1135297124 Q * jayeola Quit: leaving 1135297721 J * anonc ~anonc@staffnet.internode.com.au 1135299019 Q * SiD3WiNDR Ping timeout: 480 seconds 1135299119 J * SiD3WiNDR luser@bastard-operator.from-hell.be 1135300374 J * sebi ~sebi@Fd139.f.strato-dslnet.de 1135300481 Q * sebi_ Ping timeout: 480 seconds 1135303658 N * Bertl_oO Bertl 1135303663 M * Bertl back now ... 1135303679 M * Doener` wb 1135303698 M * Bertl tx 1135305351 J * mep_ mep@p5091A9C7.dip0.t-ipconnect.de 1135305364 M * Bertl welcome mep_! 1135305438 M * nokoya 0 1135305458 M * Bertl hey nokoya! (or nokoya's cat :) 1135305547 M * nokoya lol not cat 1135305799 Q * mep__ Ping timeout: 480 seconds 1135306469 J * lilo_ ~lilo@lilo.usercloak.oftc.net 1135306591 Q * lilo Ping timeout: 480 seconds 1135312177 J * menomc ~amery@200.75.27.31 1135312185 J * jayeola ~jayeola@host-87-74-46-211.bulldogdsl.com 1135312194 M * Bertl welcome menomc! jayeola! 1135312199 M * jayeola hey chaps 1135312280 Q * mnemoc Ping timeout: 480 seconds 1135312280 N * menomc mnemoc 1135312804 J * stefani ~stefani@c-24-19-46-211.hsd1.wa.comcast.net 1135312977 M * Bertl aloha stefani! 1135312995 M * stefani a-hola to you! 1135314397 M * Bertl okay, off to bed now .. have a nice one everyone! cya later 1135314410 N * Bertl Bertl_zZ 1135314717 P * stefani parting (is such sweet sorrow) 1135316463 J * balbir ~balbir@59.145.136.1 1135316645 M * pflanze Note (Bertl_zZ / enrico / whoever): I read that by default, namespaces are enabled with current alpha utils and vserver for 2.6. 1135316663 M * pflanze And in fact, "/tmp" and "/proc" from the guests are not visible from the host. 1135316702 M * pflanze But I checked with setattr --~barrier and the chroot exploit started working. 1135316749 M * pflanze So either namespaces are not used for everything (and unlike the mentioned "default"?), or I dunno. 1135316912 M * pflanze And (also on http://linux-vserver.org/alpha+util-vserver): unlike mentioned there, "vserver foo enter ; ls /tmp" actually shows the guest stuff there. 1135316916 M * pflanze Should I edit the wiki? 1135316926 M * pflanze to say this is solved now? 1135317393 M * pflanze It also seems, that adding a mount into the guest after the latter has been started doesn't work w/o using vnamespace, *but* that mounts done before the startup are visible in the guest. 1135317415 M * pflanze I would find it nice if http://linux-vserver.org/Namespaces mentions this. 1135317418 M * pflanze Should I add it? 1135317594 M * jayeola i'd really appreciate a url to show me how i can patch yum on a centos box 1135317644 M * pflanze yum? 1135318045 M * jayeola yah.... read here:- 1135318068 M * jayeola http://linux-vserver.org/Vserver+installation+Fedora+Core+4 1135318102 M * jayeola i replaced the repo mentioned in that url with those from centos... 1135318143 M * jayeola nothing happend at the `yum install kernel` stage... i guess i'm passing thewrong parameter to yum 1135318165 M * jayeola `yum install kernel-foo`? 1135319299 J * Smutje_ ~Smutje@xdsl-87-78-4-111.netcologne.de 1135319405 Q * Smutje Ping timeout: 480 seconds 1135319708 Q * Johnnie Remote host closed the connection 1135319768 J * Johnnie ~jdlewis@acs-24-154-53-16.zoominternet.net 1135320948 Q * Hollow Remote host closed the connection 1135320958 J * Hollow ~hollow@home.xnull.de 1135322429 Q * cryo Ping timeout: 480 seconds 1135322441 J * cryo ~say@212.86.233.146 1135326553 M * pflanze jayeola: dunno yum, never used centos. 1135326584 M * pflanze my knowledge of redhat dates back to ~2000 1135326653 M * pflanze well I guess they renamed apt? 1135326849 M * pflanze Question: 1135326869 M * pflanze why not allow guests to mount --bind, or mount -t proc? 1135326878 M * pflanze these should be harmless. 1135326932 M * Eyck there used to be discussion about this, 1135326966 M * Eyck consensus was that it would be nice to have 'safe' mount for guests 1135327562 M * pflanze Hmm, namespace question: 1135327579 M * pflanze I want to mount --bind part of a newly mounted volume into some guest. 1135327596 M * pflanze # vnamespace -e 1011 mount --bind /mnt/snap/vservers/mp3 /vservers/mp3/mnt/snap 1135327596 M * pflanze mountie: special device /mnt/snap/vservers/mp3 does not exist 1135327681 M * pflanze ()mountie: sorry. should have been "mount:", dumb xchat 1135327753 M * pflanze Ah I guess I have to mount that volume first a second time outside of the guest tree under vnamespace -e 1011, and *then* do the mount --bind. 1135328209 Q * click Ping timeout: 480 seconds 1135328336 M * pflanze (And then mount the device again for another guest.. I hope the linux vfs handles this without actually mounting the filesystem multiple times.) 1135329577 J * Woschak ~Woschak@onyx.cns.mpg.de 1135329597 M * Woschak hello 1135329790 J * oDn ~odn@pcam.net1.nerim.net 1135330383 Q * infowolfe Quit: Leaving 1135330651 J * click click@ti511110a080-1372.bb.online.no 1135331815 J * Ben81 ~Ben81@tipi0e.lri.fr 1135332969 M * TheSeer [root@core2 ~]# uname -r 1135332969 M * TheSeer 2.6.14.4-vs2.1.0 1135332984 M * TheSeer yeah ;) 1135333058 M * Woschak nice :9 1135333069 M * Woschak :) 1135333251 M * TheSeer that server rocks ;) 1135333274 M * TheSeer 4 GB Ram, 2x 2.8Ghz Xeon, SCSI RAID-1 2x 143 GB 1135333276 M * TheSeer ;) 1135333295 M * TheSeer to bad it's not my personal hardware ;> 1135333331 M * Woschak that is bad :) 1135333419 M * Woschak a new kernel patch means I must compile a new kernel :) 1135333446 M * TheSeer well.. it's not that a big of a task ;/ 1135333455 M * TheSeer the only thing that suxx is the reboot ;) 1135333628 M * Woschak yes, but my pc is off. i install and configure vserver at the moment and i have less time for this so i switch off when i don't work on the server 1135333692 M * Woschak hm..., bad grammar :/ my english isn't the best but i try it :) 1135334081 M * TheSeer i got it anyway ;> 1135336487 Q * Greek0 Read error: Connection reset by peer 1135336550 J * Greek0 ~greek0@85.255.145.201 1135336760 M * brc TheSeer: how many vservers are you able to run on that machine ? 1135337064 Q * FireEgl Ping timeout: 480 seconds 1135337433 J * infowolfe jthm@66-230-102-182-cdsl-rb1.nwc.acsalaska.net 1135338266 Q * balbir Quit: Leaving 1135338387 Q * meebey Ping timeout: 480 seconds 1135338587 J * meebey meebey@booster.qnetp.net 1135339383 Q * oDn Quit: Leaving ... All done ! 1135339954 Q * BWare Ping timeout: 480 seconds 1135340538 J * BWare ~bware@office.intouch.net 1135340793 J * patulo ~asd@host88.201-252-11.telecom.net.ar 1135340885 M * patulo Hello.... I'd like to know if is possible to setup a pptp-server inside a vserver... does anyone know ?. thank you !!! 1135340958 J * meebey_ meebey@booster.qnetp.net 1135340966 Q * meebey Ping timeout: 480 seconds 1135341312 M * brc i think it is not due to the routing limitation inside a vserver. 1135341594 J * Milf ~Miranda@ipsio64.ipsi.fraunhofer.de 1135341621 M * Milf Hello 1135341675 M * patulo brc, do you know if it's posible using xen or another virtualization technology ? 1135342560 J * oDn ~odn@pcam.net1.nerim.net 1135343097 J * shedi ~siggi@213-140-22-77.fastres.net 1135343995 M * brc patulo: yeah, on xen it would work! 1135343998 M * brc it will work! 1135344508 M * patulo ok brc, thank you !! 1135346790 M * yang Is it possible to measure traffic interface for each vserver separatelly? 1135346811 M * aba yang: you can measure per ip address ... 1135346850 M * yang but hm, i have multiple IPs and all the traffic goes to eth0 1135346890 M * aba yang: and? you flowstats or so for it 1135346984 M * yang i should measure that with mrtg or how? 1135347023 M * aba yang: I use fprobe for that 1135347949 M * daniel_hozac yang: some simple iptables rules should be able to do it. 1135348199 Q * shedi Quit: Leaving 1135348886 M * Woschak cu 1135348889 Q * Woschak Quit: Und Tsch??ss ... 1135348971 M * yang aba: but how is the fprobe data readable? 1135348990 M * aba yang: e.g. with nfdump 1135349263 M * oDn hello folks, i'm trying to set up postfix+amavis vserver and i'm having trouble getting postfix to communicate with the content filter 1135349281 M * oDn the vserver has ip 127.0.0.2 1135349286 M * oDn and 192.168.1.97 1135349287 M * aba yang: of course, fprobe captures way more data etc ... 1135349306 M * oDn postfix binds to 192.168.1.97 1135349326 M * oDn any clues of how to setup such a system? 1135349327 M * yang aba: its started, but i dont know where it logs the data - /usr/sbin/fprobe -ieth0 -fip localhost:555 1135349357 M * aba yang: it logs to localhosT:555 - you need to start another programm for logging 1135349369 J * FireEgl Atlantica@2001:5c0:84dc:: 1135349374 M * aba e.g. nfcapd -l /var/spool/nfdump/ -b 127.0.0.1 -D 1135349422 M * yang nfcapd doesnt exist for debian 1135349433 M * aba yang: because I didn't upload it yet 1135349466 M * aba yang: I can give you the package now w/o manpages, or in the next days a bit better. Or wait 1-2 weeks to have it appear in unstable 1135349476 M * aba (and if it doesn't, feel free to kick me :) 1135349599 M * yang ok i can wait 1135349632 M * aba but please really remind me. I hope to be able to work a bit on it via christmas ... 1135349701 Q * BWare Ping timeout: 480 seconds 1135350333 J * cattivik ~andrea@service.cab.unipd.it 1135350851 N * Bertl_zZ Bertl 1135350867 M * Bertl morning folks! 1135350874 M * Bertl welcome cattivik! 1135350904 M * cattivik Bertl: Thanks :) Hi all 1135350955 M * Bertl pflanze: _how_ did you try the chroot exploit? 1135351035 M * Bertl pflanze: it does mount the filesystem multiple times, so it would be easier to mount it into the right place (in each guest) 1135351047 M * cattivik Bertl: first of all and apart from all... many compliments for all your work :) 1135351093 M * Bertl cattivik: thanks! I appreciate it! 1135351101 M * cattivik :) 1135351882 Q * ntrs Remote host closed the connection 1135351974 M * Bertl cattivik: what can I do for you? 1135352065 M * cattivik Bertl: ehm, I was just lurking... I'm trying the build as described on http://linux-vserver.org/Step-by-Step+Guide+2.6 1135352106 M * cattivik and I use Debian but I see that you discourage the use of Debian tools 1135352135 M * cattivik ..i think I will trust you ;) 1135352137 M * Bertl really depends ... the issue is more complex than it seems 1135352149 M * cattivik ah 1135352155 M * Bertl first, there is 'THE' debian maintainer (Ola) 1135352171 M * Bertl which releases one catastrophy after the other ... 1135352193 M * aba and then there are other people who try to fix 1135352199 M * Bertl then there are a few folks here, like micah, aba and others, who trie to fix it 1135352225 M * aba (and who could use some more support, even by ordinary users) 1135352235 M * cattivik wow! Ehm :D 1135352240 M * Bertl and I can confirm (ad I did help them a little) that recent packages work fine (at least on x86) 1135352294 M * Bertl but, because of THE maintainer, they are not available over the typical default channels 1135352297 M * cattivik Bertl: the message you've just sent, you mean the 0.30.209 packages, don't you? 1135352326 M * Bertl check who did the packaging and such, if micah or aba is mentioned, go ahead 1135352368 M * cattivik Bertl: great! 1135352587 M * Bertl okay, translocating ... back in a few hours ... 1135352595 N * Bertl Bertl_oO 1135352656 M * cattivik Bertl_oO: thank you all 1135353156 M * cattivik aba: are the util-vserver fixed from you available somewhere as a Debian package..? 1135353228 M * aba cattivik: sorry, I didn't do it "right". Otherways, I probably would have nmued ... 1135353252 M * aba cattivik: but if you want to get involved, you can try the current util-vserver-package by ola, and send bug reports :) 1135353351 M * cattivik aba: ugh! I'm afraid i can't be more good than... YOU ALL, at this stage, eh eh! :D 1135353380 M * aba cattivik: well, you can just use it and take a look what doesn't work 1135353406 M * aba of course, if you want, I can help you with stuff and bug reports etc ... 1135353423 M * aba (but I don't even know what the current issues with the packages are) 1135353595 M * cattivik aba: at this very first stage I think I had better trying a working system, first; i mean compiling the good ones from source instead of crumbling with possibly broken debs... :/ 1135353644 M * aba cattivik: ok. do as you like ... 1135353728 M * cattivik actually I don't know; i'm just going to build the kernel :-) 1135353807 M * cattivik but if I see I can help I won't miss it, be sure... 1135354664 Q * Milf Ping timeout: 480 seconds 1135354917 Q * Duckx Quit: Leaving 1135355773 Q * oDn Quit: Leaving ... All done ! 1135355797 J * stefani ~stefani@superquan.apl.washington.edu 1135356901 M * pflanze Bertl_oO: I checked using http://www.bpfh.net/simes/computing/chroot-break.html 1135356953 M * pflanze Bertl_oO: "mount it into the right place": How (assuming I don't want to restart the guest)? 1135356966 A * pflanze returns later 1135356972 Q * pflanze Quit: [x]chat 1135357037 J * Doener doener@i5387FDDE.versanet.de 1135357470 Q * Doener` Ping timeout: 480 seconds 1135357559 J * niobos ~niels@153.215-136-217.adsl.skynet.be 1135357605 M * niobos I'm a total Vserver n00b, and I have (yep, good guess) a problem 1135357642 M * niobos I'm running Gentoo (host), just rebooted with the vserver kernel, added a new disk 1135357657 M * niobos but when running fdisk /dev/hdb it fails: 1135357670 M * niobos Unable to seek on /dev/hdb 1135357700 M * niobos The kernel did read the partition table on bootup, and I can mount the old partitions 1135357704 M * niobos What am I missing? 1135357708 Q * Ben81 Quit: Leaving 1135357813 M * niobos fdisk /dev/hda gives the same error 1135357825 M * niobos I see nothing in the dmesg or syslog 1135358052 M * niobos looks like everyone is asleep... 1135358324 M * harry sry 1135358327 M * harry no idea 1135358345 M * niobos me neither... that's why I ask :-) 1135358347 M * harry seems like a strange erro 1135358347 M * harry r 1135358370 M * harry don't really know where it goes wrong 1135358381 M * niobos :-( 1135358409 M * harry you have a system with 2 disks 1135358413 M * harry hda and hdb 1135358418 M * harry which all have partitions? 1135358424 M * niobos yep, and hdc for the cdrom 1135358447 M * niobos from dmesg: 1135358452 M * harry pastebin!!!!!!! 1135358453 M * niobos hda: hda1 hda2 hda3 < hda5 hda6 hda7 hda8 > 1135358458 M * harry ah okay 1135358460 M * niobos hdb: hdb1 hdb2 hdb3 < hdb5 hdb6 hdb7 > 1135358489 M * niobos so they both have partitions, kernel recognizes them 1135358493 M * niobos can mount them 1135358499 M * niobos but can't fdisk them 1135358516 M * harry what does fdisk -l /dev/hda say? 1135358525 M * harry and can you put the entire dmesg on pastebin x? 1135358555 M * niobos pastebin? 1135358561 M * harry pastebin.com 1135358563 M * niobos fdisk -l gives nothing 1135358563 M * harry check it out 1135358572 M * harry paste everything you need, press submit 1135358577 M * harry copy url and paste the url 1135358617 M * niobos http://pastebin.com/476776 1135358640 M * niobos how long does it stay on pastebin? 1135358649 M * harry forever +- 1135358671 M * niobos hmm... great... I might have stripped some dirty details then 1135358698 M * harry don't paste passwords ;) 1135358741 M * harry does /dev/hdb exist? 1135358757 M * harry (no faulty udev or smth?) 1135358769 M * niobos yep, since I can mount it 1135358780 M * harry you can mount hdb stuff? 1135358788 M * niobos even dd if=/dev/hdb works (even with seek=5) 1135358792 M * niobos yep 1135358801 M * niobos only fdisk doesn't 1135358816 M * harry in that case... 1135358824 M * harry strace -fF fdisk /dev/hdb 1135358829 M * harry and put that on pastebin :) 1135358864 M * niobos will be a while... strace: command not found... I'll have to install 1135358900 M * harry slow inet connection? 1135358901 M * harry ;) 1135358956 M * niobos not really, but in Gentoo install = compile 1135358964 M * niobos which sucks if you're in a hurry 1135358975 M * niobos (but works really good otherwise) 1135358985 M * harry ah, true 1135358987 M * harry gentoo :S 1135359022 M * niobos http://pastebin.com/476781 1135359062 M * harry _llseek(0, 0, 0xbfeff4d8, SEEK_SET) = -1 ESPIPE (Illegal seek) 1135359066 M * harry hmm.... strange 1135359094 M * niobos looks more or less chinese to me... 1135359125 M * daniel_hozac strange indeed. 1135359130 M * daniel_hozac why is it seeking on stdin? 1135359134 M * daniel_hozac that's not allowed if it's a tty. 1135359134 M * harry uhu 1135359143 M * harry int _llseek(unsigned int fd, unsigned long offset_high, unsigned long offset_low, loff_t *result, unsigned int whence); 1135359182 M * daniel_hozac niobos: what fdisk is that? 1135359184 M * niobos since stdin is comming into play: I'm connected via SSH 1135359200 M * harry that's got nothing to do with it iirc 1135359204 M * niobos donno... THE fdisk: fdisk v2.12r 1135359237 M * harry very weird... it does all ioctl commands on fd3 (which is /dev/hdb) 1135359244 M * harry but the _llseek is on stdin 1135359311 A * harry no clue 1135359319 M * harry but /me hits the shower anyways 1135359329 M * harry sry i couldn;t be of more assistance 1135359330 M * niobos I'm recompiling fdisk... won't help, but I hate Murphy's law 1135359346 M * niobos thx anyway 1135359371 M * harry daniel_hozac probably is better at this kind of stuff 1135359402 M * daniel_hozac niobos: maybe update to 2.13? 1135359409 M * daniel_hozac or isn't that in portage yet? 1135359413 M * daniel_hozac harry: i doubt it ;) 1135359415 M * harry daniel_hozac: that's not gonna help i guess... 1135359426 M * harry don't think this is a fdisk problem somehow... 1135359444 M * harry [harry@damien ~]$ /sbin/fdisk -v 1135359444 M * harry fdisk v2.12p 1135359453 M * harry and this one works fine too.. (FC4) 1135359456 M * niobos 2.13 isn't in portage yet... 1135359471 M * harry the suckiest thing about gentoo 1135359476 M * harry maybe it's some compile option 1135359505 M * harry -fPIE, -fomit-frame-pointers, whatever option that is not good for fdisk/kernel/libc/... 1135359508 M * harry which is set 1135359510 M * niobos -Os -march=pentium3 -fomit-frame-pointer -pipe 1135359518 M * niobos hmm... 1135359522 M * niobos I'll check that 1135359531 M * harry normally it should all work 1135359541 M * harry but i trust package managers more on compile options than myself 1135359550 M * harry so i'll have a distro that has working packages :) 1135359569 M * harry so no gentoo or debian or lfs 1135359608 M * harry -fPIE would be nice tough :) 1135359608 M * niobos well... recompile solved the problem... 1135359619 M * harry especially for network proggies 1135359619 M * niobos :-) 1135359626 M * harry lol 1135359628 M * harry typically 1135359633 M * harry long live gentoo!!!!!!! 1135359658 M * niobos I should note that I'm trying this on my experimenting-machine 1135359673 M * niobos so I didn't expect it to have a nice funcional install 1135359714 M * niobos hence it's name "barabas", which is the confused professor in a belgian comic 1135359725 M * niobos thx for the support anyway 1135359729 M * harry uname({sys="Linux", node="barabas", ...}) = 0 1135359736 M * harry i allready knew it was called barabas :) 1135359757 M * niobos see, I should have stripped that pastebin output 1135359761 M * harry lol 1135359762 M * harry why? 1135359770 M * harry it's not important, is it? 1135359771 M * niobos BTW, what does that -fPIE exactly do? 1135359780 M * harry position independent executable 1135359782 Q * meebey_ Remote host closed the connection 1135359785 M * harry niobos: you belgian? 1135359786 M * niobos no, it isn't... 1135359789 M * harry aha 1135359791 M * niobos yep 1135359791 M * harry ne skynetter 1135359792 M * harry handig 1135359797 M * harry ;) 1135359801 M * niobos idd, ne skynetter 1135359817 M * harry trouwens, PIE betekent: 18:43 < harry> position independent executable 1135359830 M * niobos nen telenetter... ook handig 1135359835 M * harry jawel 1135359841 M * harry allee nu niet, maar kom ;) 1135359847 M * harry (god works in mysterious ways ;)) 1135359862 M * harry all is just a fake about me 1135359863 M * harry ;) 1135359867 M * harry anyway... /me shower 1135359873 M * niobos bye 1135359875 M * niobos and thk 1135359878 M * harry (english is understandable for the rest too :) 1135359879 M * harry np 1135359911 M * harry btw als ge interesse hebt in vserver + grsec, ik heb die merge online staan 1135359914 M * harry voor 2.6.14.4 1135359919 M * harry nu, doesj 1135359926 M * niobos ja, waar kan ik die vinden? 1135359931 M * harry harry.ulyssis.org 1135359934 M * niobos thx 1135359971 Q * niobos Quit: leaving 1135360106 J * meebey meebey@booster.qnetp.net 1135360603 J * ichigo ~m@203.81.208.239 1135360874 M * ichigo hi i have a problem starting the vserver i made. i get this error when i vserver sarge start /proc/uptime can not be accessed. i tried to do /etc/init.d/vprocunhide start i get this error Fixing /proc entries visibility.../proc/net/: Bad address 1135360874 M * ichigo /proc/sys/: Bad address 1135360874 M * ichigo /proc/sys/debug/: Bad address 1135360874 M * ichigo /proc/sys/dev/: Bad address 1135360875 M * ichigo /proc/sysvipc/: Bad address 1135360877 M * ichigo /proc/tty/: Bad address 1135360881 M * ichigo /proc/cmdline: Bad address 1135360885 M * ichigo /proc/cpuinfo: Bad address 1135360887 M * ichigo /proc/crypto: Bad address 1135360888 M * Doener stop it! 1135360889 M * ichigo /proc/devices: Bad address 1135360891 M * ichigo /proc/execdomains: Bad address 1135360893 M * ichigo /proc/filesystems: Bad address 1135360895 M * ichigo /proc/interrupts: Bad address 1135360897 M * ichigo /proc/iomem: Bad address 1135360899 M * ichigo /proc/ioports: Bad address 1135360901 M * ichigo /proc/kcore: Bad address 1135360903 M * ichigo /proc/kmsg: Bad address 1135360905 M * ichigo /proc/loadavg: Bad address 1135360907 M * ichigo /proc/locks: Bad address 1135360909 M * ichigo /proc/meminfo: Bad address 1135360911 M * ichigo /proc/misc: Bad address 1135360915 M * ichigo /proc/modules: Bad address 1135360917 M * ichigo /proc/slabinfo: Bad address 1135360919 M * ichigo /proc/stat: Bad address 1135360921 M * ichigo /proc/swaps: Bad address 1135360923 M * ichigo /proc/uptime: Bad address 1135360925 M * ichigo /proc/version: Bad address 1135360927 M * ichigo ERROR 1135360929 M * ichigo . sorry for the long post but i thought if i agve all the info in one post it'll be easir to understand it. i complied 2.6.14.4 kernel and use util-vserver-0.30.209 on ubuntu breezy. the testme.sh script said everything is fine. 1135360949 M * Doener it's always the same error, one example is sufficient... 1135360958 M * Doener what arch are you on? 1135360963 M * ichigo i386 1135361073 M * ichigo sorry for the multiple examples i just copied them from the termial into xchat assuming it would go into one post. 1135361093 M * harry that's what pastebin's are for 1135361101 M * harry anyway... 1135361118 M * Doener everything that's longer than 3-4 lines should go into pastebin... that's about the only rule in this channel ;) 1135361131 M * daniel_hozac ichigo: vanilla 0.30.209? are you sure? 1135361159 M * daniel_hozac there was a _very_ similar bug with 0.30.208+fix01. 1135361200 M * ichigo i used the vannial kernel to patch and util-vserver-0.30.20 downloaded from the web-site 1135361227 M * Doener ichigo: could you put a strace on pastebin.com? 1135361244 A * harry X restart (new kde! ;)) 1135361252 M * harry well... upgraded kde, 3.5.0.newstuff :) 1135361281 M * Doener got X11R7.0, too? 1135361314 M * Doener Hollow: around? 1135361325 M * ichigo umm strace what. when i entered strace into the terminal it just gave me the help 1135361342 M * Doener strace -fF setattr --~hide /proc/uptime 1135361421 M * Hollow Doener: yup 1135361443 M * ichigo # 1135361443 M * ichigo root@ubuntu:~/downloads# strace -fF setattr --~hide /proc/uptime 1135361443 M * ichigo # 1135361443 M * ichigo execve("/usr/local/sbin/setattr", ["setattr", "--~hide", "/proc/uptime"], [/* 37 vars */]) = 0 1135361443 M * ichigo # 1135361444 M * ichigo lstat64("/proc/uptime", {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 1135361446 M * ichigo # 1135361448 M * ichigo vserver(0, 0x3f, 0, 0xbfba3a04, 0x4) = 131073 1135361450 M * ichigo # 1135361452 M * ichigo vserver(0x26020001, 0, 0xbfba20e8, 0xbfba3a04, 0x4) = 0 1135361452 M * Doener Hollow: OT, since the latest portage update, my overlay seems to be no longer recognized 1135361454 M * ichigo # 1135361457 M * Hollow oh please! use pastebins! 1135361458 M * ichigo _exit(0) 1135361460 M * ichigo oop sorry i copied the paste bin output 1135361470 M * Doener d'oh... 1135361475 M * Hollow Doener: latest means? 1135361492 M * harry back 1135361499 M * Doener Hollow: well, there was some update available some days ago... got 2.0.53 installed 1135361520 M * Doener did anything change in that regard? 1135361523 M * Hollow hm, running 53 too, seems to work fine.. 1135361531 M * Doener PORTDIR_OVERLAY="/usr/local/portage" in make.conf 1135361560 M * Hollow didn't hear of any issues... sorry, dinner time, will take a look when i'm back 1135361566 M * Doener emerge -auvD world complains and emaint says it can't find some ebuilds (those in my overlay...) 1135361573 M * ichigo soory sorry i now understand how to use pastebin.com. here is the link http://pastebin.com/476827 1135361621 M * Doener ichigo: you didn't get "Bad address" this time? 1135361660 M * ichigo no. the output i posted was all i got. 1135361696 M * Doener ok, now get us the output of "bash -x /etc/init.d/vprocunhide start" please 1135361703 M * ichigo but i still get bad address if i do /etc/init.d/vprocunhide start 1135361772 M * daniel_hozac output to pastebin, link to channel ;) 1135361785 M * Doener hehe :) 1135361813 M * ichigo http://pastebin.com/476833 1135361843 M * Doener ++ PACKAGE_STRING='util-vserver 0.30.208' 1135361852 M * Doener that's _not_ 0.30.209 1135361870 M * daniel_hozac remove your Debian packages. 1135361889 M * daniel_hozac your new utils probably got installed into /usr/local, as is the default. 1135361939 M * Doener daniel_hozac: how do you know that it is a debian package? 1135362000 M * daniel_hozac i'm assuming ;) 1135362071 M * ichigo ok. i feel so stupid. sorry to bother you all. yess a doener is right while trying to install all the dependencies for util-server it seems i also installed util-server. 1135362083 Q * ichigo Quit: Leaving 1135362102 M * Doener hm, i just wanted to tell him that there's no need to feel stupid... 1135362156 N * Bertl_oO Bertl 1135362162 M * Bertl back now ... 1135362163 M * Doener evening Bertl! 1135362285 M * matti Doener: I didin't notice any problems with my overlay on .35 1135362298 M * matti Doener: /j #gentoo-portage, and ask. 1135362310 M * matti Jesus. 1135362315 M * matti s/.35/.53/ 1135362361 M * Doener matti: which net? 1135362379 M * Doener (yes, i'm lazy today ;) 1135362393 M * matti Doener: Freenode. 1135362398 M * Doener thx 1135362402 M * matti :) 1135362973 J * ichigo ~m@203.81.208.239 1135362997 M * Bertl welcome back ichigo! 1135363023 M * ichigo ok i removed the debian packages and it worked. then i re started the comp to see if it still works and now it does not. 1135363077 M * ichigo also i no longer have vproc thing in the /etc/init.d/ 1135363107 M * Bertl ichigo: you might have missed a part of the install procedure 1135363123 M * Bertl when you do 'make isntall' it says something about a distro install 1135363213 M * ichigo i did try make install (only not make or ./configure) again hoping it will replace all the files lost but no it still does not work 1135363237 M * ichigo i did do the part of make sudo make install-distribution 1135363355 M * Bertl ah, good, then you should have your vprocunhide 1135363376 M * Bertl but depending on your ./configure, it might have gone into unusual places 1135363393 M * ichigo i don't 1135363413 M * ichigo that could be. should i redo the compile precess?? 1135363432 M * Bertl first, let's check what has gone where 1135363443 M * Doener Hollow, matti: Turns out that my overlay wasn't maintained anymore and the ebuilds therein where replaced by some in the main portage tree... (namely mplayer-bin). thanks anyway! 1135363454 M * Bertl ichigo: because you defintiely don't want a bunch of installations 1135363481 M * matti Doener: :/ 1135363501 M * Doener matti: ? problem solved ;) 1135363536 M * Bertl ichigo: try 'vserver-info - SYSINFO' 1135363547 M * matti Doener: :) 1135363559 M * Bertl ichigo: that will list all the pathes you 'selected' 1135363594 M * Bertl ichigo: then, you probably want to uninstall the current setup (once again) and play with the ./configure (maybe use --prefix=/ ?) 1135363625 M * Bertl ichigo: it will list a similar output at the end of the configuration process (similar to vserver-info - SYSINFO) 1135363666 M * Bertl ichigo: once you are happy with the settings (pathes) install the tools again (make sure that you have dietlibc enabled and the vserver path is where you want it) 1135363719 M * ichigo Bertl: here it is http://pastebin.com/476871 1135363870 M * Hollow heya Bertl, i released 1.0.1 of both libvserver and vserver-utils, mainly build fixes, i somehow fucked up the automake things 1135363955 M * Bertl ichigo: okay, as you can see, the scripts went to /usr/local/etc/init.d 1135363975 M * Bertl Hollow: okay, will update the 13thfloor pages :) 1135363983 M * Hollow thx :) 1135363991 M * ichigo thank you all. Bertl you were right. the vprovc thing was in /usr/local/etc/ini.d/ i started it and it works. should i make symlinks from ther to /etc/ini.d 1135364072 M * Bertl ichigo: you're welcome! I'd suggest to uninstall re-configure with --prefix=/ and re-install 1135364214 M * ichigo How can i uninstall a program i install from source ??? 1135364237 M * Doener ok, I'm off then... visiting my mom for christmas. Merry Christmas everyone, have a good time, enjoy the holidays! 1135364317 Q * Doener Quit: Leaving 1135364334 M * ichigo can in enter a vserver without bieng root ??? 1135364677 M * Bertl not easily 1135364688 M * Bertl well, you can use ssh, of course 1135364805 M * ichigo ok then ssh is easy enough. thanks. i'll try that just as soon as the vservers complete installing. 1135364829 J * Smutje ~Smutje@xdsl-84-44-246-173.netcologne.de 1135364862 M * Bertl welcome Smutje! 1135364866 M * Hollow Bertl: hm, which browser threw the cookie error? i can't reproduce it.. 1135364872 M * Hollow (at dev.croup.de) 1135364889 M * Bertl Hollow: lynx :) 1135364893 M * Hollow ic.. ;) 1135364935 Q * Smutje_ Ping timeout: 480 seconds 1135364976 M * Eyck what is so funny? 1135365270 M * Hollow hm, no idea... according to lynx ml it seems a bug, that hasn't been fixed since 2001 (or it was decided to not fix it, whatever..) 1135365490 J * _jso_ ~jso@62.235.230.221 1135365677 M * Bertl welcome _jso_! 1135365935 M * Bertl Hollow: ah, so it is a lynx bug? 1135365958 M * Hollow *shrug* but it seems RFC conform according to some people.. 1135365978 M * _jso_ Hello Bertl , thanks for help and obviously nice vserver implementation, I can so easily implement on my hppa boxe ;-) 1135365999 M * Bertl _jso_: you're welcome! 1135366402 M * Bertl _jso_: did you ahve to adjust anything after the parisc patches? 1135366432 Q * patulo Quit: 1135366469 M * _jso_ Bertl, just the very small change I mentioned in my mail (because of diff between vanilla and parisc trees) ;-) 1135366543 M * _jso_ Bertl, btw the merge between 2 trees is on going (may be already in -mm tree not sure) 1135366666 M * _jso_ Bertl, just aware of your comment "/* FIXME: requires vx virtualization */" in parisc/kernel/sys_parisc32.c 1135366699 M * Bertl yup, do you run your system as hppa/64 ? 1135366706 M * _jso_ Bertl, I tried severall time to grab help from maintainer but no feedback ;-( 1135366724 M * Bertl the parisc maintainer? 1135366881 M * _jso_ Bertl, unfortunately no , the system on which I am doing test is 64bit capable but for this hw there are severall bugs which prevent me to use it ;-( 1135366969 M * Bertl thought so, so the sys_parisc32.c is probably not relevant 1135367002 M * _jso_ Bertl, yes parisc maintainer (specialy Matthew aka willy as mentioned in the file head) 1135367058 M * _jso_ Bertl, ah ok you have right ;-) 1135367152 J * Kelrya ~Kashira@wan11.coolnic.de 1135367526 M * Bertl welcome Kelrya! 1135367533 M * Kelrya hiya Bertl :) 1135368268 M * _jso_ Bertl, btw is there already some work available for 2.6.15-rc? 1135368289 M * Bertl available .. no :) 1135368489 M * _jso_ Bertl, ok thanks 1135368876 Q * mef Remote host closed the connection 1135369579 M * _jso_ well I have to leave now, thanks for all, and have Happy Christmas ;<) 1135369593 M * Bertl for you too! cya! 1135369615 P * _jso_ Leaving ... 1135371178 J * niobos ~niels@153.215-136-217.adsl.skynet.be 1135371189 M * Bertl welcome niobos! 1135371198 M * niobos Hi Bertl 1135371269 M * niobos I'm wondering how that unification works 1135371419 M * Bertl well, it's quite simple, actually 1135371427 M * Bertl you know how hardlinks work? 1135371556 M * niobos yep 1135371569 M * niobos I understand the concept 1135371575 M * niobos but how do you use it? 1135371591 M * niobos eg: you have 3 (almost) identical vservers 1135371598 M * Bertl that's also simple, you have tools called vunify and vhashify 1135371599 M * niobos and you want to upgrade glibc 1135371615 M * niobos do you need to update them all? 1135371625 M * niobos or just one of them and sync it over somehow? 1135371630 M * Bertl yes, but you usually do it in one step 1135371669 M * Bertl check the vrpm tools for example (vrpm --help) 1135371686 M * niobos ok, I'll start by doing that 1135371694 M * Bertl you see that it supports --unify and more than one guest 1135371716 M * Bertl so basically you do the update and unification in one step 1135371743 M * Bertl of course, you could also do that in separate steps 1135371751 M * Bertl - update guest 1,2 and 3 1135371760 M * Bertl - then reunify the affected files 1135371793 M * niobos I'm not using an RPM-based system, so that might be the only way to do it... 1135371834 M * Bertl yes, well, the vrpm doesn't do it that different ... 1135372717 J * dos000 ~dos000@wsp05974758wss.cr.net.cable.rogers.com 1135372963 J * pflanze ~chris@84-73-53-130.dclient.hispeed.ch 1135373050 M * pflanze Hello 1135373059 M * Bertl welcome dos000! pflanze! 1135373080 M * jayeola um, wtf do i need xalan-j for? `xalan-j is needed by util-vserver-0.30.209-0.i386` 1135373120 M * jayeola forgive the languaue chaps... 1135373150 M * Bertl jayeola: well, it's your good name which might get rusty on a public channel :) 1135373165 M * Bertl jayeola: it's for the documentation and not strictly required 1135373220 M * Bertl pflanze: did you get my replies? 1135373236 M * pflanze Bertl: well did you get my replies to your replies? 1135373251 M * pflanze Dez 23 17:54:55 Bertl_oO: I checked using http://www.bpfh.net/simes/computing/chroot-break.html 1135373252 M * pflanze Dez 23 17:55:47 Bertl_oO: "mount it into the right place": How (assuming I don't want to restart the guest)? 1135373269 M * Bertl ah, yes 1135373288 M * Bertl but the important question is, how do you test 1135373327 M * pflanze Well, what I did: 1135373342 M * Bertl because one very common error is that folks use 'vserver enter' to test with 1135373355 M * Bertl (which of course is completely wrong) 1135373355 M * pflanze yes I did that 1135373377 M * pflanze you mean, then namespaces aren't set up corertcly 1135373387 M * Bertl if you want to verify the guest, you have to do that from a guest process, not from a host process 1135373404 M * Bertl so, the best way is to ssh into the guest 1135373425 M * pflanze okay 1135373440 M * pflanze But why do I see /tmp/* stuff with vserver enter? 1135373457 M * pflanze that looks like it is in namespaces too. 1135373461 M * Bertl you enter the namespace, but you do not get the rbind 1135373469 M * pflanze ah 1135373497 M * pflanze But: even if my test is flawed considering that it's not how programs are run normally, 1135373514 M * pflanze if vserver enter isn't secure that's a problem already. 1135373524 M * niobos Bertl: I've found some unify-stuff in my distro (Gentoo)...but not very documented... What exactly do vunify and vhashify do? 1135373545 M * Bertl pflanze: well, vserver enter can not be secure unless you do not use it :) 1135373550 M * pflanze So the barrier is needed anyway. 1135373596 M * Bertl niobos: those tools help identifying and unifying common files between different guests 1135373606 M * pflanze Well are there other problems with vserver enter than that of the missing namespace-based barrier replacement? 1135373637 M * Bertl yes, IMHO a lot of stuff is 'carried' over from the host (and certain connections remain to the host) 1135373693 M * pflanze Why isn't 'enter' made secure, other than not implemented? 'start' can start processes securely, so.. 1135373695 M * Bertl that is why I suggest to avoid 'enter' unless absolutely required and/or in a trusted environment 1135373742 M * Bertl pflanze: because to become secure, you must leave behind all 'connections' to the outside, which is barely what you want (when doing enter) 1135373776 M * niobos all connections to the outside: so including the TTY connection? 1135373785 J * spd1snd ~psingh@68-232-133-13.chvlva.adelphia.net 1135373791 M * Bertl yep, that's one of my personal concerns :) 1135373793 M * pflanze carrying over env from the host is no problem except information leaks, carrying over fd's is no problem for fd 0,1,2. 1135373797 M * spd1snd anyone running qmail in a vserver? 1135373798 M * Bertl welcome spd1snd! 1135373803 M * FaUl spd1snd: me 1135373818 M * FaUl Bertl: how well is vs2.1.0 tested on sparc64? 1135373839 M * FaUl and how well is 2.0 tested on it? :-) 1135373839 M * spd1snd FaUI: iva started qmail within the vserver but cant connect to port 25 on that same vserver... did you have to edit any config files either for qmail in the vserver or on the host machine? 1135373864 M * Bertl spd1snd: maybe another MTA is running on the host? 1135373889 M * spd1snd nope, no other MTA is on this box... its a brand new box i brought up today actually and this is the only vserver on there 1135373914 M * spd1snd also did a netstat -ta on both the vserver and host ... didnt see anything using port 25 1135373918 M * FaUl spd1snd: maybe exim or something standard--foo? 1135373932 M * FaUl spd1snd: uhm 1135373941 M * FaUl spd1snd: have you started qmail-smtpd? 1135373969 M * spd1snd FaUI: yep, when i do a ps aux, it shows that its running there 1135373979 M * FaUl spd1snd: how? 1135373988 M * FaUl spd1snd: started by tcpserver? 1135373996 M * FaUl or by inetd/xinetd? 1135374000 M * mnemoc have you ever used qmail? 1135374006 M * spd1snd FaUI: all controlled through svscan 1135374023 M * spd1snd mnemoc: yep, although only on RH machines, this new box is running gentoo 1135374033 M * FaUl spd1snd: yes, but you have to start qmail-stmpd with tcpserver/inetd/xinetd 1135374050 M * mnemoc or tcpsvd :) 1135374053 M * mnemoc which is gpl 1135374089 M * spd1snd FaUI: never heard of tcpserver.. maybe im out of the loop here, is that because this is a gentoo box? 1135374090 M * jayeola ok, i've just run `rpmbuild -tb -vvvvvvvvv --without xalan util-vserver-0.30.209.tar.bz2` 1135374098 M * mnemoc i guess gentoo include the proper scripts to start them 1135374117 M * mnemoc spd1snd: tcpserver is the _official_ and only supported way to run qmail 1135374129 M * jayeola looks like the following dir was created:- /usr/src/redhat/RPMS/i386/ 1135374159 M * spd1snd FaUI: actually, nvm, i am using tcpserver... if i look in /service/qmail-smtpd/run... i see that everything is called through tcpserver 1135374163 M * jayeola i guess i ether that dir and rpm -i util-vserver-sysv-0.30.209-0.i386.rpm, huh? 1135374170 M * pflanze Bertl: are there other known weaknesses? I'd love to know about them. 1135374182 M * pflanze (other than vserver enter) 1135374195 M * Bertl pflanze: well, not that I know of ... 1135374207 M * mnemoc spd1snd: the only difference between 'real server' and guest, is to use an ip instead of '0' on tcpserver call 1135374313 M * daniel_hozac jayeola: you shouldn't build things as root ;) 1135374314 M * spd1snd FaUI: can you show me what yoru tcpserver call is in qmail-smtpd/run? 1135374355 M * pflanze What about vunify? 1135374361 M * jayeola daniel_hozac: oh. and thanks 1135374366 M * pflanze Is it secure on running guests? 1135374377 M * pflanze (at least thought to be secure) 1135374385 M * spd1snd FaUI: actually, nvm on showing me that, i just found the manpage and it seems straightforward... let me give this a try 1135374388 Q * niobos Quit: leaving 1135374400 M * pflanze (ah where has it gone, btw?) 1135374442 M * Bertl pflanze: was kind of replaced by vhashify 1135374459 M * spd1snd mnemoc: ive changed the 0 to my IP and restarted using "svc -t /service/qmail-smtpd" ... still cant connect 1135374528 M * Bertl pflanze: according to enrico, the unification process is secure (even on a running guest), but it could use a verification, I'd say 1135374530 M * mnemoc netstat -nlp ... is it listening? 1135374554 M * mnemoc is it running? 1135374568 M * Bertl pflanze: personally I do suggest not to touch a running guest at all (except for stopping and/or restarting) 1135374614 M * mnemoc spd1snd: i really doubt the issue i related to vserver 1135374617 M * mnemoc is* 1135374643 M * spd1snd hmm, netstat -nlp does not show anything on port 25 still 1135374705 M * pflanze k 1135374714 M * mnemoc read the logs, run it by hand, run it inside strace... lot of ways to trace an issue on a service :) 1135374719 M * spd1snd only ssh is running on the host machine, so i cant imagine theres anything going on with that 1135374722 M * spd1snd ok :) 1135374871 M * dos000 hey Bertl 1135375037 M * spd1snd FaUI: did you need to modify the TCPSERVER_HOST in /var/qmail/control/conf-common? 1135375229 J * oDn_ ~odn@ANice-151-1-23-75.w83-113.abo.wanadoo.fr 1135375284 M * Bertl welcome oDn_! 1135375410 M * mnemoc wth is /var/qmail/control/conf-common? 1135375577 Q * dos000 Quit: Leaving 1135375636 Q * Johnnie Remote host closed the connection 1135375645 Q * oDn|ZZzz Ping timeout: 480 seconds 1135375645 N * oDn_ oDn|ZZzz 1135375749 J * Johnnie ~jdlewis@acs-24-154-53-16.zoominternet.net 1135376303 M * spd1snd mnemoc: after playing around with it for a bit... it seems that it has something to do with the softlimit command... im not sure how to explain it, but qmail seems to run without that line... 1135376335 M * spd1snd mnemoc: softlimit is called within /service/qmail-smtpd/run 1135376366 M * mnemoc uhm, yes... i don't use softlimit 1135376378 M * mnemoc you need an special capability for that afaik 1135376383 M * spd1snd gotcha, so removing that part of it wont kill me then 1135376393 M * spd1snd have you had any problems running without softlimit? 1135376416 M * mnemoc nope 1135376556 J * shedi ~siggi@213-140-22-77.fastres.net 1135376744 M * spd1snd mnemoc: works now :) thanks for all your help 1135376765 M * mnemoc :) 1135378612 Q * Johnnie Remote host closed the connection 1135378722 J * Johnnie ~jdlewis@acs-24-154-53-16.zoominternet.net 1135379312 Q * spd1snd Quit: spd1snd 1135380776 P * stefani I'm Parting (the water) 1135380889 J * spd1snd ~psingh@68-232-133-13.chvlva.adelphia.net 1135380941 M * spd1snd im running qmail in a vserver for the first time today... it accepted a few emails initially but then the logs started showing "tcpserver: fatal: unable to bind: address already used" ... anyone seen that? 1135380978 M * Bertl spd1snd: check on the guest/host, maybe the address is already used? 1135381017 M * Bertl spd1snd: maybe it is qmail getting in it's own way 1135381021 M * spd1snd Bertl: nothing else running on the host and this is the only vserver... again, it binds to 25 and accepts a few mails, then shows that error 1135381032 M * spd1snd i have to kill all tcpservers proccess to get it working right again 1135381060 M * Bertl okay, how reproduceable is that? 1135381110 M * spd1snd every time i restart qmail, it seems that it might be starting too many tcpservers or something 1135381146 M * Bertl okay, so a good test would be to start it outside the guest (in a simple chroot to the guest's root) 1135381184 M * Bertl if that gives similar issues, then it is qmail or tcpserver related not linux-vserver ... 1135381265 M * spd1snd yep, it looks like its not vserver... must be qmail 1135381321 M * Bertl well, qmail is part of the D.J.Bernstein universe .. so there _are_ some things quite different ... 1135381468 M * Johnnie hahaha 1135381526 M * Johnnie spd1snd: What do you have in addition to qmail? 1135381531 M * Johnnie Any other goodies? 1135381559 M * spd1snd Nope, nothing else installed... although, im wondering if some old qmail-smtpd instances are running because i manually started a few when i was testing earlier today 1135381568 M * spd1snd im rebooting the server just to make sure there's nothing funky going on 1135381582 M * Johnnie I've had some qmail bloopers before. 1135381597 M * Johnnie Most related to relay-ctrl and other assorted nightmares. 1135381747 M * spd1snd that was it :) i had some old tcpservers processes running from when i was manually testing earlier... a simple reboot fixed... its running fine now 1135381839 M * Johnnie Excellent. 1135381968 M * Bertl okay, off to bed now .. back tomorrow ... merry xmas :) 1135381976 N * Bertl Bertl_zZ 1135382077 Q * Johnnie Remote host closed the connection 1135382230 J * lilalinux ~plasma@h1-gw.of.net-lab.net 1135382323 M * lilalinux I want to install an ftpd in a vserver, but the ftp requests get caught by the ftpd of the host, any idea?