1137369981 M * marl ok, installed dietlibc, and now configure gives : checking whether to enable dietlibc... no (detected) does this meen its not found it, or its found it but cant use it for some reason? 1137370022 M * derjohn marl, are you aware how dependencies util-vserver has? things like libbeecrypt etc. .... 1137370045 M * marl yup, slowly getting there LOL 1137370063 M * marl libbeecrypt was my next one to find and install 1137370106 M * derjohn marl, could it be that util-vserver configure script expects the lib on a different place (i.e. not checking .../local/.. or where you placed it= 1137370323 M * daniel_hozac Bertl: http://daniel.hozac.com/tmp/util-vserver-0.30.209-chbind-netapi.patch 1137370355 M * marl just tried moving it from /usr/local/bin to /bin with no luck 1137370377 M * marl lol looks like i dont have the 'which' command, that is used to detect the software 1137370394 M * daniel_hozac alias which='type -p' ;) 1137370502 M * Bertl daniel_hozac: hmm, cool! 1137370514 M * daniel_hozac whoops, screwed up on the rediff... 1137370515 M * marl done :) thanks 1137370516 M * derjohn marl, no 'which' ? debianutils: usr/bin/which ;) 1137370544 M * marl lol, LFS not debian, got ot work it all out from scratch :( 1137370597 M * daniel_hozac Bertl: seems to work quite fine, could obviously use some improvements though... 1137370674 Q * flock Read error: Connection timed out 1137370735 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1137372531 M * daniel_hozac ok, updated the patch so it also patches vserver.functions. everything seems to work great. 1137372544 M * Bertl excellent work! 1137372554 M * Bertl url? 1137372558 M * daniel_hozac same one. 1137372720 M * daniel_hozac does the logic in make_nx look ok? i think i have tested all the branches, but i'm not sure. 1137372861 M * Bertl vc_net_create(nid) != nid is always suspect to me :) 1137372874 M * Bertl what if nid = -1 ? 1137372901 M * Bertl (I know this is caught by th dynamic test, but that's not obvious 1137373080 M * daniel_hozac so what do you suggest instead? :) 1137373125 M * Bertl what does vc_net_create() return on error? 1137373167 M * daniel_hozac -1, i assume. 1137373188 M * Bertl so testing for that, then checking errno would be 'more natural' no? 1137373241 M * daniel_hozac yeah, true. 1137373368 M * daniel_hozac ok, anything else i should change? 1137373454 M * Bertl rest seems fine ... 1137373493 M * Bertl (except for whitespace differences, which I do not care about) 1137373536 M * daniel_hozac whitespace differences? 1137373566 M * Bertl + { "nid",required_argument, 0, CMD_NID }, 1137373579 M * Bertl seems to use a tab, where the others use spaces 1137373601 M * daniel_hozac ah, yes. i missed that. 1137373615 M * daniel_hozac thanks. 1137373618 M * Bertl similar might be true for +#define CMD_NID0x2003 1137373660 M * daniel_hozac no, those are all tabs. 1137373665 M * Bertl k 1137374046 M * daniel_hozac filed at savannah as https://savannah.nongnu.org/patch/index.php?func=detailitem&item_id=4799 1137374085 M * derjohn is ensc the only one with write access to savannah ? 1137374091 M * daniel_hozac i think so. 1137374093 M * Bertl excellent, will add it to the next util-vserver release (mdk) on 13thfloor.at :) 1137374149 M * derjohn Bertl, do the releases differ? I remeber you "addons" (or whatever 't was called) but not a different util-code? 1137374166 M * daniel_hozac sigh, i uploaded the whitespace difference patch :| oh well. 1137374190 M * daniel_hozac i will be adding it to the Fedora and CentOS RPMs as well. 1137374220 M * derjohn daniel_hozac, do I have to expect any drawback when using the patch? (I got it uses the new api, right? so the first preparations for NG are done? ) 1137374242 M * Bertl no, jsut a few aptches (next ones will have mips and the netapi changes) 1137374263 M * daniel_hozac it's not really for NG, it just lets you disable the legacy networking API. 1137374267 M * daniel_hozac (finally) 1137374284 M * Bertl derjohn: no, the patches move from legacy-legcy to new-legacy :) 1137374297 M * derjohn eh *eyesroll* 1137374309 M * daniel_hozac hehe. 1137374312 M * Bertl well, let me explain ... 1137374315 M * derjohn Bertl, ah .... yes ... you nameing schemes are always confusing :) 1137374360 M * Bertl I didn't touch the network api much before 2.0, but when we prepared for the 2.6 release, we actively developed a new API for the existing networking 1137374385 M * Bertl (that was actually done somewhere in 1.9.x 1137374386 M * Bertl ) 1137374405 M * derjohn hm, so only 2.4 users would need the old API ? 1137374414 M * Bertl for whatever reason, enrico never got to finish this, and so it was dormant ... 1137374433 M * derjohn old == legacy-legacy 1137374442 M * daniel_hozac he didn't have much left either. 1137374448 M * daniel_hozac (as is evident from my patch) 1137374465 M * Bertl now, as we can disable 95% of the legacy API, this is one of the really old legacies like the dynamic contexts 1137374523 M * Bertl anyway, as ngnet is _not_ available yet, disabling legacynet will automatically use the new network API 1137374575 M * Bertl because NGNET will give 'virtual' networking, there is no purpose for the current networking APIs (e.g. limiting the network interface to an IP subset) 1137374632 M * derjohn hm, dynamic contexts ... why dont we simply hash over the vservers name to a number? so the vservers name could represent the context... then there would be no need for a static number (at least none the user sees) 1137374702 M * daniel_hozac hashing is prone to duplicates. 1137374709 M * daniel_hozac which, for the purpose of hashing, isn't a problem. 1137374713 M * Bertl no problem with that, we could even use the names as unique identifier inside the kernel, but it is very ambiguous ... you need a length limit and you ahve to pass it on _every_ syscall, and aside from that, this kind of 'reservation' or 'assignment' could be done in userspace 1137374761 M * Bertl just have a file in /etc/vservers/nametoid which works like passwd 1137374768 M * derjohn daniel_hozac, yes especially with 8 bit :) 1137374775 M * Bertl 16bit 1137374828 M * derjohn Bertl, yes I think the usage of dynamic IDs is simply that the users dont want to care about the numbers hand-ish 1137374855 M * Bertl well, but they better should ... similar to uid/gid 1137374880 M * derjohn Bertl, nice idea. 1137374929 M * derjohn Bertl, if I pursue my idea of having one 'admin' user per vserver guest, the guests xid could be the users's id. 1137374951 M * daniel_hozac derjohn: hmm, root? 1137374977 M * derjohn Bertl, I looked at perl's auth::pam and it does not look very difficult to make a pam-ed wrapper to a suid util-vserver 1137374992 M * derjohn oops :) 1137375014 M * daniel_hozac derjohn: *cough* sudo *cough*? 1137375053 M * derjohn daniel_hozac, hm ... /etc/sudoers ... yes, now that you mention it ... 1137375064 M * derjohn but 1137375103 M * derjohn daniel_hozac, I want user 1001 gibt the right to start/stop guest A, user 1002 the right for start/stop guest B ... etc. 1137375122 M * daniel_hozac why don't said users live inside the guests as root? 1137375140 M * daniel_hozac or, hmm, i guess that won't work for start. 1137375156 M * derjohn daniel_hozac, eh, yes :) 1137375163 M * daniel_hozac derjohn: and if there's a pattern, you could always just generate sudoers with a script. 1137375177 M * daniel_hozac make a cronjob out of it. 1137375180 M * derjohn daniel_hozac, yes, one wrapper-script per guest 1137375191 M * daniel_hozac hmm? 1137375210 M * daniel_hozac why would you need a wrapper, if you have sudo? 1137375218 M * derjohn daniel_hozac, background: I run a backup-server on 192er IPs. Colo Users rsync their whole server as "root" into their particular guest. 1137375281 M * derjohn daniel_hozac, in case of "real shit" they stop their real colo server, enter our (shared) backup-server and start their guest (with the backup) with differnet IP 1137375372 M * derjohn there is /var/lib/vservers/backupservera and /var/lib/vservers/backupservera/hereismybackup .. in cave of emergeny they have to start the "backupped" debian within .../hereismybackup as guest 1137375404 M * Bertl might be a job for heartbeat ... 1137375406 M * derjohn so I would like to give them the opportunity to do so without waking up /me or my colleague := 1137375431 M * derjohn Bertl, I am lazy but not insane ;) .. you are talking about vrrp ? 1137375486 M * derjohn daniel_hozac, I need the warpper to give UID 1001 ONLY "vserver hisbackup start" and not "vserevr $OWNARGS" .... 1137375487 M * daniel_hozac derjohn: so their backup is within a shared backup server? 1137375495 M * daniel_hozac derjohn: sudoers can do that. 1137375504 M * derjohn daniel_hozac, yes there it is. 1137375520 M * derjohn daniel_hozac, you can give parameters to sudoers? 1137375536 M * daniel_hozac derjohn: ALL = /usr/sbin/vserver would restrict them to commands starting with /usr/sbin/vserver 1137375565 M * derjohn daniel_hozac, THX, that's what I was lookign for ! ! 1137375641 M * derjohn daniel_hozac, dies sudoers work with $USER ? like "* ALL = = /usr/sbin/vserver $USER" ? 1137375648 M * derjohn s/dies/does 1137375683 M * derjohn (perhaps I am insane :) 1137375789 M * derjohn o man, my typo, I think I need some sleep. no bertl timezone today for me. daniel_hozac THX anyway I will figure it out ... 1137375797 M * derjohn n8 daniel_hozac Bertl et al. 1137375848 M * Bertl night! 1137376708 M * daniel_hozac night! 1137385276 J * dlippolt ~dlippolt@cpe-70-112-77-129.austin.res.rr.com 1137385292 M * Bertl welcome dlippolt! 1137385295 M * dlippolt howdy! 1137385309 M * dlippolt happy to report new vserver code running happily on our app cluster 1137385322 M * Bertl excellent! which version? 1137385431 M * dlippolt patch-2.6.12.4-vs2.0.diff 1137385444 M * dlippolt against 2.6.12.5 1137385503 M * Bertl ah, interesting ... 1137385521 M * dlippolt the multicast stuff is working great (tomcat cluster) 1137385540 M * dlippolt we're still running 2.4 on the rest of our app cluster boxes and our db cluster 1137385552 M * dlippolt we may migrate them all to 2.6 this quarter 1137385573 M * Bertl is there a reason for 2.6.12.5? 1137385601 M * dlippolt not that i can remember 1137385611 M * Bertl okay, just happened ... 1137385619 M * dlippolt .4 and .5 are on in /usr/src 1137385628 M * dlippolt ended up using .5 for some reason, dont remember what that was 1137385650 M * dlippolt did it on 11-23 1137385681 M * dlippolt reason i connected tonight, though, is i'm interested in throwing up a zimbra test instance 1137385692 M * dlippolt its a binary install calling for fc3 or fc4 1137385719 M * dlippolt looking on the 13thfloor wiki for docs 1137385739 M * dlippolt but only finding fc guest on fc host (so yum is already configured) 1137385747 M * dlippolt or fc2 binary guest images 1137385754 M * dlippolt am i just missing it? 1137385828 M * Bertl what is your hsot distro? 1137385833 M * dlippolt deb sarge 1137385848 M * Bertl well, that is tough regarding rpm/yum based distros 1137385851 M * dlippolt no redhat hosts 1137385897 M * Bertl when you manage to install a working rpm (which is easier than apt-rpm or yum on debian), you can use that with an rpm list to install rpm based guests 1137385948 M * Bertl we were investigating rpmstrap for those cases, but there is no working solution yet 1137385952 M * dlippolt interesting. so all i need is to find the fc4 rpm list and feed it into rpm 1137385972 M * Bertl well, into the rpm isntall method of util-vserver 1137385987 M * Bertl the though part is to get rpm working on debian ... 1137385994 M * dlippolt *hard part 1137385994 M * dlippolt ? 1137386003 M * dlippolt *tough right 1137386016 M * dlippolt dumb question: rpm is available thru apt 1137386022 M * dlippolt or is that just apt-rpm / 1137386025 M * dlippolt ? 1137386041 M * Bertl that's one of the debian problems here, apt != apt-rpm 1137386060 M * Bertl and debian seems not to allow apt-rpm 1137386084 M * dlippolt can i grab an fc2 binary for a guest 1137386094 M * dlippolt and use the tools in it to spawn an fc4 host? 1137386097 M * dlippolt *guest 1137386110 M * Bertl well, no, you can use any template 1137386129 M * Bertl and you might be able to upgrade an fc2 guest to fc3 and later to fc4 1137386149 M * dlippolt yeah. i presume there's an equivalent dist-upgrade 1137386163 M * dlippolt i got off redhat at aroudn version 7 ;) 1137386168 M * Bertl but it might be easier to ask somebody with an rpm based host to 'simply' isntall a guest for you, and take that as template 1137386229 M * dlippolt so could i do something like install fc4 here at the house, install vserver, create a guest, then rsync that guest up to the colo ? 1137386256 M * Bertl sure 1137386274 M * Bertl you could even skip the vserver part if you cleanup the guest afterwards 1137386291 M * Bertl i.e. copy the fc4 host install and clean it up later 1137386294 M * dlippolt oh, right, since i'll never actually start the guest 1137386310 M * dlippolt you mean just install the vserver-utils 1137386323 M * dlippolt or you mean use the -host- as the template 1137386336 M * Bertl well, both should work 1137386368 M * dlippolt sweet. (firing up virtualpc... i became a mac addict/snob a since osx) 1137386395 M * Bertl fine fine, but why virtualpc :) 1137386425 M * dlippolt no x86 hardware here 1137386425 M * Bertl (you could as well use QEMU, but I agree, probably VPC is more tested on darwin) 1137386437 M * dlippolt haha, yeah 1137386480 M * dlippolt i play both sides of the fence. use debian (and open/free) versions of just about everything. but i use vpc, and sun's jdk. a few other exceptions 1137386597 M * Bertl well, that's your choice ... np with that :) 1137387059 M * andrew_ virtualpc is fucking slow... 1137387100 M * Bertl it will get faster, on intel macs (dual core :) 1137387333 J * Johnnie ~jdlewis@acs-24-154-53-16.zoominternet.net 1137387349 M * Johnnie Anyone about? 1137387354 M * dlippolt its slow... and on the dualg5's it only works in NAT mode 1137387364 M * dlippolt which.. sucks 1137387372 J * hue ~hue@218.20.51.109 1137387413 M * Bertl welcome hue! 1137387444 M * Johnnie I'm having a problem which I cannot figure out... haha 1137387448 M * Johnnie http://jdlewis.pastebin.ca/36946 1137387464 M * Johnnie If anyone has an idea what that's about, I'd be interested to find out. 1137387472 M * Bertl ah, hey Johnnie! almost missed your appearance ... 1137387488 M * Johnnie Hey Bertl :] 1137387529 M * Bertl Johnnie: enable legacy network or use daniel_hozac's patch to util-vserver 0.30.209 :) 1137387557 M * Bertl this is 2.1.x with LEGACYNET disabled, right? 1137387635 M * Johnnie It's 2.1.0.4, kernel 2.6.15 ... Gentoo. 1137387645 M * Johnnie So, I need to turn that on in the kernel then, right? 1137387650 M * Johnnie I must have missed that. 1137387671 M * Bertl either that or use the latest patch, or use hollow's tools 1137387677 M * Johnnie Okay. 1137387694 M * Johnnie I have version 0.30.209-r1 of his tools...I must need to have to turn that on in the kernel. 1137387710 M * Johnnie err, that made no sense 1137387718 M * Johnnie I must turn that on. :) 1137387831 M * Bertl it's probably the best option to do that .. yes 1137387859 M * hue Bertl: hello Bertl 1137387912 M * Johnnie Hmmm... 1137387925 M * Johnnie So, vserver-utils is what, a new version of util-vserver ? 1137387974 M * Bertl yes, basically rewritten from scratch 1137388023 M * Johnnie Oy vey! 1137388104 M * monrad_ in BASIC :) 1137388125 J * Smutje_ ~Smutje@xdsl-87-78-7-14.netcologne.de 1137388274 Q * Smutje Ping timeout: 480 seconds 1137388371 M * Johnnie Hmmm. 1137388421 M * Johnnie So, should I have both sets of utilities installed? 1137388559 M * Johnnie hercules etc # vserver start test 1137388559 M * Johnnie error: vps.loadconfig: cannot find configuration for 'test' 1137388559 M * Johnnie hercules etc # 1137388562 M * Bertl no, definitely not 1137388568 M * Johnnie I have a configuration in /etc/vservers 1137388573 M * Johnnie Am I missing something? 1137388581 M * Bertl you want one of the following three options: 1137388593 M * Bertl a) compile the kernel with LEGACYNET 1137388610 M * Bertl b) compile util-vserver 0.30.209 with daniel's patch 1137388626 M * Bertl c) use hollow's tools (whcih are highly experimental) 1137388658 M * Johnnie I have LEGACYNET on...I see that I compiled it in before. 1137388673 M * Johnnie I tried 0.30.209-r1 from the Gentoo portage tree... no go. 1137388685 M * Johnnie Hollow's tools don't do anything...except frustrate me. 1137388691 M * Johnnie Did the configurations get moved or something? 1137388757 M * Bertl you have legacynet on, okay, then you are missing the dynamic context ids ... 1137388788 M * Bertl (in the kernel config) 1137388902 M * Johnnie So, now I need to enable the Legacy Kernel API then? 1137388993 M * Bertl probably, well, the kernel is slightly ahead of the tools in devel 1137389005 M * Johnnie Okay. 1137389036 M * Johnnie I'll give this a try. 1137389043 M * Johnnie Fortunately, this server is fast and compiles at the speed of light. 1137389044 M * Johnnie haha 1137389046 M * Johnnie Well, almost. :) 1137389686 J * Johnsie ~jdlewis@acs-24-154-53-16.zoominternet.net 1137389686 Q * Johnnie Read error: Connection reset by peer 1137389736 J * Viper0482 ~Viper0482@p54976368.dip.t-dialin.net 1137389929 M * Bertl okay, I'm off to bed now .. have a nice whatever everyone ... cya later 1137389935 N * Bertl Bertl_zZ 1137390197 M * Johnsie Okay, that fixed it. 1137390199 M * Johnsie Thanks, Bertl_zZ. 1137390213 M * Johnsie Have a great night/morning. 1137390654 J * tudenbart ~willi@xdsl-213-196-254-158.netcologne.de 1137391088 Q * dothebart Ping timeout: 480 seconds 1137392190 Q * Viper0482 Remote host closed the connection 1137392364 M * Hollow Johnsie: my tools don't do anything? i can't believe, at least they should spit out some errors :P 1137392449 M * Johnsie error: vps.loadconfig: cannot find configuration for 'test' 1137392501 M * Hollow well, seems like you did not create a configuration..? 1137392725 J * balbir ~balbir@59.145.136.1 1137393709 M * Johnsie Yes, I did. :) 1137393728 M * Johnsie I'm back to the old utilities. 1137395222 Q * nokoya Ping timeout: 480 seconds 1137395380 J * nokoya ~young@hi-230-82.tm.net.org.my 1137395596 J * Aiken_ ~james@tooax7-031.dialup.optusnet.com.au 1137395954 Q * Aiken Ping timeout: 480 seconds 1137396433 Q * NikDaPhreak Quit: Hybernating my brain.... 1137396451 Q * Johnsie Quit: G'bye! 1137397303 Q * klap Quit: plop 1137398600 P * undefined 1137400075 J * NikDaPhreak ~NikDaPhre@217.75.141.95 1137400080 M * NikDaPhreak hi all 1137400085 M * schellh moin 1137400217 Q * shedi Quit: Leaving 1137403587 J * click click@ti511110a080-5108.bb.online.no 1137404595 Q * dlippolt Ping timeout: 480 seconds 1137406051 J * shedi ~siggi@tolvudeild-198.lhi.is 1137406392 J * prae ~prae@ezoffice.mandriva.com 1137406431 J * meandtheshell ~markus@85-124-9-115.dynamic.xdsl-line.inode.at 1137406669 J * coocoon ~coocoon@p54A051CF.dip.t-dialin.net 1137406742 M * coocoon hello 1137407172 M * schellh hi 1137408843 Q * NikDaPhreak Quit: Hybernating my brain.... 1137410392 J * Viper0482 ~Viper0482@p54976368.dip.t-dialin.net 1137410639 M * marl morning all :) 1137410680 M * marl anyone tell me if this is somthing i should be worried about and if so what did i miss? running configure on util-vs 0.30.209 and seeing this in the output : checking sys/capability.h presence... no 1137410692 M * marl did i miss something in thekernel config? 1137410729 Q * balbir Ping timeout: 480 seconds 1137410735 Q * Viper0482 Quit: bin raus, 1137411480 J * Viper0482 ~Viper0482@p54976368.dip.t-dialin.net 1137411554 M * Hollow marl: capability.h is in linux/ normally, no in sys/.. does configure stop with an error on this one? 1137411710 M * harry okay 1137411722 M * harry what do i do to completely understand how vserver internals work 1137411735 M * harry why what is patched the way it is 1137411743 M * Hollow go to /usr/src/linux/kernel/vserver and read the source :) 1137411751 M * harry will do :) 1137411766 A * harry wants to try some security auditting on it 1137411778 M * harry and completely understand it, so that i can patch stuff etc.. 1137411814 A * harry now off for lunch 1137411819 M * Hollow ah ic.. so you're familar with security aspects? 1137411827 M * harry Hollow: i try 1137411837 M * harry :) 1137411845 M * Hollow great, probably you can look at the vservre-utils source too :) 1137411851 M * marl no it doesnt stop configure, im compiling this on a self built install, so was wandering if id missed something 1137411855 M * harry true 1137411872 M * harry will do all of that 1137411879 M * Hollow sounds good :) 1137411893 M * harry but first... 1137411901 M * harry compiling 2.6.14.6 for laptop here... 1137411916 M * harry and now... lunch (while compiling... i'm multitasking!!1 ;)) 1137411928 M * Hollow heh, cu 1137411955 M * daniel_hozac marl: sys/capability.h is part of libcap, but it shouldn't be strictly required. 1137411974 M * Hollow daniel_hozac: is this different from linux/capability.h? 1137411979 M * marl ok, what am i likly to lose by not having it? 1137412019 M * daniel_hozac Hollow: not for the purposes of util-vserver, i think. 1137412031 M * daniel_hozac it has some additional helper functions for userspace when dealing with capabilities. 1137412033 M * Hollow ok, thanks for the info 1137412064 M * daniel_hozac marl: nothing. it should fall back to /usr/include/linux/capability.h automatically. 1137412077 M * marl ok thanks 1137412094 M * marl but im better with the libcap anyway? i take it 1137412126 M * daniel_hozac util-vserver doesn't really care. 1137412151 M * marl ok thanks :) 1137412154 M * daniel_hozac i think it just wants the CAP_* defines. 1137412160 J * balbir ~balbir@59.145.136.1 1137412193 Q * Aiken_ Quit: Leaving 1137412195 M * marl ok, only one other error thats got me puzzled during the configure : checking for vserver... no 1137412235 M * daniel_hozac it just checks if glibc has a vserver function. 1137412245 M * daniel_hozac as it does for most syscalls. 1137412261 M * daniel_hozac but, we shouldn't expect that any time soon, i guess ;) 1137412287 M * marl ah, ok again meny thanks :) 1137413474 Q * Viper0482 Quit: bin raus, 1137415537 M * marl how can i check if the barrier attrib is set corectly on a directory? 1137415564 M * marl does the testme.sh script check it for you? 1137415602 M * Hollow lsattr -d /vservers 1137415623 M * Hollow darr 1137415626 M * Hollow showattr of course 1137415671 M * marl i get all dashes fo rthe lsattr command is that rite? 1137415681 M * Hollow no, use showattr 1137415697 M * marl bui? 1137415709 M * Hollow if barrier is set b would be capitalized 1137415711 M * marl b stand for barrier? 1137415713 M * Hollow so, no.. 1137415734 M * Hollow lower-case letter indicates that the attribute is available for this entry, and uppercase indicates it is set 1137415792 M * marl ok thanks got it now :) thought id already done the barrier bit , but just redone it and its worked, think i misstyped it last time LOL 1137415805 M * Hollow you're welcome! 1137415874 M * marl well it now looks like ive managed to not only compile linux from the ground up but also install vserver :) :) :) :) :) 1137415898 M * marl now im away out to try and earn some money, and then ill try installing something LOL 1137415920 J * michal` ~michal@www.rsbac.org 1137416555 J * undefined ~undefined@adsl-68-93-109-94.dsl.rcsntx.swbell.net 1137416756 Q * coocoon Ping timeout: 480 seconds 1137417418 J * coocoon ~coocoon@p54A07A79.dip.t-dialin.net 1137418362 J * oliwel ~oliwel@ldvpc07.ldv.e-technik.tu-muenchen.de 1137418371 A * oliwel waves hello to the crowd 1137418374 M * oliwel Hollow: ping 1137418384 J * the_hydra ~a_mulyadi@202.59.168.5 1137419042 J * mkhl ~mkhl@200-153-181-96.dsl.telesp.net.br 1137420202 J * Milf ~Miranda@ipsio108.ipsi.fraunhofer.de 1137420218 M * Milf Good morning dear students :) 1137420456 M * the_hydra hi Milf ;) 1137420542 M * schellh lol 1137420549 M * schellh Mr obscene is here 1137420598 M * Hollow oliwel: pong 1137420606 M * oliwel Hollow: Hi 1137420610 M * Hollow hi 1137420635 M * oliwel Hollow: private Question - whats your favourite Music style - looking for someone to attend me on the "helloween" concert tonight 1137420657 M * Hollow minimal, electro, techno, house ;) 1137420693 M * oliwel Hollow: hmm, they have electric guitars . is this electro enough ;) 1137420700 M * Hollow guess not :) 1137420712 M * Hollow but i'm busy this evening, have to rescue my abitur :P 1137420726 M * oliwel Hollow: ooohhh.... 1137420763 M * Hollow yeah, probably else they would tell "zur abiturprüfung nicht zugelassen" ;) 1137420790 M * Hollow based on the fact i never draw any pictures in art.. 1137420795 M * Hollow was is n ur los.. 1137420852 M * Hollow oliwel: btw.. i've started a vserver terminal daemon, which will solve the devpts issues 1137420895 M * Hollow if you want to take a look: http://home.xnull.de/work/vserver/vserver-utils/src/vtd/ but i doubt it compiles currently ;) 1137420955 M * Hollow off to a friends for lunch now, cu later! 1137421500 M * harry wtf?? 1137421509 M * harry opts.sockname = optarg; 1137421514 M * harry strcpy(sockun.sun_path, opts.sockname); 1137421520 M * harry isn't that dangerous 1137421522 M * harry ? 1137421573 M * schellh i cant tell... well at least he is trying *g 1137421665 Q * the_hydra Quit: 1137421837 Q * balbir Quit: Leaving 1137422045 J * Doener doener@i5387E820.versanet.de 1137422165 Q * mountie Remote host closed the connection 1137422245 M * harry #define UNIX_PATH_MAX 108 1137422245 M * harry struct sockaddr_un { 1137422245 M * harry sa_family_t sun_family; /* AF_UNIX */ 1137422245 M * harry char sun_path[UNIX_PATH_MAX]; /* pathname */ 1137422245 M * harry }; 1137422291 M * harry ==> ./client -s `perl -e 'printf "A"x128'` could crash it? 1137422379 A * harry not sure at all, but i think it should check for the length or so 1137422463 J * mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com 1137422964 M * Doener harry: where is that from? 1137423033 J * menomc ~amery@200.75.27.92 1137423102 M * harry client.c on http://home.xnull.de/work/vserver/vserver-utils/src/vtd/ 1137423121 M * harry the client will probably not be suid, but better safe than sorry :) 1137423142 Q * mnemoc Ping timeout: 480 seconds 1137423142 N * menomc mnemoc 1137423189 J * Johnnie ~jdlewis@acs-24-154-53-16.zoominternet.net 1137423234 M * Doener yeah, should use strncpy 1137423245 M * harry true 1137423251 M * harry sizeof(bleh) 1137423302 M * harry will also be dangerous i think 1137423303 M * harry let me check 1137423394 M * harry true, just a strncpy(sockun.sun_path, opts.socknam, sizeof(sockun.sun_path)); 1137423420 M * Doener hm, according to your paste, UNIX_PATH_MAX should be available, right? 1137423424 M * Doener so you could use taht 1137423428 M * Doener s/taht/that/ 1137423444 M * Doener but sizeof should also work fine 1137423458 M * harry true 1137423470 M * harry sizeof is safer for future 1137423477 M * Doener hm, actually sizeof is probably better... in case that the define ever changes 1137423478 M * harry if the value should ever change 1137423482 M * Doener heh :) 1137423500 M * Doener hm, not value, but name 1137423510 M * harry ehm... yes, :) 1137423544 M * Doener hm, do we need to care about setting a trailing \0? 1137423556 M * harry good q 1137423564 M * harry i don't know if the struct is zeroed 1137423583 M * harry let me check smth 1137423588 M * Doener it's also a question of sizeof(...)-1 or not -1 ;) 1137423601 M * harry hehe 1137423603 M * harry -1 off course 1137423617 M * harry array is labeled from 0 to sizeof(bleh)-1 1137423638 M * harry The strncpy() function is similar, except that not more than n bytes of src are copied. Thus, if there is no null byte among the first n bytes of src, the result will 1137423641 M * harry not be null-terminated. 1137423650 M * harry well... come to think of it 1137423654 M * harry it will be nullterminated 1137423667 M * harry if not... the string is larger than the size, and... 1137423673 M * harry no,, sry, wrong again 1137423676 M * Doener heh :) 1137423679 M * harry it you have to null terminate it :) 1137423704 M * Doener i guess strncpy with sizeof-1 and then setting the last array field to \0 should do the trick 1137423710 M * harry yups 1137423725 M * Doener who cares about a few wasted cycles anyway? ;) 1137423729 M * harry ack 1137423736 A * harry 0xc0ffee now :) 1137423910 Q * Vudumen Ping timeout: 480 seconds 1137423958 M * Doener hm, seems like that is not in svn yet... 1137424019 M * Doener oh well, i don't know whether he'd like me to fix that without asking anyway ;) 1137425089 J * Vudumen vudumen@perverz.hu 1137425148 M * bubulak good host :) 1137425204 M * Doener hm? 1137425218 M * Doener ah, now i c :) 1137425601 J * Johnsie ~jdlewis@acs-24-154-53-16.zoominternet.net 1137425601 Q * Johnnie Read error: Connection reset by peer 1137425607 M * nokoya w 1137425721 Q * mkhl Ping timeout: 480 seconds 1137425721 Q * Johnsie Read error: Connection reset by peer 1137425742 J * Johnsie ~jdlewis@acs-24-154-53-16.zoominternet.net 1137425972 Q * mcp Read error: Connection reset by peer 1137426373 J * Roey ~katz@h-69-3-4-130.mclnva23.covad.net 1137426777 J * dlippolt ~dlippolt@cpe-70-112-77-129.austin.res.rr.com 1137428669 Q * shedi Quit: Leaving 1137428704 J * Viper0482 ~Viper0482@p54976368.dip.t-dialin.net 1137429008 J * mkhl ~mkhl@200-153-153-86.dsl.telesp.net.br 1137429337 N * Bertl_zZ Bertl 1137429343 M * Bertl morning folks! 1137429392 M * mnmr evening :) 1137429410 M * harry yoew 1137429494 M * Milf moved to Australia Bertl? (easy for an Austrian: just buy an A and an L) 1137429525 M * mnmr sounds like a two for one offer ;) 1137429543 M * Bertl lol 1137430017 M * harry hmm... 1137430029 M * harry Doener: the same bug resides in vreboot.x 1137430032 M * harry vreboot.c 1137430044 M * harry sockpath = opt; 1137430050 M * harry int fd = vreboot_connect (sockpath,true); 1137430058 M * harry and vreboot does the same strcpy 1137430066 M * harry * vreboot_connect 1137430113 M * harry don't know if it's exploitable, but afaik it will overwrite memory 1137430119 M * harry s/will/can/ 1137430261 M * coocoon morning 1137430274 M * Bertl harry: what is vreboot? 1137430313 M * harry ahm, code in src/vreboot.c 1137430327 M * Bertl which package? 1137430335 M * harry util-vserver 1137430376 M * Bertl indeed, well, rm -f should help there 1137430395 Q * Milf Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org 1137430402 M * harry Bertl: ? 1137430404 M * Hollow heya Bertl! 1137430415 M * harry fstools.c has some other strangeness... 1137430418 M * harry DIR * dir = opendir("."); 1137430418 M * harry if (dir==0) { 1137430418 M * harry perror("opendir()"); 1137430418 M * harry return 1; 1137430418 M * harry } 1137430426 M * Bertl harry: vreboot via socket and reboot manager was obsoleted more than a year ago 1137430428 M * harry what if opendir command fails 1137430438 M * Hollow harry: the dir is 0 1137430438 M * harry Bertl: it's still in 0.30.209 1137430447 M * Hollow s/the/then/ 1137430451 M * Bertl yeah, just saw it, that's why the rm -f comment 1137430470 M * harry Hollow: ahm... dir is a nullpointer, yes 1137430493 M * harry wouldn't it be more correct to check if dir <= 0 ? 1137430518 M * harry just to make sure you don't get nullpointer derefs 1137430543 M * harry (/me is just looking at the code in a quick scan :)) 1137430546 M * Hollow hm, when would opendir return a negative pointer? 1137430558 M * harry Hollow: man opendir :0 1137430560 M * harry ;) 1137430563 M * Hollow yeah 1137430567 M * harry permission denied 1137430578 M * Hollow or let's say... can a pointer be negative? 1137430579 M * harry too many fd's (this is triggerable) 1137430593 M * harry nono, it will return a NULL-pointer 1137430604 M * Bertl harry: ahem, errno? 1137430608 M * harry The opendir() function returns a pointer to the directory stream or NULL if an error occurred. 1137430623 M * Hollow yeah, that's why if(dir==0) is there 1137430639 M * Bertl Hollow: NULL would be better ... 1137430641 M * harry ow, true, 1137430648 M * Hollow Bertl: difference? 1137430670 M * Bertl none atm, but there might be one at some point in the future 1137430696 M * Hollow in the future of computers or in the future of vserver? ;) 1137430712 M * Bertl strange archs and newer C 1137430733 M * Hollow ic 1137430801 M * Hollow Bertl: btw, i looked at context.c to learn the list implementation, and i wondered why you split the vx_info hash into 13 heads? 1137430843 A * harry stops looking at the util-vserver code now :) 1137430872 M * Hollow harry: you should better audit vserver-utils then util-vserver :P 1137430887 A * Hollow hides 1137430895 M * Bertl Hollow: and, what are your conclusions? 1137430906 M * harry Hollow: i'm not really auditting ;) 1137430922 M * Bertl harry: well, then start auditing now :) 1137430924 M * Hollow Bertl: the only thing i can think of is better performance? 1137430948 M * Bertl Hollow: than what? i.e. what would be your suggestion? 1137430965 M * Bertl 1? 16? 100? 1137430973 M * Hollow suggestion for what? 1137430988 M * Bertl for the number of head nodes 1137430988 M * emp so, if i am on sarge, if i get the alpha vserver-utils, can i create a centos 4 client with that version? 1137431017 M * Bertl emp: usually no, unless you manage to install rpm, yum or apt-rpm 1137431019 Q * Viper0482 Remote host closed the connection 1137431032 M * Hollow Bertl: well, since you have 65533 xids (which can only be split into 13 peaces without having i rest (wow, i even investigated already ;) the split size seems ok, but the question is rather, why you do it 1137431067 M * harry Bertl: where is the implementation of Vwrite 1137431069 M * Hollow (well, you could do 71, 923 or 5041 slices too) 1137431113 M * Bertl Hollow: lol, didn't even know that this is one of the prime factors :) 1137431118 M * Hollow lol! 1137431145 M * Bertl well, the idea of a hash is to reduce the time required to find an entry 1137431179 J * bonbons ~bonbons@83.222.39.249 1137431184 M * Hollow ok, so performance was right, but why is it a speed up? 1137431187 M * Bertl you calculate something 'simple' for each entry (e.g. the context number or a hash sum over a name) 1137431202 M * SNy ... or you use the name ... 1137431210 M * harry got it 1137431226 J * Viper0482 ~Viper0482@p54976368.dip.t-dialin.net 1137431235 Q * prae Quit: Execute Order 69 ! 1137431242 M * Bertl then, of course, you could use a perfect hash to find the element with a single lookup 1137431277 M * Bertl but, a perfect hash is very hard to create, so you typically have a number of results (the hlist entries) for each hash chain 1137431278 A * harry thinks there might be some format string bugs in the software... 1137431287 M * harry i should check it out some more... 1137431295 M * Bertl harry: please do so! 1137431296 Q * coocoon Quit: KVIrc 3.2.0 'Realia' 1137431298 M * harry WRITE_STR(2, argv[0]); 1137431322 M * harry which is a define, which is .... which is.. if (write(fd,buf,len)==-1) { /**/ } 1137431323 M * Hollow Bertl: the perfect hash has to be preallocated for all 65533 xids right? 1137431331 M * Hollow harry: wrapper fun :) 1137431340 M * harry Hollow: uhu :) 1137431347 M * Bertl Hollow: so what you are trying to do is get a good balance between how many entries per chain and how many chains there are 1137431348 M * Hollow welcome to util-vserver :) 1137431351 M * harry search for that... wrapper for... where is that :) 1137431381 M * Bertl I once decided that 10 search steps are a maximum, so 10*13 means 130 contexts 1137431387 M * Hollow Bertl: ok, because without chains you would have to lookup 65533 entries (in the worst case) to find the entry..? 1137431408 M * Bertl yes, and that would defeat the purpose of a hash 1137431416 M * Hollow ok, thanks again 1137431430 M * Bertl a hash with a hash function which is constant is called list 1137431447 M * Bertl now why 13 not 16? 1137431485 M * Bertl well, if you do hash functions, you try to distribute the values as even as possible 1137431498 M * hue Bertl: I'm trying the NGNET following wiki NGNET-Testing-HOWTO, but I find it's old, right? 1137431535 M * Bertl hue: yes, it's a little outdated, but the tests should still work, there is a newer walk-trough in the IRC logs 1137431565 M * Bertl hue: but it's proof of concept, so don't expect anything useable by now 1137431587 P * undefined 1137431591 M * hue Bertl: get this error --> chbind: vc_set_ipv4root(): Function not implemented 1137431592 M * Bertl Hollow: and prime numbers are always a good way to get 'more even' distribution 1137431613 M * Hollow Bertl: without the prime it wouldn't even possible to create all 65533 contexts, right? 1137431616 M * Bertl hue: what are you trying to do? 1137431639 M * Bertl Hollow: no, it would work if you used two chains too or 10 1137431727 M * Hollow so, the chains can differ in size? 1137431762 M * tudenbart does somebody know which program i could use to get something into a unix domain socket? like netcat? 1137431766 M * Hollow s/can/are allowed/ ;) 1137431787 M * Bertl Hollow: of course, and they will, usually you try to make them 'similar' in size with the hash function 1137431791 M * hue Bertl: I want to setup a host server hosting several vservers which each can run full functions 1137431810 M * Bertl hue: full functions mean? 1137431815 M * Hollow Bertl: ah, ok, now i also understand the equal distribution with primes.. 1137431816 M * harry aaaaaaanyway, /me is off now 1137431825 M * harry cya'll later 1137431845 M * hue Bertl: each vserver can run ftp server, http server and so on. 1137431859 M * Bertl Hollow: the higher the number of chains, the shorter the amount of time to find an entry, but the more memory is used 1137431871 M * Hollow for the malloced heads.. 1137431893 M * meandtheshell Hollow: hi - there's a pretty good info here http://en.wikipedia.org/wiki/Hash_table <--- chaining 1137431896 M * Bertl Hollow: with the increased performance of servers, we might consider raising the number of chains sooner or later 1137431927 M * Hollow meandtheshell: tbh, Bertl is better than every wikipedia entry :P 1137431939 M * meandtheshell Hollow: hehe 1137431940 M * Bertl hue: okay, you do not need ngnet for that, and as a matter of fact, it's simpler for you to not use it 1137431945 M * Hollow at least to make it understandable for me ;) 1137431982 M * Bertl hue: you should enable legacy networking in your kernel and the message above will go away (make also sure to enable dynamic context ids for now) 1137431994 M * meandtheshell Hollow: well I think it's important to understand that chaining is just one solution of collision avoiding 1137432036 M * Bertl Hollow: thanks, more interactive, yes, better ... 1137432085 M * Hollow :) 1137432103 M * Hollow well, i can't ask wikipedia if i miss something ;) 1137432105 M * hue Bertl: another requirement is the isolate each vserver, say, vserver should not see others content, even the host's device info 1137432119 M * hue s/the/to 1137432128 M * Bertl hue: that's fine ... 1137432176 M * Bertl the only thing ngnet will give you (in the future, not now) is a way to manipulate your routing and network interfaces from _inside_ a guest 1137432194 M * Bertl which is not really required for isolation 1137432204 Q * Viper0482 Remote host closed the connection 1137432245 M * hue Bertl: you mean I do not need the ngnet right now for my requirement? 1137432261 M * Bertl hue: that's what I'm trying to communicate :) 1137432285 M * hue Bertl: thank you. I'll try... 1137432318 M * hue Bertl: still I'm interested in the new ngnet ;-) 1137432388 M * Bertl hue: sure, but you must not expect it to be usable in a server/production environment 1137432390 J * Viper0482 ~Viper0482@p54976368.dip.t-dialin.net 1137432450 M * Bertl hue: and it is very likely to change significantly in the next few week 1137432475 M * bonbons Bertl: and ngnet will make IPv6 possible on guest :) 1137432488 M * Bertl meandtheshell: btw, wikipedia is really an excellent source for information, the new google scholar search too :) 1137432506 M * Bertl bonbons: this and much more ... 1137432524 J * Smutje ~Smutje@xdsl-87-78-1-22.netcologne.de 1137432531 M * hue Bertl: great, thanks again. 1137432541 A * meandtheshell goes looking what "google scholar is" ;) 1137432604 M * Bertl (might not help, but something like google music :) 1137432620 M * bonbons Bertl: the questions I see for ngnet is more how will it be "connected" to "network", this also mostly defines what can be done with it 1137432669 Q * Smutje_ Ping timeout: 480 seconds 1137432677 M * Bertl bonbons: that's simple, the ngnet virtual networking devices will work like a tunnel from inside a guest to a coresponding interface on the host (or a different guest) 1137432705 M * Bertl you can then connect them via routing or bridging or whatever you like 1137432910 M * bonbons Bertl: will be fun to try out once it's sufficiently ready :) 1137432989 M * meandtheshell Bertl: google scholar looks nice - but is it the big hammer thing? hm ... hard to say (I need to play bit more with it) 1137433012 M * Bertl meandtheshell: it's nice, not more not less :) 1137433023 M * Bertl okay, off for dinner now .. back shortly ... 1137433034 M * meandtheshell Bertl: yeah seem so ... cu later 1137433223 Q * Viper0482 Remote host closed the connection 1137433918 J * lonewolff ~lonewolff@host-84-9-143-159.bulldogdsl.com 1137434188 M * Bertl back now ... 1137434207 M * emp what is the format of the vserver fstab config file? I'm trying to mount /backup from the host as /backup on the client 1137434243 M * emp /backup /etc/vservers/test/vdir/backup auto rbind 0 0 1137434244 M * bonbons emp: quite normal format, target is in guest's root, source is in host's root 1137434283 M * Bertl emp: so you want /backup /backup 1137434284 M * bonbons emp: "/backup /backup bind bind 0 0" should do it 1137434287 M * emp ahhh ok 1137434299 M * emp thanks 1137435083 J * Viper0482 ~Viper0482@p54976368.dip.t-dialin.net 1137435367 M * Bertl wb Viper0482! 1137435645 J * dothebart ~willi@xdsl-213-196-252-174.netcologne.de 1137435786 Q * tudenbart Read error: Connection reset by peer 1137435925 M * Bertl wb dothebart! 1137436088 Q * Viper0482 Remote host closed the connection 1137436173 M * dothebart re ;) 1137436290 J * undefined ~undefined@adsl-68-93-109-94.dsl.rcsntx.swbell.net 1137436325 M * Bertl welcome undefined! 1137436335 M * undefined howdy Bertl 1137436342 J * Viper0482 ~Viper0482@p54976368.dip.t-dialin.net 1137436652 N * hue hue|zzZ 1137436669 M * meandtheshell wow a draft for GPLv3 has been released - didn't know that until a few minutes http://gplv3.fsf.org/ 1137436782 N * oliwel oliwel[away] 1137436809 M * Bertl yeah, last week IIRC 1137436996 Q * Doener Ping timeout: 480 seconds 1137437030 J * Doener doener@i5387EAD5.versanet.de 1137437209 M * mnmr any gentoo users here with a local copy of the java overlay from gentooexperimental.org? their site seems to be down :/ 1137437473 M * michal` hey guys, smile for the screenshoot! ~[3~:] 1137437639 M * Bertl :) 1137437664 M * Bertl michal`: you are knowledgable regarding PAX, right? 1137437680 M * michal` yeah 1137437689 M * michal` mayby i am not an expert but quite 1137437697 M * Bertl I need a few hint from you ... 1137437701 M * Bertl *hints 1137437709 A * michal` waits for questions 1137437718 M * Bertl I heard that PAX does dirty tricks with page protection, right? 1137437757 M * michal` yes, but in fact it is how it should look like 1137437771 M * michal` not having support from kernel and hardware it has to do sometimes dirty things 1137437800 M * Bertl okay, I would like to play dirty tricks on the page protection too, could you point me to the relevant code? 1137437887 M * Bertl especially I'd like to 'protect' a page against everything, so that any access will cause a page fault 1137437896 M * michal` http://pax.grsecurity.net/docs/mprotect.txt <- the main document about page protection, along with the rest found there and... 1137437909 A * Bertl is looking ... 1137437917 M * michal` there are code fragments along wit coments 1137437954 M * michal` http://pax.grsecurity.net/docs/pageexec.txt <- here are the tircks about making page faul and the like 1137438003 M * mnmr someone should make a kernel patched with a combination of vserver and grsecurity where one can selectively disable grsecurity for a single guest.. (so you can still use mono/java, which is a pain otherwise) 1137438233 M * michal` atlantis.hell.pl/~albeiro/2006-01-16-195311_1280x854_scrot.png funny but good looking and nice to work at 1137438294 M * Bertl michal`: and what about non x86 archs? 1137438307 M * michal` wel, there are problems sometimes 1137438336 M * michal` pax is in fact working on x86 (and this techniques), too slow for use on sparc, and ppc 1137438353 M * michal` other archs are hopeless 1137438367 M * michal` on x86 everything is great 1137438368 M * michal` but 1137438373 M * michal` it is pax releated only 1137438378 M * michal` so you should not have problems in fact 1137438382 M * Bertl but the page protection thingy should work on all mmu-able archs, no? 1137438390 M * michal` yes, it will 1137438402 M * Bertl okay, great! 1137438417 M * michal` what are you going to code ? 1137438491 M * Bertl just investigating options for now .. but I'm toying with the idea to realize virtual swap pages 1137438527 M * michal` that's interesting idea... 1137438560 M * Bertl yeah, basically make the page unaccessable, and mark it as 'virtually swapped out' 1137438579 M * michal` per vserver swap ? i can see it somehow (duno about performance) 1137438596 M * Bertl then on page_fault, penalize the context, and make the page accessable again 1137438615 M * Bertl of course, if real swapout is required, those pages would be good candidates 1137438773 M * michal` what are the reasons you are thinking about it ? 1137438833 M * Bertl well, the thing is, we want swap per context, but 'just' swapping pages out would lead to trashing soon 1137438853 M * Bertl while the host memory would be mostly empty ... 1137438895 M * Bertl so, we need to allow for inexpensive swaps, which can be associated with a context 1137438991 M * michal` why would it lead to this behaviour ? (i am not enough into linux virtual memory managment ) 1137439017 P * undefined 1137439019 M * Bertl just consider 10 guests limited to 64MB ram, on a 2GB machine 1137439043 M * Bertl if they use, let's say 80MB of memory .. 1137439062 M * michal` got it now ;] 1137439181 M * Bertl is there a PAX patch for 2.6.15 available? 1137439195 M * Bertl or at least the relevant protection stuff? 1137439236 M * michal` if there are some unofficial releases they are always here... 1137439237 M * michal` www.grsecurity.net/~paxguy1 1137439245 M * michal` that's top secret location 1137439247 M * michal` ;] 1137439265 M * michal` nothing for 2.6.15 yet 1137439275 M * michal` i gues he needs a time to adopt to the changes 1137439288 M * Bertl k, well, probably the 2.6.14 will work for that part too 1137439308 M * michal` sure, that's just some generic idea 1137439393 M * michal` hm, could you gimme a hint, where could i put code that would mark all newly created kernel threads ? 1137439422 M * michal` we are assigning them role and a type, making them possible to be hidden if one likes to 1137439426 M * Bertl actually I added a tagging for kernel threads recently, so that should be quite easy ... 1137439460 M * michal` all MAC projects and virtualisation are sharing some common ideas anway ;] 1137439526 M * Bertl give me a few minutes to dig that patch out 1137439533 M * michal` :) 1137440009 M * Bertl http://www.13thfloor.at/vserver/d_rel26/v2.1.0/split-2.6.14.4-vs2.1.0/38_2.6.14.4_kthread.diff.hl 1137440022 M * Bertl this adds the CLONE_KTHREAD marker 1137440056 M * Bertl so basically wherever this is added, you might want to place your code 1137440070 M * Bertl (or use a similar marker, and then check for that central) 1137440094 M * michal` i see. thx ! :) 1137440117 M * michal` that's what i have been wondering about -t if it is necesary to add it per arch 1137440117 M * michal` and 1137440124 M * michal` that's the confirmation 1137440136 M * Bertl feel free to re-use the code as is ... 1137440224 M * Bertl (well, that's a matter of course, but I wanted to make it explicit) 1137440249 M * michal` sometimes better to say something twice ;] 1137440479 M * Bertl michal`: what does CONFIG_PAX_EMUPLT configure? 1137440633 M * Bertl hmm, does PAX include some PAE patches/extensions? 1137440661 M * michal` it detects and emulates the plt entries in elf files, because on some archs they are in writable memory and pax makes them non-executable (leading to not working application) 1137440688 M * Bertl PLT being? 1137440695 M * michal` procedure linkage table 1137440700 M * Bertl ah, k 1137440723 M * michal` there were a huge move to fix it in compilator and applications (because it is in fact application bug) 1137440734 M * michal` so not so many applications like this is gentoo ;] 1137440792 M * michal` it is mandatory on ppc 32/64 bit,sparc 32/64 parics, mayby more 1137440808 M * michal` luckily not your usage 1137440883 M * Bertl ah, do I get it right that there are archs (not x86 though) where I would have to flush the TLBs once I made a page unaccessible? 1137440980 M * Bertl hmm, the PAX code seems to contain explicit inline assembler code to do that on i586 ... shouldn't that be already implemented somewhere in the kernel? 1137441026 M * Bertl (especially as it is arch dependant) 1137441306 Q * emp Ping timeout: 480 seconds 1137441316 M * michal` yes, on some arch you need to explict flush TLB 1137441351 M * michal` otherwise it could be not taken into account (like, TLB is a cache which won't have the current state than) 1137441373 M * michal` duno why they are coding it on they own thought 1137441508 M * Bertl also it seems to me that the page fault handler per arch is a little overkill, or is it that performance critical? 1137441620 M * michal` it is performance critical, because it is very frequently called 1137441676 M * Bertl hmm, maybe I did not understand the mechanisms yet, but does PAX change the page protection on-the-fly? 1137441734 J * liquid3649_ ~Viper0482@p549753CC.dip.t-dialin.net 1137441739 P * mnmr 1137441762 Q * liquid3649_ Quit: 1137441821 M * michal` hm, that's something i cannot tell for sure, i think it is not... 1137441836 M * michal` or wait, it might be 1137441838 M * michal` sometimes 1137441867 M * Bertl I think the page_fault case should be the error-path, no? 1137441885 M * Bertl i.e. somebody did something bad, and it should be reoported 1137441925 J * liquid3649_ ~Viper0482@p549753CC.dip.t-dialin.net 1137442174 Q * Viper0482 Ping timeout: 480 seconds 1137442526 M * michal` that's more complicated - pax marks pages so that fetching them causes page fault exception, and catches it, so that page fault handler can decide if it was an data or instruction fetch attemp 1137442554 M * michal` so instruction fetch attepmp from data space won't succeed 1137442586 M * michal` i mean - it only marks data pages so 1137442602 M * Bertl hmm, hmm, isn't there a separate protection for execution? 1137442644 M * michal` that's how the protection looks like - in cpus where you do not have executable bit you need to realise it somehow 1137442690 M * Bertl ah, but x86 (since 586) should have that, no? 1137442717 M * Bertl or did I miss that and it's only there for the 64bit emt/amd 1137442721 M * michal` no, executable bit is present only from newest P4 and amd 1137442732 M * michal` yes, that newest 1137442734 M * Bertl ah, okay, that explains it ... 1137442735 M * michal` and pax uses it 1137442749 M * michal` now you see why it is performance critical 1137442775 M * michal` and why on x86 another way of protection is advised (segmexec) 1137442842 M * Bertl yeah, that makes it pretty clear ... 1137443425 J * Thorsten ~Thorsten@dslb-084-058-188-074.pools.arcor-ip.net 1137443469 M * Bertl welcome Thorsten! 1137443482 M * Thorsten Hi Bertl! 1137443533 A * Thorsten wonders if he should upgrade his 2.6 kernel. 1137443550 M * Bertl from what to what? 1137443580 M * Thorsten 2.6.12.4-vs2.0 to - mmmm - don't know 1137443588 M * Thorsten 2.6.15.1? 1137443594 M * Thorsten Or is this too new? 1137443636 M * Bertl well, it is newer than, let's say 2.6.14.6 1137443662 M * Bertl definitely 2.6.14 + vs2.01 seems well tested by now 1137443699 M * Thorsten ok, then I'll try this one 1137443864 M * Bertl you might even consider adding a few fixes for 2.0.2 1137443886 M * Bertl http://vserver.13thfloor.at/Devel/PAT-2.0.2/ 1137443938 Q * meandtheshell Quit: a brave heart left ... 1137443970 J * shedi ~siggi@inferno.lhi.is 1137443981 M * Bertl welcome shedi! 1137443982 M * Thorsten So I need to get http://www.13thfloor.at/vserver/d_rel26/v2.1.0/patch-2.6.14.4-vs2.1.0.diff and those extra patches? 1137443996 M * shedi hello Bertl 1137444006 M * Bertl that's the devel patch, I'd go for the stable if you are concerned about stability 1137444039 M * Thorsten This one http://www.13thfloor.at/vserver/s_rel26/v2.01/patch-2.6.14.3-vs2.01.diff? 1137444051 M * Bertl yep, that's the stable release 1137444086 M * Thorsten By the way I'm very content with the vserver stability, never had any problems with it :-) 1137444381 M * Bertl that's the way it's supposed to be ... 1137444388 M * Thorsten :-) 1137444434 M * Bertl did you consider (or maybe you already have) adding yourself to the Happy Users and/or Providers page? 1137444534 M * Thorsten OK, I'll add myself when I wait for the kernel to compile 1137444772 M * Roey hi 1137444773 M * Roey Bertl 1137444774 M * Roey Thorsten 1137444778 M * Roey listen, I really need help here. 1137444792 M * Bertl and usually you get it, no? 1137444795 M * Roey I really need to get bind9 running with vserver. I put the following: 1137444802 M * Roey Bertl: you're the greatest 1137444812 M * Bertl did you check the FAQ pages (regarding bind)? 1137444825 M * Roey in /etc/vserver/cyclops.conf, I put in that S_... line 1137444842 M * Roey in /etc/vserver/cyclops/capabilities I put in SYS_CAP_REOSURCES 1137444844 M * Roey or something liek that. 1137444850 M * Roey I start the server 1137444860 M * Roey but still bind9 complains about caps upon startup 1137444864 M * Roey like, what's up here. 1137444866 J * undefined ~undefined@adsl-68-93-109-94.dsl.rcsntx.swbell.net 1137444956 M * Roey S_CAPS="CAP_SYS_RESOURCE" 1137444965 M * Roey Bertl: I put that in /etc/vservers/cyclops.conf 1137444968 J * mcp ~hightower@wolk-project.de 1137444994 M * Thorsten Roey, I have /etc/vservers/myvserver/bcapabilities 1137444994 M * Thorsten CAP_SYS_RESOURCE 1137445001 M * Roey Bertl: and then I put into /etc/vservers/cyclops/capabilities: 1137445001 M * Roey CAP_SYS_RESOURCE 1137445001 M * Bertl Roey: what you describe is legacy config, and not really supported anylonger 1137445005 M * Roey or should it be bcapabilities. 1137445014 M * Roey Thorsten: erg, wrong file name I used. 1137445015 M * Roey one sec. 1137445098 M * Thorsten And that does work with bind9 (and is hopefully not legacy config?) 1137445123 M * Bertl Thorsten: no, that's fine 1137445129 M * Thorsten Puh! :-) 1137445168 M * Bertl although we do still not know if it is perfectly safe 1137445478 M * Thorsten Bertl, do I really need those extra patches? linux-2.6.14.6/# patch -p1 < /tmp/delta-here-fix01.diff 1137445478 M * Thorsten patching file include/linux/vserver/debug.h 1137445478 M * Thorsten Hunk #1 FAILED at 142. 1137445478 M * Thorsten Hunk #2 FAILED at 153. 1137445478 M * Thorsten 2 out of 2 hunks FAILED -- saving rejects to file include/linux/vserver/debug.h.rej 1137445578 M * Bertl you can retry that one with -l or simply skip it 1137445620 M * Bertl it's only relevant for debugging 1137445632 M * Thorsten ok, -l does not help I'll skip it 1137445699 M * daniel_hozac hmm, i had no problems with the here delta. 1137445820 M * Thorsten 5b31cc14a1158e5446dca3ad8fed2a53 include/linux/vserver/debug.h.orig 1137446052 M * Roey Bertl: ok it worked. 1137446158 J * Aiken ~james@tooax6-080.dialup.optusnet.com.au 1137446177 M * Bertl welcome Aiken! 1137446190 M * Aiken good morning 1137446218 M * Aiken are Hollow's tools far enough advanced to use instead of util-verver? 1137446246 M * Aiken I tried vserver utils last night, I could start a guest but no networking and I think I had trouble entering it 1137446299 M * Hollow no. 1137446300 M * derjohn Aiken, I cannot imagine that a problem of the utils ... 1137446326 M * derjohn Hollow, Tiefstapler? Or really? 1137446333 M * Hollow really ;) 1137446353 M * Aiken derjohn the guest work fine using util-vserver but was having trouble with vserver-utils 1137446403 M * derjohn Aiken, then I would recommend to use util-vserver :) 1137446431 M * Aiken which is what I use 1137446443 M * Aiken but I wanted to see what the other tools were like 1137446454 M * derjohn Aiken, and File a Bug for vserver-utils (is that the name of Hollow's stuff ?) 1137446493 M * Hollow Aiken: which problems did you encounter with vserver-utils? 1137446509 M * derjohn ah that means: yes := 1137446510 M * derjohn ) 1137446530 M * Aiken I'll reinstall them 1137446578 Q * liquid3649_ Quit: bin raus, 1137447738 M * Bertl mnemoc: is the T2 dietlibc tested on hppa? 1137448011 Q * bonbons Quit: Leaving 1137448017 M * mnemoc Bertl: i doubt 1137448029 M * mnemoc Bertl: noone i know has hppa hardware 1137448056 A * daniel_hozac pats the 712/80 sitting under his desk. 1137448062 M * Aiken Hollow I am not getting as fas as last night, all I am getting now is error: start: vserver 'avon' already running 1137448083 A * derjohn has a 715/50 'scorpio' (running openstep AFAIR) 1137448091 M * Hollow Aiken: seems like the context still exists 1137448136 M * Aiken a lock file for vserver-utils? 1137448149 M * Aiken util-vserver showed no guests running before I changed tools 1137448156 M * Thorsten Bertl, /me ist now a documented happy user :-) http://linux-vserver.org/VServer+Users 1137448157 M * Bertl mnemoc: just because it is explicitely mentioned on the project page 1137448183 M * Thorsten We'll see if that changes when I'll reboot ;-) 1137448285 M * Bertl mnemoc: I have an hppa too :) 1137448299 M * mnemoc Bertl: oh, if it is someone does.... i'll ask 1137448306 M * Hollow Aiken: hm, all it does is look for VX_XID in /proc/virtual 1137448327 M * Bertl mnemoc: http://www.t2-project.org/packages/dietlibc.html 1137448341 M * Bertl mnemoc: seems rene is maintaining it 1137448360 M * mnemoc http://www.t2-project.org/platforms.html 1137448372 M * mnemoc yes, rene maintain dietlibc package, and i break it :p 1137448384 M * mnemoc he is sleeping by now, i'll ask him tomorrow 1137448460 J * prae ~benjamin@sherpadown.net 1137448497 M * Aiken Hollow Failed to set network context flags: No such process 1137448505 M * Aiken that is one error I was getting last night 1137448525 M * Bertl mnemoc: okay, because the first issue I see with the T2 version is that it doesn't even get the arch right :) 1137448537 M * mnemoc Bertl: :p 1137448551 M * Bertl i.e. it assumes parisc and parisc64 but it should (at least also) check for hppa and hppa64 1137448565 M * mnemoc Bertl: ack 1137448566 M * Aiken and Failed to create networkcontext: Function not implemented 1137448567 M * Bertl aside from that I get a bunch of: 1137448579 M * Bertl x -R .comment -R .note bin-parisc/__parse_ws.o 1137448580 M * Bertl make: x: Command not found 1137448582 M * mnemoc Bertl: are you using t2's trunk? 1137448598 M * Bertl mnemoc: I applied all the *.patch-es 1137448614 M * mnemoc ah, ok 1137448707 M * Bertl the final link fails with: 1137448709 M * Bertl : undefined reference to `__canonicalize_funcptr_for_compare' 1137448741 M * jsaw the "hppa" not should be corrected. It is, iirc, from rocklinux times 1137448745 M * jsaw note 1137448753 M * mnemoc i'm a bit worried about fefe's absence 1137448784 M * Bertl jsaw: hmm? please elaborate! 1137448791 M * mnemoc hi jsaw 1137448796 M * jsaw hi mnemoc, Bertl 1137448804 M * jsaw Bertl: The T2 hppa support 1137448806 M * mnemoc jsaw: just remove from .desc? 1137448852 M * jsaw Bertl: it comes from old ROCK-Linux times when we forked off of it 1137448852 M * Hollow Aiken: sorry, my keyboard battery was gone ;) 1137448869 M * Hollow Aiken: which version of the vserver patch? 1137448871 M * jsaw Bertl: but now that we have you,... we can go on supporting hppa ;) 1137448880 M * mnemoc *G* 1137448887 M * jsaw hehe 1137448888 M * Aiken 2.6.15-vs2.1.0.1 1137448909 M * Aiken and just trying it on a machine running 2.6.14-vs2.1.0-rc6 1137448922 M * Hollow you'll need 2.1.0.4 because vserver-utils need persistant network contexts 1137449015 M * jsaw mnemoc: we have to correct it. Maybe we're lucky and rxr has some hppa somewhere... or at least we have to be more cautious 1137449076 M * mnemoc rene is master-weird-hardware 1137449083 M * jsaw mnemoc: btw, I have the vserver now running with your mnemosyne, runit is pretty much fine with vs2.0 (there's no problem that it gets KILLed after system halt) 1137449095 M * jsaw eh I mean I have the guest running 1137449097 M * Aiken Hollow and option needed to be set in .config or just upgrade from 2.1.0.1 to 2.1.04? 1137449101 M * mnemoc no need to patch for rkill? 1137449111 M * jsaw nope 1137449115 M * mnemoc starts and stops fine? great! 1137449137 M * jsaw only change ctrlaltdel to +x stopit only 1137449143 M * Hollow Aiken: no changes needed 1137449209 M * Aiken building a new kenel for one of the machines now 1137449259 M * Aiken will that also help with http://pastebin.com/508842 1137449323 M * mnemoc Bertl: there is any way to kill/stop a context where a kernel module oopsed? 1137449360 M * Bertl kernel modules do not oops inside a context, no? 1137449386 M * Bertl but you mean, a guest process is hanging in d state now, right? 1137449426 M * mnemoc Bertl: i had that problem using unionfs 1137449447 M * Bertl lol 1137449456 M * mnemoc Bertl: i mounted guest's root once inside the context 1137449486 M * mnemoc Bertl: and twice a week the damn module oopsed 1137449505 M * mnemoc Bertl: other contexts continue living normally 1137449519 M * mnemoc Bertl: but the oopsed context get frozen 1137449544 M * Bertl yes, as long as the process is in D state, there is no chance to get rid of the context 1137449755 J * skycode ~skycode@27-212.240.81.adsl.skynet.be 1137449892 M * Bertl welcome skycode! 1137450029 M * skycode hi folks back from the WE 1137450142 Q * prae Quit: Pwet 1137450265 M * skycode I read trough the docs during the WE 1137450277 M * skycode At least did a tour of it 1137450336 M * Bertl excellent! 1137451003 M * skycode Do you have any guidelines regarding the docs ? 1137451028 M * skycode anything that should be done first ? 1137451376 M * Bertl well, we should think about a migration to mediawiki 1137451404 M * Bertl as far as I checked it out yet, it should do all we currently have plus a little more 1137451440 M * skycode we use it internaly quite extensively 1137451447 M * skycode and it's really nce 1137451454 M * skycode nice 1137451467 M * Bertl yes, so it might be worth a try, no? 1137451474 M * skycode yes sure 1137451518 M * Bertl regarding documentation in gereal I think it should be reasonably structured and moderately short (i.e. not too much info per page) 1137451533 M * skycode I could set up a test mediwiki on one of our server and give it try ligrating some FAQs 1137451551 M * skycode If it turn out to be ok, we can go on with the entire docs 1137451584 M * skycode the actual doc is maintained by a single person mainly or is it mainly community-driven ? 1137451587 J * tgunkel_ ~Thorsten@dslb-084-058-160-020.pools.arcor-ip.net 1137451592 M * Bertl that would be great! btw, do you know how 'hard' it is to migrate mediawiki data from one media wiki installation to the other? 1137451634 M * skycode as hard as a mysqldump and copying a config.php or so :-) 1137451649 M * michal` Bertl: how does kernel threads marking works on ppc - i mean, there is just some DEFINE and that's all ? 1137451657 M * Bertl skycode: largely depends, some sections are 'maintained' by myself, others are community-driven ... 1137451682 M * Bertl michal`: ppc or powerpc? 1137451684 Q * Thorsten Ping timeout: 480 seconds 1137451705 M * skycode Bertl : ok, I'll give mediawiki a go tomorrw evening and I'll come back to you 1137451724 M * Bertl skycode: great! TIA! 1137451740 M * skycode Bertl : No worries 1137451749 M * skycode I'm off to bed folks 1137451753 M * skycode gnite 1137451762 M * Bertl night skycode! 1137451771 M * Bertl michal`: ah, I see what you mean ... 1137452057 M * michal` yep 1137452058 M * Bertl michal`: arch/ppc/kernel/misc.S 1137452062 M * Bertl oris r3,r3,(CLONE_UNTRACED|CLONE_KTHREAD)>>16 1137452093 M * michal` yeah, that's what i've been looking for ^^ 1137452095 M * Bertl but powerpc is not covered yet 1137452135 M * Bertl interesting part is it seems not to be in this patch 1137452142 M * michal` yeah 1137452149 M * michal` too much yeah ;p 1137452155 M * daniel_hozac powerpc == ppc64? 1137452169 M * Bertl yep, since 2.6.15, powerpc is ppc64 1137452182 M * michal` powerpc == merged ppc + ppc64 in the next release ? 1137452209 M * Bertl might happen, but I'm not convinced yet :) 1137452301 M * Bertl michal`: the change ended up in the following split: 1137452327 M * Bertl http://www.13thfloor.at/vserver/d_rel26/v2.1.0/split-2.6.14.4-vs2.1.0/04_2.6.14.4_syscall.diff.hl 1137452335 M * Bertl (which was accidential :) 1137452347 M * michal` k :) 1137452393 M * michal` i love that .diff/.diff.hl / some more stuff ^^ 1137452413 M * michal` web broser gets colorised version, wget gets diff 1137452415 M * michal` great :) 1137452513 M * Bertl well, that's something I did a while ago so that I do not have to bother about it :) 1137452574 M * Bertl the patches are stored as .diff.bz2, but you can also get them as .gz or raw or the md5sum with .md5 1137452594 M * Bertl (or all combinations which make sense) 1137452671 M * michal` ^^ 1137452745 M * daniel_hozac FYI: i fixed some backward compability issues with my util-vserver patch, and added the new one to the same report (patch #4799) 1137452836 Q * skycode Remote host closed the connection 1137453013 M * michal` Bertl: not all threads seem to be marked 1137453042 M * michal` pccardd, khbsbpkt, knodemgrd_0 are not 1137453083 M * Bertl never said it was complete yet, and of course, patches are welcome :) 1137453114 M * michal` i wonder what can it be - they need to be marked explictly ? 1137453116 M * Bertl (if you decide to use a different technique, please let me know of the missing parts) 1137453171 M * Bertl michal`: ah, you are saying, you 'observed' that they are not marked on a running system, right? 1137453208 M * michal` well, basicaly what we also have is marking in kthread_create() in kernel/thread.c that's all 1137453216 M * michal` yes, those threads are not marked 1137453258 M * michal` i have called rsbac function in fork.c in place of your vserver check that have assiged type to all kthreads but not those 1137453272 M * michal` and also printk() so i would know what is beeing created 1137453297 M * tgunkel_ Has anyone here expireneces with running asterisk inside a vserver? It does work, however I can't acces ISDN. I created the dev with mknod from outside the vserver but in the asterisk log I've found: Jan 17 00:03:04 WARNING[18367]: Unable to open '/dev/ttyI0' 1137453297 M * tgunkel_ Jan 17 00:03:04 ERROR[18367]: Unable to register channel '/dev/ttyI0' 1137453297 M * tgunkel_ Jan 17 00:03:04 WARNING[18367]: chan_modem.so: load_module failed, returning -1 1137453297 M * tgunkel_ Jan 17 00:03:04 WARNING[18367]: Loading module chan_modem.so failed! 1137453347 N * tgunkel_ ThorstenG 1137453349 M * Bertl tgunkel_: maybe strace -fF gives some hints? 1137453600 M * michal` what's interesting, pccardd gets created by calling kernel_thread () so it should be marked... 1137453625 M * Bertl you did add marking in kernel/kthread.c? 1137453643 M * michal` yes, that was an old one, have just commedted it out 1137453649 M * michal` because it changes nothing 1137453656 M * michal` ret = kernel_thread(pccardd, socket, CLONE_KERNEL|CLONE_KTHREAD); 1137453657 M * Bertl okay, was hoping so 1137453658 M * michal` will see now 1137453662 M * ThorstenG I guess this is the interessting point? [pid 23608] fstat64(1, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 3), ...}) = 0 1137453663 M * ThorstenG [pid 23608] ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbf92c728) = -1 ENOTTY (Inappropriate ioctl for device) 1137453663 M * ThorstenG [pid 23608] mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7a1b000 1137453663 M * ThorstenG [pid 23608] write(1, "Jan 17 00:18:42 WARNING[23608]: "..., 62) = 62 1137453663 M * ThorstenG [pid 23608] write(1, "Modem reset failed: (No Response"..., 34) = 34 1137453674 M * ThorstenG Why makedev? 1137453703 M * Bertl that's just a way of strace to tell you which device 1137453714 M * Bertl i.e. means major=1 minor=3 1137453717 M * ThorstenG 1,3 would be ram3? 1137453731 M * Bertl or the other way round :) 1137453738 M * ThorstenG ttyp1? 1137453795 M * Bertl no, actually the first one is the major 1137453824 M * Bertl crw-rw-rw- 1 root root 1, 3 Jan 16 17:33 /dev/null 1137453891 M * ThorstenG But the vserver has /dev/null, that can't the problem? 1137453961 M * Bertl well, I didn't say that /dev/null is the problem ... 1137453981 M * Bertl could you upload the output of 'ls -la /dev' to pastebin.com? 1137454015 M * ThorstenG Sure, but I have another try before that? 1137454016 M * ThorstenG [pid 23608] open("/dev/ttyI0", O_RDWR|O_NONBLOCK) = 7 1137454017 M * ThorstenG ... 1137454022 M * ThorstenG [pid 23608] _llseek(7, 0, 0xbf92ec2c, SEEK_CUR) = -1 ESPIPE (Illegal seek) 1137454027 M * ThorstenG Does that sound better? 1137454073 M * Bertl ould be, but ESPIPE would point to userspace 1137454098 M * Bertl or a problem in the driver ... 1137454112 Q * Aiken Quit: Leaving 1137454123 M * ThorstenG I don't know if it's even possible to access the ISDN stuff just by the device? 1137454135 M * ThorstenG I'll upload ... 1137454190 M * michal` hm, not helped any 1137454238 M * Bertl michal`: thought so ... 1137454255 M * michal` (standard input):kernel thread modprobe created with pid 2484 1137454262 M * michal` so, modprobe starts it 1137454286 M * michal` because pccardd has pid 2484 right now 1137454308 M * michal` Bertl: please share your asumptions 1137454325 M * Bertl stupid question: did you compile/install your modules? 1137454348 M * Bertl (I mean, after the changes) 1137454354 M * michal` yeah (i have a script that does it all in one go and could see messages from them) 1137454407 M * ThorstenG Bertl, http://pastebin.com/509008 (if you're interessed in it. Otherwise I'll just run it on the host system) 1137454413 M * Bertl michal`: in 2.6.15 I see: 1137454422 M * Bertl drivers/pcmcia/cs.c, ret = kernel_thread(pccardd, socket, CLONE_KERNEL); 1137454465 M * michal` have added |CLONE_KTHREAD there but anyway - we are hooking into each and every kernel_thread function 1137454474 J * Aiken ~james@tooax6-080.dialup.optusnet.com.au 1137454502 M * Bertl michal`: yes, what I mean, it should be properly tagged 1137454537 M * michal` beeing sure does not hurt, so i have just removed *.o|ko from drivers/pcmcia, recompiling, reinstalling... 1137454559 M * Bertl ah, hmm, well, CLONE_KERNEL should probably use CLONE_KTHREAD too in include/linux/sched.h 1137454582 M * michal` yes 1137454872 M * michal` if (clone_flags & CLONE_KTHREAD) { 1137454873 M * michal` printk("kernel thread %s created with pid %u\n", p->comm, p->pid); 1137454875 M * michal` rsbac_kthread_notify(p->pid); 1137454878 M * michal` } 1137454964 M * Bertl this is where? 1137455038 M * michal` in kernel/fork.c do_fork(), inside if(!IS_ERR) loop, just after ptrace checks 1137455056 M * michal` (that's a notification anyway) 1137455162 M * Bertl hmm, but the pccardd doesn't call do_fork() no? 1137455218 M * michal` i think no, but isn't kernel_thread calling it ? 1137455219 M * daniel_hozac but kernel_thread does. 1137455219 M * marl can anyone point me to a solution to this? ive started a guest up (debian newly bootstraped) and when i try to use vserver enter i get : mesg: /dev/pts/1: Operation not permitted : so far the only thing ive seen about this is its caused by using su instead of su - , problem is i logged into the host as root over ssh, so i dont see whats causing this one :( 1137455238 M * daniel_hozac marl: that's a known issue. 1137455246 M * michal` i can put more debuging checks in, just tell me where 1137455246 M * daniel_hozac Hollow is on the case ;) 1137455277 M * marl any workaround? cus i cant get into the vserver to set anything up :( 1137455289 M * daniel_hozac marl: that's just a warning. 1137455300 M * daniel_hozac or well, it's an error, but it shouldn't affect anything. 1137455306 M * marl sorry, im a fool :( 1137455313 M * michal` inside kernel_thread there is a call 1137455313 M * michal` li r0,__NR_clone 1137455321 M * michal` so it does call it 1137455323 M * michal` finally 1137455327 M * marl say the warning and didnt notice the change in name on the command line, very sorry :( 1137455890 M * Hollow yeah, currently working on vtd :P 1137455904 M * Bertl mnemoc: btw, the 'x' unknown command issue is a missing $STRIP, which does not happen with the mainline dietlibc 1137455922 A * mnemoc hides :p