1132877375 Q * yarihm Quit: Leaving 1132877869 M * anonymousc morning bertl 1132878657 J * shedi ~siggi@inferno.lhi.is 1132879386 M * derjohn foo() - can anyone tell me, how to use an inittab within a guest for respwaning a process like: h1:23:respawn:/usr/bin/hts -F boolbab:443 8888 1132879666 Q * SeerHome Quit: Client exiting 1132880055 Q * Johnnie Ping timeout: 480 seconds 1132880623 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1132882802 J * mememe ~chatzilla@i-195-137-13-41.freedom2surf.net 1132882811 M * mememe hi 1132882955 Q * mememe Quit: Chatzilla 0.9.68.5 [Firefox 1.0.7/20050919] 1132883521 Q * lilo_ Ping timeout: 480 seconds 1132884115 Q * Johnnie Ping timeout: 480 seconds 1132884167 Q * anonymousc Remote host closed the connection 1132884395 J * anonymousc ~anonymous@staff.internode.com.au 1132884679 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1132886315 J * dos000 ~dos000@i216-58-50-238.cybersurf.com 1132888532 J * sebi_ ~sebi@Fd1f1.f.strato-dslnet.de 1132888631 Q * sebi Ping timeout: 480 seconds 1132889440 J * dos000_ ~dos000@i216-58-19-36.cybersurf.com 1132889875 Q * dos000 Ping timeout: 480 seconds 1132891047 M * daniel_hozac derjohn: are you using the plain init style? 1132895562 M * dlippolt SNy: ping 1132896436 Q * sladen Ping timeout: 480 seconds 1132897583 J * lilo ~lilo@lilo.usercloak.oftc.net 1132897770 N * Bertl_oO Bertl 1132897774 M * Bertl morning folks! 1132897792 M * Bertl *short visit, soon off to the airport* 1132897856 M * Bertl anonymousc: could you run the EIP address through addr2line with your kernel source like this: 1132897894 M * Bertl anonymousc: cd /path/to/kernel && addr2line -e vmlinux c0178cb1 1132898099 M * anonymousc argh - sorry bertl - was on another screen 1132898134 M * anonymousc recompiled the kernel with vserver debugging enabled and it doesn't panic... 1132898209 M * Bertl hmm, so you removed the previous vmlinux ? 1132898211 M * anonymousc hmm - i've lost the old vmlinux since recompiling for debugging - let me recompile without debugging and get another crash and EIP address 1132898228 M * anonymousc yup 1132898245 M * Bertl k, np, take your time 1132898267 M * Bertl (get the EIP address from your new kernel oops, if you get one) 1132898270 M * dlippolt Bertl: ping 1132898277 M * Bertl dlippolt: pong! 1132898282 M * anonymousc will it be more helpful if the vserver debugging is in? 1132898290 M * anonymousc (assuming I could get it to panic) 1132898303 M * dlippolt Bertl: just sent you the strace comparisons. looks like multicast RECEIVE is what doesn't work in the vserver 1132898314 M * anonymousc not that cow links work either way - it just tells me there are "too many links" 1132898318 M * Bertl anonymousc: not really, the addr2line info would be helpful 1132898337 M * Bertl anonymousc: I assume that the xfs sendpage impementation is broken again 1132898361 M * dlippolt Bertl: with NET_ADMIN 1132898361 M * dlippolt NET_BROADCAST enabled 1132898391 M * Bertl dlippolt: okay, will look at it later (i.e. when I established network access in princeton) 1132898433 M * Bertl dlippolt: ah, the NET_BROADCAST is unused (as we figured last time) 1132898520 M * Bertl dlippolt: hmm, had a look at it :) what IP addresses does your guest have assigned? 1132898523 M * dlippolt Bertl: haha, i dont remember figuring that :) can i send attachments to the list? 1132898530 M * dlippolt 192.168.1.237 1132898533 M * dlippolt ip matches vserver name 1132898536 M * dlippolt on 192.168.1.9 1132898540 M * Bertl add the multicast ip too 1132898541 M * dlippolt *192.168.1.* 1132898554 M * dlippolt so i tried that 1132898555 M * Bertl as nodev 1132898558 M * dlippolt by adding a 1 to interface 1132898559 M * dlippolt ah 1132898560 M * dlippolt dang 1132898563 M * dlippolt didn't do that 1132898574 M * dlippolt scurrying over 1132898580 M * Bertl and try to make it the first ip too 1132898596 M * Bertl (jsut guessing from the output) 1132898601 M * dlippolt so just ip and nodev 1132898605 M * dlippolt as the attributes 1132898607 M * dlippolt for that interface 1132898609 M * Bertl yup 1132898618 M * dlippolt does it need a name? 1132898619 M * Bertl and have an strace run for the receive and send 1132898629 M * Bertl dlippolt: nope, the alias name is not required 1132898634 M * dlippolt k 1132898653 M * dlippolt i presume i have to restart the vserver 1132898660 M * dlippolt to apply those changes 1132898661 M * Bertl yep 1132898770 M * Bertl dlippolt: well, I didn't know either (regarding the NET_BROADCAST) but somebody recited from a manpage that it was now unused (and a check in the kernel did confirm that) 1132898805 M * Bertl which of course gives a bunch of new options (i.e. we can reuse that capability :) 1132898833 M * dlippolt interesting. fyi, it didn't work by making the mcast the second interface 1132898836 M * dlippolt retrying making it the first 1132898945 M * dlippolt also failed. producing straces 1132898948 M * dlippolt shall i email them to u? 1132899113 M * Bertl yes, please 1132899168 M * Bertl k, leaving now ... back tomorrow (or so) 1132899182 N * Bertl Bertl_oO 1132899207 M * dlippolt k done 1132899297 M * anonymousc nite bertl 1132899681 J * balbir ~balbir@59.145.136.1 1132902766 J * popo ~k@196.207.45.254 1132902833 Q * bwana Quit: doh 1132902927 P * popo 1132905801 Q * Megabart Ping timeout: 480 seconds 1132907293 J * Aiken_ ~james@tooax6-153.dialup.optusnet.com.au 1132907606 Q * Aiken Ping timeout: 480 seconds 1132907760 Q * shedi Quit: Leaving 1132907766 Q * harry Ping timeout: 480 seconds 1132907859 M * anonymousc panic info for bertl (or anyone else who cares:) http://pastebin.com/437575 1132907861 Q * NikDaPhreak Quit: Hybernating my brain... 1132908807 J * harry ~harry@d515321D1.access.telenet.be 1132910065 M * harry how do i remove a vserver? 1132910070 M * harry (what's the best way?) 1132910161 M * daniel_hozac rm -fr /etc/vservers/ /vservers/? 1132910173 M * harry is that the best way?? 1132910248 M * daniel_hozac why wouldn't it be? 1132910257 A * harry is clueless :) 1132910279 M * harry but... i'll do it that way :) 1132910280 M * harry tn 1132910280 M * harry x 1132910300 J * Cru ~mindwarp@instructor.e.de.wahlich.com 1132910306 M * Cru mornin 1132910327 M * daniel_hozac morning 1132913109 M * harry http://pastebin.com/437613 1132913113 M * harry anyone ideas? 1132913195 M * Cru is that its own partition or a loopback container? 1132913223 M * harry logical volume 1132913229 M * harry it WAS a logical volume 1132913231 M * Cru you should check within the vservers namespace whether all pseudofs are umounten 1132913241 M * harry how? 1132913280 M * Cru vnamespace -e mount should do 1132913330 M * harry hmm... xid from vserver.... 1132913343 M * Cru cat /etc/vservers//run 1132913361 M * harry that's long gone 1132913364 M * harry that vserver is gone 1132913380 M * harry cat: /usr/local/vserver/etc/vservers/tobiaas/run: No such file or directory 1132913384 M * harry (off course) 1132913513 M * Cru well, I suppose there are still other possibilities to solve this problem using vnamespace, but it would be much easier to reboot your system... 1132913575 M * harry rebooting a system with 5 vservers running is NOT something i like to do... :s 1132913617 J * enrv ~enrv@80.67.164.43 1132913637 M * Cru but deleting a vservers config unless it has been gracefully stopped sould not be done either ;) 1132913724 M * Cru you should also be able to read the xid from /var/run/vservers/.ctx 1132913737 M * Cru unless you deleted that one, too ;) 1132913804 M * harry it wasn't running 1132914035 M * Cru well, we could either discuss about how graceful a vserver stop cleans up its namespace and mounts, or we could try to solve you problem - it is your choice ;) 1132914165 M * harry i'd like to know why it's not removable 1132914179 M * harry i think i know why the problem is there... 1132914182 M * harry but not the sollution 1132914195 M * Cru as I supposed, because there is something left in the vserver's namespace 1132914198 M * harry what did i do: lvrename vservervg tobiaaslv newblalv 1132914207 M * harry and THEN unmount (i thought i did it allready) 1132914219 M * harry but tobiaas wasn't running 1132914226 M * harry it never ran... but it WAS defined... 1132914637 J * lilo_ tor@lilo.usercloak.oftc.net 1132914811 Q * lilo Ping timeout: 480 seconds 1132914895 P * enrv 1132914902 Q * [MUPPETS]Gonzo Quit: Serverwechsel 1132914939 J * [MUPPETS]Gonzo gonzo@langweiligneutral.deswahnsinns.de 1132914977 Q * michal_ Remote host closed the connection 1132914994 J * michal_ ~michal@mprivacy-update.de 1132915105 Q * ag- Ping timeout: 480 seconds 1132915189 J * ag- ag@caladan.roxor.cx 1132916560 Q * Aiken_ Quit: Leaving 1132916936 J * shedi ~siggi@tolvudeild-195.lhi.is 1132917105 Q * cryo Ping timeout: 480 seconds 1132917246 J * cryo ~say@212.86.233.146 1132917603 J * dos000__ ~dos000@i216-58-16-249.cybersurf.com 1132917921 Q * dos000_ Ping timeout: 480 seconds 1132918326 Q * cryo Ping timeout: 480 seconds 1132919152 J * dos000_ ~dos000@i216-58-25-243.cybersurf.com 1132919590 Q * dos000__ Ping timeout: 480 seconds 1132919604 J * sladen paul@starsky.19inch.net 1132919923 J * cryo ~say@212.86.233.146 1132920659 J * neofutur_ ~neofutur@neofutur.net 1132920775 Q * neofutur Read error: Connection reset by peer 1132921434 Q * balbir Quit: Leaving 1132922959 J * miller7 ~none@213.239.180.101 1132926089 Q * dos000_ Quit: Leaving 1132930261 J * DaVinci ~DaVinci@p54AF7A87.dip.t-dialin.net 1132930265 M * DaVinci Hy 1132930321 M * DaVinci Does anyone here has experience in VServer+Firewall? 1132930355 M * DaVinci sry for the bad english 1132930625 M * daniel_hozac what's the problem? 1132930657 M * DaVinci I have a gentoo machine 1132930673 M * DaVinci With VServers installed 1132930679 M * DaVinci On the master I'm using iptables 1132930726 M * DaVinci Now I tried to use iptables on the VServers but iptables seems not to run 1132930743 M * daniel_hozac indeed, you need to manage iptables on the host. 1132930755 M * aba DaVinci: iptables need to happen on the master 1132930758 M * DaVinci Is there a possibility to use another firewall? 1132930774 M * DaVinci I find it pretty ugly to manage all the rules for the vhosts on the master 1132930813 M * DaVinci I don't need packet filtering or so 1132930825 M * DaVinci I only need to forbid access to different ports 1132930855 M * DaVinci a.e. the web-administration of teamspeak, etc. 1132930870 M * DaVinci This should only be accessibly with ssh tunnels 1132930933 M * DaVinci -y +e 1132930946 M * DaVinci -with +by 1132930954 M * daniel_hozac so why can't you do that on the host? 1132930999 M * daniel_hozac sounds as if it would be a minimal amount of rules. 1132931036 M * DaVinci I set up vservers to give someone the root-pw for the vserver and he can do anything without me worry about security 1132931074 M * DaVinci I know thats possible anyhow...2 years ago I rented a vserver-machine and there I could use iptables directly on the vserver 1132931126 M * DaVinci But the only information I found was about virtuozzo 1132931169 M * DaVinci Isn't there a possibility of using some firewall not needing physical access to the network-device? 1132931191 M * daniel_hozac huh? 1132931223 M * DaVinci Some program who hangs between the apps and the emulated network-device 1132931225 M * daniel_hozac vserver has never supported iptables within guests, AFAIK. 1132931235 M * DaVinci -who hangs +hanging 1132931237 M * daniel_hozac what emulated network device would that be? 1132931252 M * daniel_hozac remember, all networking happens on the host. 1132931270 M * DaVinci The eth0 in the guest is emulated, isn't it? 1132931274 M * daniel_hozac vserver merely restricts guests to a subset of the IPs. 1132931276 M * daniel_hozac no. 1132931314 M * daniel_hozac ngnet will have virtualized networking, but it's not suitable for production use yet. 1132931370 M * DaVinci Hmm 1132931380 M * DaVinci So there's no possibility? 1132931397 M * DaVinci (except firewalling on the host) 1132931470 M * daniel_hozac for what? using iptables in guests? no. 1132931481 M * DaVinci It doesn't need to be iptables 1132931490 M * DaVinci Can be any other program 1132931536 M * DaVinci How I said, it neither needs filtering, just a dumb port-whitelist oder blacklist 1132931551 M * DaVinci -oder +or 1132931551 Q * Johnnie Read error: Connection reset by peer 1132931565 M * daniel_hozac and why can't you manage that on the host? 1132931615 M * DaVinci Then everytime when someone needs other firewall-rules I can do the work 1132931632 M * DaVinci That's not flexible enough 1132931656 M * daniel_hozac why do you want to limit it at all then? 1132931658 M * DaVinci Or I would have to write a web-interface for the management 1132931704 M * DaVinci One of the vservers has teamspeak on it 1132931711 M * DaVinci Teamspeak runs 3 interfaces/ports 1132931728 M * DaVinci 1 Port for the real voice-connection 1132931735 M * DaVinci 1 port for a telnet-like-interface 1132931742 M * DaVinci 1 port for a web-interface 1132931759 M * DaVinci I need only one of them public accessible 1132931777 M * DaVinci Each open port more is a security hole more 1132931794 M * DaVinci On the next server teamspeak isn't running but that ports are used by other apps 1132931802 M * daniel_hozac only if something is listening on the port, and if you do have something listening, odds are you want it open. 1132931827 M * DaVinci teamspeak listens on 3 ports and there's no config-file 1132931847 M * DaVinci So...you start teamspeak...and have 3 open ports 1132931869 M * DaVinci Without having the possibility of shutting the 2 unneeded services down 1132931888 M * DaVinci So I have to do that by firewall-rules 1132931934 M * daniel_hozac or you could just patch it to let you decide what you want running ;) 1132931956 M * DaVinci teamspeak is no open-source-program 1132931974 M * DaVinci And I don't have the time to debug the app for then fixing in Asm 1132931994 M * DaVinci The next time one of the admins installs another app I would have to do that again 1132932052 M * DaVinci Writing a web-interface for the management on the master-server opens another possible security-hole 1132932086 M * DaVinci I thought there must be a simple way for that 1132932122 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1132932124 M * TheSeer btw.. if anyone cares for the solution of my crond problem - downgrading to vixie-cron 3.x fixed the problem 1132932151 M * DaVinci What problem was that? 1132932154 M * TheSeer seems like the fc3/fc4 version of vixie-cron (4.x) doesn't work with vserver 1132932178 M * TheSeer constant "system error" rather then the cronjob actually beeing executed 1132932186 M * DaVinci Oh 1132932190 M * DaVinci I should check that *g* 1132932202 M * DaVinci global cron or a user-cron? 1132932217 M * TheSeer no difference 1132932222 M * TheSeer whenever a job is supposed to be started 1132932238 M * TheSeer it gets the trigger, spawns a child and bang: system error, sigchild 1132932269 M * TheSeer maybe it will vanish after upgrading vserver and kernel though 1132932275 M * TheSeer i'm not running the latest releases 1132932289 M * DaVinci Hmm...what could I run for testing-purpose? 1132932337 M * TheSeer testing of what? 1132932351 M * DaVinci If it runs or fails 1132932360 M * DaVinci I tried a simple ls 1132932386 M * daniel_hozac TheSeer: WORKSFORME. 1132932415 M * TheSeer daniel_hozac: well.. we'll see if it goes away when i upgrade the core server 1132932420 Q * sladen Ping timeout: 480 seconds 1132932475 M * daniel_hozac 2.6.11-1.35_FC3.vs2.0.0.0.rc4 1132932481 M * daniel_hozac not really recent kernel here either ;) 1132932504 M * TheSeer 2.6.11.5-vs1.9.5 1132932506 M * TheSeer ;> 1132932538 M * TheSeer i'm not sure wether i want 2.6.14.. 1132932549 M * TheSeer the FC4 2.6.14 has quite a few problems 1132932554 M * daniel_hozac hmm? 1132932557 M * daniel_hozac such as? 1132932559 M * DaVinci <- 2.6.12-r1 1132932564 J * yungyuc ~yungyuc@61-217-135-165.dynamic.hinet.net 1132932573 J * sladen paul@starsky.19inch.net 1132932588 M * TheSeer on my thinkpad the 2.6.13 works pretty stable, the 2.6.14 has interesting side effects on stability 1132932605 M * daniel_hozac 2.6.14-1.1634_FC4.vs2.0.1.0.pre3.2smp is working wonderfully here. 1132932609 M * TheSeer like suspend to ram doesn't come back, usb has problems.. and stuff 1132932625 M * TheSeer i didn't try it on server though 1132932641 M * TheSeer just noticed some strange problems with it i don't have with 2.6.13 1132932643 M * DaVinci I think suspend to ram/usb are things that needn't to be run on a server *g* 1132932660 M * daniel_hozac USB mass storage weirdness? 1132932733 M * daniel_hozac nevermind, i was thinking rawhide. 1132932914 M * DaVinci cron[25807]: (root) MAIL (mailed 831 bytes of output but got status 0x0001 ) 1132932916 M * DaVinci Hmm 1132933278 J * Doener doener@i5387D7D3.versanet.de 1132933290 M * DaVinci Doener macht schoener? 1132933316 A * Doener yawns 1132933363 M * DaVinci Ah, now cron mails 1132933372 M * DaVinci wrong mailwrapper-config 1132933471 M * DaVinci Doener? 1132933507 M * Doener yeah? 1132933555 M * DaVinci Query 1132933587 M * miller7 is there a netstat equivalent for all guests? like vps 1132933618 M * daniel_hozac chcontext --xid 1 netstat ... 1132933629 M * miller7 :) 1132933654 M * miller7 wait though 1132933665 M * miller7 this does not show the CTX of each line, right? 1132933673 M * daniel_hozac nope. 1132933760 M * DaVinci Noone else an idea how I can use firewalls in the guests? 1132934108 Q * yungyuc Quit: leaving 1132934161 M * DaVinci Anyone should program viptables *grin* 1132934164 M * Doener miller7: you can get the context numbers of all running vserver from /proc/virtual/. then you could do that chcontext-netstat thing for each context and add the ctx column. 1132934214 M * DaVinci If I had a hammer *sing* 1132934293 M * miller7 Doener: thank you, I will try to do so 1132934636 M * daniel_hozac DaVinci: that would have the opposite goal ;) 1132934672 M * DaVinci But a very good alternative to firewalls 1132934694 M * DaVinci No connections could be made in and no out 1132934712 M * daniel_hozac no, in the spirit of other v* tools, that would be used to configure the guest's iptables. 1132934747 M * daniel_hozac run on the host, perform in the vserver. 1132934748 J * dos000 ~dos000@CPE00119572fd49-CM00137186e53a.cpe.net.cable.rogers.com 1132934751 M * DaVinci I didn't mean a viptables on the host but a viptables on the guest 1132934784 M * DaVinci Using some method of communication to set the values on the host 1132934799 M * daniel_hozac that time would be better spent working on ngnet. 1132934812 M * DaVinci What exactly is ngnet? 1132934851 M * daniel_hozac http://linux-vserver.org/NGNET-Development 1132934869 M * DaVinci thx 1132934914 M * DaVinci Ah 1132934925 M * DaVinci A complete replacement of Linux-VServer 1132934937 M * daniel_hozac umm, no. 1132934940 M * daniel_hozac just the networking part. 1132934971 M * DaVinci Ah, ok 1132934980 M * DaVinci That seems to be the better way 1132935534 M * DaVinci But how do professional vhosters that? 1132935619 M * DaVinci +do 1132936027 Q * shedi Quit: Leaving 1132936584 M * DaVinci Uhm 1132936598 M * DaVinci And I can't run a bind on a guest? 1132936665 M * Doener http://linux-vserver.org/Linux-Vserver+FAQ -- G1 1132936699 M * ag- DaVinci: vhosters don't let you modify network settings, it's generaly cheap vhosting they propose 1132936706 M * Doener IIRC there was some work on getting bind to work without that, but i don't know its status 1132936771 M * ag- Doener: it should be recompiled without libpcap or similar... 1132936808 M * ag- s/libpcap/lcaps/ 1132936821 M * DaVinci thanks very much :) 1132936977 M * Doener ag-: i know, that's what the FAQ url i gave says ;) but IIRC Bertl tried to get bind working in a vserver even with linux-caps compiled into bind 1132937136 M * DaVinci Gna 1132937167 M * DaVinci Thats exactly what I tried not to do...compiling packages myself *grmls* 1132937248 Q * Duckx Quit: Leaving 1132937250 M * DaVinci note to myself: If I should meet the person setting the usage-flags for bind...slap him for forgetting "nocaps" 1132937267 M * Johnnie Try MyDNS if you don't require BIND. 1132937389 M * DaVinci I think MyDNS lacks that usage-flag under gentoo too 1132937428 M * DaVinci Or does mydns simple just not use that function? 1132937437 M * Doener mydns doesn't have that issue... 1132937445 M * DaVinci Ah, perfect 1132937467 M * DaVinci You're all really cool 1132937496 M * DaVinci In other channels/networks I would have been kicked after the third dumb question *grin* 1132937574 J * popo ~k@196.207.45.254 1132937617 J * oliwel ~mail-at-o@host-62-245-151-178.customer.m-online.net 1132937672 Q * oliwel Quit: 1132937702 Q * popo Quit: 1132937708 M * DaVinci 1,5Gig RAM here and my housing provider gives me no entrance-code...*hmpf* 1132937922 M * Johnnie Yeah, MyDNS has no problem. 1132937928 M * Johnnie I've rolled it up into several Gentoo guests. 1132937938 M * Johnnie It does need MySQL, though. 1132937970 M * Johnnie http://mydns.bboy.net/ 1132938032 M * DaVinci * Starting mydns ... [ ok ] 1132938044 M * DaVinci thx :) 1132938070 M * Doener PowerDNS is also worth a look 1132938077 M * Doener (pdns in gentoo) 1132938087 M * DaVinci Perhaps I should sell DNS-Servers after that 1132938090 M * DaVinci *g* 1132938168 M * mnemoc djbdns rules :D 1132938291 J * shedi ~siggi@inferno.lhi.is 1132938376 M * Cru for those using CentOS4/RHEL4/FC4 vservers: I built quite LSB2-compliant djbdns packages, making installation of tinydns/dnscache as easy as apt-get install djbdns-tinydns 1132938434 M * Cru if anyone is interested: http://naturidentisch.de/packages/ 1132938493 M * DaVinci Hmm 1132938498 M * DaVinci MyDNS screams for phpmyadmin 1132938577 M * ag- Cru: i think you haven't the right to distribute them like that :) well, this is also why djbdns isn't considered free software 1132938578 M * DaVinci and phpmyadmin screams for a dns-update... 1132938578 M * Doener for pdns, there's poweradmin... but it sucks if you got a lot of zones... 1132938650 Q * dos000 Ping timeout: 480 seconds 1132938665 M * Cru ag-: hmm, is there any topic on that? I really had problems finding any information on its license... 1132938687 M * ag- Cru: maybe in debian-devel archives 1132938696 M * ag- oops, i mean debian-legal 1132938729 M * Cru could you summarize the problem by short? 1132938852 M * ag- you haven't the right to distribute the binaries with modifications, that includes the default paths Bernstein set 1132938913 M * Johnnie DaVinci: Set your USE flags then. 1132938947 M * ag- Cru: the famous bad ass "licence-free software" prevents you from doing so 1132938985 M * Cru hmm, I simply did a echo "%prefix" >conf-home 1132938995 M * ag- s/famous/infamous/ rather :) 1132939026 M * Cru well, I could provide SRPMs only 1132939051 M * Cru so everyone can build the binaries themselves 1132939084 M * ag- Cru: i think you can't distribute patched source either 1132939106 M * ag- well, in practice you do whatever you want :) 1132939138 M * Cru there is no patched source in the srpm - just the original source, a specfile and a patch for errno.h inclusion 1132939166 M * Cru the original source could even be excluded so rpmbuild will download it from djbs website 1132939255 M * Cru and the patch could be replaced by a gcc reconfiguration 1132939324 M * ag- in the end, you distribute a tool to modify the source, it's the same 1132939396 M * Cru well, I think the problem is whether a configuration file such as conf-home can be considered as source 1132939432 M * ag- that kind of discussion can never end, you know :P 1132939464 M * ag- like i said, in practice, you can do whatever you want :) 1132939484 M * ag- however, i'm sure there would be issues for a distro to include it patched 1132939606 M * Cru abstruse why DJB still did not declare a license... 1132939606 M * dlippolt re dns: you can also run bind 8.x unmodified. some security implications, but another viable option 1132939674 M * ag- Cru: i think a licence-free software falls directly under copyrighted work 1132939692 M * DaVinci Who was the one with MyDNS? 1132939703 M * ag- Cru: you can't redistribute a modified book of your prefered author :) 1132939747 M * ag- it's the same for djbdns 1132939753 M * Cru I even could not distribute unaltered copies ;) 1132939759 M * Cru without permission 1132939787 M * ag- exactly :) 1132939811 M * DaVinci What someone can do and what someone is allowed to do are 2 different topics *g* 1132939834 M * Cru but I could distribute pencils so everyone can alter it themselves ;) 1132939846 M * DaVinci I'll take one! 1132939867 M * DaVinci Oh, do you ship to Germany? 1132939966 M * DaVinci Hmm...8 years ago I thought nothing could be harder than configuring bind 1132939967 M * Cru what you like to get? a ballpen labeled "I altered djbdns."? ;) 1132939972 M * DaVinci Now I found MyDNS *g* 1132940012 M * DaVinci I would like one with "Where's my pencil?" 1132940032 M * Cru ag-: is there a ml archive for debian-legal? I did not find anything on lists.debian.org... 1132940040 M * ag- bind is great software, i don't know why you seek alternatives :) 1132940058 M * ag- Cru: http://lists.debian.org/debian-legal/ 1132940069 M * DaVinci Cause bind doesn't run in my guests without compiling it myself 1132940087 M * Cru suspect they do not link it on the main page... ;) 1132940102 M * ag- DaVinci: you use gentoo, it shouldn't be an issue for you, right? 1132940134 M * DaVinci It isn't...but I simply don't want to *g* Thats why ich chose gentoo 1132940140 M * ag- btw, bind runs internet root & tld servers, i think it's enough to adopt it for me :) 1132940156 M * DaVinci When I compile it myself I'll never have the chance of clearing it eventually off of the system 1132940181 M * DaVinci At least not completely 1132940193 M * ag- DaVinci: why not adding a use flag to the ebuild yourself? maybe forward your patch to gentto folks in the same time 1132940203 M * ag- -to+oo 1132940216 M * DaVinci I would do that 1132940220 M * DaVinci if I could 1132940235 M * DaVinci But I'm just not well-informed enough about how to do that 1132940258 M * DaVinci And at the moment I don't want to spend all the weekend with configuring a simple DNS-Server 1132940283 M * Hollow which ebuild is it about? 1132940344 M * DaVinci Oh...the master himself 1132940373 M * DaVinci It's about bind 1132940383 M * DaVinci on a gentoo-system 1132940387 M * Hollow and it doesn't run inside a vserver? 1132940412 M * DaVinci I know now why and what to do with the help of the others here 1132940437 M * DaVinci But I don't want to "destroy" my gentoo-system with compiling it myself 1132940453 M * Hollow hm.. iirc phreak told me the bind issue was solved, but it doesn't seem so by looking at cvs 1132940493 M * DaVinci *argh* that.....*argh* *argh* damn houser 1132940507 M * DaVinci First they said "entrance everytime? - no problem" 1132940528 M * DaVinci Now they say "24/7 Entrance is only for resellers..." 1132940542 M * Hollow DaVinci: look at http://bugs.gentoo.org/show_bug.cgi?id=106361 1132940636 M * Hollow btw, which portage profile does your vserver use? 1132940728 J * lilo ~lilo@lilo.usercloak.oftc.net 1132940795 Q * miller7 Ping timeout: 480 seconds 1132940821 Q * lilo_ Ping timeout: 480 seconds 1132941283 Q * mnemoc Read error: Connection reset by peer 1132941303 J * mnemoc ~amery@200.75.27.68 1132943210 M * DaVinci re 1132943212 M * DaVinci Uhmm 1132943227 M * DaVinci ../usr/portage/profiles/vserver/x86 1132944265 Q * Johnnie Remote host closed the connection 1132944503 J * lilo_ tor@lilo.usercloak.oftc.net 1132944526 Q * shedi Quit: Leaving 1132944585 Q * lilo Ping timeout: 480 seconds 1132944845 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1132945476 Q * Johnnie Read error: Connection reset by peer 1132945555 J * darkie darkie@212-127-137-128.cable.quicknet.nl 1132945561 M * darkie hello everyone 1132945666 M * darkie i've got a question about vserver.. i seem to be stuck (i've already googled and everything but i can't find anything) 1132945697 M * darkie when i run testme.sh script i get the following output: 1132945697 M * darkie Linux-VServer Test [V0.14] Copyright (C) 2003-2005 H.Poetzl 1132945697 M * darkie Can't set the new security context 1132945697 M * darkie : Invalid argument 1132945697 M * darkie chcontext failed! 1132945698 M * darkie Can't set the ipv4 root (Invalid argument) 1132945698 M * darkie chbind failed! 1132945700 M * darkie Linux 2.6.12.4-vs2.0 i686/0.30/0.30 [E] (0) 1132945700 M * darkie VCI: 0002:0001 273 03000036 1132945701 M * darkie --- 1132945756 M * Hollow darkie: do you run a vserver kernel? 1132945816 M * darkie yes 1132945845 M * Hollow do you have strace installed? 1132945912 M * darkie ehmm 1132945913 M * darkie not yet] 1132945935 M * Hollow would be helpful probably.. 1132945937 M * darkie i'll install it :-) 1132946032 M * Hollow strace chcontext -- ps ax 1132946037 M * Hollow and upload the output somehwere 1132946158 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1132946169 M * darkie installed 1132946195 M * darkie lol. i don't have chcontext? :S 1132946199 M * darkie oh i do 1132946268 M * darkie http://pastebin.linuxfromscratch.org/?show=1777 1132946272 M * darkie there's the output 1132946313 M * Hollow eieiei... 1132946323 M * darkie whats wrong? 1132946329 M * Doener hm 0.30 tools? do they require the version workaround? 1132946333 M * Hollow seems like you're using util-vserver-0.30 1132946348 M * darkie i'm using 0.30.208 1132946351 M * darkie the latest stable 1132946364 M * Doener darkie: no, the testme says 0.30 1132946377 M * Doener maybe you got both installed and the 0.30 location is first in $PATH? 1132946393 M * darkie i've only downloaded the stable 1132946422 M * Doener from where? 1132946428 M * darkie is there a version command in vserver? 1132946429 M * darkie http://www.13thfloor.at/vserver/s_rel26/v2.0/ 1132946478 M * Doener the bz2 src? 1132946508 M * darkie yeah 1132946523 M * darkie and i just checked but for some reason it did download 0.30 :S i don't understand really 1132946524 Q * Johnnie Read error: Connection reset by peer 1132946536 M * darkie i'll install the 0.30.208 again :s 1132946593 M * Doener don't forget to remove the old one (uninstall make target is available) 1132946619 M * darkie already did :-) 1132946641 M * darkie iptables O-o 1132946671 M * darkie i guess 208 needs more then just 0.30 :P 1132946691 M * Doener it needs iptables? interesting... 1132946711 M * darkie yeah it does :p 1132946717 M * darkie didn't you know? :P 1132946741 M * darkie lmao 1132946742 M * darkie :P 1132946837 M * Doener i don't know what it'd do with it... 1132947122 M * daniel_hozac you ought to get 0.30.209. 1132947456 M * infowolfe Doener, btw, who runs lycos.de vservers? 1132947510 M * Doener rs? or who do you mean? 1132947557 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1132947616 M * darkie ok, iptables installed 1132947623 M * darkie lets see what it does :-) 1132947652 M * darkie vlan :S 1132947662 M * darkie how come 0.30.208 needs a lot more packages then 0.30? 1132947927 M * darkie can somebody explain how to get this vlan working? :$ 1132948100 M * darkie never mind 1132948381 Q * DaVinci Quit: 1132948412 M * darkie *building* 1132948415 M * darkie utils :p 1132948761 M * darkie now i get this: 1132948761 M * darkie Linux-VServer Test [V0.14] Copyright (C) 2003-2005 H.Poetzl 1132948761 M * darkie /usr/local/sbin/vserver-info: error while loading shared libraries: libvserver.so.0: cannot open shared object file: No such file or directory 1132948761 M * darkie /usr/local/lib/util-vserver/chcontext-compat: error while loading shared libraries: libvserver.so.0: cannot open shared object file: No such file or directory 1132948761 M * darkie chcontext failed! 1132948762 M * darkie chbind: error while loading shared libraries: libvserver.so.0: cannot open shared object file: No such file or directory 1132948762 M * darkie chbind failed! 1132948764 M * darkie Linux 2.6.12.4-vs2.0 i686// [E] (0) 1132948764 M * darkie VCI: 0002:0001 273 03000036 1132948765 M * darkie --- 1132948807 M * Doener is /usr/local/lib in your /etc/ld.so.conf? 1132948937 M * darkie yep 1132948947 M * darkie -bash-3.00# find -name libvserver.so.0 1132948947 M * darkie ./usr/local/lib/libvserver.so.0 1132948947 M * darkie ./root/src/util-vserver-0.30.208/lib/.libs/libvserver.so.0 1132948951 M * darkie and it is there 1132949019 M * Doener libvserver.so.0.0.0 as well? (the so.0 is a symlink) 1132949051 M * darkie 0 lrwxrwxrwx 1 root root 19 Nov 25 20:59 libvserver.so -> libvserver.so.0.0.0 1132949051 M * darkie 0 lrwxrwxrwx 1 root root 19 Nov 25 20:59 libvserver.so.0 -> libvserver.so.0.0.0 1132949051 M * darkie 164 -rwxr-xr-x 1 root root 163742 Nov 25 20:59 libvserver.so.0.0.0 1132949161 Q * Johnnie Ping timeout: 480 seconds 1132949419 M * darkie http://pastebin.linuxfromscratch.org/?show=1778 i've done an strace chcontext again.. 1132949429 M * darkie thats the final output 1132949461 M * Doener /usr/local/lib is not searched... 1132949478 M * Doener try running ldconfig 1132949506 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1132949537 M * darkie i've created links from /usr/local/lib to /lib 1132949539 M * darkie that works 1132949545 M * darkie symlinks :P 1132949550 M * darkie is that good enough or not? 1132949572 M * Doener i wouldn't do so... 1132949583 M * darkie then could you suggest a fix? :P 1132949601 M * Doener if /usr/local/lib really is in /etc/ld.so.conf and after running ldconfig, it still doesn't work, i'm out of ideas 1132949602 Q * Johnnie Read error: Connection reset by peer 1132949635 M * darkie well. running ldconfig was the fix : 1132949637 M * darkie well. running ldconfig was the fix :| 1132949640 M * darkie for some reason 1132949647 M * darkie it was already in /etc/ld.so.cof 1132949649 M * darkie it was already in /etc/ld.so.conf 1132949707 M * darkie thanks guys :D 1132949869 M * Doener after changing /etc/ld.so.conf you have to run ldconfig to use the new settings, so obviously it wasn't run since /usr/local/lib was added 1132949905 M * darkie apparently not lol :-) 1132949908 M * darkie thnx for the help 1132949915 M * darkie i'll keep it in mind 1132949915 M * darkie :-) 1132949935 M * Doener yw 1132950642 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1132951024 J * kjo ~krischan@p5484DFEB.dip.t-dialin.net 1132951201 Q * Johnnie Ping timeout: 480 seconds 1132951394 J * cemil ~cemil@defiant.wavecon.de 1132951396 M * cemil hi 1132951403 Q * kjo Quit: Verlassend 1132951628 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1132951643 J * Johnsie ~john@acs-24-154-53-217.zoominternet.net 1132951732 M * infowolfe Doener, yah, i was looking for rs 1132951736 M * infowolfe but it's no big deal 1132952536 J * shuri ~shuri@64.235.209.226 1132952673 J * JohnJohn ~john@acs-24-154-53-217.zoominternet.net 1132952683 Q * Johnsie Killed (NickServ command used by JohnJohn) 1132952687 Q * Johnnie Killed (NickServ command used by JohnJohn) 1132952689 N * JohnJohn Johnnie 1132952707 P * Johnnie 1132952710 J * Johnnie ~john@acs-24-154-53-217.zoominternet.net 1132952958 M * darkie hey, i've got a new problem 1132952981 M * darkie /proc/uptime can not be accessed. Usually, this is caused by 1132952981 M * darkie procfs-security. Please read the FAQ for more details 1132952981 M * darkie http://www.linux-vserver.org/index.php?page=Linux-Vserver+FAQ 1132952981 M * darkie Failed to start vserver 'DebianSid' 1132952993 M * darkie so it said i should do vprocunhide but i can't find that script 1132953047 M * darkie ok, i've found it finally butFixing /proc entries visibility.../usr/local/etc/init.d/vprocunhide: line 35: success: command not found 1132953047 M * darkie touch: cannot touch `/var/lock/subsys/vprocunhide': No such file or directory 1132953267 M * Hollow does /var/lock/subsys exist? 1132953423 M * darkie no O-o 1132953477 J * Johnsie ~john@acs-24-154-53-217.zoominternet.net 1132953532 M * Hollow create it 1132953541 M * darkie ok :-) 1132953548 M * Hollow btw, which distro are you on? 1132953590 A * Doener guesses Ubuntu 1132953601 M * Hollow fork of ..? 1132953639 M * darkie my own one lol 1132953646 M * darkie a.k.a. linux from scratch 1132953660 M * Hollow strange 1132953663 M * darkie why? 1132953685 M * Hollow you should probably know when to create directories if you're on LFS :P 1132953764 M * darkie lol. yeah i figured that might be it i just wasn't sure :P and i really didn't want to fuck it up the first time :P 1132953776 M * Hollow heh 1132953784 M * darkie the first time i do it 'by the book' as much as possible :P after that i go experimenting :-) 1132953803 J * patulo ~asd@host100.201-252-20.telecom.net.ar 1132953805 M * Hollow on the other hand.. the dir should have been created by the util-vserver makefiles if it needs it.. 1132953814 M * darkie lol 1132953841 M * darkie well. i've got a debian based one running on a LFS distro :P 1132953847 M * darkie lol :-) it works :-) 1132953857 M * Hollow great :) 1132953899 M * patulo Hi guys, I'm trying to measure the bandwidth per IP, but I could find any tool for that, do know know if there are a tool for that ? 1132953924 M * Hollow patulo: iptables 1132953932 M * patulo -j LOG ? 1132953975 M * Hollow hm, no i don't think so.. but if i could remember.. 1132953977 M * Hollow let me look 1132953987 M * patulo sure 1132954117 M * Hollow ah, try iam (iptables accounting monster) or ipac-ng 1132954135 M * Hollow they should fit your needs quite good imo 1132954148 M * darkie Hollow? could you help me again? :P 1132954152 M * Hollow there are also some links to related projects at http://www.intevation.de/iam 1132954154 M * darkie i need to set up networking on the new guest 1132954178 M * Hollow darkie: /etc/vservers//interfaces 1132954189 M * Hollow darkie: see http://www.nongnu.org/util-vserver/doc/conf/configuration.html 1132954208 M * darkie thnx 1132954212 M * patulo Thank you very much Hollow, I'll try them ! 1132954221 M * Hollow you're welcome! 1132954241 M * darkie my /etc/vservers is emptythough i can use /usr/local/etc/vservers/ wich is filled 1132954253 M * darkie though my interfaces subdir is empty 1132954259 M * Hollow ah yeah.. you have a different prefix probably 1132954323 M * darkie not as far as i'm aware but it doesn't matter :p i'll just use /usr/local/etc/vservers 1132954406 M * darkie when i read that link you send i gather i just create the internface/eth0-1 directory and then create the files listed on that page? 1132954496 M * Hollow no, you'll need to create subdirs with numbers lik interfaces/0/ 1132954528 M * darkie ahh 1132954533 M * Hollow though.. 1132954537 M * Hollow it says arbitrary id 1132954541 M * Hollow name 1132954546 M * Hollow probably it'll work too 1132954551 A * Hollow shrugs 1132954571 M * darkie lol. on the host is there a directory i can use as a guide? cause i can't find it :S 1132954580 M * Hollow in most cases you'll need those files: dev, ip, name, prefix 1132954586 M * Hollow no 1132954593 M * darkie cant have ip :P 1132954598 M * darkie i need bcase 1132954600 M * darkie bcast* 1132954604 M * Hollow but you can use the --interface option to vserver ... build next time 1132954605 M * darkie but i'm not sure what to put in there 1132954616 M * Hollow no, bcast can be calculated with ip and prefix 1132954626 M * darkie what do you mean? 1132954638 M * Hollow do you know what CIDR notation is? 1132954658 M * darkie yes.. 1132954698 M * Hollow and you also know that if have that notation you can calculate the bcast with it 1132954772 M * darkie that whould be 192.168.2.xxx? 1132954783 M * darkie but what do i need at xxx :P 255? or 1? 1132954796 M * Hollow you don't need to create the bcast file 1132954813 M * darkie but it uses bcast to get dhcp doesn't it? 1132954825 M * Hollow if you're guest ip is 192.168.2.3/24 the put 192.168.2.3 into ip and 24 into prefix 1132954849 M * darkie but it uses DHCP :P 1132954852 M * darkie thats the prob. 1132954922 M * Hollow look: http://jodies.de/ipcalc scroll down, type in 192.168.2.3 and 24 as netmask.. you'll see it gets the bcast automagically if you press calculate 1132954997 M * Hollow regarding dhcp.. the guest can't use dhcp 1132955010 M * darkie oh O_o 1132955015 M * darkie that could be a problem lol 1132955021 M * Hollow that is because it doesn't have access to the device 1132955055 M * darkie i just hope my browser can stand that :P 1132955061 M * darkie my router* 1132955078 M * Hollow can't you assign static ips? 1132955084 M * darkie i'm not sure. never tried it 1132955093 M * darkie dev should just be /dev/eth0 right? 1132955106 M * Hollow no, just eth0, there is no /dev/eth0 1132955128 M * darkie lol 1132955160 M * darkie it works :D 1132955162 J * yarihm ~yarihm@84-73-119-83.dclient.hispeed.ch 1132955177 M * darkie :-) well. that part anyway.. now lets see if i can reach the guest :PP 1132955188 M * darkie seems so :-) thnx mate 1132955201 M * Hollow you're welcome 1132955212 M * Hollow but.. buess i'm off to bed now 1132955214 M * Johnnie DHCP on a guest? 1132955216 M * Hollow guess 1132955217 M * Johnnie WTF!? 1132955221 M * Hollow heh. 1132955244 M * Hollow well, if you give the context the right capabilities you should even be able to do that 1132955253 M * Hollow but why'd you want to use vservers then? 1132955275 M * Johnnie Exactly. 1132955278 M * darkie webhosting :-) 1132955297 A * Johnnie scratches his head. 1132955307 M * Hollow well, if you give customers access to net devices you're probably better using virtual hosts with apache 1132955340 M * darkie no no :P i want to use virtual servers to restrict access to the real OS 1132955348 M * darkie so that hackers can only fuck up the guest 1132955351 M * Hollow yeah, so dhcp is no-go 1132955367 M * Hollow because it needs access to the network device 1132955370 M * darkie that is in this case just because i wasn't sure my router could handle it 1132955373 M * darkie but it seems so :) 1132955386 M * Hollow fine then 1132955393 M * darkie so :-) it works :-) thnx Hollow 1132955412 M * Hollow have fun! night all 1132955421 M * darkie sleep tight :-) 1132957478 Q * Johnsie Quit: G'bye! 1132958137 J * RedSpy ~max@act.global-player.com 1132958936 Q * patulo Quit: 1132960199 Q * Doener Quit: Leaving 1132961343 Q * RedSpy Quit: 1132961782 P * yarihm Leaving 1132962281 J * shedi ~siggi@inferno.lhi.is