel ehaders or glibc 1128205897 M * Bertl because this also works in cross compiling scenarios 1128205902 M * Lunar^ I'm not that familiar with autotools 1128205957 M * Lunar^ thus I don't know if I'm the best suited to do this job 1128205968 M * Bertl me neither ... 1128205986 M * Lunar^ Does Ola Lundqvist shows up here? 1128205994 M * Bertl but maybe post something to the ML, folks could pick it up? 1128206005 M * Bertl yes ola shows up now and then ... 1128206043 M * Bertl but micah is available msot of the time, so regarding debian, he is propably the best person to talk to 1128206054 M * Lunar^ micah: what do you think? 1128207343 J * shaw sys@c9115e50.rjo.virtua.com.br 1128207352 M * Bertl welcome shaw! 1128207371 M * shaw thanks 1128207372 M * shaw =] 1128207441 Q * shaw Quit: 1128207925 J * Aiken ~james@tooax6-079.dialup.optusnet.com.au 1128208271 M * Bertl afk for a moment ... 1128208336 A * michal had read more about portability and sthings 1128208408 M * michal so, looks like rsbac code - does not force aligning (good), is not using strong types (bad) 1128208434 M * michal is playing (and doing other nasty things) with pointers (bad) 1128208442 M * michal result 1128208453 M * michal 64 bit kernel / 32 bit user space - it won't work ;p 1128208462 M * Aiken Bertl Linux pebbles.bedrock 2.6.14-rc3 #2 Sat Oct 1 16:49:09 EST 2005 alpha Unknown Alcor GNU/Linux 1128208891 M * Bertl back now ... 1128208916 M * Bertl michal: yeah, that's what I suspect ... 1128208929 M * Bertl Aiken: great! did they fix it? 1128208944 M * Aiken yes 1128208949 M * michal robert love book is not bad ;p 1128208954 M * Aiken but the bug report was never replied to :( 1128208975 M * Bertl michal: is it possible to redesign the syscall interface rsbac uses? 1128208990 M * Bertl michal: do you have a syscall number assigned for rsbac? 1128209006 M * Bertl Aiken: yeah, that's lkml style ... 1128209047 M * michal Bertl: yes, it is, nothing is assigned officially 1128209063 M * Aiken I having an attempt at applying 2.1.0-rc2 to 2.6.14, only 30 rej files left to go 1128209067 M * michal Bertl: i assume you have sugestions 1128209083 M * Aiken the alpha xfs crash as been fixed in 2.6.14 as well 1128209185 M * Bertl michal: well, IMHO there are three options: 1128209229 M * Bertl 1) you get a syscall assigned (for each arch, takes about a year) and redesign your structures 1128209263 M * Bertl 2) you switch to a different interface (like a filesystem, or netlink) 1128209300 M * Bertl 3) we set aside some syscall switch areas for rsbac/pax and you use them via the vserver syscall switch 1128209369 M * Bertl not sure that 3) is what we really want ... but it might work for now ... 1128209414 M * michal i would take option 1) and partialy three - that's it, redesigning rsbac syscall looking at vserver example (but separate 1128209442 M * Bertl yeah, makes sense, but trust me, you want a fixed syscall ... 1128209445 M * michal )switching from syscall is rather not possible 1128209472 M * michal well, we'll try to get one 1128209496 M * michal i like your multiplexer 1128209506 M * Bertl don#t tell that you want to do a multiplexor 1128209526 M * Bertl in this regard lkml folks are stubborn 1128209534 M * michal heard that 1128209640 M * michal not that it would be the only rule we would violate 1128209698 M * michal we should convice every arch maintainer on his own ? 1128209713 M * michal (looking at your assigned-2.6.11.3.info) 1128209737 M * Bertl the main problem is, that every arch maintainer has his own rules 1128209799 M * Bertl it's really not easy ... 1128209850 M * michal supose so. well, they know us, already seen large amounts of code and sometimes are willing to step out from strict rules 1128209874 M * michal but indeed, names i've saw in that file scare me 1128209876 M * Bertl okay, then I would start today, trying to get the first syscall in 1128210274 M * michal i'll do starting from the morning. is there any sugessted way (which first), rules, or everything is just up to me ? 1128210322 M * Bertl probably x86 is a good start, and Andrew/Linus are mostly nice folks ... 1128210364 M * Bertl if that works, it also gives you a good argument why it should be done on other archs 1128210473 M * michal exactly, first that x86 assigment is most needed, and second like you have said - linus accepting something is a really strong argument 1128210544 M * Bertl from the interface POV, I can only suggest the following: 1128210560 M * Bertl - use strict/strong typing (c99 e.g.) 1128210575 M * Bertl - avoid pointers whenever possible (best use syscall arg for that) 1128210652 M * Bertl - avoid passing different number of syscall arguments 1128210978 M * michal i'll keep it in mind when redesigning (already noted it :) 1128211012 M * michal one thing more - do you have some link to page that would sum up c99 types (found full specification and it has few MB's) 1128211106 M * Bertl http://home.tiscalinet.ch/t_wolf/tw/c/c9x_changes.html 1128211168 M * Bertl inttypes.h