1130977565 Q * calum Quit: Leaving 1130977604 J * mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com 1130978527 M * Bertl welcome mountie! 1130980082 J * micah micah@micha.hampshire.edu 1130980164 Q * Aiken Quit: Leaving 1130980761 J * Aiken ~james@tooax6-054.dialup.optusnet.com.au 1130981004 M * Bertl welcome micah! 1130981093 Q * Aiken Remote host closed the connection 1130981122 M * daniel_hozac shouldn't arch/x86_64/ia32/syscall32.c:syscall32_setup_pages use vx_vmpages_add? 1130981153 M * Bertl ah, checking the ML report? 1130981159 M * daniel_hozac yeah. 1130981175 M * Bertl didn't get around checking it ... what have we there now? 1130981187 M * daniel_hozac mm->total_vm += npages; 1130981200 M * Bertl hmm, yes, that sounds wrong ... 1130981220 M * Bertl couldn't hurt to scan for similar stuff over the entire kernel source 1130981226 M * daniel_hozac that's what i did ;) 1130981246 M * Bertl excellent, for locked and rss too? 1130981264 M * daniel_hozac just locked, what's rss's name? 1130981287 M * Bertl vx_rsspages_* 1130981294 M * Bertl vx_vmlocked_* 1130981305 M * daniel_hozac mm->_rss? 1130981334 M * Bertl vs_memory.h suggest so 1130981340 M * Bertl *suggests 1130981363 M * Bertl ah, and we have _anon_rss too 1130981484 M * daniel_hozac kernel/fork.c:dup_mmap has mm->locked_vm = 0, and mm->total_vm -= pages. 1130981501 M * Bertl fork is special ... 1130981590 M * daniel_hozac arch/ppc64/kernel/vdso.c:arch_setup_additional_pages has mm->total_vm += (vma->vm_end - vma->vm_start) >> PAGE_SHIFT; 1130981590 M * Bertl but the VM_DONTCOPY looks like something which needs attention 1130981667 M * daniel_hozac then there's the initial problem, and the infiniband drivers. 1130981729 M * Bertl do you think you can fix it? 1130981730 M * micah Bertl: grettings 1130981811 M * micah bertl: I haven't been able to get a 2.4.27 kernel to boot to test, I keep getting a modprobe loop, even without modules. 1130981814 M * daniel_hozac sure. 1130981828 M * micah i wonder if there is a toolchain version issue 1130981834 M * Bertl micah: hmm, interesting ... sounds like 1130981841 M * bragon i've make a dream 1130981852 M * Bertl daniel_hozac: okay, let me know when you have a patch :) 1130981859 M * mnemoc *G* 1130981860 M * bragon it's a good idea if i make a vserverfr web site ? 1130981871 M * Bertl bragon: well, depends ... 1130981889 M * daniel_hozac should i leave fork.c alone for now? 1130981904 M * bragon i don't want to fork 1130981913 M * bragon just help the vserver project 1130981915 M * Bertl bragon: if you think that french folks will require 'special' treatment (because they are not able to udnerstand english) then probably yes 1130981920 M * bragon because i use it and i love it 1130981921 M * bragon :) 1130981935 M * Bertl daniel_hozac: you might fix up for the -pages 1130981937 M * bragon Bertl erf 1130981948 M * bragon i don't think that 1130981954 M * Bertl bragon: otherwise, I'd say it's better to clean up the main page 1130981969 M * bragon but the must documentation vserver have the must developer the project have ? 1130981970 M * Bertl (because a 'branch' will always lag behind) 1130981971 M * bragon not ? 1130981971 M * daniel_hozac Bertl: ok 1130981995 M * Loki|muh Bertl: is ipv6 working yet? 1130982008 M * Bertl Loki|muh: ipv6 is working fine ... on the host :) 1130982014 M * Loki|muh hrhr :) 1130982016 M * bragon lol 1130982031 M * bragon Bertl: are you the owner ? 1130982055 M * Bertl owner of linux-vserver.org? 1130982065 M * bragon yes 1130982088 M * bragon i want to discuss with the owner. 1130982100 M * micah it is really crazy how many times I have been rebooting and trying to build this kernel in the last day 1130982105 M * Bertl well, no, actually jacques registered this one, but I'm the project maintainer and so I also maintain the wiki (to some extend) 1130982105 M * micah dayS 1130982135 M * Loki|muh Bertl: any idea, when you could get ipv6 working on the vservers? 1130982136 M * bragon Bertl: i want to make a vserverfr web site ! and to asume it 1130982154 M * bragon (in a vserver under my host of course :p ) 1130982161 M * Loki|muh bragon: Bertl is Mr.Vserver :) 1130982165 M * Bertl Loki|muh: wanna help with ngnet? 1130982170 M * bragon ok Loki|muh 1130982191 M * Bertl bragon: linux-vserver.org runs on a vserver guest too :) 1130982192 M * bragon Bertl i'm the manager of a lug in france 1130982200 M * bragon my english isn't perfect sorry 1130982212 M * Bertl no problem, it's sufficient to communicate ... 1130982220 M * bragon Bertl: i have not doubt of that =) 1130982251 M * bragon so my idea isn't interesting for you ? 1130982266 M * Bertl well, why not extend the existing pages? 1130982287 M * bragon ok if you want :) 1130982297 M * Bertl clean up linux-vserver, add some hints/stuff/docu ... 1130982301 M * bragon but it's not really cute :p 1130982327 M * micah Bertl: the boot message that I cannot defat is: "kmod: runaway modprobe loop assumed and stopped" and then: "modprobe: modprobe: cannot create /var/log/ksymoops/20051102.log Read-only file system". These are repeated in an infinite loop. 1130982329 M * Loki|muh Bertl: i think i'm not experienced enough to get into kernel stuff :( and enough programming to do for work and studies... 1130982332 M * bragon a xhtml website with forum and wiki and docu ? 1130982335 M * bragon not ? 1130982344 M * bragon and in english and french 1130982368 M * Bertl bragon: well, if you can suggest/provide/enhance the wiki (i.e. make it cuter), without reducing the ease of use and affecting folks currently working with it, go ahead, be my guest 1130982369 M * Loki|muh just wanted to ask if the status is still "wishlist" ;) 1130982397 M * Bertl Loki|muh: basically yes ... 1130982403 M * bragon Bertl: your sentences is too complx for me 1130982414 M * bragon could you explain less difficult ? 1130982420 M * Bertl bragon: yep, I try: 1130982424 M * bragon thx 1130982435 M * Bertl you think, linux-vserver.org is not cute, yes? 1130982446 J * jkl eric@c-67-176-40-100.hsd1.co.comcast.net 1130982451 M * Bertl (replace cute with appealing or fancy( 1130982465 M * Bertl wb jkl! 1130982468 M * mnemoc weed page is cute 1130982482 M * Bertl bragon: so you want to do something fancy instead, yes? 1130982504 M * bragon a geek site is good but 1130982512 M * bragon i just want to participate 1130982514 M * bragon :) 1130982519 M * Bertl bragon: what I said was: if you can do that (make it better) then do that, but it has to fulfill a few requirements: 1130982528 M * bragon and i'm not really a kernel devel 1130982546 M * Bertl well, we're talking about the wiki page, no? 1130982550 M * bragon i'm begineur in C 1130982553 M * bragon yes 1130982564 M * Bertl so that has not much to do with kernel development 1130982573 M * bragon exact sorry 1130982581 A * bragon compute 1130982582 M * Bertl okay, so here the requirements 1130982598 M * Bertl - it must be as simple to change/maintain as the current site 1130982619 M * bragon ok 1130982634 M * Bertl - it has to be simple to navigate and must not require any plugins or special browser capabilities (i.e. lynx certified) 1130982659 M * bragon yeah 1130982674 M * Bertl - the current data/contents has to be 'ported' 1130982706 M * bragon 'k 1130982710 M * Bertl - we do not want to lose any current features (including wiki ML, blacklist, and backup) 1130982736 M * bragon what is black list ? 1130982749 M * bragon banlist ? 1130982774 M * Bertl unfortunately, from time to time, there are folks who insist to put links on the pages which do not belong there 1130982807 M * Bertl we have a simple blacklist feature to avoid those changes 1130982808 M * bragon ok it's a wiki i have this problems too (i understand) 1130982858 M * Bertl I thought about using media wiki for some time, it currently is tavi (plus some patches) 1130982903 M * bragon mediawiki have some problems with blacklist 1130982904 M * daniel_hozac Bertl: hmm, drivers/infiniband/core/uverbs_mem.c does some funky stuff like mm->locked_vm = locked, any one-liners for that? 1130982919 M * Bertl yep, sec 1130982947 M * bragon i try and you say me latter 1130982951 M * bragon i try at home 1130982958 M * bragon and when i'm ready i show you 1130982960 M * bragon ok ? 1130982966 M * Bertl bragon: excellent idea! 1130982979 M * Bertl bragon: if you have any question, feel free to ask ... 1130983000 M * bragon but in france it's 3h morning :x 1130983009 M * Bertl it's 3am here too :) 1130983013 M * bragon ha 1130983021 M * bragon where are you living ? 1130983027 M * daniel_hozac here too! 1130983033 M * Bertl Austria, Europe 1130983056 M * bragon daniel_hozac: tu penses pas qu'une partie ne francais peut etre interessante ? 1130983064 M * bragon Bertl: ok :) 1130983075 M * Bertl bragon: and the channel language is english :) 1130983087 M * daniel_hozac since i don't speak french, i doubt i would be interested :) 1130983097 M * bragon i'm forcing me :) 1130983110 M * bragon i understand 1130983120 M * bragon but in order to speack it's difficult 1130983127 M * bragon -c 1130983141 M * Bertl daniel_hozac: setup_arg_pages() 1130983145 M * Bertl 9 x86_64/ia32/ia32_binfmt.c setup_arg_pages 377 vx_vmpages_sub(mm, mm->total_vm - vma_pages(mpnt)); 1130983150 M * bragon and what about man pages in french ? 1130983172 M * Bertl bragon: localization make sense .. but not very much IMHO 1130983194 M * bragon ok 1130983206 M * Bertl somebody administrating a linux system is supposed to know english 1130983207 M * daniel_hozac Bertl: that looks backwards to me. 1130983232 M * daniel_hozac shouldn't it be total_vm + vma_pages(mpnt)? 1130983238 M * bragon Bertl: yes but vserver it's only for administrative personne ? 1130983247 M * Bertl daniel_hozac: this was a 'set' 1130983260 M * bragon and a personne who want at home a fedora a sid and a sarge and who ahve only on pc 1130983263 M * bragon ? 1130983283 M * Bertl mm->total_vm = N --> vx_vmpages_sub(mm, mm->total_vm - N) 1130983346 M * Bertl bragon: as I said, I'm not against localization per se ... 1130983358 J * Aiken ~james@tooax6-054.dialup.optusnet.com.au 1130983398 M * Bertl bragon: and of course, you're free to translate whatever documentation is available to whatever languages you are able to write ... 1130983415 M * bragon Bertl: i'm not professionnal but i using vserver and i just want to search thinks to help project 1130983434 M * bragon it's just my goal 1130983452 M * Bertl well, as I said, a major help would be cleaning up the docu and/or adding stuff to the wiki (documentation which is missing) 1130983468 M * bragon ok 1130983476 M * bragon i'll work for that 1130983480 M * Bertl another thing you could do, is to do some performance testing and evaluation 1130983504 M * bragon i test it on a P4 2,8 it's work fine 1130983514 M * Bertl for example, we have a bunch of test runs (lmbench 2/3) but we are all too lazy to evaluate the results :) 1130983525 M * bragon but i'd have some problem on x86_64 1130983526 M * bragon :) 1130983585 M * bragon and with you i could work my english :D 1130983624 M * Bertl well, I'm no native speaker either, but I guess you can improve your english here ... 1130983642 M * Bertl bragon: what kind of issues do you see on x86_64? 1130983664 M * bragon i'm not manage to make a no unstable vserver 1130983669 M * bragon it's run with sid 1130983674 M * bragon but not with sarge 1130983681 M * Bertl which kernel did you use? and what tools? 1130983693 M * bragon debootstrap and 2.6.12 1130983711 M * Bertl okay, forget the debian kernels, you have to use mainline 1130983725 M * bragon mainline ? 1130983745 M * Bertl get a vanilla (kernel.org) 2.6.13.4 or 2.6.14 1130983775 M * Bertl also util-vserver 0.30.209 is highly recommended 1130983795 M * mnemoc 209? 1130983797 M * bragon i have use a debian kernel because i rent a server in a hosteur and i don't know exactely the mother board and the network cheap 1130983800 M * Bertl which reminds me that I have to put up the mandriva rpms 1130983818 M * bragon :) 1130983821 M * Bertl bragon: you can figure that out via the running system 1130983840 M * Bertl bragon: lspci, /proc/cpuinfo /proc/meminfo ... 1130983856 M * daniel_hozac Bertl: http://daniel.hozac.com/tmp/delta-2.6.14-vs2.0.1-pre3-accounting-fix.patch 1130983860 M * bragon yes i know but it's not my speciality the kernel :p 1130983897 M * bragon i prefere admin a bind/apache/sql/... in a vserver it's more funny 1130983906 M * bragon and it's my first test 1130983918 M * bragon i will make my own kernel yet 1130983920 M * bragon =) 1130983974 M * Bertl daniel_hozac: tx, looks good! 1130983997 M * bragon my old and experience isn't verry evoluate 1130983997 M * Bertl bragon: btw, another area you can help a lot would be 'automated testing' (if that is interesting for you) 1130984017 M * bragon Bertl: why not 1130984030 M * bragon i have a lot of arch 1130984031 M * bragon :) 1130984038 M * Bertl even better! :) 1130984047 M * bragon ppc / sparc / I386 / A64 1130984059 M * bragon i have a arm too :) 1130984066 M * Bertl hey great! 1130984079 M * Bertl sparc and arm tests is something I'd really appreciate 1130984112 M * Bertl A64 is IA64 or x86_64? 1130984118 M * bragon seconde 1130984161 M * bragon (it's less intresting :) ) 1130984179 M * bragon i learn C langage 1130984196 M * Bertl that's good, most stuff we do is in C ... 1130984226 M * bragon since how long this project run ? 1130984268 M * Bertl hmm, hard to tell, it started a few year ago as simple modification to allow chrooted environments to work 'better' 1130984294 M * bragon like a jail it's recent ? 1130984340 M * Bertl http://linux-vserver.org/Changelog 1130984343 M * bragon :) 1130984366 M * bragon thank to spend time with me 1130984383 M * bragon i stay here 1130984384 M * Bertl this changelog starts where I basically took over project maintainership ... 1130984413 M * Bertl it was already working back then and used by some providers ... 1130984445 M * Bertl http://linux-vserver.org/Release+FAQ 1130984457 M * bragon vs1.00 [2003.11.01] ok :) 1130984478 M * Bertl shows a feature matrix, which lists the additions in certain versions 1130984632 M * bragon see you latter Bertl i go sleeping 1130984639 M * Bertl good night! 1130984644 M * bragon thanks 1130984650 M * bragon u too 1130984662 M * bragon i stay my irssi here 1130984666 M * bragon :) 1130984668 M * Bertl yes, that's fine 1130984714 Q * Alecsandro Remote host closed the connection 1130986200 M * Bertl daniel_hozac: McGregor's issue (ML) is the too-new yum, right? 1130986256 M * daniel_hozac my bet would be on missing repositories. 1130986279 M * Bertl hmm, good point ... 1130987850 M * daniel_hozac guess i lost that one :) 1130987865 M * Bertl heh, well, does it matter :) 1130990296 J * stefani ~stefani@c-24-19-46-211.hsd1.wa.comcast.net 1130990753 M * Bertl wb stefani! 1130990761 M * stefani hola again. 1130994830 Q * Vudumen Ping timeout: 480 seconds 1130995043 J * Vudumen vudumen@perverz.hu 1130995239 M * Bertl okay, enough for me for today ... off to bed now ... have a nice whatever everyone .. cya tomorrow! 1130995249 N * Bertl Bertl_zZ 1130996759 J * Viper0482 ~Viper0482@p54975908.dip.t-dialin.net 1130997137 Q * stefani Quit: going away now... 1130998126 J * ntrs_ ~ntrs@68-188-50-87.dhcp.stls.mo.charter.com 1130998128 Q * ntrs Read error: Connection reset by peer 1131000484 J * Aiken_ ~james@tooax8-039.dialup.optusnet.com.au 1131000802 Q * flock Remote host closed the connection 1131000826 Q * Aiken Ping timeout: 480 seconds 1131001085 Q * Aiken_ Quit: Leaving 1131001986 J * Guest23 ~Miranda@83.215.237.5 1131004670 Q * Viper0482 Quit: Verlassend 1131005471 J * Viper0482 ~Viper0482@p54975908.dip.t-dialin.net 1131007052 Q * shedi Quit: Leaving 1131008376 J * [dt]-vreak sp@83.215.237.10 1131008506 Q * [dt]-vreak Quit: 1131009356 Q * wally Read error: Connection reset by peer 1131009390 J * wally ~homebase@sg27-gw.1090.kapper.net 1131009736 J * prae ~prae@ezoffice.mandriva.com 1131009896 Q * wally Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org 1131010563 J * shedi ~siggi@tolvudeild-202.lhi.is 1131011392 J * wally ~homebase@sg27-gw.1090.kapper.net 1131012974 Q * shedi Quit: Leaving 1131013377 J * erwan_taf ~erwan@LAubervilliers-151-13-63-69.w217-128.abo.wanadoo.fr 1131014653 J * shedi ~siggi@tolvudeild-204.lhi.is 1131014808 P * STaN 1131014821 J * STaN ~root@LSt-Amand-152-31-36-227.w82-127.abo.wanadoo.fr 1131014832 Q * cryo Ping timeout: 480 seconds 1131014853 M * STaN Hello All 1131014880 M * STaN Y-a-t-il des français ici :) 1131014932 Q * wally Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org 1131016955 P * STaN 1131017128 Q * VooDooMaster Quit: There is a byte stuck in my modem!! 1131017370 J * hallyn ~xa@68.72.86.14 1131017637 M * ag- ok, i setup an m68k machine 1131017656 M * ag- the question now is: where is the m68k support in dietlibc? 1131017694 M * ag- i feel really uncomfortable with dietlibc... 1131017702 A * ag- is going for glibc... 1131017724 J * cryo ~say@212.86.233.146 1131018320 M * ag- ok, from a dietlibc dude, the answer is: there's none :) hmm, how sweat... 1131018646 Q * mugwump Ping timeout: 480 seconds 1131019228 J * sebi_ ~sebi@Fd1da.f.strato-dslnet.de 1131019331 Q * sebi Ping timeout: 480 seconds 1131020038 J * comdata ~mertins@mx01.scheller.de 1131020063 J * mugwump ~samv@watts.utsl.gen.nz 1131020376 M * comdata Bertl_zZ: after updating to 2.6.14 and applying the appropriate patch, postfix works as expected 1131021643 J * hallyn__ ~xa@adsl-68-72-90-118.dsl.chcgil.ameritech.net 1131021852 Q * hallyn Ping timeout: 480 seconds 1131023393 J * hallyn ~xa@adsl-68-72-168-16.dsl.chcgil.ameritech.net 1131023422 M * VanMuur morning all 1131023722 Q * hallyn__ Ping timeout: 480 seconds 1131023929 J * dustyC ~ken@202.75.152.33 1131026606 Q * [MUPPETS]Gonzo Ping timeout: 480 seconds 1131027857 N * Bertl_zZ Bertl 1131027864 M * Bertl morning folks! 1131027874 M * Bertl welcome dustyC! 1131027893 M * mnemoc moin Bertl 1131027913 M * Bertl ag-: we should fix up dietlibc support for m68k, is there really none? 1131027935 M * Bertl hey cryo! how is FreeVPS? 1131028310 M * ag- Bertl: it fails, there's really none 1131028318 M * ag- Bertl: i still don't get why we don't use glibc 1131028364 M * ag- it seems to me the invoked reason was glibc nss functions had an incorrect behaviour inside a chroot 1131028385 M * ag- well, if it was the case some time ago, it's not anymore 1131028437 M * Bertl ag-: the thing with glibc is, the resolver parts are not part of the binary 1131028455 M * Bertl they are dynamic libraries which might or might not be loaded 1131028490 M * Bertl so you have a certain chance that a glibc binary doing resolving fails/uses the wrong (possibly modified) library 1131028511 M * ag- hmm, i now get your point :) 1131028516 M * Bertl that's nothing you want for a production system, it's fine for testing though 1131029706 M * bragon Hello *!*@* 1131029715 M * Bertl hey bragon! how are you? 1131029720 M * FaUl hello all 1131029882 M * Bertl hey FaUl! 1131029901 M * FaUl hey bertl 1131030469 Q * monrad Quit: Leaving 1131030496 J * monrad ~monrad@213083190134.sonofon.dk 1131030511 M * comdata good morning Bertl 1131030528 M * Bertl morning comdata! good to hear that the issue is resolved 1131030564 M * comdata yes, used the chance to clear some other things with the vserver as well 1131030609 M * comdata Gentoo is now more vserver friendly than it was when I started last year 1131030654 M * comdata so I could remove the custom startup scripts in the vservers and replace it with the baselayout-vserver 1131030678 M * Bertl yeah, Hollow told me about that :) 1131030730 M * Hollow oh lovely gentoo 1131030732 M * Hollow ;) 1131030768 M * comdata Hollow: thanx for the ebuild 1131030777 M * Hollow you're welcome 1131030786 M * Bertl Hollow: btw, how is your progress on a 'new' chbind? 1131030811 M * comdata Hollow: using it on amd64 without problems 1131030836 M * Bertl Hollow: I'd like to have something for ngnet testing, and I would prefer not to write it myself :) 1131030863 M * Hollow Bertl: i'm stil busy cleaning up util-vserver, it's such a freaking mess 1131030904 M * Hollow but i'll try to look into network syscalls 1131030927 M * Bertl for the start, I'd just need the context (network) creation 1131030942 M * Bertl (with a given nid, network context id) 1131030954 M * Bertl don't need the ip address setup for ngnet 1131030981 M * Hollow ok, that'll be pretty easy i guess ;) 1131031014 M * Bertl needs to be chainable though ... so I can 'enter' the context and test 1131031160 M * bragon i'm fine 1131031168 M * Hollow Bertl: http://home.xnull.de/misc/vnet.c 1131031238 M * Bertl hmm, well, along that line .. yes 1131031246 M * Hollow ;) 1131031387 M * Hollow ok, off to the dentist now.. cya later (hopefully) 1131031438 M * Bertl k, good luck! 1131031827 J * calum ~calum@82-69-161-141.dsl.in-addr.zen.co.uk 1131031831 M * calum Hey all 1131031850 M * calum Anyone know where the config file is in 2.x to set capabilities? 1131031965 M * Bertl calum: you know the flower page? 1131031988 M * calum heh - I try and avoid it :) 1131031996 M * Bertl capability boundary is set in bcapabilities the context capabilities go to ccapabilities 1131031997 M * calum I will head over there right now 1131032008 M * calum CAP_SYS_RAWIO? 1131032019 M * Bertl don't do it :) 1131032023 M * calum :) 1131032030 M * calum I wanted to try an Xserver 1131032037 M * calum And it says it's needed 1131032039 M * calum :/ 1131032050 M * Bertl with hardware access? 1131032071 J * liquid3649_ ~Viper0482@p549749E8.dip.t-dialin.net 1131032078 M * Bertl welcome liquid3649_! 1131032080 M * calum I don't know - I want to be able to run X -query z.b.c.d :2 on one machine, where that IP is the vserver IP, and get an X login on the vserver 1131032102 M * mnemoc what about running Xserver on ctx 0 and just connecting from the guest? 1131032102 M * Bertl that doesn't need X with hardware access 1131032113 M * calum xdm won't start in the vserver - it's bellyaching about IO stuff 1131032123 M * calum Bertl, Please enlighten me :) 1131032129 M * Bertl calum: then the config is wrong or xdm broken 1131032141 M * calum Yeah, xdm seems to start up X, for some reason 1131032149 M * calum But I don't want to run X locally on the vserver 1131032154 M * Bertl usually that's in the config, you can change that 1131032157 M * calum Grrr @ Debian 1131032181 M * calum OK - so I just need to get rid of the local X, and xdm should start up OK? 1131032195 M * calum But at least I've learnt where capabilities live. 1131032195 M * calum :) 1131032198 M * Bertl yep, check the Xservers 1131032250 M * Bertl (you want no local servers there) 1131032253 M * calum :0 local /usr/X11R6/bin/X vt7 -dpi 100 -nolisten tcp 1131032253 M * calum <-- Ahah. 1131032253 M * calum :) 1131032266 M * Bertl precisely 1131032292 M * calum Commented that out, and it seems to die: 1131032293 M * calum Thu Nov 3 15:37:58 2005 xdm info (pid 17246): starting 1131032293 M * calum Thu Nov 3 15:37:58 2005 xdm info (pid 17246): exiting 1131032298 M * calum Perhaps it's my mem limits 1131032311 M * mnemoc try unlimited first ;) 1131032311 M * Bertl check the logs 1131032339 M * calum Oh, Bertl, one question. I have mem limits, and a very large swap limit, but it just seems to kill off the process when it hits the rss limit, rather than using swap 1131032352 M * Bertl that is expected ... 1131032357 M * calum :) 1131032360 M * Bertl (as there are no 'swap' limits :) 1131032369 M * Bertl we have RSS and VM currently 1131032380 M * calum VM is what I meant by swap 1131032403 M * calum I use: as, nproc, and rss 1131032407 M * calum in rlimits/ 1131032482 M * calum I've disabled all the limits, and all I get is: 1131032484 M * calum Thu Nov 3 15:41:07 2005 xdm info (pid 18311): starting 1131032484 M * calum Thu Nov 3 15:41:07 2005 xdm info (pid 18311): exiting 1131032507 Q * Viper0482 Ping timeout: 480 seconds 1131032544 M * Bertl calum: is a greeter configured? 1131032558 M * calum DisplayManager.willing/DisplayManager.Willing value su nobody -c /usr/X11R6/lib/X11/xdm/Xwilling 1131032558 M * calum storing process ID in /var/run/xdm.pid 1131032558 M * calum Thu Nov 3 15:42:30 2005 xdm info (pid 18363): starting 1131032558 M * calum startup successful; entering main loop 1131032558 M * calum nothing left to do, exiting 1131032562 M * calum I don't think so 1131032579 M * calum I was just trying to get it listening on udp:177 1131032579 M * Bertl well, then nothing is left to start :) 1131032601 M * Bertl calum: maybe read up on 'man xdm' first? 1131032619 M * calum The whole X system is bizarre 1131032623 M * calum client == server, etc 1131032628 M * mnemoc xorg7 is nicer 1131032652 M * calum I'm on xorg 6.4.2 (or something similar) 1131032768 M * Bertl interesting ... 1131032775 M * calum So Bertl, what's the difference between VM, and swap? I assumed that they were the same? 1131032796 M * Bertl VM/AS is the reserved address space/allocated virtual memory 1131032812 M * Bertl RSS is the resident set size (the physical memory, if you like) 1131032847 M * calum So limiting AS to 500MB doesn't mean that the vserver will be able to use up to 500 MB of swap then 1131032856 M * Bertl in the near future we will add support for RSS soft limits 1131032884 M * Bertl this will allow to handle RSS.hard - RSS.soft as swap space 1131032897 M * calum Aaah, got you 1131032921 M * calum So soft = 64 (which would be ram), and hard = 128 (which would give you 64 of swap too)? 1131032935 M * Bertl something like that ... 1131032955 M * calum (I know I simplify things somewhat... ) 1131032961 M * Bertl it's not really compareable, and unless we do per context swapping, which IMHO is a bad thing 1131032980 M * Bertl we will not get real ram/swap setups 1131033020 M * calum I use limits more to prevent accidents than try to limit malicious people 1131033233 M * calum So the CAP_SYS_RAWIO would be used for when I wanted an Xserver on a vserver to be able to be logged in on the physical keyboard/monitor? 1131033266 M * Bertl yep, if you want real hardware displaying X, then that's what you need 1131033284 M * Bertl for remote logon / X forwarding you do not need that 1131033305 M * calum Because the Xserver runs on the local machine 1131033414 M * Bertl yup 1131033455 M * calum I read the other day a quote from Einstein - he was asked to describe radio. 1131033460 M * calum "You see, wire telegraph is a kind of a very, very long cat. You pull his tail in New York and his head is meowing in Los Angeles. Do you understand this? And radio operates exactly the same way: you send signals here, they receive them there. The only difference is that there is no cat." 1131033474 M * calum Isn't that great? 1131033480 M * calum If slightly useless. 1131033490 M * comdata bye 1131033492 Q * comdata Quit: using sirc version 2.211+KSIRC/1.3.12 1131033501 M * Bertl calum: yep, nice one ... 1131033552 M * calum Bertl, What distro do you use for most of your vservers? 1131033577 M * Bertl a self hacked mandrake (now mandriva) between 8.2 and 10.2 1131033657 M * Bertl hallyn: ping? 1131033790 M * ag- Bertl: i'm surprise, i'd rather see you on fedora :) 1131033801 M * Bertl why so? 1131033804 M * ag- s/surprise/surprised/ 1131033826 M * ag- hmm, well, because you talk often about redhat here 1131033841 M * calum I thought it would be Slackware/Debian/Gentoo too actually.. :) 1131033856 M * calum One of the more "l33t" distros 1131033869 Q * Guest23 Read error: Connection reset by peer 1131033873 M * mnemoc i would thought slackware, but never gentoo 1131033877 M * ag- well, that was just my thoughts... maybe wrong :) 1131033905 M * calum mnemoc, why? 1131033917 M * ag- calum: subjectivity is bad, you know 1131033964 J * shuri ~shuri@64.235.209.226 1131033974 M * hallyn hey 1131033988 M * shuri ho 1131033999 M * calum I would just normally associate Mandrake with people that just wanted stuff to work, but that didn't really care how it did. Guess I'm wrong. 1131033999 M * calum :) 1131034045 M * daniel_hozac the mandrake RPMs on the release pages are a pretty good clue ;) 1131034145 M * ag- calum: GNU/Linux is leet by itself ;) 1131034288 Q * monrad Quit: Leaving 1131034527 M * Bertl hallyn: http://vserver.13thfloor.at/Experimental/FOR-2.0.1/delta-iattr-clean02.diff 1131034569 M * Bertl calum: I just want stuff to work :) 1131034597 M * Bertl welcome shuri! LTNS! 1131034627 M * shuri hi Bertl ! 1131034760 M * hallyn Bertl: looks good. 1131034775 M * Bertl yep, thanks for your patch! 1131034824 M * hallyn np - who is working on the 2.0 2.6.14 port? 1131034840 M * Bertl it is already done ... 1131034845 M * hallyn Ah, excellent. 1131034865 M * Bertl I'm trying to backport solid stuff from 2.1.x now 1131034901 M * Bertl hallyn: if you're looking for work, you know the todo lists? 1131034904 M * hallyn Cool. Then is there some sort of testing cycle before it goes up on the linux-vserver download page? Or does it just go straight up there once it's working? 1131034908 M * hallyn No I don't. 1131034918 M * hallyn (though I'm not looking for work for the rest of this wee at least :( ) 1131034938 J * stefani ~stefani@superquan.apl.washington.edu 1131034957 M * Bertl welcome stefani! 1131034981 M * Bertl hallyn: http://linux-vserver.org/ToDo+List+Kernel 1131034996 M * hallyn Cool, bookmarked. 1131035085 M * hallyn Might do some profiling (though I assume {025} means low priority) 1131035115 M * hallyn hash locks to rw_locks: maybe rcu? Anyway, I'll browse through these. thanks. 1131035151 M * Bertl not all of them are up-to-date 1131035173 M * Bertl if you have questions (what does that entry mean) I'm willing to try to decipher it :) 1131035199 Q * shuri Remote host closed the connection 1131035242 Q * gerrit_ Ping timeout: 480 seconds 1131035398 M * Bertl ag-: time for some ngnet? 1131035825 M * Bertl hallyn: yes, there is some extensive testing on my side (available archs) and especially code review (source) before a release happens 1131035864 M * Bertl hallyn: new window :) 1131035928 J * ARTenberg ~artenberg@LSt-Amand-152-31-36-227.w82-127.abo.wanadoo.fr 1131035934 M * Bertl welcome ARTenberg! 1131035946 N * ARTenberg STaN 1131035952 M * STaN Hello all 1131035955 M * Bertl ah, it's you STaN! :) 1131035962 Q * yungyuc Remote host closed the connection 1131035968 M * STaN he he 1131036002 M * STaN Bertl how make load balancing with vserver? 1131036018 M * mnemoc ipvs? 1131036029 M * Bertl yup, for example 1131036049 M * Bertl the poor man's load balancer is 'bind' though ... 1131036103 M * STaN and a connector with tomcat is good so... 1131036123 M * STaN or pound with apache 1131036151 Q * shedi Quit: Leaving 1131036163 M * STaN where is the page for yup? 1131036183 M * Bertl LOL 1131036193 M * STaN :) 1131036235 M * Bertl http://en.wikipedia.org/wiki/YUP 1131036252 M * STaN Thanks 1131036390 M * mnemoc *G 1131036391 M * mnemoc * 1131036429 M * cryo Bertl: Hi. I was not here. 1131036478 M * cryo Bertl: FreeVPS is now supports 2.6 kernels, new OS's - Trustix 2.2, 3.0 and RHEL 4, CentOS 4, WBEL 4 1131036523 M * Bertl excellent! 1131036535 M * cryo Some of new investigations: we've got 100% method to compile and run FreeVPS kernel on Debian distributive :) 1131036546 M * Bertl cryo: any new features which might be interesting for linux-vserver? 1131036557 M * Bertl good ideas and such stuff? 1131036601 M * cryo not sure. we have already implemented configurable acl on devices inside VPS :) 1131036621 M * Bertl ah, to allow for arbitrary device nodes? 1131036672 M * Bertl cryo: are there deltas to look at? 1131036749 N * liquid3649_ Viper0482 1131037038 J * kevinp ~kevinp@ny.webpipe.net 1131037043 Q * hallyn Quit: leaving 1131037080 M * kevinp Has anyone seen a problem where you stop one vserver and all of the other vservers' ip addresses are removed from the host? 1131037121 M * Bertl yes, we have ... 1131037126 M * kevinp It's very bizarre 1131037143 M * kevinp Upgrade the utils? 1131037150 M * Bertl well, it's default linux kernel behaviour ... but I agree it's bizarre 1131037200 M * Bertl 'older' linux kernels (well, all but 2.6.13/14) do behave like that, and recent kernels need a special option, now what is 'that'?: 1131037226 M * Bertl if you assign ips inside a network range ... the first one assigned will be primary 1131037235 M * Bertl all other ips will become secondaries ... 1131037253 M * Bertl without the special flag, removing the primary will also eliminate all the secondaries 1131037288 M * kevinp interesting, the vserver I stopped was the first one I created on this host 1131037289 M * Bertl and older, but well working workaround is to assign one dummy ip to the host (which will be the first one, so become primary) 1131037297 Q * entroposcope Quit: Ping timeout 1131037382 M * kevinp The host has it's own ip and that ip stayed on the host, while all of the vserver ip addresses were gone 1131037399 J * entroposcope ~entroposc@user-0c992og.cable.mindspring.com 1131037414 M * Bertl kevinp: let me give you an example: 1131037436 M * Bertl - host ip is 172.16.0.1/16 1131037452 M * Bertl - guests are in 10.0.0.0/24 1131037486 M * Bertl assigning 10.0.0.1/24 as dummy for the host, and starting with 10.0.0.2 for the guests will make 10.0.0.1 primary in 10.0.0.0/24 1131037525 M * Bertl i.e. unless you take down 10.0.0.1, everything will work as expected 1131037637 Q * prae Quit: Execute Order 69 ! 1131037776 M * kevinp well, that make sense, but doesn't seem to be the situation here 1131037787 M * kevinp I have everything on the same subnet 1131037816 M * kevinp the host is .200 and then I have a bunch of vservers after that .201, .202, .203 - .218 1131037840 M * kevinp I shut down the vserver with the ip of .202 and all ip addresses were gone 1131037844 M * Bertl check the netmasks 1131037856 M * Bertl very likely you use different ones for host and guest 1131037869 M * kevinp yep, you're right, of course! :) 1131037894 M * kevinp /22 on the host and /24 on the guests 1131037911 M * kevinp the /24 is wrong, just never noticed 1131037931 M * kevinp So I'll change all of them to be /22 and that should fix the problem right? 1131037949 M * calum Damn, that Bertl is good! 1131037956 M * kevinp isn't he though? 1131038031 Q * lilo Ping timeout: 480 seconds 1131038512 M * kevinp Thanks, Bertl! 1131038520 M * Bertl you're welcome! 1131038763 Q * erwan_taf Remote host closed the connection 1131039257 M * cryo Bertl: in some of next release our tools will be able to enable and disable any of real device to use it inside specified VPS 1131039682 J * wally ~homebase@sg27-gw.1090.kapper.net 1131039798 J * lilo ~lilo@lilo.usercloak.oftc.net 1131039837 M * Bertl welcome wally! wb lilo! 1131039852 M * Bertl cryo: great! any deltas/patches for that? 1131039918 Q * kevinp Quit: Leaving 1131040101 M * lilo heya Bertl 1131040321 J * brc bruce@200.164.153.247 1131040397 J * shuri ~shuri@64.235.209.226 1131040613 M * Bertl welcome brc! wb shuri! 1131040683 M * shuri hey Bertl nice Presentation at What The Hack :) 1131040719 M * Bertl the openweekend one was better, but no video taping there :) 1131040783 M * shuri :) 1131040990 J * Breaker_UK ~flopsy@host81-134-146-163.in-addr.btopenworld.com 1131041004 M * Bertl welcome Breaker_UK! 1131041133 M * Breaker_UK hi Bertl 1131041148 M * Breaker_UK how is it going? 1131041166 M * Bertl fine, fine, thanks! and for you? 1131041210 M * Breaker_UK not bad, 1131041215 M * Breaker_UK thanks 1131041249 J * Blissex pcg@82-69-39-138.dsl.in-addr.zen.co.uk 1131041344 M * calum Blissex, Feel the Zen 1131041377 M * Bertl lol, welcome Blissex! 1131041431 Q * Viper0482 Quit: Verlassend 1131041442 J * Viper0482 ~Viper0482@p549749E8.dip.t-dialin.net 1131041446 M * Bertl btw, if somebody is interested, I uploaded the slides as pdf (http://vserver.13thfloor.at/Stuff/SLIDES/slides-openweekend.pdf) 1131041457 A * mnemoc fetching 1131041904 M * brc ebrtl! 1131042099 M * shuri :) 1131042169 Q * shuri Quit: Quitte 1131043454 M * Blissex Hi ebverybody! 1131044197 M * Bertl Hollow: okay, regarding the vnet, what is the ETA? 1131044204 M * cryo Bertl: you could download sources of freevps from http://freevps.com and look at the code this feature 1131044302 M * Bertl is there a diff or just the RPM? 1131044410 M * Blissex Bertl: BTW, nice slides. 1131044459 M * Bertl well, they are very basic, I tend to talk a lot :) 1131044464 M * Blissex I ahve started writing yet another linux virtualization page here: http://www.ty.sabi.co.uk/Notes/linuxVirtual.html 1131044471 M * Blissex I ahve started writing yet another linux virtualization page here: http://www.sabi.co.uk/Notes/linuxVirtual.html 1131044549 M * Bertl nice, is it intentional that you do not mention Bochs, FreeVPS and OVZ? 1131044562 M * cryo Bertl: no diff, but src.rpm. also you could use cvs to get a freevps repository. see instructions on http://www.freevps.com/cvs.html 1131044622 M * calum Bertl, Any idea what nodes KDE is missing here? kdecore (KProcess): WARNING: Can't open a pseudo teletype 1131044627 M * calum I assume it's a pty 1131044646 M * Bertl calum: try strace -fF 1131044673 M * calum It's within an X session, and I can't open the konsole to get to the command line 1131044675 M * calum :/ 1131044704 M * calum I've got the standard /dev entries in the vserver 1131044704 M * Bertl ssh? 1131044742 M * Bertl cryo: any hints which of the ~700 patches is freevps related? 1131044744 M * calum But that'll be in a different session to me 1131044782 M * Blissex calum: '/sbin/MAKEDEV pts' 1131044794 M * Blissex calum: ooops, scratch that. 1131044803 M * calum $ ls /dev 1131044803 M * calum MAKEDEV initctl log null ptmx pts random urandom xconsole 1131044806 M * Blissex calum: you need to mouns the 'devpts' filesystem over there. 1131044822 M * Blissex calum: if thats all you are missing _lots_ of stuff. 1131044824 M * Bertl that sounds more like it ... 1131044825 M * calum devpts on /dev/pts type devpts (rw,gid=5,mode=620) 1131044828 M * calum It's mounted 1131044844 M * Bertl Blissex: no, if you have lots of stuff, you're insecure ... 1131044850 M * Blissex calum: just in case, /dev/MAKEDEV standard', you may be missing lots of stuff. 1131044862 M * Bertl Blissex: no, definitely not! :) 1131044867 M * Blissex Bertl: '/dev/zero' is insecure? :-) 1131044873 M * calum Bertl, the end of the strace -fF konsole over ssh: 1131044875 M * calum setuid(1000) = 0 1131044875 M * calum getcwd("/home/calum", 4096) = 12 1131044875 M * calum write(2, "konsole: cannot connect to X ser"..., 37konsole: cannot connect to X server 1131044875 M * calum ) = 37 1131044875 M * calum exit_group(0x1, 0x3c, 0x1, 0, 0xe7 1131044895 M * calum Do I need to export DISPLAY from the ssh session? 1131044910 M * Bertl Blissex: /dev/zero is fine, but plenty of other devs are not 1131044937 M * Bertl ls /dev/ 1131044938 M * Bertl console full log= null ptmx pts/ random tty urandom zero 1131044951 M * Bertl everything else might already compromise your guest 1131045003 M * Bertl calum: you have to open the X session with e.g. xhost + 1131045013 M * Blissex poor calum was missing '/dev/zero', which is used to instantiate executables... 1131045016 M * calum Bertl, I can't get to the X session command line.. :( 1131045035 M * calum Let me whack /dev/zero in there 1131045080 M * Bertl Blissex: where do you have that from= 1131045083 M * Bertl s/=/? 1131045144 M * calum 1131045147 M * calum QPixmap: Cannot create a QPixmap when no GUI is being used 1131045147 M * calum kdecore (KProcess): WARNING: Can't open a pseudo teletype 1131045147 M * calum Uh oh.. can't write data.. 1131045151 M * calum 1131045176 M * calum /dev/zero doesn't help with it. 1131045194 M * Bertl my assumption would be that the group permissions are not right for /dev/pts (i.e. kde/x is not in the tty group) 1131045226 Q * Breaker_UK Quit: 1131045249 M * calum All files in /dev/ are owned by root:root 1131045263 M * Bertl if it is related to the pts at all, might be that kde has some hard coded (legacy tty) 1131045283 M * calum Shall I try chmod 777 pts/ 1131045302 M * calum See if I can get it to work? 1131045333 M * Bertl won't work .. new pts are created with the default permissions 1131045361 M * Bertl (check /proc/mounts for the pts options) 1131045378 M * calum Well, chmodding 777 to ptmx and pts/ has let me open up a konsole 1131045386 M * calum It'll probably reset when I reboot 1131045391 M * calum But that was what the problem was 1131045405 M * Bertl well, then your kde 'user' has the wrong group rights 1131045405 M * calum devpts /dev/pts devpts rw 0 0 1131045426 M * Bertl (something you should fix in your guest image) 1131045436 M * calum kdm runs as root in Debian 1131045450 M * Bertl but obviously the kdecore doesn't 1131045455 M * calum And all the stuff in the Xsession is just my user (calum) 1131045469 M * Bertl what does 'groups calum' say? 1131045469 M * calum Which didn't have write access to ptmx and pts/ 1131045471 M * mnemoc login also run as root, but shell doesn't ;) 1131045486 M * calum Bertl, Just the one group 1131045494 M * Bertl well, here you go ... 1131045494 M * calum But the /dev entries were all root:root anyway? 1131045506 M * Bertl I doubt that for the /dev/pts 1131045528 M * calum The entries within /dev/pts/ are user:tty 1131045533 M * Bertl see 1131045535 M * calum But the directory /dev/pts was root:root 1131045545 M * calum So it probably couldn't create new ones? 1131045558 M * calum calum@sarge:~$ ls -l /dev/pts 1131045558 M * calum total 0 1131045558 M * calum crw--w---- 1 calum tty 136, 7 Nov 3 19:18 7 1131045558 M * calum crw------- 1 calum tty 136, 8 Nov 3 19:15 8 1131045559 M * calum calum@sarge:~$ ls -ld /dev/pts 1131045560 M * calum drwxr-xr-x 2 root root 0 Nov 3 14:40 /dev/pts 1131045562 M * calum calum@sarge:~$ 1131045564 M * Bertl well, it creates new ones (with user:tty) but you can't acces them 1131045566 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1131045659 M * calum Bertl, vserver/fstab on the host is none /dev/pts devpts gid=5,mode=620 0 0 1131045667 M * calum That's the standard, isn't it? 1131045905 M * Bertl yep 1131045913 M * Bertl group 5 = tty 1131045928 M * calum But users shouldn't be added to that group, should they? 1131045935 M * calum That would let them read all the other ttys 1131045946 M * calum (Potentially) 1131045956 M * calum Or at least mess around with some of them 1131045977 M * Bertl usually it's not required for users 1131046023 M * Bertl either the tty/pts is 'owned' by the user or the task is suid group to tty 1131046047 M * Bertl but without a detailed trace of the task in question, I can't diagnose it 1131046056 M * Bertl maybe it's one of the debian oddities ... 1131046070 M * Bertl okay, have to leave now ... will be back later 1131046073 M * calum OK 1131046075 M * calum Thanks :) 1131046078 N * Bertl Bertl_oO 1131046229 M * calum Blissex, what are your perms on /dev/ptmx ? 1131046323 M * calum (Or anyone else here...) 1131046711 Q * brc Ping timeout: 480 seconds 1131046847 Q * lilo Ping timeout: 480 seconds 1131047156 M * daniel_hozac 0666 1131048170 M * Blissex same here. 1131049721 Q * STaN Ping timeout: 480 seconds 1131052670 Q * Blissex Read error: Connection reset by peer 1131054931 J * menomc ~amery@200.75.27.76 1131055039 Q * mnemoc Ping timeout: 480 seconds 1131055039 N * menomc mnemoc 1131055294 M * calum 0666. That might explain things. What are is the user:group for it? 1131055334 M * daniel_hozac root:root 1131055356 M * calum Suppose with the last being a 6, the user and group don't really matter. 1131055415 Q * Viper0482 Remote host closed the connection 1131056066 Q * dustyC Ping timeout: 480 seconds 1131056663 J * shedi ~siggi@inferno.lhi.is 1131056741 J * monrad ~monrad@213083190134.sonofon.dk 1131057410 J * [MUPPETS]Gonzo gonzo@langweiligneutral.deswahnsinns.de 1131057446 J * Aiken ~james@tooax6-135.dialup.optusnet.com.au 1131057454 M * [MUPPETS]Gonzo drecksbncsoftware *motz* 1131058355 N * Bertl_oO Bertl 1131058360 M * Bertl evening folks! 1131058452 M * mnemoc hi Bertl 1131058594 M * mnemoc Bertl: do you know how rsbac people will 'merge' vserver? as-is? ported to their framework? ...? 1131058623 M * Bertl didn't know they plan to do that? 1131058662 M * michal_ hey ! 1131058664 M * mnemoc someone here, from there, told they something about integreting them iirc 1131058667 M * michal_ evening Bertl 1131058670 A * michal_ 1131058680 M * michal_ it will be first just merged 1131058681 M * Bertl yep, that's the right person := 1131058690 M * michal_ to make them running 1131058700 M * Bertl hey michal_! so rsbac plans to merge vserver? 1131058715 M * Bertl or the other way round? or what are the plans :) 1131058719 M * michal_ and than we will see (with Bertl) what can be integrated 1131058736 M * michal_ well, another kernel branch - rsbac + vserver 1131058759 M * Bertl i.c. so you will start maintaining such a branch? 1131058763 M * bragon what is the freenode channel for gentoo vserver ? 1131058763 M * michal_ but first i have to finish some things ot get it 1131058763 M * mnemoc but vserver is: virtualization + capabilities restrictions + limits, only the second is coverd by rsbac 1131058781 M * mnemoc bragon: i guess this 1131058784 M * michal_ Bertl: yes, i will be maintaining it. 1131058787 M * Bertl bragon: #gentoo-vserver 1131058794 M * mnemoc oh 1131058796 M * bragon Bertl: thanks 1131058812 M * Bertl bragon: you're welcome! 1131058824 M * Bertl michal_: okay, good idea ... 1131058825 M * bragon :) 1131058849 M * Bertl michal_: is there a logically broken down patch set for rsbac? 1131058865 M * mnemoc Bertl: svn ;) 1131058868 M * michal_ no there is not :/ just svn / svk repo and patches for releases 1131058890 M * Bertl mnemoc: well, if svn could do that, it would be great :) 1131058899 M * mnemoc :D 1131058913 M * michal_ in fact 1131058945 M * mnemoc Bertl: i wont fight pro-svn again, i know i'll loose 1131058947 M * michal_ why not set some vserver right here and right now. i have some time ^^. i have disk space. i have motivation ;p 1131058967 M * michal_ for now without rsbac, btu i will merge it as soon as possible 1131058976 M * michal_ (read: as soon as i will read svn man ;p) 1131059001 M * Bertl sounds good .. as I said, if there is support and reasoning for parts of rsbac, I'm all for an official merge ... 1131059022 J * mrec_ ~revenger@p54B01D9D.dip0.t-ipconnect.de 1131059045 M * Bertl technologies are pretty much orthogonal IMHO, and the vserver folks have a strong security requirement 1131059048 M * michal_ man. first link on page i have seen and what it is ? vserver on fedora core. nice 1131059063 A * michal_ is using fedora core 4 1131059083 M * Bertl michal_: an important question is, what archs does rsbac (or parts of it) support right now? 1131059099 M * bragon Bertl what distribution do you use ? 1131059124 M * Bertl bragon: basically a self mixed mandrake/-iva 8.2-10.2 1131059149 M * bragon 00 1131059161 A * bragon is suprising 1131059163 M * michal_ rsbac is quite arch independent (except small parts, like syscall). for now confirmed and tested (by me) are: x86, amd64 (64bit userland + 64 bit kernel, or 32 bit userland) 1131059173 M * michal_ sparc 32 bit / 64 bit 1131059183 M * michal_ some big Zseries from ibm 1131059189 M * michal_ 31 bit tested by me 1131059190 M * Bertl okay, sounds good ... 1131059204 M * michal_ ppc (my own development platform) 1131059207 M * Bertl regarding the syscall, what are your conclusions there? 1131059245 M * mnemoc AEF 'wrap' syscalls and ask ADF about decisions 1131059256 M * michal_ i will be talking about it with the rest of the team.. well, personaly i would just switch to netlink to avoid problems, but i gues it is not possible 1131059278 M * michal_ so it will be redesigned somehwo 1131059281 M * michal_ *somehwo 1131059285 M * mnemoc oh 1131059285 M * michal_ *somehow ;] 1131059331 M * Bertl okay ... well, as I said, we might be able to reserve some syscall commands in linux-vserver (for security related stuff) 1131059360 M * Bertl michal_: you know the syscall command matrix? 1131059384 M * michal_ yes, seen that 1131059387 M * michal_ impressive btw 1131059404 M * michal_ you think that something like this would be good solution ? 1131059425 M * Bertl well, it is perfect for us ... 1131059440 Q * mrec Ping timeout: 480 seconds 1131059449 M * bragon it is possible to make a gentoo vserver in a debian host ? 1131059483 M * Bertl sure 1131059498 M * bragon a wiki page ? 1131059508 M * bragon (in order to do that) 1131059524 M * bragon i search 1131059552 M * Bertl well, how do you build gentoo guests on gentoo? 1131059584 M * bragon i never do that 1131059614 M * Bertl okay, what I wanted to say is, I don't know either, but you might ask Hollow and friends :) 1131059657 M * bragon ha 1131059667 M * bragon no man page for do that but it's possible 1131059681 M * bragon because google don't match 1131059739 M * Bertl gentoo build support is not (yet) in util-vserver (I think) so you'll have to create the guest by hand ... 1131059753 M * bragon ok 1131059760 M * Bertl (which should be fairly easy if you know gentoo) 1131059778 M * bragon i dream that :p 1131059779 M * Hollow bragon: you could use vserver-new 1131059788 M * bragon Hollow: how ? 1131059789 M * Hollow shipped with >=0.30.208-r3 1131059798 M * Hollow vserver-new --help 1131059808 M * bragon i read that 1131059815 M * Hollow i documented it pretty good ;) 1131059818 M * Bertl note: vserver-new is gentoo specific (right?) 1131059832 M * Hollow yep, it wonÄt work on other systems 1131059832 M * bragon Hollow: my host is a debian 1131059836 M * mnemoc Bertl: is .209 good for any 2.x? 1131059838 M * bragon i want a gentoo guest in a debian 1131059855 M * Bertl mnemoc: yep, .209 seems fine for all 2.x 1131059861 M * Hollow bragon: well, then you have to unpack the stage tar by hand 1131059870 M * bragon ok 1131059871 M * mnemoc Bertl: no fixed lingering around? 1131059871 M * Bertl mnemoc: the changes/updates I had (up to fix3) were included 1131059881 M * bragon it's ok 1131059885 M * bragon i try that so 1131059891 M * mnemoc Bertl: nice, thanks :) 1131059901 M * bragon s/i try that so/will try that 1131059902 M * Bertl thanks go to enrico! 1131059902 M * bragon :) 1131059908 M * Hollow bragon: http://home.xnull.de/work/gentoo/util-vserver/tools/vserver-new (look at stage3_build how the script does it, so you might know better) 1131059938 M * Bertl Hollow: sorry to bother you again, what is the ETA for vnet? 1131059955 M * Hollow what shall be supported? 1131059973 M * Bertl network context creation, enter and chaining 1131059987 M * bragon Hollow: 404 1131060009 M * Hollow http://home.xnull.de/work/gentoo/vserver/util-vserver/tools/vserver-new 1131060024 M * bragon http://home.xnull.de/work/gentoo/ 1131060028 M * bragon here it's ok :) 1131060036 M * bragon ok ok thanks a lot 1131060063 M * Hollow Bertl: gimme half an hour ;) 1131060085 M * Bertl Hollow: you have a full one, I have to cleanup the ngnet stuff anyway ... and TIA! 1131060145 M * Bertl ag-: ping? 1131060203 M * bragon [ -n "$2" ] && [ "$2" != "x86" ] && die "Sorry, we only support x86 at the moment" 1131060207 M * bragon :x 1131060221 A * bragon is under X86_64 1131060463 M * mnemoc [[ "$2" != x86* ]] 1131060495 M * mnemoc or [ "$2" != "x86" -a "$2" != "x86_64" ] 1131060958 M * michal_ ok, kernel compiling 1131060972 M * michal_ 2.6.12.4 + vserver something ;] 1131060976 M * Hollow Bertl: http://home.xnull.de/misc/vnet.c 1131061066 M * daniel_hozac michal_: why such an old kernel? ;) 1131061080 M * michal_ hell knows ;] 1131061125 M * Bertl Hollow: looks good, tested? and do you have a tar (with the rest of the lib/etc)? 1131061125 M * Hollow bragon: you can try to use amd64 stages or build your own.. we try to get it supported asap 1131061147 M * Hollow yep, tested.. don't you have util-vserver installed? 1131061171 M * Bertl for sure not the latest version ... 1131061197 M * Hollow it links again 205 here.. 1131061232 M * bragon 0.30.208-3 <== my version 1131061272 A * Hollow dream of 0.40 1131061285 A * michal_ does not dream about vserver ;p 1131061303 M * Hollow oh well, i really dreamt about util-vserver code this week.. wtf 1131061306 A * bragon dream about a BSD guest in a Debian but it's impossible 1131061338 M * michal_ possible with xen ;] 1131061365 M * Bertl Hollow: okay, that should do it, tx! 1131061505 M * Hollow you're welcome 1131061518 M * Hollow if you need additional commands, just call the support hotline 1131061628 M * Bertl k, tx :) 1131062199 M * Bertl Hollow: works like a charm, tx again