1137888139 Q * Thorsten Quit: reboot
1137888604 J * Thorsten ~Thorsten@dslb-084-058-155-064.pools.arcor-ip.net
1137889462 M * Thorsten If anyone is interested, with the new kernel my ftp server seem to work again.
1137890596 T * * http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.1.0.5, 2.0.1.2 | util-vserver-0.30.209 | libvserver-1.0.2 & vserver-utils-1.0.2 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;)
1137890596 T * Hollow -
1137892211 J * entroposcope ~entroposc@user-0c992og.cable.mindspring.com
1137892257 M * daniel_hozac Cru: thought about doing a vps-pam? something to comment all the loginuid lines in /etc/pam.d/*.
1137892308 M * Cru hmm, whats that required for?
1137892391 M * Cru do loginuid lines cause any problems?
1137892411 M * daniel_hozac yes.
1137892419 M * Cru so what? ;)
1137892477 M * Cru I have not determined any problems until now at least for CentOS VPS, but I could make a reconfiguration package
1137892478 M * daniel_hozac it makes at least cron fail ;)
1137892509 M * daniel_hozac (in a CentOS 4 VPS, nonetheless)
1137892654 M * Cru well, crond is running - or has it problems starting certain programs as non-root?
1137892668 M * daniel_hozac it has problems starting programs as non-root.
1137892799 M * Cru okay, i will create such a package for you and you fix the yum .repo as you suggested some days before, okay? ;)
1137892825 M * Cru just adding the gpg foo it was, i think...
1137892854 M * Cru is there anything on German TV atm? ;)
1137892873 M * daniel_hozac http://cvs.hozac.com/viewcvs/*checkout*/util-vserver/fedora-4/util-vserver-0.30.209-cru-vps.patch?root=rpms&rev=1.1 is what i'm using.
1137892919 M * daniel_hozac i wouldn't know, mostly Swedish channels here ;)
1137893220 T * * http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.1.0.5, 2.0.1.2 | util-vserver-0.30.209 | libvserver-1.0.2 & vserver-utils-1.0.2 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;)
1137893220 T * Hollow -
1137893296 M * Cru hmm, what to do with the original files?
1137893337 M * daniel_hozac the cron files?
1137893345 M * daniel_hozac uh, pam.d, i mean.
1137893349 M * Cru there are many possible opportunities, i.e. simply renaming them to .orig and let the user copy them bach
1137893351 M * Cru back
1137893369 M * Cru or moving them to /var/backup/somthing i.e.
1137893386 M * Cru and on uninstallation of vps-pam, restoring the originals
1137893398 M * Cru but that would overwrite the changes done
1137893435 M * Cru or removing the comment sharps on uninstallation from the loginuid lines in all files in /etc/pam.d
1137893451 M * daniel_hozac yeah, i guess that would be easiest.
1137893486 M * Cru but that would affect also files that were not installed when vps-pam was installed
1137893500 M * Cru or I store a list of processed files somewhere...
1137893553 M * daniel_hozac maybe it would just be easier to solve it in the kernel.
1137893561 M * Cru I think it would also be useful to have the script for commenting out the lines (and reverting that) somewhere in the filesystem so the user may re-execute them
1137893574 M * daniel_hozac well, rpm -q --scripts vps-pam
1137893586 M * daniel_hozac (or --triggers, depending on you implement it)
1137893622 M * Cru well, I will do it the easy way for now as I suppose it will be fixed some time... ;)
1137893722 M * daniel_hozac i remember there being some talk on the mailing list, but i can't remember what was said...
1137893953 M * daniel_hozac disable auditing in the kernel, or comment it in the configuration.
1137894314 M * Cru well, I usually disable auditing support, so that might be the reason why I never ran into problems
1137894389 M * Cru okay, rpm is ready, I will try ;)
1137894447 Q * lilalinux Remote host closed the connection
1137894630 M * Cru okay, works well - will be available through the repo in a few minutes
1137894658 Q * Thorsten Quit: Leaving
1137894752 M * Cru repo mirrors are sync now
1137894905 M * Cru uh, typos in the description - it's late in Germany ;)
1137894969 M * daniel_hozac hehe
1137895040 M * Cru i am a bad boy and fixed the typos without rising the release ;)
1137895174 M * Cru thanks for the gpgkey= hint - I just changed that
1137895209 M * daniel_hozac first line too ;)
1137895225 M * Cru eh, checking
1137895258 M * Cru ah, ok
1137895310 M * Cru "cru" for the usual and "cru-vps" for the vps repo(s) is a good choice?
1137895329 M * daniel_hozac yeah, i guess.
1137895409 M * Cru I will copy the centos4-vps tree to fc4-vps seems to be fully compatible though, so you fc4 referring to a centos repo is not that suspect ;)
1137895717 M * Cru also updated "Linux Virtual Servers" to "Linux VServer guests"
1137896043 M * daniel_hozac hehe.
1137896155 M * Cru you may update your FC4 patches to point to http://naturidentisch.de/packages/fc4-vps/ resp. http://mirror.naturidentisch.de/packages/fc4-vps/ if you like
1137896193 M * daniel_hozac ok, thanks.
1137896256 M * daniel_hozac any particular reason why browsing is disallowed on mirror.naturidentisch.de?
1137896291 M * Cru well, it is also on naturidentisch.de
1137896310 M * daniel_hozac yeah, true.
1137896322 M * Cru naturidentisch.de was thought as a temporary solution to host the repo
1137896338 M * jpacheco I LOVE VServer!!!!
1137896345 M * jpacheco sorry guys, just had to get that out
1137896427 M * Cru when I am somewhat free on spare time, I will setup an automatic build environment and packages will be hosted on rpm.wahlich.com - I am planning this for about a year now but still had no time - so I am still using naturidentisch.de ;)
1137896522 M * daniel_hozac Cru: if you want, you could use my infrastructure.
1137896532 M * daniel_hozac already have that setup ;)
1137896536 M * Cru I will try to tell you when that happens, but naturidentisch.de will still redirect and mirror.naturidentisch.de will still exist as this is a 25mbit/s up traffic flat donation
1137896537 M * daniel_hozac (using plague from Fedora Extras)
1137896601 M * Cru hmm, have not used plague until now - I tried dar, but then decided better to build my own one as it looked quite wired... ;)
1137896607 M * daniel_hozac hehe.
1137896617 M * daniel_hozac i used my own up until a week ago or so.
1137896739 M * daniel_hozac plague is a lot nicer though, as my own was just something i threw together because i needed it ASAP, heh.
1137896742 M * Cru $company offers buildhosts for my private projects, so I think I will use them - they like the idea to give something back to the community they profit from (besides giving us paid time to work on that foo)
1137896759 M * daniel_hozac oohh, nice.
1137896793 M * Cru do I need a x86_64 host for such packages or is that cleanly done using cross compilation?
1137896817 M * daniel_hozac x86_64 host.
1137896825 M * daniel_hozac it uses mock to actually build the packages.
1137896857 M * daniel_hozac (mock being a simplified mach, creating chroots to build everything in, etc)
1137896892 M * Cru okay, sounds feasible ;)
1137897041 M * Cru just asked for x86_64 problems because I had weird cross compilation problems on a Via C3 with Centaur-Hauls/Ezra core... ;)
1137897112 Q * mkhl Quit: 
1137897264 M * daniel_hozac i haven't had a chance to try building for any non-x86 architectures as the only ones i have (sparc and hppa) aren't supported by Fedora nor CentOS...
1137897354 M * Cru C3 unfortunately IS i686 "compatible", but not compatible enough to make a cross compile ;)
1137897405 M * daniel_hozac is it?
1137897408 M * Cru there is missing a CPU flag, really causing the kernel not to boot in 2 of 3 times
1137897410 M * daniel_hozac i thought it lacked a few instructions.
1137897449 M * Cru those instructions are inofficially used by gcc, gcc then detects whether the CPU knows them or not
1137897481 M * daniel_hozac might be safer to just go with i586.
1137897500 M * daniel_hozac (that's what my C3s do)
1137897526 M * Cru so I had to either compile i586, causing a perceptible performance loss, or to compile it directly on the C3 machine so gcc can detect
1137897588 M * Cru newer versions know c3 build target/-march so the problem does no longer exist
1137897618 M * Cru building on C3 is no fun, as you may know ;)
1137897679 M * daniel_hozac hehe, yeah. they're not the fastest in the bunch.
1137897771 M * Cru I once tried to build kvirc on a 486SX/2-50 in the mid 90s - when I bought that C3 appliances, reminders came up ;)
1137897795 Q * Johnno Quit: G'bye!
1137897798 M * daniel_hozac haha.
1137897812 J * Johnnie ~jdlewis@24.154.53.16
1137897874 M * Cru ah, forgot to mention the SX2 had NO L2 cache ;)
1137898097 M * daniel_hozac wow, it must've taken ages to do anything.
1137898166 N * Bertl_oO Bertl
1137898171 M * Cru thats why I said "I once tried" ;)
1137898187 M * Cru after about 3h I aborted
1137898248 M * Cru re Bertl
1137898253 M * Bertl hey Cru!
1137898350 M * Cru Bertl: daniel told me about the pam_loginuid.so problem inside vservers when 2.6 kernel auditing is enabled - is that to be fixed soon or is it a more complex problem?
1137898382 M * Bertl well, depends on how you look at it ...
1137898393 M * Bertl IMHO, disabling auditing is a pretty good fix
1137898413 M * Bertl (as you do not want to audit anyway, I think)
1137898433 M * Cru I never enabled it, so I did not run into that problem, but people using distribution kernels may have them
1137898448 M * daniel_hozac i.e. me ;)
1137898470 M * Bertl to me it's more a 'doctor, doctor, it hurts when I do that! .. then don't do that!' thing ...
1137898477 M * daniel_hozac i'll probably disable it for the next build though.
1137898564 M * Cru daniel asked for an rpm that automatically goes through all /etc/pam.d/* and comments out the pam_loginuid.so lines - they are available now, so if there is no plan to fix that in near future, I will announce that on the ML later on
1137898609 M * Bertl well, should not be required, if you really want to do auditing in a virtual context, we can do that, but somebody has to test it ...
1137898667 M * daniel_hozac i don't think anyone wants to do auditing, it's just enabled by default and i'm lazy... ;)
1137898669 M * Cru I thought this just for people using distribution kernels to make their vservers work correctly ;)
1137898985 M * Bertl Cru: distro kernels with or without vserver patches?
1137898994 M * Cru with
1137899009 M * Bertl well, they won't activate that feature, no?
1137899023 M * Cru ?
1137899069 M * Bertl a distro, maintainer, who _knows_ that a kernel feature is not working properly, will not enable it, no?
1137899105 M * Cru just thought for i.e. the people that use the vserver-enabled Fedora Kernels from the FC4 VServer Howto in the wiki
1137899148 M * Cru so that are distro kernels with added vserver patch
1137899210 M * Cru well, never mind, the vps-pam rpms now exist and someone may want them ;)
1137899326 M * Bertl I guess I'm still missing something
1137899359 M * Bertl who compiles the FC4 Kernels from the Howto page?
1137899384 M * Cru it is just fact that there are people not familar with building a kernel and having a kernel that has both audit and vserver enabled
1137899412 M * Cru I believe
1137899427 M * Bertl well, that's easily fixed by force disabling the auditing from the patches?
1137899449 M * Bertl we do something like this with the capabilities (which are force enabled)
1137899513 M * Cru hmm, would help, but there might really be persons who want to audit at least the host system, dont you think so?
1137899529 M * Bertl that's why it isn't forced atm :)
1137899556 M * Cru so those people are the ones i built the packages for ;)
1137899595 M * Bertl okay, no problem with that, as long as you do not consider it a solution (i.e. it's a hot-fix)
1137899622 M * Cru simply a work around
1137899654 M * Bertl yes, as I said, np with that, and I guess folks will appreciate it ...
1137899712 M * Cru well, I am not involved with this problem as I even did not know it existed an hour before, but we should mention the problem to exist anywhere in the faq i.e.
1137899762 M * Bertl okay, what exactly is the problem?
1137899773 M * Cru daniel_hozac? ;)
1137899777 M * Bertl maybe it's fixed in a few minutes :)
1137899832 M * Cru until now I just know pam_loginuid.so prevent for example cron to execute processes as non-root user when audit is enabled
1137899872 M * Cru I also have to do some research on whether there might be an impact on simply disabling pam_loginuid.so
1137899909 M * Bertl the auditing syscalls use two new capabilities, did anybody check what giving them (or one of them) would change there?
1137900000 M * Cru I think daniel_hozac would check that
1137900040 Q * Johnnie Quit: G'bye!
1137900050 J * Johnnie ~jdlewis@24.154.53.16
1137900087 M * Cru but I believe the impact of giving guests additional caps would be much deeper than disabling loginuid recording
1137900118 M * Bertl what syscall is done by the loginuid?
1137900166 M * daniel_hozac it's the writing to /proc/self/loginuid that fails, i think.
1137900191 M * Cru had no look into the source until now, but disabling it is no more impact than having no auditing enabled
1137900215 M * Bertl #define CAP_AUDIT_WRITE      29
1137900218 M * Bertl #define CAP_AUDIT_CONTROL    30
1137900233 M * Cru looks security relevant ;)
1137900253 M * Bertl audit_netlink_ok() checks for them
1137900278 M * Bertl proc_loginuid_write()
1137900287 M * Bertl checks for CAP_AUDIT_CONTROL
1137900311 M * Bertl and returns -EPERM if it is missing
1137900332 M * Bertl so .. given that the pam_loginuid.so can check for that quite fine
1137900344 M * daniel_hozac CAP_AUDIT_CONTROL is given to vservers by default.
1137900345 M * Bertl I would call that a bug in pam
1137900370 M * Bertl daniel_hozac: it is?
1137900371 M * daniel_hozac hmm, no, sorry.
1137900377 M * daniel_hozac insecure, not secure.
1137900378 M * daniel_hozac heh.
1137900385 M * daniel_hozac (time for bed, i think)
1137900404 M * Bertl okay, good night then! :)
1137900428 M * Cru another RedHat invention that breaks sth ;)
1137900445 M * daniel_hozac replacing pam is a lot more work than installing vps-pam ;)
1137900523 M * Bertl that's right ...
1137900545 M * daniel_hozac but yeah, i'll disable auditing in the kernel for the next build.
1137901063 M * Cru hmm, I should have toyed with harddisk idle-spindown years before...
1137901098 M * Bertl I guess the write can be simply enabled to the /proc entry
1137901113 M * Bertl it doesn't do anything if there is no audit_context for that task
1137901156 M * Bertl Cru: are you willing to test a trivial kernel patch regarding this issue?
1137901183 M * Cru I never enabled auditing on servers...
1137901209 M * Cru also having currently no system to play with...
1137901239 M * Cru on tuesday I may test it at work
1137901306 M * Cru but as I never experienced the problem on my own, it would need some imagination to test whether the problem persists ;)
1137901661 M * Cru $weibchen told me to go to bed now ;)
1137901764 M * Cru Herbert: please mail the patch to cru@ircnet.de if you require tests on tuesday, but I can not guarantee to be able to reproduce the issue
1137901782 M * Cru bbl
1137902496 M * Bertl kilian: http://vserver.13thfloor.at/Experimental/patch-2.6.16-rc1-vs2.1.0.6.diff
1137902542 M * Bertl kilian: looks good so far, nevertheless I'm pretty sure _something_ will break any minute :)
1137902565 Q * Cru Ping timeout: 480 seconds
1137903824 Q * Johnnie Quit: G'bye!
1137904195 J * Johnnie ~jdlewis@24.154.53.16
1137904435 P * Johnnie 
1137904519 J * Johnnie ~jdlewis@24.154.53.16
1137905296 Q * vrwttnmtu Quit: Leaving
1137910518 N * nokoya nokoyaz
1137910522 N * nokoyaz nokoya
1137910713 Q * FireEgl Ping timeout: 480 seconds
1137914255 M * Bertl kilian: minor update, http://vserver.13thfloor.at/Experimental/patch-2.6.16-rc1-vs2.1.0.6.1.diff
1137914588 M * Bertl off to bed now, have a good whatever everyone .. cya later ...
1137914594 N * Bertl Bertl_zZ
1137914831 Q * Johnnie Quit: G'bye!
1137915341 J * kjo nobody@news.stud.uni-goettingen.de
1137915349 Q * kjo Quit: 
1137918055 Q * pusling_ Read error: Connection reset by peer
1137918073 J * pusling pusling@195.215.29.124
1137918494 P * undefined 
1137918555 Q * NikDaPhreak Quit: Hybernating my brain....
1137920467 Q * dlippolt Ping timeout: 480 seconds
1137922834 J * bonbons ~bonbons@83.222.39.249
1137924192 J * Thorsten ~Thorsten@dslb-084-058-158-202.pools.arcor-ip.net
1137924822 J * Johnnie ~jdlewis@24.154.53.16
1137925015 M * kilian Bertl_zZ: great, thnx!
1137925268 J * Viper0482 ~Viper0482@p5497774A.dip.t-dialin.net
1137927203 Q * Viper0482 Remote host closed the connection
1137927246 Q * hue Quit: 离开
1137927440 M * Hollow bonbons: i have fixed the lockfile issue
1137927485 M * bonbons Hollow: good morning, will boot-up the box and update
1137927489 M * Hollow morning :)
1137927512 M * Hollow new C implementation for lockfile and crrect exit codes i hope
1137927540 M * Hollow and the debug switch has changed from UVDEBUG to VUDEBUG (just to be consistent :P)
1137927602 M * Hollow also fixed a security bug in vlogin
1137927627 M * Hollow guess i will release 1.0.3 soon
1137927968 M * bonbons question: what is the 'vflags -S -f REBOOT_KILL -x xid' for in vps.halt, plain init
1137928077 M * bonbons Hollow: what does it do? (it's used for plain init, but not for gentoo style, aka /sbin/rc)
1137928125 M * Hollow bonbons: the reboot_kill flag was added in the devel series, so when the guest context calls sys_reboot the context gets killed instead of the vshelper call
1137928168 M * Hollow it is used because vsever-utils currently doesn't have a helper app
1137928198 M * Hollow and if we don't use it, init [6] would last forever in the context
1137928250 M * bonbons ok, so I possibly need the same for initng, to test. The init-script for vserver-utils seems not gentoo-compatible...
1137928318 M * Hollow yeah, because vserver-utils is not gentoo specific... 
1137928335 M * bubulak yes ... in slackware is that same
1137928344 M * Hollow will include a gentoo init script with the ebuild
1137928381 M * Hollow it's more an example to distributors
1137928382 M * bonbons I know :) is it possible to adjust configure to try to detect distro and install a matching one? (like looking for /etc/*release* file)
1137928396 M * Hollow i don't think that's a good idea
1137928401 M * Hollow it's the packagers job
1137928430 M * Hollow i even tend to not install the sample on into /etc/init.d
1137928489 M * bubulak i don't thing so ... no packager will code that :)
1137928509 M * bonbons that would force packagers to look at it :), not installing the example is better than installing a bad one
1137928516 M * Hollow bubulak: many ebuild ins gentoo have seperate init script, so i guess they do
1137928534 M * bubulak thats true
1137928583 M * Hollow you would have to do tons of checks just to catch all (the most important) distros
1137928591 M * Hollow imo that's not worth it
1137928625 M * bubulak i understand 
1137928782 M * bonbons I'm looking at the 1/2 return values for procfs hide/unhide
1137928982 M * Hollow bonbons: the syscall fails on some entries, e.g. /proc/net but i don't know why..
1137929028 M * bonbons hmm...
1137929291 J * Smutje ~Smutje@xdsl-84-44-243-64.netcologne.de
1137929399 Q * Smutje_ Ping timeout: 480 seconds
1137929513 M * bonbons Hollow: fails on any proc entry, not only /proc/net ...
1137929521 M * Hollow hm
1137929571 M * bonbons I tried on /proc/sys where I got exactly same result
1137929625 M * Hollow what does errno say?
1137929722 M * bonbons just tried without -r and there it works, so it's some file/dir under /proc/net or /proc/sys that fails (looking at strace right now), always exits with 1
1137929907 M * bonbons should be something in the recursion code that failes, as vattr -G /proc/scsi exits with 1 as well, adding -d option exits with 0
1137929962 M * Hollow yeah, probably the right one to look at i didn't test the recursion method that much
1137929974 M * Hollow but i updated the vserver status command meanwhile
1137929987 M * Hollow it should finally display the right results ;)
1137929991 M * Hollow with the new lockfile
1137930062 M * bonbons ok
1137930473 M * bonbons I guess the problem is that errcnt can walk above and under 0, and is finally tested agains 0! On failure you sometimes add 1, sometimes substract 1
1137930629 J * Doener doener@i5387C036.versanet.de
1137930696 M * Hollow bonbons: right, i'm currently fixing it ;)
1137930746 M * bonbons Hollow: mixing Bash and C interpretation (EXIT_SUCCESS == false) ;)
1137930807 M * Hollow yeah, i'm always confused between bash and c if i work on both at the same time ;)
1137930920 M * bonbons same problem as with "human" languages :)
1137930983 Q * eyck Quit: leaving
1137931179 J * meandtheshell ~markus@85-125-225-49.dynamic.xdsl-line.inode.at
1137931582 J * eyck eyck@81.219.64.71
1137931703 J * Viper0482 ~Viper0482@p5497774A.dip.t-dialin.net
1137932389 J * id23 ~id@p54A0166E.dip0.t-ipconnect.de
1137932402 M * id23 hi #vserver
1137933060 M * Hollow bonbons: ok, should be fixed
1137933073 M * Hollow arr
1137933079 M * Hollow i have commited my debugging printf's
1137933080 M * Hollow :)
1137933098 M * bonbons ok, will look at it after lunch, and possibly also port vps to vserver-utils (it's quite useful!)
1137933144 M * Hollow bonbons: yeah, i was too lazy until now ;)
1137933860 Q * id23 Quit: Leaving
1137933935 J * mkhl ~mkhl@200-148-41-45.dsl.telesp.net.br
1137934141 M * lonewolff afternoon all
1137934800 J * virtual ~virtual@83.149.84.171
1137934802 N * virtual jgommers
1137934868 M * jgommers so how's the logo design going fellas :)?
1137936134 M * bonbons Hollow: for vps I think about adding following features to util-vserver's version (starting from vserver-utils vexec):
1137936151 M * bonbons - -x option to select context, defaulting to 1
1137936190 M * bonbons - if context is 1, show processes's context for each process, otherwise show header with context name
1137936209 M * Hollow sounds good :)
1137936220 M * bonbons can a process be in more than one network context?
1137936230 M * Hollow no
1137936239 M * bonbons adding network context infor could be nice as well
1137936251 M * Hollow yeah
1137936317 M * bonbons in relation to this, vncontext possibly needs to be completed for displaying network context details (it did never show me IP addresses)
1137936333 M * Hollow ah, right.. i'll do that
1137936386 M * Hollow ah yeah... i know why
1137936414 M * Hollow there is no syscall to get that information and i don't wanted to parse /proc info
1137936452 M * bonbons so it's a thing for Bertl's TODO list :)
1137936455 M * Hollow i'll ask bertl if we can get that into nx_get_info
1137936904 M * bonbons how do I get a process's xid/nid by pid? syscall/proc?
1137936928 M * Hollow nx_get_task_xid(pid);
1137936933 M * Hollow eh
1137936939 M * Hollow nx_get_task_nid
1137936945 M * Hollow and vx_get_task_xid
1137936977 M * bonbons ok
1137936993 M * Hollow bonbons: http:/dev.gentoo.org/~hollow/libvserver/doc/
1137936998 M * Hollow +/
1137936999 M * Hollow ;)
1137937015 M * Hollow not my day ;)
1137937029 M * bonbons will read there for the details :)
1137937046 M * Hollow yeah, i really tried to do good api doc ;)
1137937222 M * bonbons for the beginning I will just output the nid and xid as numbers (name resolution is a bonus for the end)
1137937262 M * Hollow bonbons: yeah, guess that's something for libvconfig times
1137937309 M * bonbons yup, xid to name should not be too difficult though
1137937332 M * Hollow yeah, you could just read the CONTEXT field of the uts array
1137937342 M * Hollow (and write it of course on start)
1137937395 M * Hollow ah, well, it is already set on vserver start foo
1137937441 M * Hollow the name -> xid resolution is as easy as well, just read it from the conf ;)
1137937457 M * Hollow but as i said, that's something for libvconfig
1137937463 M * Hollow which is planned for a 1.1 release
1137937478 M * Hollow it should support transparent xid<->name resolution all over the place
1137937492 M * bonbons will think about it when vps works with numbers :)
1137937497 M * Hollow yeah :)
1137937905 M * bonbons can processes of multiple contexts have the same network context? I would assume yes..; same for multiple processes of a context can have different network contexts
1137937937 J * Cru ~mindwarp@turbodiesel.e.de.wahlich.com
1137937945 M * Cru morning
1137937962 M * Hollow bonbons: a process can only have one context and one network context
1137938015 M * daniel_hozac bonbons: the latter is certainly true, as that's what util-vserver does.
1137938025 M * daniel_hozac (new context for each start/enter/etc.)
1137938039 M * bonbons yes, but that's not my question. P1(xid = 2, nid = 2), P2(xid = 2, nid = 3), P3(xid = 3, nid = 2) <= is this possible
1137938052 M * Hollow sure
1137938117 M * bonbons ok, so filtering by network context ID is a bit of post-processing
1137938118 J * pusling_ pusling@195.215.29.124
1137938120 Q * pusling Read error: Connection reset by peer
1137938334 M * Hollow bonbons: you could save a list pid<->nid from context 1 and compare this list afterwards with the desired pids
1137938351 M * Hollow or nids
1137938395 M * bonbons that's kind of what I'm thinking about, will change to the appropriate context, and the filter ps's output to show only those line of matching nid
1137938437 M * Hollow ok :)
1137940353 J * tgunkel_ ~Thorsten@dslb-084-058-174-241.pools.arcor-ip.net
1137940354 Q * Thorsten Ping timeout: 480 seconds
1137940549 M * jgommers Hi, do you guys know if Queues and Queueing Disciplines in the linux kernel are modified to work with vserver?
1137940927 M * Hollow jgommers: do you talk about QoS?
1137940933 M * jgommers jup
1137940950 M * Hollow no, the network stack is not (yet) virtualized
1137940979 M * jgommers is it taking into account in the NGNET development?
1137940998 M * daniel_hozac but you should be able to use QoS for vservers.
1137941004 M * Hollow don't know if QoS will work with ngnet, guess you'll have to wait for bertl and ask him
1137941013 M * jgommers k
1137941024 M * Hollow yeah, from the host you can setup all QoS also for vservers
1137941025 M * jgommers daniel, ofcourse but only from the host OS..
1137941062 N * tgunkel_ ThorstenG
1137941340 Q * pusling_ Remote host closed the connection
1137941348 J * pusling pusling@195.215.29.124
1137941351 M * Hollow bonbons: how is vps going? :)
1137941366 M * bonbons I'm writing around the ps-output parser
1137941375 M * Hollow ic.. i added vrsetup meanwhile
1137941400 M * bonbons trying to get the thing clean to avoid large whitespace
1137941515 J * zgrim ~zgrim@home-040126.b.astral.ro
1137941553 M * zgrim heya folks
1137941560 M * jgommers heya zgrim
1137941569 M * jgommers how's life on that side of the wire?
1137941606 M * zgrim well, i noticed a small probably-typo thingie, thought you guys would probably clear things up for me
1137941622 M * zgrim ./distrib/misc/mtab:/dev/hdv1 / ufs defaults 0 0
1137941631 M * zgrim like... UFS ?!
1137941634 M * zgrim :)
1137941691 M * zgrim we had repacked it for debian sarge, put it in production, and only after then noticed it :/
1137941749 M * jgommers should review testing process then :)?
1137941772 M * zgrim lol, neah, we like keeping full backups
1137941789 M * zgrim anyway, is it a typo ?
1137941821 M * jgommers don't know, you should post it to the mailinglist
1137941859 M * zgrim ok..
1137941870 M * jgommers please :)
1137941904 M * zgrim we thought maybe the vserver devs fell in love with BSDs :))
1137942254 J * AllenJB ~Allen@stuEAED.kent.ac.uk
1137942494 Q * ThorstenG Quit: Leaving
1137942819 M * Hollow zgrim: i don't know why, but it's ok
1137942839 M * Hollow has something to do with vroot devices
1137942908 M * zgrim yes, indeed seems to be ok, but i need to be sure :)
1137942944 M * Hollow well, i'm sure it's correct, but i don't know why is that
1137943177 M * zgrim i mailed it to the list
1137943572 J * pusling_ pusling@195.215.29.124
1137943572 Q * pusling Read error: Connection reset by peer
1137944310 M * zgrim k, i found it http://list.linux-vserver.org/archive/vserver/msg09133.html
1137944338 M * zgrim " it's a cheap way to trick the quota tools into _not_ trying to mess with the raw device (which would fail) "
1137944383 M * zgrim maybe it should make it in the FAQ :))
1137944430 M * Hollow zgrim: well, it explains why /dev/hdv1 is there, but not why it is ufs
1137944501 M * SiD3WiNDR vsfs!
1137944530 M * zgrim yeah, ntfs :))
1137944535 M * zgrim fat32 ?
1137944537 M * zgrim :)))
1137944629 M * Hollow zgrim: http://archives.linux-vserver.org/200401/0232.html
1137944643 M * Hollow well, seems like it is correct
1137944645 M * Hollow sorry for that
1137944682 M * zgrim yup, i got it, tricks the quota tools
1137945353 M * ebiederm Hollow: Qos should work with my stuff at least when all of the bugs are out.  iptables is only a couple of hours off.
1137945384 M * Hollow ebiederm: yeah, i guessed that, nice stuff :)
1137945419 M * ebiederm It is just a case of breaking the networking stack information at the appropriate point.
1137945606 M * bonbons Now my vps compiles, but looks like xid == 1 is not setup correctly (it complains about missing /proc)
1137945730 M * Hollow vserver procfs unhide?
1137945762 M * bonbons was that
1137945805 M * bonbons ok, my code is still buggy :) output is partly garbage
1137945863 M * Hollow ok, i'll wait patiently :)
1137945906 M * Hollow just for the fun of it i added another command to vserver.. (reload)
1137945951 M * bonbons what should reload do? update [n]context?
1137945964 M * Hollow update sched, limits and uname
1137945978 M * Hollow and flags/caps
1137946012 M * bonbons for the fun, making it update ncontext would be cool :) (add/remove ip addresses)
1137946057 M * Hollow that's not as easy, what should be done with processes currently listening on any of the ips?
1137946087 M * Hollow we could just add new ones
1137946093 M * Hollow but removing is a bit critical imo
1137946328 M * bonbons checking which ones are being listened explicitly on gets a lot of work (apps bound to 0.0.0.0 or :: can silently be ignored)
1137946368 M * bonbons what happens on normal hosts when such an IP gets removed?
1137946424 A * Hollow shrugs
1137946437 M * bonbons vps now works much better, except I'm missing half of ps's header
1137946459 M * Hollow mind uploading it? i'd like to look at it :)
1137946484 M * bonbons no problem, will do very soon
1137946717 M * bonbons You can read it at usual location: http://homepage.internet.lu/brunop/vps.c
1137946758 Q * Viper0482 Quit: bin raus, 
1137946916 M * Hollow ok, guess i'll give it a try and see what it looks like :)
1137946939 M * zgrim another q: we have some apache{-ssl} sending mails, it failed with "postdrop: warning: mail_queue_enter: create file maildrop/756509.26845: Permission denied" ; we just added www-data to postdrop group for now, but the funny thing is this did not use to happen with lk 2.4 / vs 1.x ...
1137946957 M * zgrim any ideeas on this one ?
1137947140 M * Hollow bonbons: it always show xid=1 and nid=0 here
1137947147 M * Hollow and if i specify -x it segfaults
1137947230 M * bonbons for me it outputs the getty in xid=11, nid=11, ps in xid=1, nid=0 and an init in xid=1,nid=0, an then tons of apps in xid=0,nid=0
1137947276 M * Hollow hm
1137947279 M * bonbons but there are some parsing errors left...
1137947455 M * bonbons with what options to you get the segfault?
1137947488 M * Hollow -x
1137947491 M * Hollow little x
1137947593 M * bonbons that's probably issue with argument handling
1137947668 M * bonbons yup, just' don't know why...
1137947854 M * bonbons ok, bad usage of getopt (I should read the manpage earlier :))
1137947902 M * bonbons uploaded update
1137947902 M * Hollow :)
1137947991 M * Hollow ah, only SHORT_OPTS was wrong?
1137948022 M * bonbons yes :) and ther's currently a debug printf() to try to fix the missing ps header
1137948137 M * Hollow it still displays XID=1 if i don't specify any with -x
1137948170 M * bonbons found and fixed (the first \n go overwritten to \0, so strchr(buf, '\n') returned 0)
1137948197 M * bonbons could you show your output?
1137948199 M * Hollow bonbons: ok, i added it to svn
1137948225 M * Hollow bonbons: http://phpfi.com/97688
1137948234 M * bonbons I had not yet uploaded the fix for the partial header
1137948253 M * Hollow process 8516 should in context 123 e.g.
1137948279 M * Hollow bonbons: yeah, please update the svn version instead, i did a few code beautifications ;)
1137948303 M * Hollow mostly comments and whitespaces
1137948312 M * bonbons yep, I'm seeing it also using same options
1137948327 M * Hollow how do you see correct output?
1137948368 M * bonbons no, same wrong output
1137948564 M * bonbons you didn't update Makefile.am yet, did you?
1137948602 M * Hollow i did
1137948616 M * Hollow it seems like the *_SOURCES are not needed
1137948620 M * Hollow i'll drop all of them 
1137948651 M * bonbons ok, it was the *_SOURCES which was different
1137948782 M * Hollow bonbons: want to be added to AUTHORS?
1137948798 M * bonbons you can add me
1137948834 M * Hollow just with your nickname? or with full name and/or email?
1137948883 M * bonbons Full name, Bruno Prémont (for now without email, need to chose which one I will use)
1137948890 M * Hollow ok ;)
1137949057 M * bonbons for me it looks like XID gets wrong when PID is on first column
1137949106 M * Hollow ic..
1137949109 M * Hollow i always use ax
1137949110 M * Hollow ;)
1137949142 M * bonbons with af it works (vps -- -Af)
1137949224 M * Hollow now it show 0 for everything except ps which is 1 :)
1137949480 M * bonbons and I found out the cause, it's the space behind the pid number, on -Af it got ppid!
1137949578 M * Hollow ic, i'm looking through process_output and see what it does so i can help you a bit ;)
1137949676 M * Hollow this seems strange to me: pid_end = pos-data + 4;
1137949687 M * Hollow why do you substract the data pointer?
1137949756 M * bonbons because pos is pointer to offcuence of 'PID' string inside data
1137949799 M * daniel_hozac hmm, ps parsers in C... that can't be fun.
1137949807 M * bonbons now I was just trying out vps -X -N -x 11, but then vx_get_task_xid returns -1
1137949860 M * bonbons uploaded my ps-output fix, still need to get it right when limiting to xid != 1
1137949917 M * bonbons probably migration whould be done inside fork for this to work?
1137949937 M * Hollow ah.. ic.. pid_end is size_t not char *
1137950099 M * bonbons only problem with migration inside fork, I get wrong xid/nid for guest's init (lookingup pid=1 on host ;))
1137950148 J * azazel ~azazel@81-174-46-248.f5.ngi.it
1137950199 M * bonbons reuploaded with moved migration
1137950254 M * Hollow ok, will look at it in a bit
1137950276 M * bonbons I guess this is a special case that vps must handle <= pid=1 && xid-filter > 1 => fetch guest's init real pid and lookup on that one
1137950353 M * azazel hi all, anyone knows if herbert's slides of his presentation at "What the hack" are available somewhere, possibly in source form?
1137950527 M * azazel i want to translate them in italian for a prsentation to my lug
1137950766 J * menomc ~amery@200.75.27.16
1137950854 M * bonbons Hollow: now I have that special case right as well -- uploaded
1137950875 Q * mnemoc Ping timeout: 480 seconds
1137950875 N * menomc mnemoc
1137950880 M * Hollow ok, great, i'm nearly finished with understanding and documenting :)
1137952170 M * bonbons next task would be a tool/script to take down all guest cleanly [before host shutdown] (with option for doing it in paralell)
1137952230 M * Hollow bonbons: ok, commited the commented and cleanedup/fixed vps.c
1137952296 J * prae ~benjamin@sherpadown.net
1137952469 M * bonbons Hollow: the cleanups are not all pure C ;) pure C does not allow variable declarations in middle of code
1137952477 M * Hollow bonbons: yeah, that would be nice, we could look at the gentoo init script dependency tracker to do that
1137952517 M * Hollow i don't care as long as std=gnu99 -pedantic does not complain ;)
1137952558 M * bonbons ok
1137952580 M * Hollow i prefer to see where the var is first used
1137952586 M * daniel_hozac Hollow: there's a reason for it, much easier to find variables...
1137952603 M * Hollow my editor has a search function
1137952604 M * Hollow :)
1137952615 M * daniel_hozac same argument works the other way ;)
1137952632 M * Hollow yeah, so it really doesn't matter and i'd like to stay consistent with other source files
1137952671 M * Hollow i hope it's not too complicated for you ;)
1137952712 M * bonbons then the variable used in last for loop could be replaced by a new one with better name than 'lmaxcnt' :) would improve readability
1137952720 N * Bertl_zZ Bertl
1137952724 M * Bertl morning folks!
1137952737 M * Hollow bonbons: yeah, thought that too, because i wondered why it is "reused"
1137952738 M * daniel_hozac morning!
1137952741 M * Hollow morning Bertl!
1137952750 J * Borg_Number_One BorgNr1@p54B88DA3.dip0.t-ipconnect.de
1137952756 M * bonbons morning Bertl!
1137952774 M * ebiederm morning Bertl
1137952821 M * Borg_Number_One Hello everybody
1137952886 M * Bertl hey Hollow! bonbons! ebiederm! B#1!
1137953079 M * bonbons Hollow: do we have something like util-vserver's vserver-stat?
1137953101 M * Hollow bonbons: no
1137953176 M * bonbons and except /proc/virtual, /proc/virtnet, some way to get list of existing/active contexts?
1137953181 M * Borg_Number_One Mhhh... bonbons I like sweets like  bonbons. But my tooth do not like bonbons.
1137953198 M * Hollow bonbons: guess not
1137953218 M * Hollow Bertl: btw.. is it possible to create a new syscall to get currently assigned IP for an nx?
1137953239 M * Bertl you mean list of IPs?
1137953243 M * Hollow yep
1137953279 M * Bertl possible yes, but we have to find some semantics for that first (btw, the XID/NID list is a similar issue)
1137953290 A * Hollow nods
1137953295 M * ebiederm Does what ip addr does not work? 
1137953311 M * ebiederm Or is this completely from the outside?
1137953323 M * Hollow hm, yeah.. we could do it from inside indeed
1137953358 M * Bertl well, IMHO we should think about a proper netlink interface for that
1137953385 M * Hollow you mean that one for all information flow?
1137953399 M * Bertl yes, with different 'request' commands
1137953444 M * Bertl btw, this would be a good method to get the required info in ebiederm's case too, no?
1137953466 M * ebiederm Bertl: Possibly.
1137953487 M * ebiederm I haven't worried about how to get the information from the outside yet.
1137953500 M * Hollow bonbons: ok, guess 1.0.3 is due, any objections?
1137953521 M * Bertl ebiederm: something related: I thought about uniquely identifying a hierarchical context structure in a flat data model ...
1137953530 M * bonbons maybe adding the 6 lines to vps.sh for initng
1137953540 M * Hollow ah yeah, does it work correctly now?
1137953574 M * bonbons checking now...
1137953592 M * Bertl ebiederm: and I think names or numbers would be fine, given that you join them with something (e.g. / like for pathes or '.' like in sysfs)
1137953623 M * ebiederm Bertl:  Yes.  I have been thinking of using / as well.
1137953651 M * bonbons works for me with the 6 lines in vps.sh
1137953673 M * ebiederm Hmm.  dot like in sysctl I assume.  sysfs alwayas uses paths or something is being abused.
1137953676 M * Hollow ok, can you paste them to icq or query?
1137953708 P * Borg_Number_One 
1137953722 M * Bertl ebiederm: yes, sysctl was what I meant
1137953729 M * bonbons just checking on shutdown if the reboot-kill is required or not
1137953809 M * Bertl ebiederm: so how is it going? any plans when a broken out patch for a recent kernel will be available?
1137953827 M * ebiederm Bertl:  Ok.  But a little round about.
1137953847 M * ebiederm When I start breaking things up I see the deficiences much more clearly and so I want to fix those.
1137953857 M * ebiederm Which is distracting!
1137953873 M * ebiederm And yesterday I just needed to take a break.
1137953902 M * ebiederm At the moment I am looking to see if I can implement proper weak references to processes.
1137953937 M * ebiederm If I can that cleans up a lot of ugly parts of the kernel.  Irrespective of the virtualization.
1137953954 M * bonbons bug: vps.c, line 176: ... && pslines[0].pid == 1) {, should be pslines[lcnt].pid == 1
1137953987 M * ebiederm Basically a pid value that is safe even when the pid is reused.
1137953989 M * Hollow ok, fixed
1137954057 M * Bertl ebiederm: no problem with that at all .. just wanted to get an estimation :)
1137954088 M * bonbons reboot_kill is required for proper shutdown of initng as for sysvinit
1137954095 M * Hollow yep, i thought so
1137954111 M * Bertl ebiederm: feel free to have no idea :)
1137954136 M * ebiederm Bertl:  other than in progress I have no idea.  
1137954169 M * ebiederm My biggest problem with plans and to a lesser extent estimates is when I make them I feel like I have done all of the work and go do something completely different!
1137954226 M * ebiederm Not having a code that is separated into logical chunks that is easy to port to the newest kernels is painful and though.
1137954231 M * Bertl Hollow: does something like the netlink interface 'ip' uses look reasonable for you (to get list style information)?
1137954235 M * ebiederm So it will get completed.
1137954236 M * bonbons uploading vps.sh, easier than copy paste from 1 box to the other :)
1137954258 M * Hollow Bertl: i don't know that interface, will have to look at it first
1137954288 M * daniel_hozac Bertl: i thought netlink in general had EOL markers.
1137954298 M * bonbons at usual location: http://homepage.internet.lu/brunop/vps.sh
1137954337 M * Bertl Hollow: okay, np, I will look into it too, and I'd suggest we try to make some kind of test interface for 'just' retrieving the XIDs/NIDs first to get a feeling for it
1137954358 M * Hollow ok, sounds good :)
1137954365 M * Hollow to both bonbons and Bertl :)
1137954383 M * ebiederm Bertl:  netlink can be painful to work with.
1137954394 M * Bertl ebiederm: good alternatives?
1137954411 M * ebiederm sysfs is better if it will fit the problem.
1137954434 M * Bertl many lines of data with a lot of information? 
1137954450 M * ebiederm My biggest gripe with netlink is that you don't know which process you are talking to so context information is hard to get.
1137954466 M * ebiederm Bertl:  May directories in the sysfs case.
1137954494 M * ebiederm For netlink having to implement retries in the client requesting the information is painful.
1137954501 M * Bertl well, no, I don't think that we should build directories for that, otherwise folks could use the existing procfs
1137954539 M * bonbons Hollow: why did you remove the fi from vexec for starting initng?
1137954543 M * ebiederm For a network protocol netlink is reasonable, but as a local interface it is just a little hard to work with.
1137954547 M * Bertl ebiederm: the problem there is, it is slow, inconsistant and has great overhead
1137954564 M * Bertl ebiederm: the procfs (or sysfs)
1137954569 M * Hollow bonbons: damn.. copied the wrong part..
1137954615 M * Hollow bonbons: hm, i feel like renaming plain init style to something more obvious
1137954632 M * Hollow i'd prefer sysvinit
1137954638 M * Bertl ebiederm: why is 'ip' from iproute2 using it?
1137954647 M * bonbons sysvinit?
1137954661 M * Hollow i know it's ambiguous to the util-vserver sysvinit
1137954669 M * Hollow but it is sysvinit, no?
1137954679 M * ebiederm Bertl:  Ip only mostly uses it.  For ip link it still uses ioctl.
1137954701 M * Bertl so you are suggesting to use ioctl :)
1137954706 M * ebiederm For the rest I think it is networking people solving a problem with a networking solution.
1137954728 M * bonbons to keep compatibility for the beginning, why not give it the 3 names, plain, init and sysvinit and mark sysvinit as recommented in example context.conf?
1137954749 M * ebiederm Bertl:  I'm just observer that all of the solutions right now have their own tradeoffs.
1137954753 M * Hollow yeah, i guess that's a good idea
1137954765 J * vrwttnmtu ~eryktyktu@82-69-161-137.dsl.in-addr.zen.co.uk
1137954770 M * daniel_hozac maybe sysvscripts is better?
1137954771 M * Bertl welcome vrwttnmtu!
1137954775 M * ebiederm Right now sysfs seems to suck least...
1137954786 M * Bertl ebiederm: why?
1137954792 M * Hollow daniel_hozac: that would be what sysvinit currently is in util-vserver
1137954796 M * Hollow right?
1137954802 M * daniel_hozac right.
1137954807 M * bonbons the "normal" init is sysvinit (at least on gentoo)
1137954809 M * Hollow ok, we don't support this currently :)
1137954813 M * Hollow but sounds good otherwise
1137954817 M * daniel_hozac oh, heh.
1137954824 M * ebiederm sysfs has a default location for stuff to go so it is more consistent.
1137954833 J * pusling pusling@195.215.29.124
1137954833 Q * pusling_ Read error: Connection reset by peer
1137954834 M * ebiederm The interface inside and outside the kernel is easy to use for scripts.
1137954853 M * Bertl ebiederm: In particular: a) what are the advantages of sysfs over procfs? and b) how to get a long list of 'possibly changing' data to the userspace?
1137954860 M * ebiederm You get context information so you can make decisions based on who you are talking to.
1137954883 J * dlippolt ~dlippolt@cpe-70-112-77-129.austin.res.rr.com
1137954892 M * Bertl welcome dlippolt!
1137954919 M * ebiederm Over proc sysfs really encourages one value per file from the kernel side.
1137954946 M * Hollow bonbons: ok, look at it again
1137954950 M * ebiederm Basically the sysfs interfaces are a disciplined version of proc
1137954959 M * Bertl ebiederm: well, that's definitely a step in the wrong direction in our case
1137954980 M * ebiederm What kinds of intformation are you looking at returning?
1137954982 M * bonbons looks good to me :)
1137955001 M * Hollow ok, also updated the example context.conf
1137955012 M * ebiederm What sysfs is not good for is binary data.
1137955029 M * Bertl ebiederm: in the simplest case a list of all context identifiers, in the more complex case a detailed list of processes/contexts with all their current settings/values
1137955050 M * Hollow ok, making 1.0.3 now
1137955063 M * Bertl to implement things like 'top' or similar on context level
1137955126 M * bonbons hehe, in conext.conf you should have updated the variable with the comment above
1137955162 M * bonbons possible values: sysvinit, initng, gentoo ...      VX_INIT="plain"
1137955180 M * Hollow oh well :)
1137955186 M * Hollow that will be in 1.0.4 now
1137955188 M * Hollow :P
1137955199 M * ebiederm For a list of active contexts /proc may not be the worst place because it is process relative information.
1137955226 M * ebiederm Hierarchies that are process relative is not something that sysfs currently has an infrastructure for.
1137955264 M * bonbons people will survive it, especially as vps.sh eats plain :)
1137955297 M * Hollow :)
1137955318 M * bonbons I'm gone eating something, will be back later
1137955329 M * Bertl ebiederm: so your suggestion basically goes into the direction I was already looking at (and seems even more reasonable) to create a custom/special virtfs filesystem similar to proc/sysfs to handle that in an efficient manner ...
1137955361 M * ebiederm Bertl:  Something like that.
1137955376 M * Bertl ebiederm: could/would you consider something like that for the mainline namespaces approach too?
1137955395 M * ebiederm The nice thing about /proc and it's kin is that you don't need to have headers reporting magic numbers back and forth.
1137955405 M * ebiederm Bertl:  
1137955427 M * ebiederm Bertl:  So far I have been mainly aimin at how filesystem namespaces are know today.
1137955449 M * ebiederm My biggest concern is that I really don't want to add another namespace to identifiy namespaces.
1137955467 M * ebiederm So non-process relaltive identifers exported to user space cause me grief.
1137955489 M * ebiederm Look at /proc/self/mounts ?
1137955491 M * ebiederm :)
1137955537 M * Bertl ebiederm: so you 'plan' to identify the namespaces via the processes using them, fair enough, but how to identify the processes?
1137955584 T * Hollow http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.1.0.5, 2.0.1.2 | util-vserver-0.30.209 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;)
1137955629 M * ebiederm It seems keeping a process tree intact is important.
1137955649 M * ebiederm So each pid space has a pid in the parent process space.
1137955665 M * ebiederm So I get paths like 1165/11/.....
1137955696 M * Bertl okay, so 1/1/1 would give a child of a child context of the host (or current) one
1137955744 M * ebiederm Yes a child of a child context of the current context.
1137955769 M * ebiederm I don't think absolute paths make sense except in kernel error messages :)
1137955803 M * ebiederm Of course they almost will be used in the host context ....
1137955817 M * ebiederm s/almost/almost always/
1137955970 M * Hollow ok, updated in portage as well..
1137955976 M * Hollow bonbons: thanks again for your time!
1137956056 Q * shedi Quit: Leaving
1137956074 M * ebiederm The real fun with some of this is double entering the init process under 2 different pids in the hash table.
1137956138 M * Bertl ebiederm: why would we need that?
1137956168 M * ebiederm One of the things I need to confirm....
1137956170 M * Bertl if I got the basic idea right, init would always be pid=1 ?
1137956198 M * ebiederm So each guest has init which is pid=1.
1137956225 M * ebiederm But the entire guest is also known as pid=xyz on the host.
1137956251 M * Bertl ahem, no, why?
1137956270 M * Bertl pid xyz is the parent on the host
1137956278 M * ebiederm So you wan waitpid on the guest and discover when it exits.
1137956313 M * ebiederm Basically what does waitpid return when the guest exists is the question.
1137956318 M * Bertl you don't want to show a process inside the namespace outside?
1137956359 M * Bertl IMHO if you do it properly, the child must be separated from the parent via some syscall
1137956383 M * Bertl and when the child exits (init quits) the syscall returns
1137956406 M * Bertl (can be broken into two parts create and wait of course)
1137956433 M * ebiederm And we already have those two parts.
1137956437 M * ebiederm clone and waitpid.
1137956439 Q * Pazzo Remote host closed the connection
1137956441 M * Bertl but it doesn't make sense to me to keep the init (why the init?) in the parent space
1137956508 M * Bertl IMHO the clone should return a pid value (maybe a special one?) for the child, but the child must not exist in the parent space
1137956530 M * Bertl otherwise you get all kind of strange issues there
1137956536 M * ebiederm Bertl:  Exactly.
1137956566 M * ebiederm Currently I am just hash init under the special pid value so the parent can find it.
1137956630 M * ebiederm The two pids are in different pid namespaces so init and it's children can't refer to init by that special pid.
1137956713 M * Bertl will the parent be able to send signals to the child (in the other context)
1137956716 M * Bertl ?
1137956728 M * ebiederm Bertl:  Currently I allow that.
1137956765 M * Bertl what happens if you kill it?
1137956780 M * Bertl (assumed that there are a bunch of other processes in that context)
1137956784 M * ebiederm The entire guest dies.
1137956806 M * Bertl means, is killed and reaped by the parent?
1137956842 M * Bertl or by the init?
1137956860 M * Bertl what about zombies? are they lost in space? pardon the pun :)
1137956905 M * ebiederm Guest zombies that aren't reaped by the guest init are set to self real and made parents of host init.  But the host init never sees them.
1137956938 M * Bertl that's what I feared ... so you will silently lose them ...
1137956990 M * Bertl i.e. the admin will never know that happened, and a strange namespace will stay partially alive, unreachable using up some resources, no?
1137956990 M * ebiederm I don't even know if there is anyone sensible to give them to.
1137957008 M * ebiederm Bertl:  No.  All of the guest children are killed.
1137957028 M * Bertl yeah, but the zombies keep hanging around, no?
1137957061 M * ebiederm The only case that I have that can lock up a resource is if you pass a socket to a process in another network namespace.
1137957073 M * ebiederm No the zombies are set to self reap.
1137957093 M * Bertl hmm, k
1137957123 M * ebiederm I agree, an unreachable namespace is bad.
1137957184 M * Bertl well, IMHO an unreachable namespace you do not even know about is worse :)
1137957208 M * ebiederm Agreed.
1137957254 M * ebiederm My network namespaces at least appear in sysfs.  So I have /sys/class/net/ and /sys/class/net2 and /sys/class/net3 :)
1137957271 M * Bertl okay, will you be around later this day/night?
1137957272 M * ebiederm I need to do something better but that is what kept my kernel from oopsing!
1137957277 M * ebiederm Likely.
1137957312 M * Bertl good, then I will not keep you (right now) from your work, and we'll have a chat later ... sounds good?
1137957320 M * ebiederm k.
1137957338 M * Bertl Hollow: anything urgent atm? regarding interfaces and/or tools?
1137957481 M * Hollow no
1137957494 M * Bertl okay, good, keep up the good work! 
1137957501 M * Bertl off for dinner now .. back later ...
1137957507 N * Bertl Bertl_oO
1137957543 M * Hollow Bertl_oO: yeah, huge list of bugs fixed in 1.0.3
1137957624 M * bonbons :)
1137957654 Q * eyck Quit: leaving
1137960176 J * NikDaPhreak ~NikDaPhre@193.24.241.34
1137960805 T * daniel_hozac http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.1.0.5, 2.0.1.2 | util-vserver-0.30.210 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;)
1137960821 M * daniel_hozac (util-vserver 0.30.210)
1137960837 M * phreak`` *uh* :)
1137962288 M * derjohn ufff, I'm lucky, devel didn't change version! .210 -> is there a changelog? daniel_hozac: what is the change :) ?
1137962339 M * derjohn phreak``, did I ask you if you join linuxtag this year?
1137962374 M * phreak`` nope, you didn't derjohn :) but I think its a bit far away from here :)
1137962414 M * derjohn phreak``, that sad I am looking for people helping me with a linux-vserver stand ...
1137962421 M * derjohn phreak``, BTW: Wiesbaden this year!
1137962466 M * daniel_hozac derjohn: the ChangeLog is in the tarball, or shattered in CVS ;)
1137962490 M * derjohn daniel_hozac, *eyestwinker* is it much that changed?
1137962520 M * daniel_hozac ~450 lines in the changelog ;)
1137962549 M * daniel_hozac i guess the most noticable change is that only the v13 (i.e. 2.0) and net APIs are built by default.
1137962556 M * phreak`` derjohn: derjohn: imagine, I'm living near the most northern point of Germany ;)
1137962557 M * daniel_hozac so no more need for legacy in the kernel.
1137962599 M * daniel_hozac and if you use disk limits, those are supported in the configuration.
1137963040 J * Johnsie ~jdlewis@24.154.53.16
1137963040 Q * Johnnie Read error: Connection reset by peer
1137963112 M * gdm hi, silly question, but is there a limit to the number of vservers you can have on a host?
1137963125 Q * NikDaPhreak Quit: Hybernating my brain....
1137963215 M * Doener gdm: 2^16-2 should be way more than you can use from a ressource perspective... and you'd run out of pids IIRC ;)
1137963233 M * derjohn daniel_changelog: thx! This was the legacy-api stuff? Finished so soon? cool, thx!  ...
1137963267 M * Doener derjohn: i won't be able to come to linuxtag, sorry :/
1137963333 M * Doener gdm: hm, i meant to say that the theoretical limit is 2^16-2 of course, not just that that number is more than you need...
1137963356 M * gdm Doener: that's kool, it's plenty, thanks! ;-)
1137963385 M * derjohn Doener, shame upon you! :/ I mean, it's a pity ... but OK, Ill remove you from mylist ;(
1137963571 M * derjohn phreak``, you are living on a lighthouse?
1137963598 M * DaCa if even germans stop going to linuxtag, what will become of it :p
1137963814 M * phreak`` derjohn: not exactly :P but near that point (~20km of it)
1137964140 J * vreak ~irc@83.215.140.176
1137964197 Q * vreak Quit: 
1137964614 Q * prae Quit: Pwet
1137964968 Q * bonbons Quit: it's night here
1137965396 J * undefined ~undefined@adsl-68-93-109-94.dsl.rcsntx.swbell.net
1137965741 P * meandtheshell 
1137965837 Q * Doener Read error: Connection reset by peer
1137965863 J * Doener doener@i5387D771.versanet.de
1137965867 J * Aiken ~james@tooax6-145.dialup.optusnet.com.au
1137966452 N * Bertl_oO Bertl
1137966458 M * Bertl hey Aiken!
1137966467 M * Hollow wb Bertl!
1137966471 M * Bertl tx
1137966482 M * Hollow Aiken: you did get the network conctext error too, right?
1137966490 M * derjohn namaste Bertl!
1137966520 M * Aiken with vserver-utils, yes
1137966530 M * Hollow ok, jfyi, it is fixed with libvserver-1.0.2
1137966540 M * Aiken hi Bertl
1137966557 M * Aiken vserver served me well last night, testing some software I am working on
1137966568 M * Aiken the ease of building up and tearing down images :)
1137966579 M * Aiken Hollow I'll try that shortly
1137966624 M * Bertl derjohn: hmm .. who is my worthy oponent? 
1137966629 M * derjohn Aiken, so it's not particularly a 'vserver' but maybe a vlinux ;)
1137966663 M * derjohn Q: 'Namaste ist das gebr?uchlichste Gru?wort Indiens'
1137966706 M * Bertl derjohn: yea, I read that, but do you know where it comes from?
1137966755 M * derjohn Bertl, well, yes from a 'scene' restaurant here in Frankfurt called "coccon club" :) That where I learned it ....
1137966760 J * MakMoer ~makmoer@213.225.59.162
1137966773 M * Bertl derjohn: ah, well, that explains :)
1137966778 M * Bertl welcome MakMoer!
1137966795 M * derjohn Bertl, but I dont have the slightest idea what origin the word has .. just know it from india
1137966806 M * MakMoer HI all..My vservers are running very well..I have a question now..I installed openvpn in one of the vservers but /dev/net/tun is missing and I also cannot create it..what should I do ?
1137966817 M * derjohn Bertl, well and I may be a worthy opponent of course! 
1137966841 M * Bertl Aiken: do you feel adventerous tonight? I have a 2.6.16-rc1 CoW which could benefit from some bashing ...
1137966847 M * derjohn Bertl, :) [But not so much in a coding contest, but in martial arts, yes ;)]
1137966850 M * Bertl derjohn: http://www.flex.com/~jai/articles/namaste1.html
1137966867 Q * pusling Remote host closed the connection
1137966875 J * pusling pusling@195.215.29.124
1137966928 M * Bertl MakMoer: what is your goal regarding openvpn?
1137966953 M * Aiken I'll be free in maybe 15 min
1137966984 M * MakMoer I wanna connect with my windows XP client at home to vpn at work..
1137967001 M * Bertl Aiken: no need to hurry, the patch is at the usual location (Experimental) and any feedback is appreciated
1137967033 M * Bertl MakMoer: the problem is, the tun devices require admin capabilities (you normally do not have/give to a secure guest)
1137967057 M * Bertl MakMoer: if you have control over the guest, it should not be a problem though ...
1137967077 M * MakMoer I have full control over all vservers..and the host..so no problem..
1137967224 M * MakMoer Bertl: What do I need to do to give one vserver full access and control over the tun devices..is it possible ?
1137967249 M * ebiederm CAP_NET_ADMIN isn't it?
1137967316 Q * pusling Read error: Connection reset by peer
1137967318 J * pusling_ pusling@195.215.29.124
1137967503 M * MakMoer how do I set/grant CAP_NET_ADMIN ?
1137967617 A * lonewolff heads to bed
1137967618 M * lonewolff night all
1137967673 M * aba Bertl: btw, would you consider it a good idea to be able to create "safe" devices as e.g. /dev/null w/o the appropriate cap?
1137968273 M * MakMoer guys..I dont see a /etc/vservers/VSERVER.conf file for my VSERVER..what am I missing ?
1137968287 M * daniel_hozac MakMoer: nothing. that's legacy configuration.
1137968312 M * daniel_hozac MakMoer: new configuration is in /etc/vservers/<name>/.
1137968329 M * MakMoer I am trying to find out where to set : CAP_NET_ADMIN
1137968379 M * daniel_hozac /etc/vservers/<name>/bcapabilities
1137968392 M * daniel_hozac as per http://www.nongnu.org/util-vserver/doc/conf/configuration.html
1137968423 M * MakMoer ok..thanks !!
1137969025 J * FireEgl Atlantica@Atlantica.CJB.Net
1137969044 Q * MakMoer Quit: 
1137969122 M * azazel Bertl: can you publish the sources of that slides you showed at "what the hack"? i want to translate them to italian and use them for a presentation of linux-vserver to my lug
1137969605 M * Aiken Hollow which is libvserver ment to be compiled against? dietlibc or glibc?
1137969643 M * Aiken I still get Failed to create networkcontext: Function not implemented
1137969686 M * Aiken compiled against glibc libvserevr 1.0.2 would only produce the static lib where 1.0.1 produced both static and dynamic libs
1137969705 J * Pazzo ~Pazzo@host130-250.pool8172.interbusiness.it
1137969722 M * Aiken only way I got vserver-utils to compile against libvserver 1.0.2 was to use the configure.ac from libvserver 1.0.1 when building 1.0.2
1137969729 M * azazel crazy pazzo:)
1137969738 M * Pazzo hehe
1137969741 M * Pazzo hi azazel
1137969951 Q * emp Ping timeout: 480 seconds
1137970031 J * emp ~emp@70.57.239.35
1137970187 M * Aiken everything compiled with dietlibc and I now get
1137970189 M * Aiken (root@fred) vserver start slate
1137970190 M * Aiken Failed to restore cwd: Bad address
1137970190 M * Aiken An error occured while trying to mount filesystems for 'slate'
1137970383 M * ebiederm Anyone have a good abbreviation for a PID reference?
1137970769 M * Aiken an example strace of vserver-utils blowing up for me http://pastebin.com/518190
1137971238 M * Aiken both compiled against dietlibc 0.29
1137971645 P * undefined 
1137971952 M * Bertl hmm, kind of back now ...
1137971982 M * Bertl azazel: should not be a problem, but I have to dig them out first ...
1137972021 M * Bertl azazel: but the slides are very simple, so I guess showing them in english would be fine (and save you some time), no?
1137972198 M * azazel Bertl: yes, they are just to help me out with the talk ... there are some areas that i don't know well (read, all the stuff involving hardlinks and so on) but my knowlege should be sufficient to do an architecutre comparisos with xen
1137972338 Q * Johnsie Quit: G'bye!
1137972406 M * azazel Bertl: even in english they are useful!
1137972468 M * azazel Bertl: i'm going to sleep now.. tomorrow i will be on the channel if you find them... or you can send them to azazel at lizard.homelinux.net
1137972596 M * Bertl okay, great!
1137972901 Q * pusling_ Read error: Connection reset by peer
1137972903 J * pusling pusling@195.215.29.124
1137973534 Q * Doener Quit: Leaving
1137973656 M * ebiederm Ya! I finally got tty_io.c compiling again.
1137973897 M * ebiederm I hate current->pid!
1137973945 M * ebiederm Too much code means current->tgid when it says current->tid.
1137973962 M * Bertl yep, saw that
1137974010 M * ebiederm In my tree I changed it to current->tid so I could more easily keep the two strainght!
1137974145 M * ebiederm In adding process references instead of raw pids I changed the prototype of f_setown.
1137974164 M * ebiederm So far I haven't found a caller (except user space) that passes current->tgid.
1137974172 M * ebiederm current->pid every single one of them.