1131840217 M * mrec Bertl: let's talk later :) 1131840224 M * mrec off partying now :) even if it's late 1131840692 M * Bertl k 1131841199 J * lilo_ ~lilo@lilo.usercloak.oftc.net 1131841308 Q * lilo Ping timeout: 480 seconds 1131841721 M * Bertl Greek0: and, did you find some time to get your QEMU going? 1131841797 M * Greek0 yep 1131841860 Q * Larsioa Read error: Connection reset by peer 1131841932 M * Bertl Greek0: so, do you feel like doing some ngnet stuff? 1131842716 J * tanjix tanjix@office.star-hosting.de 1131842724 M * tanjix hi together 1131842751 M * Bertl hey tanjix! LTNS! 1131846375 M * Bertl Greek0: I can take a 'no' :) 1131847030 M * Greek0 hehe 1131847072 M * Greek0 I'd really like to do some, though not now 1131847085 M * Greek0 but it seems like I can't get around to do anything in the last time :-/ 1131847321 M * Bertl well, no problem with that ... 1131847640 J * samuel ~samuel@modemcable211.200-203-24.mc.videotron.ca 1131847643 M * samuel hi 1131847653 M * Bertl welcome samuel! 1131847670 M * samuel thank you so much Bertl 1131847678 M * samuel i've a (weird) trouble 1131847705 M * samuel I have a box with 3 public IPs running 8 vservers 1131847738 M * samuel 2 ips are completly source/destination natted to 2 vservbers, 1131847766 M * Bertl hmm, okay ... 1131847777 M * samuel 1 (main ip address) ip are natted throught 6 others vservers 1131847793 M * samuel every things seem to work perfectly 1131847826 M * samuel execpt I saw this message this morning: 1131847830 M * samuel -- Registered to '70.84.157.148', who sees us as 209.172.57.17:4569 1131847853 M * samuel (this is an asterisk box running on a 'totally' natted vserver) 1131847878 M * Bertl k, I assume the 209.172.57.17 is the public ip? 1131847888 M * samuel but 209.172.57.17 is the main IP, not the one natted to this vserver 1131847904 M * samuel (should be 209.172.59.230) 1131847914 M * samuel internal ip is 10.1.1.107 1131847952 M * Bertl hmm, well, first, let's get some details, what does testme.sh say (upload the output somewhere, e.g. pastebin.com) 1131847971 M * samuel ok! 1131847977 M * samuel 30secs.. 1131848075 M * samuel in progress... 1131848093 M * samuel testing ext2 should be long? 1131848108 M * Bertl hmm, testme.sh not testfs.sh :) 1131848128 M * samuel hehehe 1131848138 M * Bertl and yes, it will take forever to format the /dev/null device :) 1131848169 M * samuel http://pastebin.ca/28507 1131848205 M * Bertl hmm, okay, so a grsec patched kernel 1131848220 M * Bertl (older one with older tools too) 1131848238 M * Bertl okay, let's look at the guest config, like this: 1131848289 M * Bertl vserver exec cat /proc/self/ninfo 1131848290 M * samuel http://pastebin.ca/28508 1131848295 M * samuel ok 1131848328 M * samuel NID: 49268 1131848328 M * samuel V4Root[0]: 10.1.1.107/255.255.255.0 1131848338 M * Bertl okay, that looks fine 1131848410 M * samuel i've tcpdumped on the host, and I really saw traffic from the 'bad' ip generated by the vserver 1131848537 M * Bertl maybe a funny question, but, why do you actually do S/DNAT here? 1131848575 M * samuel you mean, why not bind my vserver directly to the public ip? 1131848581 M * Bertl yep, precisely 1131848603 M * samuel hmm actualy I didn't think about that.. hehe.. 1131848614 M * Bertl because to me, it looks like the con tracking gets something wrong 1131848619 M * samuel ok 1131848629 M * Bertl so this would be a good verification 1131848679 M * samuel how? 1131848699 M * Bertl if you configure the guest to the public ip, and remove the S/DNAT rules 1131848704 M * samuel ok 1131848718 M * Bertl if you can dump/see packets leaving with the main IP it's suspect 1131848903 M * samuel that work... 1131848910 M * samuel -- Registered to '70.84.157.148', who sees us as 209.172.59.230:4569 1131848924 M * samuel maybe my routing is buggy... 1131848928 M * Bertl okay, so something in the S/DNAT goes wrong 1131848955 M * Bertl now, I'd ask you to try again with 2.6.14.2-vs2.0.1-rc2 if possible? 1131848968 M * Bertl (no grsec, but the rest should be identical) 1131848997 M * samuel hmmm 1131849037 M * samuel I have to recompile a kernel, and I don't like to reboot a box 300km away from me with a new kernel 1131849054 M * Bertl okay, that is an argument (without serial console) 1131849089 M * samuel without a serial console, just an APC control pannel to power-on/off 1131849123 N * lilo_ lilo 1131849168 M * Bertl samuel: hmm, well, that is something ... 1131849176 M * Bertl samuel: what boot loader do you use? 1131849181 M * lilo hi Bertl 1131849192 M * Bertl hey lilo! what's up? 1131849201 M * lilo Bertl: just having a weekend 8) 1131849205 M * lilo Bertl: not too much 8) 1131849210 M * Bertl great! :) 1131849221 M * samuel hmm that's a bit embarassing 1131849244 M * Bertl samuel: hmm? 1131849253 M * lilo I'm named after a favorite science fiction character, in John Varley's THE OPHIUCHI HOTLINE. I am *not* named after the LInux LOader, and I didn't write it! :) -- lilo, winter 1993 || Nor am I named after the little girl in the movie, nor the air mattress, nor Last In Last Out. ;) -- lilo, summer 2003 1131849258 M * lilo ;) 1131849281 M * samuel huh! 1131849282 A * lilo tends to prefer grub 1131849285 M * samuel -- Registered to '70.84.157.148', who sees us as 209.172.59.230:4569 1131849289 M * samuel wtf 1131849447 M * Bertl lilo: obviously you are well-conditioned to the term 'bootloader' :) 1131849474 A * Bertl did take a few minutes to figure the connection 1131849591 M * Bertl samuel: no success restoring the 'faulty' behaviour? 1131849678 M * samuel that's work... 1131849781 J * dddd44 dhb55@218.111.178.108 1131849807 M * samuel weird 1131849841 M * samuel maybe iptables was shocked to be bypassed 1131849884 M * Bertl well, that supports my theory that it is con tracking related 1131849925 M * Bertl maybe even soemthing in the routing cache ... 1131849932 M * lilo Bertl: yes :) 1131849991 M * samuel thanks 1131850014 M * samuel i've to go, i'll idle... 1131850016 M * Bertl samuel: you're welcome! 1131851596 M * Bertl okay, I'm off to bed now ... have a good whatever everyone ... cya tomorrow! 1131851626 N * Bertl Bertl_zZ 1131852586 J * kas_3 dhb55@218.111.178.108 1131852595 Q * kas_3 Read error: Connection reset by peer 1131852861 M * matti Bertl_zZ: Hug a teddy-bear before sleep ;) 1131853286 Q * dddd44 Read error: Connection reset by peer 1131853866 J * dddd44 dhb55@218.111.178.108 1131855214 M * Johnnie What's this in question? 1131855225 M * Johnnie Is samuel trying to identify what that connection is? 1131855239 M * matti Em? 1131855430 Q * dddd44 Read error: Connection reset by peer 1131858016 J * Phi| ~polarisx@cpe-70-112-54-145.austin.res.rr.com 1131858021 P * Phi| 1131862430 Q * samuel jupiter.oftc.net kinetic.oftc.net 1131862430 Q * michal_ jupiter.oftc.net kinetic.oftc.net 1131862430 Q * eyck jupiter.oftc.net kinetic.oftc.net 1131862430 Q * case jupiter.oftc.net kinetic.oftc.net 1131862430 Q * sebi_ jupiter.oftc.net kinetic.oftc.net 1131862430 Q * jkl jupiter.oftc.net kinetic.oftc.net 1131862430 Q * baggins jupiter.oftc.net kinetic.oftc.net 1131862430 Q * logger jupiter.oftc.net kinetic.oftc.net 1131862430 Q * derbien jupiter.oftc.net kinetic.oftc.net 1131862430 Q * meebey jupiter.oftc.net kinetic.oftc.net 1131862430 Q * mugwump jupiter.oftc.net kinetic.oftc.net 1131862430 Q * Millox jupiter.oftc.net kinetic.oftc.net 1131862430 Q * xzu jupiter.oftc.net kinetic.oftc.net 1131862430 Q * neofutur_ jupiter.oftc.net kinetic.oftc.net 1131862530 J * samuel ~samuel@modemcable211.200-203-24.mc.videotron.ca 1131862530 J * michal_ ~michal@mprivacy-update.de 1131862530 J * eyck ~eyck@81.219.64.71 1131862530 J * case ~case@donpanic.faveve.uni-stuttgart.de 1131862530 J * sebi_ ~sebi@Fccfa.f.strato-dslnet.de 1131862530 J * jkl eric@c-67-174-182-65.hsd1.co.comcast.net 1131862530 J * baggins baggins@kenny.mimuw.edu.pl 1131862530 J * logger ~rs@84.244.0.15 1131862530 J * derbien ~derbien@whiterabbit.nbmc.de 1131862530 J * meebey meebey@booster.qnetp.net 1131862530 J * mugwump ~samv@watts.utsl.gen.nz 1131862530 J * neofutur_ ~neofutur@neofutur.net 1131862530 J * Millox ~mattias@shienar.csbnet.se 1131862530 J * xzu ~otto@brucester.a20.net 1131864756 Q * derbien Ping timeout: 480 seconds 1131866679 J * derbien ~derbien@whiterabbit.nbmc.de 1131868246 Q * derbien Ping timeout: 480 seconds 1131869228 J * derbien ~derbien@whiterabbit.nbmc.de 1131870012 J * Viper0482 ~Viper0482@p549752E4.dip.t-dialin.net 1131872081 Q * Johnnie Quit: G'bye! 1131872261 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1131873136 M * sizo moin 1131874498 J * dddd44 dhb55@218.111.178.108 1131875969 J * yknups spunky@rdlax12-b091.dialup.optusnet.com.au 1131876072 N * yknups spunky 1131879940 Q * virtuoso Ping timeout: 480 seconds 1131879952 J * mrec_ ~revenger@p54B034ED.dip0.t-ipconnect.de 1131880198 J * ozan ~ozan@81.215.121.100 1131880290 M * ozan hi all, what you think if you can not stop your vserver with "vserver name stop" on v2.0? 1131880306 M * ozan command just waits forever ... 1131880344 M * Johnnie Hmmm... 1131880350 Q * spunky Quit: 1131880361 M * Johnnie Did you change/update your vserver utilities while systems were up? 1131880371 Q * mrec Ping timeout: 480 seconds 1131880389 M * ozan umm yup i did :) 1131880424 M * ozan but it is same after reboot too.. 1131880431 Q * lilo Remote host closed the connection 1131880463 M * Johnnie Hmm. 1131880542 M * Johnnie What kernel is the host system running? 1131880569 M * ozan 2.6.12.6 with vs2.0 1131880773 M * daniel_hozac ozan: i guess you're not using dietlibc? 1131880792 J * lilo ~lilo@lilo.usercloak.oftc.net 1131880825 M * ozan uumm, i realy dont know .. my system is debian stable... and i just compite utils with ./configure .. 1131880876 M * ozan configure:9473: checking whether to enable dietlibc 1131880881 M * ozan configure:9563: result: no (detected) 1131880885 M * ozan nope i dont .. 1131880976 M * ozan umm but i may be done something wrong with libc ... umm 1131881023 M * ozan i will try to recompile after a clean apt-get dist-upgrade .. 1131881855 M * ozan umm it worked thanks... 1131881879 M * ozan i compiled it with dietlibc .. it is working now. 1131882036 Q * Viper0482 Quit: bin raus, 1131884747 J * schak schak@dslb-082-083-035-153.pools.arcor-ip.net 1131885890 J * menomc ~amery@200.75.27.117 1131885996 Q * mnemoc Ping timeout: 480 seconds 1131885997 N * menomc mnemoc 1131887198 M * ozan whois ozan 1131887595 M * SiD3WiNDR is there an easy way to install an ubuntu vserver guest? 1131887827 Q * dddd44 Read error: Connection reset by peer 1131887970 J * dddd44 dhb55@218.111.178.108 1131888016 Q * eyck Read error: Connection reset by peer 1131888411 J * eyck ~eyck@81.219.64.71 1131888566 Q * ozan Quit: User abort with 5 Ctrl-C's 1131888858 M * daniel_hozac SiD3WiNDR: -m debootstrap -m doesn't work? 1131888864 M * daniel_hozac +-- 1131888876 M * SiD3WiNDR haven't tried =) 1131888882 M * SiD3WiNDR doesn't it need some control file? hmm 1131889178 M * daniel_hozac i guess those would be included in the deboostrap package. 1131889204 M * SiD3WiNDR aha 1131890882 Q * dddd44 Read error: Connection reset by peer 1131891731 N * Bertl_zZ Bertl 1131891737 M * Bertl morning folks! 1131892308 M * Hollow morning Bertl 1131892322 M * Bertl hey Hollow! 1131892339 M * Bertl we have to talk again about the init spawning ... 1131892350 M * Hollow oki, i've plenty of time :) 1131892529 J * FireEgl ~FireEgl@2001:5c0:84dc:1:d0bb:fc74:bbd:2138 1131892537 M * Bertl excellent! 1131892605 M * Bertl Hollow: okay, I've spend some time yesterday to think about the (command) interface 1131892631 M * Bertl and I'm somewhat worried about the flexibility ... 1131892640 M * Hollow i.e.? 1131892648 M * Bertl more precisely, I wonder what it will buy us at all ... 1131892668 M * Bertl first, the interface will need to specify a path to the executable 1131892711 M * Bertl second, as we concluded yesterday, the 'daemon' would have to fork anyway (to set up the guest) 1131892753 M * Bertl third, I'm not sure we can 'map' such things as the chroot() into the guest context that easily ... 1131892761 M * Hollow yeah, i played around yesterday too, and ended up with the start command calling itself again after the context has been setup 1131892791 M * Hollow s/setup/created/ 1131892807 M * Bertl so, let me ask the important question: all effords aside, what would we gain in the end? 1131892853 M * Hollow we know the initpid, but maybe we need a more elegant solution ;) 1131892889 M * Hollow maybe we could do it like vc_set_namespace, so the current pid will be the initpid then 1131892889 M * Bertl okay, I did think about that too, and I think have one :) 1131892912 J * Doener doener@i5387EF3F.versanet.de 1131892930 M * Doener hi! 1131892934 M * Hollow heya Doener 1131892953 M * Bertl what if we do a 'modified' vc_exec() which ets the init pid (if requested) and ends the setup? 1131892962 M * Bertl hey Doener! right on time! :) 1131893010 M * Hollow how would it get the init pid? 1131893055 M * Bertl well, it does something like exec (i.e. replaces the current process) 1131893062 M * Hollow ok.. 1131893072 M * Bertl in this case, we can simply 'copy' it 1131893088 M * Bertl also, if the exec fails, we have a return code :) 1131893147 M * Hollow so vc_exec would be a generic call exec in a context? 1131893199 M * Hollow with the difference of saving the initpid 1131893208 M * Bertl we could do that, but I'd prefer it to be an _initial_ call 1131893228 M * Hollow i.e. in VXC_STATE_SETUP? 1131893247 M * Bertl yes, it will end the setup, set the initpid (if told to do so) 1131893259 M * Bertl we could even keep the mechanism for the initpid as is 1131893270 M * Bertl (i.e. the flag) 1131893396 M * Hollow i'd prefer the vc_exec way 1131893425 M * Hollow or what ever it will be 1131893447 M * Bertl yep, but I mean, we can leave the initpid flag as is 1131893462 M * Hollow yup 1131893473 M * Bertl don't forget, we can pass flags at creation time 1131893500 M * Bertl if you 'create' a context withot the init flag, we do not set the initpid on exec, for example 1131893507 M * Doener Bertl: i just tried the packet shaping stuff on my box (Athlon64 X2 4400+ SMP, 2.6.14 vanilla kernel) works just fine... will try with a vserver kernel later 1131893525 M * Bertl Doener: excellent, keep us posted 1131893563 M * Bertl Doener: make sure to use 2.0.1-rc2 (and if possible test with 2.1.0 too) 1131893578 A * Bertl will update the 2.1.0 release shortly 1131893585 M * Hollow ok, so we set the init flag, setup the context with sched, uts whatever and call vc_exec in the end which will save the initpid 1131893603 M * Bertl which will precisly do the following: 1131893626 M * Bertl - clear the initflag if set (and assign the initpid) 1131893654 M * Bertl - end the setup process (flag) 1131893666 M * Bertl - execute the specified binary 1131893673 M * Bertl - return with exitcode 1131893681 M * Hollow so we can use it for all init styles, right? 1131893703 M * Bertl yes, that should work ... 1131893732 M * mnemoc there is any known-to-work/documented way to let a guest invoke something on host? 1131893742 M * Hollow ssh 1131893799 M * Bertl mnemoc: most debian versions allow you to use the escchroot() approach too ... :) 1131893807 M * Hollow Bertl: if it replaces the current process, how should it return the exit code? 1131893828 M * Bertl Hollow: as exec() does now, you have to do it like this: 1131893837 M * Bertl - daemon is running in context 0 1131893851 M * Bertl - guest process is forked() 1131893863 M * Bertl - guest process creates the context 1131893870 M * Bertl - guest process sets up environment 1131893884 M * Bertl - guest process execs init or runlevel script 1131893897 M * Bertl - daemon waits for children (return codes etc) 1131893904 M * Hollow ic.. 1131893927 M * Bertl we might hit some issues with the child belonging to another context 1131893940 M * Bertl but I'm sure we can work around that somehow (kernel side) 1131893994 M * mnemoc Bertl: i was thinking in per-guest fifo and a process on host watching, or something like that :) 1131894015 M * Hollow ok, i have another question regarding chroot/namespaces and how you could escape it.. 1131894056 M * Hollow i tried to follow enricos code for secure mounting, but it's mess of chdir() and chroot() so i'm somewhat lost... what are the possibilities to escape? 1131894089 M * Bertl you know his (german) paper? 1131894104 M * Hollow hm, i don't think so 1131894108 M * Bertl sec 1131894150 M * Bertl http://www.nongnu.org/util-vserver/doc/virtual-servers.pdf 1131894155 J * prae ~benjamin@sherpadown.net 1131894166 M * Hollow thx 1131894173 M * Bertl welcome prae! 1131894195 M * prae Hi Bertl 1131894348 Q * eyck jupiter.oftc.net kinetic.oftc.net 1131894348 Q * mnemoc jupiter.oftc.net kinetic.oftc.net 1131894348 Q * lilo jupiter.oftc.net kinetic.oftc.net 1131894348 Q * xzu jupiter.oftc.net kinetic.oftc.net 1131894348 Q * Millox jupiter.oftc.net kinetic.oftc.net 1131894348 Q * mugwump jupiter.oftc.net kinetic.oftc.net 1131894348 Q * meebey jupiter.oftc.net kinetic.oftc.net 1131894348 Q * logger jupiter.oftc.net kinetic.oftc.net 1131894348 Q * baggins jupiter.oftc.net kinetic.oftc.net 1131894348 Q * jkl jupiter.oftc.net kinetic.oftc.net 1131894348 Q * sebi_ jupiter.oftc.net kinetic.oftc.net 1131894348 Q * case jupiter.oftc.net kinetic.oftc.net 1131894348 Q * samuel jupiter.oftc.net kinetic.oftc.net 1131894348 Q * michal_ jupiter.oftc.net kinetic.oftc.net 1131894348 Q * neofutur_ jupiter.oftc.net kinetic.oftc.net 1131894348 Q * schak jupiter.oftc.net kinetic.oftc.net 1131894380 J * eyck ~eyck@81.219.64.71 1131894380 J * mnemoc ~amery@200.75.27.117 1131894380 J * schak schak@dslb-082-083-035-153.pools.arcor-ip.net 1131894380 J * lilo ~lilo@lilo.usercloak.oftc.net 1131894380 J * samuel ~samuel@modemcable211.200-203-24.mc.videotron.ca 1131894380 J * michal_ ~michal@mprivacy-update.de 1131894380 J * case ~case@donpanic.faveve.uni-stuttgart.de 1131894380 J * sebi_ ~sebi@Fccfa.f.strato-dslnet.de 1131894380 J * jkl eric@c-67-174-182-65.hsd1.co.comcast.net 1131894380 J * baggins baggins@kenny.mimuw.edu.pl 1131894380 J * logger ~rs@84.244.0.15 1131894380 J * meebey meebey@booster.qnetp.net 1131894380 J * mugwump ~samv@watts.utsl.gen.nz 1131894380 J * neofutur_ ~neofutur@neofutur.net 1131894380 J * Millox ~mattias@shienar.csbnet.se 1131894380 J * xzu ~otto@brucester.a20.net 1131894700 M * ComplexHo hi Bertl, Hollow - not been in ~ for a while and wondering how libvserver was coming along... Is it useable yet? I have a spare machine I was hoping to do some testing with... 1131894737 M * Bertl Hollow: alert! tester arrived :) 1131894743 M * ComplexHo lol 1131894759 M * Hollow heh 1131894771 M * Hollow well, libvserver works great 1131894784 M * Hollow but with libvserver alone you cannot do that much ;) 1131894816 M * ComplexHo hehe is there a doc or anything around that explains what it does/what the overall plan is? 1131894855 M * ComplexHo ...or can you tell me in a nutshell? 1131894865 M * Hollow svn co http://dev.croup.de/repos/libvserver/trunk libvserver && cd libvserver && doxygen 1131894866 M * Hollow ;) 1131894873 M * ComplexHo hehe 1131894896 M * ComplexHo yeah did that about 4 months ago and had a surf around the web-svn today 1131894915 M * Hollow i just commited a reverting changeset 1131894927 M * ComplexHo ok cool I'll have a nosey 1131894935 M * ComplexHo thx 1131895042 M * Hollow ComplexHo: if you want to take a look at my local svn: util-vserver-1.0_pre20051113.tar.bz2 1131895053 M * Hollow but be aware: it won't work 1131895057 M * ComplexHo s'ok got it down here 1131895062 M * ComplexHo looking now :) 1131895066 M * Hollow it wonÄt start your guests, nor will it do anything usefull to you :P 1131895083 M * Hollow except you want to help coding ;) 1131895093 M * Hollow darr 1131895098 M * Hollow i forgot the url 1131895099 M * ComplexHo hehe :P 1131895100 M * Hollow http://home.xnull.de/misc/util-vserver-1.0_pre20051113.tar.bz2 1131895120 M * ComplexHo is that a latest snapshot? 1131895128 M * Hollow yup, 1 minute ago ;) 1131895154 M * Hollow it should compile against libvserver in svn 1131895189 M * ComplexHo cool so how I read it, the libs themselves are stable and the main effort is with the utils? 1131895198 M * Hollow right 1131895202 M * ComplexHo cool 1131895238 M * Hollow the lib itself doesn't do much... it's just a wrapper around the syscalls, and it provides a list interface to cflags, ccaps, bcaps, nflags, utsnames, scheduler settings and resource limits 1131895259 M * ComplexHo and are the utils designed to work along the same lines as the other util-vserver? 1131895263 M * Hollow no 1131895340 M * Hollow i'm no quite sure about the details of config etc.. 1131895348 M * Hollow but you can see first thought in scripts/lib/vps.sh 1131895355 M * Hollow scripts/lib/cli.sh is deprecated 1131895431 M * Hollow all the tools in src/ should work pretty well, you can do command line testing with them to create context namespaces, or set scheduler settings 1131895560 M * ComplexHo hmm yeah looking nice :) 1131895589 M * Hollow indeed :P 1131895594 M * ComplexHo wasn't there also talk of a daemon as well some time back? 1131895632 M * Hollow yeah, but i delayed it because there is too much to discuss about first 1131895723 M * ComplexHo ok cool I will have a proper look at this tomorrow evening when I have more time... will this code live alongside the old util-vserver nicely or am I better off doing one or the other? 1131895730 M * Hollow although there are some anxient sources in http://home.xnull.de/work/vserver/vservd 1131895750 M * Hollow ComplexHo: if you use a different --prefix you will be fine 1131895757 M * ComplexHo ok great 1131895784 M * Hollow but as i said.. everything in scripts/ behaves unexpected atm.. but tools in src/ should be fine 1131895901 M * ComplexHo it all looks much simpler and leaner than the older utils 1131895911 M * Hollow righ 1131895912 M * Hollow t 1131895913 M * Hollow ;) 1131895954 M * Hollow well, it also lacks functionality of course 1131895979 M * Hollow i did not reimplement all functionality because i'm not sure how/if to do it, only time will tell 1131895994 M * ComplexHo I've been wanting to virtualise my configuration for some time but they have been holding me back. About the best I can hope to do is apply a config for the vserver remotely... 1131896006 M * ComplexHo which is ok but not perfect 1131896027 M * ComplexHo hence the deamon would be perfect for me... 1131896054 M * Hollow the question is, what would/should the daemon do 1131896192 M * ComplexHo well for me it would provide a way for me to securely interact with vservers (stop|start|restart|migrate|etc); apply new configurations (eg add an IP); enable me to pull back performance information 1131896194 M * daniel_hozac eeeverything ;) 1131896229 M * Hollow ComplexHo: you mean it would provide a way to do it remotely (without ssh) 1131896249 M * Hollow through an RPC or whatever interface 1131896257 M * ComplexHo yes, I use ssh at the moment and it is quite cool (Perl::Net::SSH is great!) 1131896264 M * Hollow heh 1131896298 M * ComplexHo but it can be untidy 1131896344 M * Hollow i think Bertl came up with the idea to have command language for vserver, which can be interpreted by the daemon 1131896357 M * ComplexHo ssh is a little bit too powerful for it's own good too :) it scares me sometimes :) 1131896381 M * ComplexHo u mean like zebra ? 1131896391 M * Hollow dunno zebra 1131896398 M * Bertl yes, similar :) 1131896424 M * ComplexHo like "ip sh bgp sum" but "vs sh ctx sum" 1131896428 M * ComplexHo hehe 1131896459 M * ComplexHo hey Bertl :) 1131896502 M * ComplexHo have you not considered SOAP or similar? 1131896524 M * Hollow soap is rpc 1131896524 M * ComplexHo or some sort of XML 1131896544 M * ComplexHo yep that would be powerful 1131896565 M * ComplexHo and easy to integrate with 'virtual' configs in db or ldap 1131896594 M * ComplexHo well easier... 1131896675 M * mnemoc less hard :p 1131896688 M * ComplexHo hehe 1131896729 M * ComplexHo it might be nice to run some sort of keepalive through the daemon as well, no? 1131896753 M * ComplexHo for failover or performance triggers 1131896887 J * dos000 ~dos000@i216-58-60-176.cybersurf.com 1131896985 M * ComplexHo back in the day we wrote a configuration daemon for freevsd-based vps but that went much further and configged apache, sendmail, useraccts etc 1131897030 M * ComplexHo but it had a syntax that could be issued raw or programatically and was totally ssl'd up 1131897036 Q * sladen Ping timeout: 480 seconds 1131897083 M * Bertl welcome dos000! 1131897091 M * FaUl ComplexHo: en; conf t 1131897138 M * ComplexHo FaUl, huh? 1131897200 M * FaUl ComplexHo: you know, zebra-like config ;-) 1131897211 M * ComplexHo ah sorry hehe 1131897241 M * dos000 hey man 1131897258 M * dos000 Bertl, i finally got my woes over ! 1131897297 J * sladen paul@starsky.19inch.net 1131897320 M * Bertl wb sladen! 1131897323 M * Bertl dos000: great! 1131897520 M * dos000 i still dont have it auto start but i am assuming doing the make distinstall will take care of that. i am on sarge 1131897647 M * Bertl probably, (and setting some 'marks') 1131897699 M * ComplexHo hey Bertl, remember that vserver cluster I was building? Well we've had 100% uptime >250 days running 20 vservers across 4 hosts serving up to 1/2TB on a busy day without breaking sweat 1131897709 M * ComplexHo hehe 1131897833 M * ComplexHo and those are pre-2.0 kernels on all of them 1131897868 M * Bertl excellent! you might post that on the ML 1131897890 M * dos000 ComplexHo, what is this serving ? 1131897898 M * ComplexHo performance is yummy; tried XEN and UML but in terms of raw performance vserver is great 1131897922 M * dos000 thats exactly why i was swayed to it 1131897978 M * dos000 ComplexHo, hummm ... that much bw can only mean nasty content :-) 1131897978 M * ComplexHo it is the foundation for a hosting network, but runs several high-traffic websites and dns/email routing for a bunch of domains. We run a game server on there and some big big databases 1131897984 M * ComplexHo nah 1131897986 M * ComplexHo hehe 1131897994 M * ComplexHo would be a nice test for the cluster tho ;) 1131898026 M * ComplexHo check out http://www.ourproperty.co.uk 1131898132 M * dos000 ComplexHo, i wish we had the same in canada .. i am about to step in the home ownership 1131898161 M * ComplexHo yeah it's a very cool site it gets a lot of traffic 1131898175 M * ComplexHo right up to date too it gets updates every few weeks 1131898190 M * ComplexHo you should see the size of them inserts ;) 1131898206 M * ComplexHo every house sale in england and scotland since 2000 1131898211 M * dos000 what db are we talking about ? 1131898275 M * ComplexHo it's data from the UK Land Registry that my client indexes and tidys up and makes searchable 1131898276 Q * derbien Ping timeout: 480 seconds 1131898301 M * dos000 i was asking if you use mysql for this ? 1131898316 M * ComplexHo yes :) 1131898317 M * ComplexHo 4 1131898352 M * ComplexHo our vservers run on a 2Gb/s f/c subsystem too so it's really quick 1131898365 M * ComplexHo you can see page load times on the search page 1131898385 M * ComplexHo well page build times 1131898482 Q * Doener Quit: Leaving 1131898654 M * dos000 nice 1131898779 M * dos000 i am about to build a telco db site. whats the f/c subsystem ... if it is not too costly ! 1131898818 M * ComplexHo no it's quite cheap... HP MSA1000 & Qlogic QLA2300 HBA 1131898849 M * ComplexHo we got the small business starter pack and put in the redundant controllers. You get an 8-port switch and 4 cards with it too 1131898895 J * Doener doener@i5387EF3F.versanet.de 1131898905 M * ComplexHo plus 14x146GB U320 disks doubles he cost hehe ;) 1131898933 M * ComplexHo you can do the whole thing inside £8k-£10k GBP 1131898962 M * ComplexHo which isn't bad for vibrechannel 1131898967 M * ComplexHo *f 1131898982 M * dos000 nice 1131899022 M * ComplexHo it makes it nice and easy to move a partition vservers to a new box for maintenance ;) 1131899038 M * ComplexHo but we haven't managed to automate it that nicely yet 1131899092 M * ComplexHo we don't use any fancy cluster filesystem either - raw speed is just nice ;) 1131899099 M * SiD3WiNDR daniel_hozac: thanks, ubuntu install with debootstrap worked great (after I update debootstrap to include breezy file) 1131899163 J * derbien ~derbien@whiterabbit.nbmc.de 1131899248 J * virtuoso ~s0t0na@shisha.spb.ru 1131899329 M * Bertl welcome derbien, virtuoso! 1131899407 M * Doener Bertl: works fine on vs2.0.1-rc2, too... now going to try in a vserver 1131899463 M * sizo re 1131899556 M * Bertl wb sizo! 1131899590 M * sizo thanks 1131900068 M * Doener Bertl: from within a vserver it also works. is there an updated 2.1 version yet or shall i wait? 1131900094 A * dos000 reading about msa1000 and QLA2300 HBA 1131900113 M * Bertl Doener: let me upload one ... will take a few minutes 1131900117 M * Doener ok 1131900317 Q * monrad Quit: Leaving 1131900400 T * Bertl http://linux-vserver.org/ | latest stable 2.0, 2.0.1-rc2, 1.2.10, 1.2.11-rc1, devel 2.1.0-rc7 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1131900423 M * Bertl http://vserver.13thfloor.at/Experimental/patch-2.6.14.2-vs2.1.0-rc7.diff 1131900745 M * Doener what's xid propagation? 1131900942 M * Bertl thats for the xid=42 mount option 1131900956 M * Bertl (i.e. tagged files without xid aware filesystems) 1131901046 M * Doener ok, building now... 1131901072 J * monrad ~monrad@213083190130.sonofon.dk 1131901269 Q * Doener Quit: Leaving 1131901464 J * Doener doener@i5387EF3F.versanet.de 1131902416 M * Doener Bert: works as expected for me on 2.1.0-rc7, too. sent a mail with the results to the ml 1131902423 M * Bertl thanks! 1131902435 Q * derbien Ping timeout: 480 seconds 1131902619 M * dos000 Bertl, i have vs2.0.1-rc1 working fine here. any reason to go higher ? 1131902699 M * Bertl dos000: 2.1.x is devel branch, many features, possible instability ... 1131902714 M * Bertl dos000: 2.0.1-rc2 fixes a bug, so that would be advised 1131902724 M * Bertl okay, off for dinner now ... back shortly ... 1131902729 N * Bertl Bertl_oO 1131903049 J * derbien ~derbien@whiterabbit.nbmc.de 1131903121 J * jayeola ~jayeola@host-84-9-109-32.bulldogdsl.com 1131903360 Q * jayeola Quit: brb 1131904011 Q * derbien Ping timeout: 480 seconds 1131905105 J * iprone ~iprone@adsl-065-012-167-027.sip.asm.bellsouth.net 1131906014 Q * monrad Quit: Leaving 1131906305 J * derbien ~derbien@whiterabbit.nbmc.de 1131906879 N * Bertl_oO Bertl 1131906883 M * Bertl back now ... 1131906939 J * Viper0482 ~Viper0482@p549752E4.dip.t-dialin.net 1131907030 M * Bertl welcome Viper0482! 1131907036 Q * schak Ping timeout: 480 seconds 1131907593 J * Blissex pcg@82-69-39-138.dsl.in-addr.zen.co.uk 1131907674 Q * FireEgl Quit: Bye... 1131910120 Q * derbien Ping timeout: 480 seconds 1131910132 P * Viper0482 und weg 1131910462 J * derbien ~derbien@whiterabbit.nbmc.de 1131911912 J * derjohn ~derjohn@80.69.35.186 1131912028 M * derjohn how does a xid relate to a conext? if i copies a vservers dir from how do I well it which xid it has? 1131912048 M * daniel_hozac xid == context ID ;) 1131912174 M * derjohn thx. i thought xid belongs to the extendend attrs ... so i don't have to change anything. but it's a pitty that there are two differnet names for more or less the same thing. 1131912439 M * daniel_hozac files can be tagged with the xid. 1131912450 M * daniel_hozac (not an extended attribute though) 1131912508 M * derjohn for what purpose? the guest is in its chroot anyway. ot does this relate to hardlinks? 1131912626 Q * derbien Quit: changing servers 1131912647 J * derbien ~derbien@whiterabbit.nbmc.de 1131912746 M * daniel_hozac disk limits for instance. 1131912817 M * derjohn ah, so it's vdlimit which set the xids? but they are not updates automatically as the example scrips look like (it's regexing from df -h etc.) 1131912864 Q * dos000 Quit: Leaving 1131912885 M * daniel_hozac no, vdlimit doesn't set the xids. 1131912894 M * daniel_hozac the kernel does, and chxid can change them after the fact. 1131912932 M * daniel_hozac and the example is that way because i didn't want to assume people had my patched du/find etc ;) 1131912978 M * derjohn eh, you mean the kernel changes xid on the fly? or is an xid for files nothing persistent? or does the kernel write the xids to the file? 1131913010 M * daniel_hozac the kernel will set the xid of newly created files to that of the context creating it. 1131913034 M * derjohn ok, and the ones I copied as "root of host"? 1131913049 M * daniel_hozac would be tagged as belonging to the host. 1131913061 M * daniel_hozac (and thus accessible to all guests. 1131913076 M * derjohn what??? 1131913116 M * derjohn but they don't have access due the chroot? ot do you mean they could access it after escaping a chroot? 1131913149 M * daniel_hozac if those files are within the guest's reach, it will be able to access them. 1131913155 M * derjohn so: with what command do I tag the files with the proprt xid after copying as root of host? 1131913174 M * derjohn yes, understood. 1131913211 M * daniel_hozac chxid -c -R /path/to/copy 1131913234 M * derjohn ok. that what I was looking for ;) 1131913249 A * derjohn is going to make some hosts secure in a minute ;) 1131913273 M * derjohn just now i wondering how to set "secondary" IP addresses a virtual interface (new style config). A second line does not work ... 1131913290 M * daniel_hozac new directory. 1131913314 M * daniel_hozac cp -a /etc/vservers//interfaces/{0,1}, edit 1/* 1131913362 M * derjohn ouch .. 254 IP for that host ... so every IP has an own labeled interface? ok. loopback 127.0.0.>=2 is no exception? 1131913400 M * daniel_hozac you don't need labels. 1131913449 M * daniel_hozac and one guest can only have 16 IPs, unless patched. 1131913535 Q * alexx Read error: Connection reset by peer 1131913540 M * derjohn er, quite useful info for me. maybe I have to work with hostroutes then ... is th 16 IP limit true for vs 2.1 too? Can I find the patches on 13th floor ? 1131913594 M * daniel_hozac with the legacy networking, i think so. 1131913596 M * derjohn labels == for secondary addr, I meant "virtual network interface names" ... (dunno if there is a special name for them) 1131913640 M * daniel_hozac you mean like eth0:2274? 1131913655 M * derjohn what to you mean by "legacy"? Is there s.th. new comming up? Didn't see it .... I mean, I did not look for patches except vs2.1rc4 1131913674 M * daniel_hozac rc4? it's at rc7 now. 1131913675 M * derjohn eth0:2274 -> label in language of iproute2 1131913679 M * daniel_hozac yes, right. 1131913684 M * daniel_hozac you don't need a label at all. 1131913684 M * derjohn yes, my compiler is so slow ;) 1131913703 M * daniel_hozac i'll race you ;) my kernels take about 7 hours to build. 1131913720 M * derjohn foo(); ???? 1131913721 M * derjohn 7h ? 1131913738 M * daniel_hozac yep. 1131913763 M * derjohn you use the openoffice-in-kernel-mode patch or what? 1131913806 M * daniel_hozac nope, i just rebuild the Fedora kernels. (UP and SMP, with every module imaginable enabled) 1131913838 M * daniel_hozac i don't think Bertl has any patches for the 16 IP limit. you just need to change NB_IPV4ROOT in include/linux/vserver/network.h 1131913854 M * daniel_hozac it will slow you down though. 1131913856 M * Bertl actually there is one, but not updated 1131913903 M * derjohn EHLO Berl! slow down meansm this is kind of "plain lookup", no hash or so? 1131913912 M * Bertl http://vserver.13thfloor.at/Experimental/VARIOUS/delta-2.6.9-vs1.9.3-net64.diff 1131913919 M * Bertl it's linear lookup 1131913932 M * Bertl on every check it will scan until found or missed 1131913970 M * derjohn what does -net64 indicate? 64? 1131913971 Q * derbien Ping timeout: 480 seconds 1131913979 J * derbien ~derbien@whiterabbit.nbmc.de 1131914036 M * Bertl yup, as you can easily see from the patch :) it changes the limit of 16 to 64 1131914045 M * derjohn BTW: If I begin to build a RC7 on 2.6.14 now ... is there a release plan for rc8 or vs21-norc ? 1131914054 M * derjohn ah, so not 64 bit issue .... 1131914055 M * Bertl (you need a similar patch for the tools, or at least to rebuild them) 1131914100 M * derjohn hm, which tool relate to "net"? vserver build does only set one ip anyway .... 1131914111 M * Bertl nope 1131914122 M * Bertl you can add as many --interface statements as you like 1131914140 M * Bertl but chbind will not be able to communicate more than 16 without recompile 1131914188 M * derjohn uh, badstuff. recompile means ... I need to compile with my modded kernel-headers? 1131914217 M * derjohn (the util-vserver) 1131914303 M * derjohn are there any plans for a non-linear lookup by default? I mean 8 or 10 bit per vhost should not be so much when I comes to memory consumption. 1131914311 M * derjohn s/I/it/ 1131914351 M * Bertl no, there is no real point in having so many IPs in a guest, and ngnet will remove that limitation anyway 1131914392 M * Bertl http://vserver.13thfloor.at/Experimental/VARIOUS/util-vserver-0.30.196-net64.diff.bz2 1131914414 M * Bertl (not sure it still applies to recent tools) 1131914469 M * daniel_hozac hmm, i thought util-vserver queried for NB_IPV4ROOT. 1131914515 M * derjohn it see I would have to deal with various artists ;) .... maybe the hostroute is easier in my case..... 1131914532 M * daniel_hozac nevermind, that doesn't really make sense and i was just confused by filenames :) 1131914547 M * derjohn What about rc8 ? Soon near a cinema near me? 1131914581 Q * derbien Ping timeout: 480 seconds 1131914586 M * derjohn BTW: Did I overlook the announcement or was the discussion towards not sending info about rc's to the ML? 1131914673 M * daniel_hozac when you're using the development versions, you're probably better off sitting on here anyway ;) 1131914710 M * derjohn uh man, don't destroy my trust in berl's coding skillz :) I use rc4 in ... semi-production 1131914735 M * derjohn but as I see there are more people involved than bertl only. 1131914790 M * derjohn but, yes I will stay 'ere from now on.... I would have come earlier, if it was on freenode :) 1131914911 M * daniel_hozac doesn't really matter how much skillz you have, getting all those new features right on the first try is unlikely ;) 1131914983 M * derjohn *shivvver* :) 1131915003 M * derjohn BTW, chxid says "Invalid argument" to all files .... ;( 1131915135 J * derbien ~derbien@whiterabbit.nbmc.de 1131915435 M * Bertl derjohn: just means that you have not enabled xid tagging for that filesystem 1131915494 M * derjohn Bertl, eh, was that an compiletime option the kernel, or do I have to mount the host-fs with some secret option? Or am I f** with reiserfs? 1131915519 M * Bertl derjohn: I do not announce the rc releases on ML (I'm lazy) 1131915553 M * Bertl derjohn: no, reiser is supported, although you ahve to do strange things with reiser (for normal barrier support even) 1131915590 M * Bertl derjohn: first, to make barrier and attrs work, you have to mount the partition with the 'attrs' option (ask Hans why :) 1131915621 M * Bertl second, to get xid tagging (if you need that) you also have to specify the tagxid option 1131915641 M * derjohn Bertl == lazy? Maybe lazy init only ;) ... 1131915663 M * derjohn Bertl, is this the case for reiser4 , too? if ,yes, I gonna ask hans,. 1131915688 M * Bertl well, actually I figured that not everyone is interested in the bleeding edge stuff, and as danie said, those interested are hanging around here anyway 1131915705 M * Bertl derjohn: did I miss the inclusion of reiser4 in mainline? 1131915736 M * derjohn Bertl, no, but I could imagine his answer if I ask for some feature in reiser3 ..... 1131915776 M * Bertl well, it's an option, which I'd expect to be default (at least it is on all other fs) 1131915794 M * Bertl but hey, reiser is different in so many aspects ...# 1131915813 M * derjohn Bertl, -mm has the reiser patches, but I was unable to find the -hp kernel ... :) 1131915840 M * derjohn yes, but we made good experiences with reiser3 the last ... 4 years .... 1131915869 M * Bertl well, it's supported ... :) 1131915924 M * derjohn fine, I have some homework to do now .... but whats with rc8? When can we expect it? Are there plans for the 2.1 release? 1131915993 M * derjohn why wouldn't I need "tagxid" ? Is there a reason for not doing so? 1131916014 J * aba ~aba@2001:a60:f006::2 1131916018 M * aba Hi 1131916034 M * aba hm, it's impossible to start up pppd inside a vserver? 1131916072 M * Bertl welcome aba! 1131916080 M * Bertl yes it is possible ... 1131916094 M * aba and, how does the pppd set the routes right? 1131916114 M * derjohn aba, at least you would need the /dev/device for ppp I guess ... 1131916156 M * Bertl aba: we did not talk about working properly, did we? 1131916161 M * aba Bertl: hey 1131916194 M * Bertl but you can make it work if you give certain CAPs, which in turn will make the setup insecure 1131916247 M * aba hm 1131916363 J * sepp ~How@port-212-202-71-63.dynamic.qsc.de 1131916676 M * Bertl welcome sepp! 1131917049 M * sepp hi 1131917072 M * sepp i have a question regarding the chroot-again exploit 1131917107 M * sepp i have build a test setup with 2.4.28 and vs1.29 1131917120 M * sepp i also set chmod 0000 /vservers 1131917129 M * sepp and chattr +t /vservers 1131917137 M * sepp but i am still able to escape 1131917147 M * sepp please dont mind the old versions 1131917160 M * sepp the setup is for a special purpose 1131917172 M * sepp any idea what the problem could be 1131917174 M * sepp ? 1131917202 M * Bertl well, the problem is probably the combination of old tools and older kernel aptches 1131917237 M * sepp ok 1131917240 M * Bertl first, it's mainline (vanilla) 2.4.28 and vs1.29? 1131917249 M * sepp yes 1131917263 M * Bertl okay, give me a second to check the barrier condition there 1131917271 M * sepp thx 1131917433 M * Bertl what filesystem? 1131917459 M * sepp reiserfs 1131917469 M * Bertl well, that's bad luck ... 1131917484 M * derjohn I tried to remount my fs wirh "mount -o remount,rw,notail,noatime,usrquota,grpquota,attrs,tagxid -t reiserfs /dev/md0 /", but the tagxid option is not recognized. I cannot find a kernel option to en/disable it. what's wrong? quota? 1131917489 J * alexx ~alexx@proxy.ikse.net 1131917489 M * Bertl sepp: the barrier code was not working for reiserfs until 1.2.10 1131917518 M * sepp good to know 1131917518 M * Bertl derjohn: remount is not supported (for obvious reasons) 1131917536 M * Bertl derjohn: you ahve to unmount and mount it again 1131917562 M * sepp Bertl: besides that ... does the new networking code allow tap/tun devices in a vserver ? 1131917565 M * Bertl welcome alexx! 1131917581 M * alexx hello Bertl 1131917593 M * derjohn I expected such a staggering answer... 1131917596 M * Bertl sepp: 'new networking code' being? 1131917622 M * sepp NGNET 1131917633 M * Bertl yep, ngnet will allow for such devices 1131917654 M * sepp how major is the implementation ? 1131917691 M * Bertl we had a working prototype around 1.9.5, and are currently working on the 'new' implementation 1131917699 M * Bertl (i.e. nothing working yet) 1131917772 M * sepp ok no big deal ... is just wanted to run openvpn in a vserver some time a go and was wondering if it would work now 1131917803 M * Bertl not now, but probably soon ... 1131917810 M * sepp cool 1131917906 M * Bertl sepp: but it should not be too hard to patch up the vs1.29 to 1.2.10 (and thus make the reiserfs code work) 1131917931 M * sepp Bertl: a kernel exploit should be able to break out of a vserver in most cases ? am i right ? 1131917964 M * Bertl no, I'd say, it will fail in most cases 1131917975 M * sepp ok 1131918011 M * Bertl first, most kernel exploits fail, ebcause kernel structures are different 1131918038 M * sepp Bertl: we are running much new kernel version and vserver versions on our production systems ... the old setup is just for a demonstration on possible security issues 1131918042 M * Bertl those which succeed, and are not specifically targeted on linux-vserver, will not try to escape the jails 1131918050 M * sepp ok 1131918061 M * sepp so a exploit must be modified to do so 1131918085 M * Bertl yes, definitely 1131918112 M * sepp thx for the infos :) 1131918165 Q * Blissex Remote host closed the connection 1131918175 M * Bertl sepp: you're welcome! 1131918534 M * sepp bye 1131918538 Q * sepp Quit: Leaving 1131918638 Q * wersh Quit: 1131918905 M * derjohn Bertl, since 2.6.13 -> vs21-rc4 I have an failed hunk on "init/version.c.rej". I am patching against debian's 2.6.14 experimental. So guess it's an debian extensiom to checl for stuff like #ifdef LINUX_COMPILE_SYSTEM_OFFICIAL 1131918961 M * derjohn I solve that manuallay all the time, but I think I am not the only .deb user? Are there plans to take care for that extension? 1131918970 M * Bertl could be, don't know the debian sources 1131918983 M * derjohn is it mica or ola? 1131919003 M * Bertl well, I doubt that ola will care ... but mica might be the right person 1131919080 M * Bertl most debian users (right now) use a vanilla kernel and mainstream util-vserve 1131919106 M * derjohn I *think* I would be enough for patch to move the const char vx_linux_banner[] = just some lines up, right after EXPORT_SYMBOL(system_utsname); and before const char linux_banner[] = 1131919152 M * derjohn vx_linux_banner[] will not "respect" the debian "extension", but it will patch I guess (Did I mention I am not a coder?) 1131919165 M * Bertl no need to :) 1131919190 M * Bertl but if you upload the reject file and the file to be patched, I can tell you what to do :) 1131919237 J * yarihm ~yarihm@80-218-5-17.dclient.hispeed.ch 1131919250 M * derjohn oh, it maybe be that some wannebe geek already mailed you ;) 1131919267 M * Bertl welcome yarihm! 1131919272 M * derjohn But there is danger in my code!!! 1131919284 M * yarihm hi Bertl, hi rest 1131919322 M * Bertl derjohn: if you mailed right now, it will take some time ... 1131919392 M * derjohn hey, I hope I am already known by your greylist !!!!! 1131919417 M * Bertl hmm, indeed :) 1131919597 M * Bertl derjohn: hmm, well, it should work this way ... 1131919760 M * derjohn yes, if you change the order it might work without handish work 1131919791 M * derjohn Bertl, include/linux/vserver/legacy.h ... does not contain "#define NB_S_CONTEXT 16" 1131919812 M * derjohn *snieff* where do I define 64 IPs ? (VS21-rc7) 1131919886 M * derjohn I got this from "delta-2.6.9-vs1.9.3-net64.diff" 1131919900 M * Bertl what kernel aptch are we talking about? 1131919941 M * Bertl ah, vs2.1.0-rc7 1131920002 M * derjohn nx_mask_pair[NB_IPV4ROOT] .. .is this the replacemnt struct? dunno C though.. just ... little java/perl/bash 1131920021 M * Bertl include/linux/vserver/network.h 1131920025 M * Bertl #define NB_IPV4ROOT 16 1131920123 M * derjohn yes, the delta patch "patched" that, too. 1131920137 M * derjohn so the 2nd occurrence is obsolete? 1131920325 M * Bertl probably 1131920341 M * Bertl we did some simplifications there 1131920445 M * Bertl yep, from the kernel side it's the only occurance 1131920848 J * Aiken ~james@tooax8-231.dialup.optusnet.com.au 1131920856 M * derjohn jujjuh .... then I go for builing 2.6.14.... would you not recommend SMP ? 1131920867 M * derjohn (the website says so ...) 1131920874 M * derjohn I dint need it in my case, but ..... 1131920986 Q * shedi Quit: Leaving 1131921176 M * Bertl derjohn: hmm, which web site? 1131921197 M * Bertl derjohn: well, I mean, it makes no sense to compile the kernel SMP if the machine is UP 1131921218 Q * lilo Remote host closed the connection 1131921221 M * derjohn AFAIR linux-vserver.org ... or was it on the ML only? It was under a section called "stability" 1131921225 M * Bertl morning Aiken! 1131921242 M * Bertl derjohn: hmm, please be so kind and point me to it ... 1131921243 M * Aiken hi 1131921245 J * lilo ~lilo@lilo.usercloak.oftc.net 1131921247 M * derjohn Bertl, I provide my kernel in binary form for the public as you may know. 1131921258 M * derjohn so, the lesser reason for recompiling, the better .... 1131921268 M * Bertl derjohn: because there are absolutely no SMP issues 1131921299 M * derjohn hmm ... I think in my first run I go without .... maybe I make two version ... 1131921311 M * derjohn modprobe smp does not work yet ;) 1131921364 M * Bertl for obvious reasons :) 1131921522 M * derjohn oh, so I cannot remove raidhotremove /dev/cpu2 doesn't work either? *g* ok ... I think I wiill build now. 1131921563 M * derjohn Did you get my "refined" tulip patch for VLAN-MTU (the one from erdfelt) 1131922042 M * Bertl yup 1131922331 J * monrad ~monrad@213083190130.sonofon.dk 1131922435 Q * Doener Quit: Leaving 1131923033 M * bragon hello Bertl :) 1131923211 M * Bertl hey bragon! 1131923708 M * sizo n8 1131923766 M * Bertl night sizo! 1131923781 M * sizo nite bertl 1131924165 Q * yarihm Quit: Leaving 1131924996 J * schak schak@dslb-082-083-043-091.pools.arcor-ip.net 1131925726 Q * schak Ping timeout: 480 seconds