1130457626 Q * Greek0_ Quit: leaving
1130457668 J * gdm ~gdm@209.51.169.84
1130458400 Q * michal_ Ping timeout: 480 seconds
1130458535 J * michal_ ~michal@mprivacy-update.de
1130458959 J * Aiken ~james@tooax6-023.dialup.optusnet.com.au
1130462818 Q * Aiken Remote host closed the connection
1130463290 J * Aiken ~james@tooax6-023.dialup.optusnet.com.au
1130467105 Q * jkl Ping timeout: 480 seconds
1130467571 N * nokoya nokoyaz
1130467595 N * nokoyaz nokoya
1130470132 J * Johnny ~john@acs-24-154-53-217.zoominternet.net
1130470132 Q * Johnnie Read error: Connection reset by peer
1130470509 Q * jayeola Quit: leaving
1130470576 J * Aiken_ ~james@tooax6-023.dialup.optusnet.com.au
1130470577 Q * Aiken Read error: Connection reset by peer
1130473295 Q * Johnny Ping timeout: 480 seconds
1130473626 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net
1130473822 J * jkl eric@c-67-173-249-8.hsd1.co.comcast.net
1130476021 Q * jkl Ping timeout: 480 seconds
1130477290 Q * Millox Ping timeout: 480 seconds
1130478247 Q * davidsmind Read error: No route to host
1130478530 J * Millox ~mattias@shienar.csbnet.se
1130479611 J * Guest56 ~Miranda@83.215.237.5
1130482014 Q * Hollow Remote host closed the connection
1130482754 J * Hollow ~hollow@home.xnull.de
1130483225 J * jkl eric@c-67-173-249-8.hsd1.co.comcast.net
1130487504 Q * shedi Quit: Leaving
1130488468 M * AndrewLee Bertl_ILL: I backported your delta-0.30.208-fix03-fix04-hack.diff to sarge and it works on my powerpc without a patched kernel. :)
1130488854 Q * Aiken_ Ping timeout: 480 seconds
1130488976 J * prae ~prae@ezoffice.mandriva.com
1130490965 J * shedi ~siggi@tolvudeild-201.lhi.is
1130492226 M * Lunar^ AndrewLee: send a report to #328209 then
1130492534 M * Lunar^ AndrewLee: oh.. you did it already :)
1130492565 M * AndrewLee Lunar^: yap
1130492599 M * AndrewLee Lunar^: Do you know any other changes should be done for util-vserver in sarge as well?
1130492707 M * AndrewLee Lunar^: I found testme.sh & testfs.sh works fine with sarge's kernel-patch-vserver+util-vserver for new-style config, but a lots of errors for legancy mode.
1130492751 M * AndrewLee Lunar^: But seems the maintainer want to use legancy mode for sarge(you can have a look the vserver-debiantools in sarge).
1130492851 M * Lunar^ I don't know either
1130492926 M * AndrewLee Lunar^: If keep to use legancy mode in sarge, that means the maintainer has a lot of problem have to fix..
1130492963 M * daniel_hozac testme and testfs don't care about configs.
1130493023 M * AndrewLee daniel_hozac: testfs has an option -l for legancy mode
1130493093 M * Lunar^ AndrewLee: sarge has been released
1130493128 M * Lunar^ AndrewLee: our only options are to fix the bugs, or release erratas
1130493144 M * AndrewLee Lunar^: Yes
1130493191 M * daniel_hozac AndrewLee: the legacy barrier code has absolutely _nothing_ to do with configs.
1130493292 M * AndrewLee daniel_hozac: Does that mean the problem is on the kernel-patch-vserver not the util-vserver?
1130493322 M * daniel_hozac the legacy barrier code is only valid on 2.4 kernels.
1130493394 M * AndrewLee daniel_hozac: Can I use legacy mode on 2.6 kernels? Would that be a problem?
1130493406 M * daniel_hozac it is not present in 2.6 kernels at all.
1130493411 M * daniel_hozac barriers are set differently.
1130493433 M * AndrewLee daniel_hozac: I see. So that means I can use 17:57 < AndrewLee> daniel_hozac: Can I use legacy mode on 2.6 kernels? Would
1130493442 M * AndrewLee sorry, typo
1130493518 M * AndrewLee daniel_hozac: So that means use legacy mode config on 2.6 kernel is safe?
1130493542 M * daniel_hozac yes, but you'll miss out on the new features.
1130493593 M * AndrewLee daniel_hozac: I know, I just want to do my best to understand this for help fix vserver in sarge.
1130493685 M * AndrewLee daniel_hozac: Cause I don't want to see sarge make a bad image of vserver to debian users.
1130493703 M * daniel_hozac waaaay too late for that, i think :P
1130493715 M * daniel_hozac or well, a bad image of debian at least.
1130493726 M * AndrewLee daniel_hozac: I gave a vserver talk before sarge released, everything were fine.
1130493726 M * daniel_hozac as the first thing they're told is to uninstall those evil packages ;)
1130493750 M * AndrewLee daniel_hozac: but after sarge release, people report the way I gave in my talk doesn't work...
1130493809 M * AndrewLee daniel_hozac: I am going to give a vserver talk again next month
1130493866 M * AndrewLee daniel_hozac: So I have to understand these more for giving a talk. ;)
1130493924 M * AndrewLee daniel_hozac: Thanks for your suggestion, I will considering to tell them to uninstall those evil packages first. :p
1130493957 A * AndrewLee is leaving for catch train.
1130494205 M * daniel_hozac heh
1130496495 Q * shedi Quit: Leaving
1130500773 J * sebi_ ~sebi@Fd46a.f.strato-dslnet.de
1130500880 Q * sebi Ping timeout: 480 seconds
1130501074 Q * iprone Ping timeout: 480 seconds
1130501549 Q * prae arion.oftc.net strange.oftc.net
1130501549 Q * Hollow arion.oftc.net strange.oftc.net
1130501549 Q * Johnnie arion.oftc.net strange.oftc.net
1130501549 Q * michal_ arion.oftc.net strange.oftc.net
1130501549 Q * Sonarman arion.oftc.net strange.oftc.net
1130501549 Q * mrec_ arion.oftc.net strange.oftc.net
1130501549 Q * Greek0 arion.oftc.net strange.oftc.net
1130501549 Q * monrad arion.oftc.net strange.oftc.net
1130501549 Q * Lunar^ arion.oftc.net strange.oftc.net
1130501549 Q * TheSeer arion.oftc.net strange.oftc.net
1130501549 Q * tchan arion.oftc.net strange.oftc.net
1130501549 Q * locksy arion.oftc.net strange.oftc.net
1130501549 Q * cryo arion.oftc.net strange.oftc.net
1130501551 Q * AndrewLee arion.oftc.net strange.oftc.net
1130501551 Q * entroposcope arion.oftc.net strange.oftc.net
1130501551 Q * Vudumen arion.oftc.net strange.oftc.net
1130501551 Q * derbien arion.oftc.net strange.oftc.net
1130501551 Q * flock arion.oftc.net strange.oftc.net
1130501551 Q * yungyuc arion.oftc.net strange.oftc.net
1130501551 Q * micah arion.oftc.net strange.oftc.net
1130501562 J * prae ~prae@ezoffice.mandriva.com
1130501562 J * Hollow ~hollow@home.xnull.de
1130501562 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net
1130501562 J * michal_ ~michal@mprivacy-update.de
1130501562 J * Sonarman ~cleetus@adsl-71-141-123-13.dsl.snfc21.pacbell.net
1130501562 J * mrec_ ~revenger@p54B03322.dip0.t-ipconnect.de
1130501562 J * Greek0 ~greek0@85.255.145.201
1130501562 J * monrad ~monrad@213083190134.sonofon.dk
1130501562 J * Lunar^ ~lunar@poivron.org
1130501562 J * yungyuc ~yungyuc@220-135-53-220.HINET-IP.hinet.net
1130501562 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il
1130501562 J * micah micah@micha.hampshire.edu
1130501562 J * derbien ~derbien@whiterabbit.nbmc.de
1130501562 J * Vudumen vudumen@perverz.hu
1130501562 J * entroposcope ~entroposc@user-0c992og.cable.mindspring.com
1130501562 J * AndrewLee ~andrew@tnlug.linux.org.tw
1130501562 J * cryo ~say@212.86.233.146
1130501562 J * locksy ~locksy@mrtg.sisgroup.com.au
1130501562 J * tchan ~tchan@c-67-174-18-204.hsd1.il.comcast.net
1130501562 J * TheSeer ~theseer@border.office.salesemotion.net
1130503270 J * wam ~wigwam@proxy1.msh.de
1130503372 M * wam Hi! Inside a vserver, when I type as root: ### echo test > /dev/null ###, everything is ok. But when I do it as Debian-exim (###su -s /bin/bash -c "echo test>/dev/null" Debian-exim###)  , it fails with "bash: line 1: /dev/null: Permission denied". exim4 tells me the same in its logs. Any ideas?
1130503416 M * wam Permissions: crw-rw-rw  1 root root 1, 3 Oct 28 13:58 /dev/null
1130503437 J * yodahome ~yoda@pD95148F8.dip0.t-ipconnect.de
1130503510 M * yodahome Hi!
1130503826 M * wam argh - i'm so dumb. debootstrap nowadays makes /dev perm 700. damn.
1130503925 M * yodahome Anybody here using dnsmasq on a debian vserver?
1130504332 P * yodahome 
1130504408 N * Bertl_ILL Bertl
1130504421 M * Bertl morning folks! still a little sick, but much better ...
1130504432 M * daniel_hozac good to hear!
1130504740 M * Bertl thanks!
1130505127 M * Bertl daniel_hozac: so did you find some time to look at the lmbench results?
1130505466 J * iprone ~iprone@65.83.231.99
1130505772 M * daniel_hozac Bertl: not yet, sorry.
1130505880 M * Bertl nothing to be sorry about, welcome iprone!
1130506250 M * iprone morning Bertl...getting fired up here, id say we are about 2 weeks out from starting our performance testing...going to bring up a quick site with our procedures, background, etc...and then post results when we get them of course
1130506448 M * Bertl iprone: excellent, you know about the lmbench measurements I did?
1130506483 M * iprone i saw when you posted them the other day, havent gone through them though...was daniel able to weed through them yet?
1130506507 M * Bertl not yet, but you might want to do similar tests on other setups
1130506543 M * Bertl (so it would make sense to write some scripts to evaluate such results)
1130506595 M * iprone scripts are for people who cant type fast enough :)
1130506608 M * iprone i agree though, ill take a look at what youve done so far
1130506643 M * daniel_hozac i've only gotten around to writing a small script to average the results of the <name>: <value> pairs so far.
1130506728 M * daniel_hozac (it doesn't even handle all of them correctly yet...)
1130507062 J * shedi ~siggi@tolvudeild-201.lhi.is
1130507114 Q * Guest56 Read error: Connection reset by peer
1130507179 M * Bertl welcome shedi!
1130507195 M * shedi thank you Bertl
1130509830 M * Bertl leaving now ... back in a few hours ...
1130509835 N * Bertl Bertl_oO
1130510151 Q * monrad Quit: Leaving
1130510731 J * hallyn ~xa@adsl-68-72-168-199.dsl.chcgil.ameritech.net
1130511230 P * wam 
1130511670 M * hallyn Is there a 2.6.14 vserver patch, or do I need to forward port the 2.6.12.4 version?
1130511758 M * SiD3WiNDR .14 out?
1130511760 M * SiD3WiNDR it wasn't yesterday :p
1130511804 N * nokoya nokoyaz
1130511824 M * daniel_hozac i'm guessing the 2.6.13.3 patch would work better.
1130511839 N * nokoyaz nokoya
1130511866 M * daniel_hozac (but would still need forward porting)
1130511998 M * hallyn where would i find that patch?  the 2.6.12.4 was the latest one i found.
1130512027 M * daniel_hozac http://vserver.13thfloor.at/Experimental/
1130512066 M * hallyn thanks
1130512140 J * sven12 ~sven@GMMMCCXXXII.dsl.saunalahti.fi
1130512761 Q * dddd44 Read error: Connection reset by peer
1130513043 Q * lilo Remote host closed the connection
1130513352 J * lilo ~lilo@lilo.usercloak.oftc.net
1130513842 A * ag- wanna compile a 2.6.14 vserver-enabled ;)
1130514004 J * oliwel ~mail-at-o@host-62-245-151-178.customer.m-online.net
1130514076 M * hallyn working on the port...
1130514181 M * ag- hallyn: are there lots of hunks?
1130514287 M * hallyn 42 i think.
1130514301 M * hallyn last night i was trying from the 2.6.12.4 - which had 90-some chunks :)
1130514308 M * hallyn these are pretty simple ones so far
1130515027 Q * prae Quit: Execute Order 69 !
1130515374 J * monrad ~monrad@212088093238.sonofon.dk
1130515595 J * Breaker ~flopsy@host81-134-146-163.in-addr.btopenworld.com
1130516300 Q * shedi Quit: Leaving
1130516485 J * stefani ~stefani@superquan.apl.washington.edu
1130516852 J * dddd44 dhb55@60.48.200.121
1130517345 Q * oliwel Quit: Chatzilla 0.9.68.5 [SUSE 1.0.6-4.1/20050715]
1130517387 Q * dddd44 Read error: Connection reset by peer
1130517483 J * dddd44 dhb55@60.48.200.121
1130517702 M * ag- hallyn: i'm doing the same thing here, maybe we can compare our patches when done :)
1130517703 Q * Breaker Quit: 
1130517776 M * ag- hallyn: one file has disappear from the kernel tree
1130517844 M * ag- well, it's linux-2.6.13.3-vs2.1.0-rc4/arch/v850/kernel/asm-consts.c, so not a great impact on us
1130518020 Q * dddd44 Ping timeout: 480 seconds
1130518133 M * hallyn guess the ipv4/ycp* file splitup/reorg is the main thing...
1130518144 M * hallyn s/ycp/tcp/  
1130518347 M * ag- there's also some stuff which disappears from ./arch/ia64/ia32/binfmt_elf32.c
1130518462 J * dddd44 dhb55@60.48.200.121
1130518484 J * shedi ~siggi@inferno.lhi.is
1130518640 M * hallyn thats just consolidated into mmap.c.  odd i missed that going by on lkml
1130518678 M * ag- yup
1130518686 M * ag- they broke security_vm_enough_memory()
1130518839 Q * dddd44 Read error: Connection reset by peer
1130518841 A * mnemoc is happy to be distant of bleeding edge :)
1130518957 M * ag- as always, ia64 stuff makes me sick...
1130519046 M * ag- btw, they do the same for amd64
1130519237 M * ag- and like always, those kernel guys forget variables not used anymore :P
1130519834 N * Bertl_oO Bertl
1130519849 M * Bertl evening folks!
1130519861 M * Bertl evening ag-, hallyn!
1130519875 M * hallyn g'day
1130519901 M * Bertl seems you folks are doing kernel stuff! excellent!
1130519960 M * hallyn i'm just happy there was a 2.6.13 vs patch - the 2.6.12 to 2.6.14 was huge.
1130520005 M * mnemoc kernel changes on 2.6 are always huge
1130520033 M * ag- hallyn: in case you don't know, there's a small patch here too: http://vserver.13thfloor.at/Experimental/delta-2.6.13.3-vs2.1.0-rc4-rc4.1.diff
1130520046 M * daniel_hozac isn't that the point of development series? lots of changes, all the time?
1130520064 M * ag- daniel_hozac: 2.6 is said stable though
1130520074 M * Bertl hallyn: so, you are porting 2.0 or 2.1 to 2.6.14?
1130520118 M * hallyn uh, 2.0 i guess
1130520146 M * Bertl 'I guess' sounds interesting ...
1130520156 M * hallyn 2.1
1130520164 M * hallyn (was trying to find the original file :)
1130520180 M * Bertl you 'know' that this is the devel branh, yes?
1130520183 M * Bertl +c
1130520282 M * sven12 hi,Bertl!
1130520315 M * hallyn huh - didn't see that delta
1130520341 Q * sladen Ping timeout: 480 seconds
1130520389 J * sladen paul@starsky.19inch.net
1130520411 M * sven12 I've been crawling through the old logs and mailing list archives about making backups of vserver guests
1130520460 M * sven12 how are things now with 2.0 - are per context quotas now backed up like they should and file xids preserved?
1130520506 M * Bertl sven12: depends ...
1130520507 M * sven12 also what is the best method for backing up now? Is dump ok?
1130520523 M * Bertl IMHO dump/restore is an excellent choice
1130520535 M * sven12 I have tried just plain tar zcf this far
1130520555 M * sven12 and seemed to mess up things
1130520556 M * Bertl it the tar is very likely to drop xid tagging info
1130520562 M * sven12 yeah
1130520600 M * hallyn Bertl:  Long as devel tree is somewhat usable... this isn't for my server
1130520600 M * Bertl OTOH, the xid tags can be easily fixed when you restored the backup, unification (vhashify) can also work/run after that
1130520643 M * hallyn actually i want to port it on top of Dave's vpid patch to see how that ends up.
1130520661 M * sven12 Ok. I've been using this line with dump now: dump 0zf /home/sven/daily.dump /vservers/*
1130520677 M * sven12 but how restore should be used on the other side
1130520698 M * Bertl hallyn: ah, got the feeling that this is somehow related (Dave Hansen)
1130520765 M * Bertl sven12: example to 'transfer' guest 'hansi' from machine 'A' to 'B'
1130520834 M * Bertl A: dump 0zf - /vservers/hansi | ssh root@B "cd /vservers; restore rf -"
1130520841 M * Bertl or from the other side:
1130520861 M * Bertl B: ssh root@A "dump 0zf - /vservers/hansi" | restore rf -
1130520865 M * Bertl options are:
1130520882 M * Bertl - on a fast network connection, skip the 'z'
1130520887 M * sven12 ok
1130520904 M * Bertl - if you want to select what gets restored, use 'restore if -'
1130520921 M * Bertl (that's interactive)
1130520928 M * sven12 yes
1130520953 M * sven12 thanks :)
1130520965 J * bluegene ~eugen@tor-irc.dnsbl.oftc.net
1130521028 M * sven12 this dump/restore was new to me,I've been using Linux exclusively only since January this year
1130521029 Q * TheSeer Read error: Connection reset by peer
1130521085 M * mnemoc some people does that with tar
1130521101 M * bluegene http://www.13thfloor.at/vserver/s_rel26/v2.0/ is the place to look for current util-vserver, right?
1130521136 M * Bertl mnemoc: yes, might be interesting to make a page on that, and which one works with unification/xid tagging (and what is required to fix it up afterwards)
1130521193 M * Bertl bluegene: actually the tools are on savannah and enrico seems to update http://www.13thfloor.at/~ensc/util-vserver/files/alpha/
1130521234 M * Bertl bluegene: but yeah, the releases are accompanied by proper tools ...
1130521246 M * bluegene Oh, thanks. Any way to build .deb packages from the tarballs?
1130521275 M * Bertl probably, but there are a bunch of 'different' debian packages available for 0.30.208 (as I was told)
1130521316 M * bluegene is there any major reason to not use util-vserver from Debian Sarge?
1130521340 M * Bertl well, the tools in sarge are broken, except for that, no :)
1130521346 A * mnemoc shut his mouth before bashing
1130521392 Q * shedi oxygen.oftc.net strange.oftc.net
1130521392 Q * stefani oxygen.oftc.net strange.oftc.net
1130521392 Q * monrad oxygen.oftc.net strange.oftc.net
1130521392 Q * hallyn oxygen.oftc.net strange.oftc.net
1130521392 Q * tchan oxygen.oftc.net strange.oftc.net
1130521392 Q * locksy oxygen.oftc.net strange.oftc.net
1130521392 Q * cryo oxygen.oftc.net strange.oftc.net
1130521392 Q * AndrewLee oxygen.oftc.net strange.oftc.net
1130521392 Q * entroposcope oxygen.oftc.net strange.oftc.net
1130521392 Q * Vudumen oxygen.oftc.net strange.oftc.net
1130521392 Q * derbien oxygen.oftc.net strange.oftc.net
1130521392 Q * flock oxygen.oftc.net strange.oftc.net
1130521392 Q * yungyuc oxygen.oftc.net strange.oftc.net
1130521392 Q * Lunar^ oxygen.oftc.net strange.oftc.net
1130521392 Q * Greek0 oxygen.oftc.net strange.oftc.net
1130521392 Q * Sonarman oxygen.oftc.net strange.oftc.net
1130521392 Q * Johnnie oxygen.oftc.net strange.oftc.net
1130521393 Q * Hollow oxygen.oftc.net strange.oftc.net
1130521393 Q * michal_ oxygen.oftc.net strange.oftc.net
1130521393 Q * mrec_ oxygen.oftc.net strange.oftc.net
1130521393 Q * micah oxygen.oftc.net strange.oftc.net
1130521407 M * bluegene Is there a way to build a .deb from http://www.13thfloor.at/~ensc/util-vserver/files/alpha/ tarballs?
1130521420 M * Bertl I assume so, but don't ask me how ...
1130521453 J * shedi ~siggi@inferno.lhi.is
1130521453 J * stefani ~stefani@superquan.apl.washington.edu
1130521453 J * monrad ~monrad@212088093238.sonofon.dk
1130521453 J * hallyn ~xa@adsl-68-72-168-199.dsl.chcgil.ameritech.net
1130521453 J * Hollow ~hollow@home.xnull.de
1130521453 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net
1130521453 J * michal_ ~michal@mprivacy-update.de
1130521453 J * Sonarman ~cleetus@adsl-71-141-123-13.dsl.snfc21.pacbell.net
1130521453 J * mrec_ ~revenger@p54B03322.dip0.t-ipconnect.de
1130521453 J * Greek0 ~greek0@85.255.145.201
1130521453 J * Lunar^ ~lunar@poivron.org
1130521453 J * yungyuc ~yungyuc@220-135-53-220.HINET-IP.hinet.net
1130521453 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il
1130521453 J * micah micah@micha.hampshire.edu
1130521453 J * derbien ~derbien@whiterabbit.nbmc.de
1130521453 J * Vudumen vudumen@perverz.hu
1130521453 J * entroposcope ~entroposc@user-0c992og.cable.mindspring.com
1130521453 J * AndrewLee ~andrew@tnlug.linux.org.tw
1130521453 J * cryo ~say@212.86.233.146
1130521453 J * locksy ~locksy@mrtg.sisgroup.com.au
1130521453 J * tchan ~tchan@c-67-174-18-204.hsd1.il.comcast.net
1130521465 J * gerrit ~gerrit@pixpat.austin.ibm.com
1130521466 Q * micah Remote host closed the connection
1130521469 J * micah micah@micha.hampshire.edu
1130521505 M * Bertl welcome gerrit?
1130521573 M * hallyn ag:  doing a test compile.  were you porting 2.0 or 2.1?
1130521575 J * TheSeer ~theseer@border.office.salesemotion.net
1130521581 M * Bertl hallyn: soo, you are doing a plain 2.1.0-rc4.1 port to 2.6.14, yes?
1130521584 M * TheSeer re..
1130521601 M * Bertl wb TheSeer!
1130521608 M * TheSeer power outage...
1130521608 M * hallyn yup.
1130521623 M * TheSeer maybe i should add my workstation to he UPS..
1130521647 M * Bertl hallyn: excellent, will do so for 2.0.1 and 2.1.x now ... we can then compare the results ...
1130521649 M * bluegene thanks Bertl.
1130521672 M * hallyn cool.
1130521755 M * Bertl hallyn: btw, I didn't quite understand the pid mapping requirements Dave seems to have for checkpointing ... is there a remote chance that he is on irc too (somewhere, sometimes?)
1130521760 M * hallyn actually having some trouble with quilt though...  could be a pain coming up w/ the final patch.  (oh well)
1130521779 M * bluegene what is the memory footprint of a minimal vserver on Debian? about 200-300 MByte?
1130521780 M * hallyn will ask him if he wnats to join
1130521791 M * hallyn oh, looks like he's out for the day.
1130521811 M * Bertl bluegene: I guess it can be below that (somewhere around 150MB I'd say)
1130521842 M * Bertl hallyn: no need to hurry, jsut that I'm interested in this stuff too ...
1130521846 M * bluegene wow, that's pretty compact. If there's a lighttpd instance in it, how much, anybody knows?
1130521909 M * Bertl bluegene: I have a (hacked together) test guest, which has sshd, postfix and apache (cron and init too) which is below 32MB ...
1130521945 M * bluegene 32 MByte, as the memory footprint of a running instance of it?
1130521956 M * Bertl no, 32MB on disk :)
1130521984 M * bluegene the size of disk is not that large a problem, it's how many vservers will fit into a 2 GByte RAM machine.
1130522008 M * hallyn bertl:  for checkpointing,  the idea is that cooperating tasks which are checkpointed need to be restartd with same pids, at least from userspace's point of view
1130522013 M * Bertl bluegene: yes, but applications which fit into 32MB on disk do not use much memory either ...
1130522064 M * bluegene how long does instantion of your hacked vserver take, from zero to the first ping?
1130522069 M * ag- Bertl: i can't get a clear idea of what checkpointing processes is :)
1130522072 M * Bertl bluegene: yes, but wouldn't it be much easier to make the pid unique over time?
1130522082 M * ag- i mean, when a process dies, it's all over
1130522113 M * gerrit Hi bertl
1130522122 M * Bertl bluegene: ping within an isntant (that happens on the host :), bootup requires 2-3 seconds
1130522123 M * bluegene Bertl: I don't understand. Why PID unique?
1130522136 M * Bertl bluegene: sorry :)
1130522146 M * Bertl hallyn: yes, but wouldn't it be much easier to make the pid unique over time?
1130522148 J * Doener doener@i5387EDE1.versanet.de
1130522161 M * Bertl evening Doener!
1130522166 M * Doener evening!
1130522187 M * bluegene Bertl: so in principle one can instantiate on demand, right? When the traffic hits the interface.
1130522210 M * mnemoc .oO
1130522211 M * Bertl ag-: well, the idea is to allow to continue execution on a different hardware (from a know good point) if something evil happened ...
1130522292 M * hallyn Bertl: not sure what you mean.  What we're trying to do is simply allow you to restart in a unique container, where even though kernel knows you as pid 6697, userspace in your same container knows you as pid 2234
1130522375 M * Bertl container == context ?
1130522384 M * daniel_hozac what would be the point?
1130522406 M * bluegene Bertl: to explain what I'm trying to do: to present an illusion of a larger number of vservers, only a small part of which are active simultaneously.
1130522439 M * mnemoc o.o
1130522466 M * ag- Bertl: does such a process checkpointer already exit somewhere? it's a nice idea, but it would consume lots of memory, i presume
1130522495 M * ag- s/exit/exist/
1130522517 M * hallyn Bertl: right.  well, maybe.
1130522526 M * hallyn I've been wondering whether that's ideal.
1130522541 M * hallyn itmeans you start a new vserver every time you restart processes
1130522544 M * Bertl bluegene: wouldn't it be _much_ simpler to make a 32GB swap file and have them all run (and swap in/out on demand)?
1130522552 M * bluegene has anyone here ran vserver instances from a HA NFS share?
1130522574 M * hallyn ag: there are several implementations of c/r for linux, with varying amounts of what they can checkpoint.
1130522583 M * bluegene Bertl: would the time behaviour be about the same, if they live on swap?
1130522586 M * hallyn (ie fd, sysv, network migration, etc)
1130522617 M * Bertl bluegene: I guess it would be better, as initialization stuff would not be executed every time you get a request
1130522650 M * bluegene Bertl: thanks. I think I will try that first. (When I get my first VServer up, that is).
1130522705 M * Bertl hallyn: yeah, actually the recent freezer/thawer development inside mailine (for swsusp) shows (for me) a new path to do 'context checkpointing' and as a logical consequence 'context migration' ...
1130522788 M * Bertl hallyn: but the virtual pid stuff (except for the funny init pid) doesnt seem to be a requirement for that, when you make sure that the pid is unique ...
1130522795 M * hallyn Bertl: I was thiking about that (using the freezer code)
1130522798 M * gerrit hallyn:  would it make sense to send out byoung's evaluation to the vserver list?
1130522824 M * bluegene do you get much feedback from hosters who sell vservers?
1130522833 M * hallyn all: anyone else interested in a comparison of existing checkpoint restart implementations o nlinux?
1130522846 M * hallyn Bertl: how do you make sure the pid is unique?
1130522856 M * mnemoc fakeinit :)
1130522861 M * hallyn if you migrate three processes from one machine to another...
1130522870 M * mnemoc oh
1130522877 M * bluegene hallyn: definitely interested, but only for checkpoint/migration for the future.
1130522901 M * hallyn what do you mean by "for the future"?
1130522969 M * hallyn Anyway, I guess my concern about container vs context comes down to whether we'd want to limit checkpoint/restart to a vserver at a time - or at leaste restart/migration.
1130522988 M * bluegene I'm trying to build a business, part of relies on linux vservers for infrastructure. For that HA and failover as well as checkpointing and vserver migration are very interesting. But, I'd like to get my first VServer working at first.
1130522990 M * hallyn (We could checkpoint a subset of a vserver, but it would restart as a separate vserver, unless we keep container != context)
1130523001 M * hallyn oh, ok  :)
1130523122 M * Bertl hallyn: ad uniqueness, simple, pid' = (xid,pid)
1130523189 M * hallyn that's what we're saying (we just s/xid/container/)
1130523207 M * hallyn we can't have multiple xid's per vserver, right?
1130523215 M * Bertl nope
1130523268 M * Bertl but actually that is the first good argument for xid/contexts in mainline ... (as a 'isolation container')
1130523363 M * Bertl and actually this sounds like something which a) could have a chance to get into mainline, b) would be useful for linux-vserver and friends too and c) might actually be done with minimal overhead (if at all)
1130523369 M * bluegene FYI, I just had to apt-get install iproute vlan e2fslibs-dev beecrypt2 dietlibc dietlibc-dev beecrypt2-dev to get ./configure to run with no warnings.
1130523384 M * Bertl yep, that's required for the tools
1130523400 M * hallyn exactly.  >1 users is usually a good thing
1130523454 M * Bertl okay, that's something I'm interested in, so let's cooperate when possible ...
1130523455 M * bluegene interesting stuff.
1130523517 M * bluegene Bertl: do you think it's realistic to host some 100 VServers on a 2 GByte machine?
1130523552 M * Bertl bluegene: if they are mostly sitting around and waiting for something to happen, yes
1130523574 M * bluegene yes, largely running web servers/MTAs.
1130523671 M * Bertl bluegene: you have to reduce additional services, mostly cron stuff and distribute it over the whole day ...
1130523736 M * bluegene I'm just worried about the first connection coming in at the interface, and until the vserver instance gets swapped in.
1130523773 M * Bertl well, if you're lucky, it's already there ...
1130523790 M * Bertl if not, then it's definitely faster than a guest startup
1130523825 M * bluegene I guess I'll just have to try it out. I'll keep you posted how it goes. Too bad I don't have more/better hardware at the moment.
1130523882 M * Bertl bluegene: in any case, I'd suggest to disable overcommitment, otherwise you will get a visit from the OOM killer :)
1130523965 M * bluegene thanks for the advice (had to google it up).
1130524043 M * Doener when talking about some 100 vservers, unification would probably help a lot with reducing memory usage
1130524076 M * Bertl definitely, especially if they are identical from the distro PoV
1130524110 M * bluegene they're definitely identical.
1130524245 J * dhansen ~dave@sprucegoose.sr71.net
1130524253 M * Bertl bluegene: so I'd suggest to first setup a test guest, then make sure to reduce services to a minimum ...
1130524257 M * Bertl welcome dhansen!
1130524284 M * dhansen Bertl: thanks
1130524287 M * dhansen you caught me :)
1130524288 M * Bertl bluegene: then look at vhashify to unify the guests ...
1130524294 M * Bertl dhansen: excellent! :)
1130524320 M * bluegene Bertl: I've been taking lots of notes from the channel. Excellent stuff, I wonder why Xen is getting all the press, while VServer is the workhorse.
1130524349 M * Bertl dhansen: so serge said that you are doing the virtual pid to trick processes (after restarting them)
1130524371 M * dhansen Bertl: basically
1130524392 M * Bertl bluegene: well, Xen is a good project and basically complementary to linux-vserver kind of virtualization
1130524417 M * Bertl dhansen: what I asked myself, why not make the pid unique over contexts/containers?
1130524438 M * dhansen Bertl: along the lines of encoding the container in the pid?
1130524445 M * Bertl yep, precisely
1130524454 M * bluegene It is complementary, but IMHO the majority of uses for a virtual machine is to run lightweight semiidentical instances. Xen is more what VMWare does.
1130524457 M * hallyn ah
1130524460 M * dhansen somebody in IBM is trying to do that right now
1130524484 M * Bertl excellent, because that is actually what I could imagine to get into mainline and be useful for linux-vserver too
1130524533 M * Bertl dhansen: a first test for that could be restricted to using 8/8 bit for xid/pid
1130524546 Q * iprone Ping timeout: 480 seconds
1130524554 M * hallyn dhansen: so still what abt restarting a subset of a vserver?
1130524569 M * hallyn no guarantees the pid is unique anymore...
1130524578 M * dhansen you can't restart pieces
1130524579 M * Bertl hallyn: in this case the context == container 
1130524589 M * dhansen It doesn't really make sense
1130524594 M * hallyn and thats the problem i see...
1130524598 M * Bertl hallyn: so you restart the entire group
1130524598 M * dhansen what if one part of the container had a pipe open tot he other part
1130524606 M * dhansen one is resumed, the other isn't?  what happens to the pipe?
1130524616 M * dhansen That's an easy dependency
1130524620 M * dhansen they get harder :)
1130524632 M * dhansen The answer is that you only checkpoint/restart entire containers/vservers
1130524661 M * dhansen Bertl: BTW, do you have any issues with introducing this "container" terminology into the kernel?  Do you have any better names?
1130524663 M * hallyn container, yes, but vserver seems like a limitation
1130524679 M * dhansen hallyn: I'm not quite sure how containers and vservers would fit together
1130524688 M * dhansen perhaps containers are at a lower level than vservers
1130524693 M * dhansen hadn't thought about it much
1130524695 M * Bertl dhansen: for me container == context
1130524710 M * hallyn well i guess we can start with container==vserver
1130524722 M * Bertl that would be the first state
1130524725 M * hallyn and see if that is a problem for some uses
1130524728 M * hallyn ok
1130524748 M * Bertl hallyn: we could use hierarchical contexts in the future to build 'more complex' setups
1130524765 M * Bertl (something planned in linux-vserver for some time now)
1130524787 M * hallyn oh, ok
1130524826 M * Bertl for the context (guest) migration the initial state should suffice
1130524850 M * Bertl dhansen: I think extending the pid to 64bit wouldn't be too hard
1130524876 M * dhansen Bertl: we just made it 32 not long ago ;)
1130524876 M * Bertl but even 32bit would be sufficient, no?
1130524884 M * dhansen and people fought taking it to 64
1130524899 M * dhansen We have 10 bits above the current 22 to work with for now.  Should be quite enough
1130524949 M * Bertl yep, I think we could even change from context ids (in linux-vserver) to context identifiers without to many issues
1130524972 M * Bertl the container (xids) could be assigned dynamically
1130524990 M * Bertl (just requires a simple hash, no real overhead here)
1130525300 J * dddd44 dhb55@60.48.200.121
1130525481 Q * dddd44 Read error: Connection reset by peer
1130526085 M * Bertl dhansen: is there a repository of your work (preferable as single patches)?
1130526502 M * gerrit bertl:  I don't think he has one externally yet.  We should be able to make that happen soon though
1130526537 M * gerrit bertl:  dave is currently in france on assignment, so he may be eating fois gras or drinking a bottle of wine at the moment.  ;)
1130526555 M * Bertl k :) no problem ...
1130526584 Q * Doener Read error: Connection reset by peer
1130526585 Q * jkl Ping timeout: 480 seconds
1130526600 M * gerrit bertl:  I know he's planning to start posting sets of patches to lkml soon, mostly as cleanups
1130526623 J * Doener doener@i5387FAE1.versanet.de
1130526628 M * Bertl gerrit: k, so I'll just pick them from lkml then ...
1130526639 M * Bertl (just wanted to save me some time :)
1130526640 M * gerrit bertl:  and I've asked hallyn to see if he can help gen some patches for you to review to make some use of dhansen's code
1130526853 Q * mnemoc Read error: Connection reset by peer
1130526901 J * mnemoc ~amery@200.75.27.57
1130527310 M * ag- gerrit: what a biaised cliché of France you have :)
1130527358 M * gerrit ag-: naw, but dhansen is new to france, so he's being introduced to all of the fun stuff by the locals
1130527391 M * ag- gerrit: got it ;)
1130527573 J * oliwel ~mail-at-o@host-62-245-151-178.customer.m-online.net
1130527618 M * oliwel anybody in ?
1130527640 M * bluegene nope.
1130527780 M * oliwel lol
1130527788 M * gerrit nobody here but us chickens
1130527818 M * bluegene 21:23 < ag-> gerrit: got it ;) <-- last message in the scroll
1130527963 M * oliwel so noone here with gentoo knowlegde ?
1130527983 M * ag- oliwel: Hollow is a gentoo developer, i think
1130528325 M * oliwel ag- yes i know - but he seems tp be not in 
1130528384 M * hallyn whats the gentoo q?
1130528452 M * hallyn ag:  got a clean compile on 2.6.14.  havent tried booting (since i cant checkpoint/migrate this process to another machine :)
1130528460 M * oliwel I have some problems with a guest - I am trying to investigate at the moment
1130528477 M * oliwel The host is fine - the guest makes me headaches
1130528507 M * Bertl oliwel: in what way?
1130528514 M * oliwel I buid a new one and did emerge update world - now there are startup errors - it seems that some of the crafted boot scripts have been overwritten
1130528525 M * oliwel Hi bertl - illness over ?
1130528530 M * Bertl almost ...
1130528558 M * oliwel Besides it seems that the tools on the one maschine are by default very "silent" - means no errors
1130528566 M * oliwel on the second one I get the bootup errors
1130528578 M * Bertl Hollow: ping?
1130528580 M * oliwel so i first thought the second maschine is the problem 
1130528618 M * oliwel I am currently pulling it up to the same pacth-level of the utils - give me 5 mins
1130528718 M * oliwel Bertl: do you know if there is a flag in .308 to enable/disable the display of startup errors ?
1130528764 M * Bertl .208, no there isn't
1130528774 M * Bertl but the messages come and go with the initstyle
1130528784 M * mnemoc cp -a /vservers/foo/dev/null /vservers/foo/dev/console    ?
1130528785 M * oliwel aaahh ok - this might be a hint...
1130529227 M * oliwel Bertl: So - it seems that the "emerge update world" of the gentoo guest destroyed some special bootup scripts
1130529242 M * oliwel it seems that some process for "real" bootup are started
1130529356 M * Bertl oliwel: you should contact Hollow, he probably knows _what_ changed
1130529478 M * oliwel It seems that the problem is just that the new tool does not echo any messaeges...
1130529487 M * oliwel I will write him an email
1130529642 M * oliwel good night
1130529647 Q * oliwel Quit: Chatzilla 0.9.68.5 [SUSE 1.0.6-4.1/20050715]
1130530058 Q * sven12 Quit: Leaving
1130530327 M * micah Bertl: glad to see you are better :)
1130530360 M * Bertl thanks! 
1130530405 M * Bertl bluegene: you might ask micah about deb packaging ...
1130530494 J * mrec ~revenger@p54B04340.dip0.t-ipconnect.de
1130530650 M * micah Bertl: do you know if there were any changes to the vserver patches between the 1.2.10 2.4.27 patch and the 1.2.10 2.4.31 patch? Or were they just changes to work with the new kernel versions?
1130530668 M * micah bluegene: I'd be happy to answer debian packaging questions
1130530850 Q * brc_ Ping timeout: 480 seconds
1130530914 Q * mrec_ Ping timeout: 480 seconds
1130531004 J * brc bruce@20150093243.user.veloxzone.com.br
1130531044 M * Bertl micah: just adaptations to the new release (kernel) IIRC
1130531137 M * Bertl micah: but there is a 1.2.11 pre/rc ...
1130531240 M * ag- hallyn: nice, mine is on the way... btw, which project do you actually use to checkpoint and migrate processes?
1130531323 M * hallyn ag: i don't right now.  As Gerrit was suggesting, I guess we can send the little summary of current c/r projects to the vserver list.
1130531334 M * hallyn There's quite a few, but none are perfect.
1130531359 M * mnemoc c/r ?
1130531371 M * brc something weird happened here. everything worked fine with 2.6.11.3, now with 2.6.13.4 apache segfaults
1130531423 M * hallyn c/r - checkpoint/restart
1130531433 M * mnemoc hallyn: thanks
1130531514 M * ag- hallyn: maybe vserver could be merge with a new c/r project to be next included in mainline ;)
1130531539 M * mnemoc o.o
1130531541 M * hallyn That'd rock.
1130531635 M * ag- s/merge/merged/
1130531645 M * hallyn Hmm, dqhash, eh?  (compiled without that delta :) - but no selinux enabled anyway)
1130531729 M * hallyn all right, time for a reboot to test this puppy.  back in a ... well, maybe a flash...
1130531730 Q * hallyn Quit: leaving
1130531945 Q * brc Quit: reboot
1130531961 Q * eyck Read error: Connection reset by peer
1130533050 J * kaRma0 ~coeurl@adsl-68-89-14-73.dsl.okcyok.swbell.net
1130533094 M * kaRma0 Hello :)
1130533172 J * yarihm ~yarihm@80-218-5-17.dclient.hispeed.ch
1130533243 M * kaRma0 Does anyone have any experience with using fwbuilder on the host that a vserver sits on?
1130533299 J * Aiken ~james@tooax6-079.dialup.optusnet.com.au
1130533302 J * jkl eric@c-67-173-249-8.hsd1.co.comcast.net
1130533364 M * Bertl hey kaRma0! sorry, no!
1130533536 M * kaRma0 hehe, okay, well...  I seem to be having problems with communicating across the firewall to the vserver
1130533604 M * kaRma0 I actually havea  vserver sitting on the machine acting as the firewall, and I can ssh to it for instance, as long as I am internal
1130533634 M * kaRma0 I think where it breaks is with the translation of destination address since it is NATed
1130533720 M * kaRma0 My firewall catches it with the default drop all rule, as if my config doesn't allow it
1130533742 M * kaRma0 ...meaning, I am explicitly allowing it
1130533783 M * kaRma0 when I look at the firewall logs, it shows the destination as being translated and everything
1130533823 M * kaRma0 I don't know if that's clear at all =\
1130533947 M * kaRma0 okay... I have a physical machine internally that I had setup to be NATed, I duplicated the rules and modified the destination address of the machine to point to the vserver
1130533997 M * kaRma0 ...the vserver that sits on the firewall itself... chould that work, or is there something else that needs to be done?
1130534055 M * kaRma0 ...sorry, the firewall is iptables
1130534131 M * kaRma0 my concern is that I am missing something about how the networking works in vserver...  I'll keep playing with it
1130534389 M * Bertl kaRma0: the networking is simple
1130534399 M * kaRma0 it's just an alias?
1130534401 M * Bertl it is like on a normal linux host (right now)
1130534415 M * Bertl there is no 'guest' networking except for two details:
1130534427 M * Bertl 1) the guest is restricted to a subset of ips
1130534437 M * Bertl 2) the 127.0.0.1 is remapped to the first ip
1130534461 M * kaRma0 ahhh...  hmm
1130534496 M * kaRma0 does it matter what interface I bring the guest up under?
1130534571 M * micah Bertl: the reason I ask is because the 1.2.10 patch against the debian 2.4.27 kernel is vulnerable to chroot barrier escape.
1130534587 M * micah Bertl: so if the 1.2.10 patch doesn't change, then its probably that kernel that is vulnerable
1130534613 M * Bertl I tested that some time ago, and it wasn't true for the mainline kernels
1130534620 M * micah yeah, I did as well
1130534630 M * bluegene thanks, and good night.
1130534631 M * micah so there is clearly something amiss with the debian kernel
1130534649 Q * bluegene Quit: leaving
1130534659 M * micah the good thing is there is a security update planned for that kernel soon, so it would be good to isolate where the problem is so it can be fixed
1130534671 M * micah (and so it isn't blamed on vserver! :)
1130534755 M * micah would that flaw exist in filesystem xattrs?
1130534782 M * micah I'm looking at the security fixes that are planned for debian's 2.4 to see if any of them address this
1130535250 M * micah the things that look most relevant are xattr fixes
1130535257 M * micah but i dont understand the escape
1130535377 M * Bertl micah: first, please make sure that the tools are not the reason
1130535388 M * Bertl micah: second, for what filesystems?
1130535955 M * micah Bertl: using these componants the exploit does *not* work:
1130535957 M * micah kernel-source: 2.4.31 (upstream)
1130535961 M * micah util-vserver: 0.30-204-5sarge2 (debian sarge)
1130535964 M * micah kernel-patch: 1.2.10 (upstream)
1130536027 M * micah using these componants the explot *does* work:
1130536028 M * micah kernel-source: 2.4.27-10 (debian sarge)
1130536033 M * micah util-vserver: 0.30-208+fix03 (upstream)
1130536051 M * micah kernel-patch: 1.2.10
1130536058 M * Bertl interesting ...
1130536118 M * micah I should re-verify everything, just to be absolutely sure, but that says to me that there is a kernel source difference
1130536148 M * micah and I believe the exploits were on ext2/ext3
1130536193 M * micah ext3 only
1130536251 Q * SiD3WiNDR Ping timeout: 480 seconds
1130536392 J * SiD3WiNDR luser@bastard-operator.from-hell.be
1130536682 M * Bertl micah: could be .. I'm willing to help once you know for sure
1130537129 M * kaRma0 Gah!  It was a firewall issue, thanks Bertl!
1130537198 M * Bertl well, you're welcome :)
1130537454 J * brc bruce@200141216100.user.veloxzone.com.br
1130537520 Q * gerrit Ping timeout: 480 seconds
1130538518 P * monrad Leaving
1130538559 Q * kaRma0 Quit: using sirc version 2.211+KSIRC/1.3.12
1130538816 M * brc should i use the split patch ?
1130538848 Q * Doener Quit: Leaving
1130539017 P * stefani I'm Parting (the water)
1130539212 M * Bertl brc: for what?
1130539344 M * brc i just found out it is alredy on the vs patch. i though i would had to patch with all those .diff on the split*.tar.bz2
1130539358 M * brc weird thing happened here bertl, i upgraded frmo 2.6.11.3 to 2.6.13.4 and apache stoped working
1130539360 M * brc segfault
1130539400 M * brc i downgraded the kernel and it worked again..then i found it had something to do with a lib or something. didnt know a kenerl upgrade would effect that
1130539409 M * brc anyway it is working now. :)
1130539759 M * brc 2.6.14 is out, i just installed 2.6.13 :(
1130540639 J * monrad ~monrad@212088093238.sonofon.dk
1130540719 M * micah Bertl: do you have an older version of 1.2.10 that is for kernels earlier than 2.4.29? I'm trying to get one to apply to upstream 2.4.27 to test
1130540748 M * Bertl sec
1130540774 M * micah patch-2.4.29-vs1.2.10.diff  almost applies, except for some failures on xfs diffs
1130540784 M * micah which I could work around i suppose
1130540816 M * Bertl only the debian version
1130540860 M * micah yeah the debian version doesn't apply to vanilla 2.4.27
1130540883 M * brc Bertl: tried patching 2.6.14 with patch-2.6.13-vs2.0.1-pre2.diff. some hunks failed. should i worry about that ?
1130540915 M * Bertl yes!
1130540931 M * Bertl there are no patches for 2.6.14 right now ...
1130541099 M * micah Bertl: do you think that it would be a good idea to work with the 2.4.29-vs1.2.10.diff and just ignore the xfs things and not do anything with xfs?
1130541139 M * Bertl I guess that would be applicable
1130541196 M * micah i just want enough so I can verify this issue, if the root escape doesn't work with vanilla 2.4.27 and the 2.4.29 patch, then there is something wrong with the debian kernel
1130541843 M * brc ok
1130541892 M * micah ah, need to compile 2.4 with gcc3 not 4, I forgot
1130542540 J * jayeola ~jayeola@host-87-74-35-175.bulldogdsl.com
1130542564 Q * monrad Quit: Leaving
1130543657 Q * yarihm Quit: Leaving