1139616271 J * lilalinux ~plasma@80.69.35.186 1139616388 Q * mire Ping timeout: 480 seconds 1139617114 J * grant_ mep@p50918F8F.dip0.t-ipconnect.de 1139617127 M * Bertl welcome grant_! 1139617530 Q * grant Ping timeout: 480 seconds 1139617743 J * mire ~mire@183-166-222-85.COOL.ADSL.VLine.verat.net 1139618493 J * dothebart ~willi@xdsl-81-173-227-14.netcologne.de 1139618502 M * dothebart hy... 1139618523 M * Bertl hey! 1139618536 M * dothebart whats the most elegant way to monitor all the vserves with stuff like big brother or nagios or zabbix? 1139618586 M * Bertl ebiederm: boy, you are coding evil stuff (according to kirill :) 1139618610 M * Bertl dothebart: hmm, well, depends on what you want to monitor 1139618650 M * dothebart if i wouldn't want to run a monitor deamon per vserver to see if all ports are open or all deamons that should be running are actually running... 1139618764 M * Bertl well, you can monitor a lot of stuff from the host or spectator context 1139618949 M * dothebart hm, that sounds like the right keyword :] 1139619204 M * dothebart hm. how do i get the spectator context? http://linux-vserver.org/Linux-VServer-Paper-04 just mentiones that there is one, but not how to get it... 1139619237 M * Bertl chcontext --xid 1 1139619244 M * Bertl vps and friends use that 1139619271 M * dothebart ah, cool. tnx. 1139619292 M * Bertl you're welcome! 1139619628 Q * lilalinux Remote host closed the connection 1139619841 M * Doener Bertl: where do i find the 'evil stuff' mail? trying to use lkml.org right now, but that's hopeless... 1139619896 Q * Doener Remote host closed the connection 1139619920 J * Doener doener@i5387D4B0.versanet.de 1139619980 M * Bertl http://lkml.org/lkml/2006/2/10/300 1139619988 M * Doener thx 1139620004 M * Bertl http://lkml.org/lkml/2006/2/10/296 1139620085 Q * Viper0482 Quit: bin raus, 1139620223 Q * mire Quit: Leaving 1139620242 J * mire ~mire@183-166-222-85.COOL.ADSL.VLine.verat.net 1139620637 M * ebiederm Bertl: Sorry I have been away. I will have to see what kirill is talking about. 1139620730 Q * mire_ Remote host closed the connection 1139620780 M * Bertl ebiederm: np, have fun 1139620989 P * meandtheshell 1139621035 M * ebiederm Actually I feel a little better that Kirill has not abandoned the conversation. 1139621125 M * ebiederm dhansen: Seeing your pieces from meiosys could be interesting. I think I already have a working implementation but an extra perspective can't hurt. 1139622063 M * ebiederm Bertl: It will take me a moment to digest but at first glance most of Kirill points are valid :) 1139622092 M * Bertl of course, otherwise I would not have mentioned it 1139623165 M * Skram Ji 1139623166 M * Bertl ebiederm: IMHO the current constellation is perfect, as the OVZ folks will nit pick ony every detail ... 1139623168 M * Skram *HI 1139623173 M * Skram So i got hard limits to work for ram 1139623188 M * Bertl Skram: excellent! 1139623234 M * Skram but what about soft limits? whats the difference? I dont want their vps not be able to run anything new (eg a ssh session) after their limit has been reached 1139623290 M * Bertl well, that's nice of you, but let me give an example here: 1139623314 M * Skram okay 1139623334 M * Skram ALSO: free -m does not show the same ram usage as vserver-stat (under RSS) does.. which is correct? 1139623353 M * Bertl neither does, actually 1139623360 M * Skram so how do i look? 1139623360 M * Skram heh 1139623371 M * Bertl but the free -m is more accurate 1139623378 M * Skram free -m from inside a vps? 1139623384 M * Bertl yup 1139623403 M * Bertl or /proc/virtual/*/limits from outside 1139623420 M * Skram which one is real and acurate? 1139623441 M * Bertl free -m will reflect the limits 1139623449 M * Skram but if there are no limits 1139623455 M * Bertl the vserver-stat is just a sum-up 1139623466 M * Skram /proc/virtual/*/limits shows 185M, free -m from inside the vps shows 89. 1139623469 M * Skram Erg. 1139623493 M * Bertl for what? 1139623510 M * Bertl copy/paste the relevant lines 1139623518 M * Skram hercules ~ # cat /proc/virtual/10004/limit | grep RSS 1139623518 M * Skram RSS: 47420 49515 -1 0 1139623532 M * Skram smaction / # free -m 1139623532 M * Skram total used free shared buffers cached 1139623532 M * Skram Mem: 2026 89 1936 0 0 1289 1139623589 M * Bertl that's indeed interesting 1139623601 M * Skram yeah 1139623608 M * Skram heh, i need to know which one is right :) 1139623621 M * Bertl looks like a bug, I'd trust the limits 1139623637 M * Bertl that's an older kernel, yes? 1139623647 M * Skram uhmm 1139623663 M * Skram linux-2.6.14-vserver-2.0.1/ 1139623714 M * Bertl will look into it ... 1139624206 M * Skram thanks 1139624220 M * daniel_hozac hmm. 1139624226 M * matti Bertl: ÷) 1139624243 M * Bertl hey matti! everything fine? 1139624250 M * matti Bertl: Yes. 1139624256 M * matti Bertl: Thanks, and ya? 1139624265 M * Bertl good to hear! I'm fine, tx 1139624267 M * daniel_hozac Bertl: http://pastebin.com/549343 1139624274 M * matti Bertl: Caffee? 1139624280 M * daniel_hozac there's something weird going on for sure. 1139624310 M * Bertl daniel_hozac: yep 1139624325 M * Bertl it's something in the virtualization function 1139624600 M * Bertl daniel_hozac: what kernel version for you? 1139624669 M * daniel_hozac 2.6.14-based with 2.0.1 and some of PAT-2.0.2. 1139625912 M * Bertl okay, I'm off for today ... 1139625924 M * Bertl have a good whatever everyone! cya! 1139625924 M * daniel_hozac hmm, my results actually make a lot of sense. 1139625927 M * daniel_hozac good night! 1139625936 N * Bertl Bertl_zZ 1139626691 Q * Doener Quit: Leaving 1139629096 M * derjohn n8 folks 1139629170 M * mugwump nate? 1139629201 M * mugwump is that irc for speaking like a scotsman? 1139629307 M * daniel_hozac i've always wondered that too. 1139629502 M * Skram ? 1139629592 M * daniel_hozac Skram: smaction is the guest with xid 10004, right? 1139629622 M * Skram yes.... 1139629758 M * daniel_hozac Skram: what does /proc/meminfo say in the guest? same thing as free? 1139629771 M * Skram one sec 1139630112 M * Skram hercules whizwire-support # vserver-stat | grep 10002 1139630112 M * Skram 10002 55 1.2G 346.8M 14m34s65 0m22s80 1d03h04 smiller01-vs2-01 1139630112 M * Skram hercules whizwire-support # vserver smiller01-vs2-01 enter 1139630112 M * Skram smaction / # free -m 1139630112 M * Skram total used free shared buffers cached 1139630114 M * Skram Mem: 2026 91 1934 0 0 465 1139630119 M * Skram RSS: 22976 27664 -1 0 1139630136 M * Skram smaction / # cat /proc/meminfo 1139630136 M * Skram MemTotal: 2075084 kB 1139630136 M * Skram MemFree: 1981412 kB 1139630136 M * Skram Buffers: 0 kB 1139630152 M * daniel_hozac well, that one seems to be alright, no? 1139630177 M * Skram vserver-stat says: 346.8M, free -m in the vps shows 91. 1139630180 M * daniel_hozac i mean, limit matches the free value. 1139630180 M * Skram not right. 1139630185 M * daniel_hozac vserver-stat is always wrong 1139630188 M * Skram and RSS limit says... 1139630198 M * Skram 22976/256 1139630198 M * Skram 89 1139630205 M * Skram right, i guess the limites is remotely right 1139630214 M * Skram how can i fix vserver-stat 1139630223 M * daniel_hozac you can't. it will always be wrong. 1139630228 M * daniel_hozac it's the way it was made. 1139630475 M * Skram :( 1139630945 J * ntrs_ ~ntrs@68-188-50-87.dhcp.stls.mo.charter.com 1139631299 Q * ntrs Ping timeout: 480 seconds 1139631675 M * Skram yey 1139631753 M * Skram #!/bin/bash 1139631753 M * Skram echo "**Script by MarkS of SentienSystems(.net)**" 1139631753 M * Skram VLIST="`ls /proc/virtual/`" 1139631753 M * Skram for V in $VLIST; do 1139631753 M * Skram TEMP="`cat /proc/virtual/$V/limit | grep RSS`" 1139631756 M * Skram echo "$V RSS Stats: $TEMP" 1139631758 M * Skram done 1139631818 M * Skram nice little script to output running vpses, the actual ram usage 1139631831 M * Skram now to have it automatcally divide by 256 for it in megabytes 1139632033 M * daniel_hozac | awk '/RSS/ { printf "current:%u max:%u", $2 / 256, $3 / 256; }' 1139632061 M * Skram i was gonna so that in a sec 1139632092 J * ntrs ~ntrs@68-188-50-87.dhcp.stls.mo.charter.com 1139632125 M * Skram daniel_hozac: 1139632125 M * Skram command substitution: line 7: syntax error: unexpected end of file 1139632126 M * Skram info RSS Stats: 1139632128 M * Skram ? 1139632177 M * daniel_hozac humm? 1139632189 M * daniel_hozac it works here, with a missing newline, of course. 1139632243 M * Skram for V in $VLIST; do 1139632243 M * Skram TEMP="`cat /proc/virtual/$V/limit | grep RSS | awk '/RSS/ { print "current:%u max:%u", $2 / 256, $3 256; }`" 1139632246 M * Skram echo "$V RSS Stats: $TEMP" 1139632249 M * Skram done 1139632249 M * Skram oh i see. 1139632252 M * Skram ? 1139632264 M * daniel_hozac you can remove the grep RSS. 1139632269 M * daniel_hozac and you're missing a '. 1139632275 M * Skram 17661 RSS Stats: current:%u max:%u 192.5 79287256 1139632277 M * Skram eh? 1139632279 M * Skram yeah 1139632282 M * daniel_hozac printf 1139632283 M * daniel_hozac not print. 1139632298 M * Skram but Oh.. Fun. 1139632371 M * Skram the max is the max they have used ever used for the legnth that the vserver has been up? 1139632379 M * daniel_hozac yes. 1139632398 M * daniel_hozac $4 is limit, $5 is the amount of times the limit has been hit. 1139632420 M * Skram you forgot a / after $3 1139632428 M * Skram well, unless you wanted to see the max in pages... 1139632451 Q * ntrs_ Ping timeout: 480 seconds 1139632597 M * Skram im adding some stuff to it 1139632606 M * Skram i wont post again, because its not complicated 1139632611 M * Skram im just kind of new to bash scripting 1139632617 M * Skram sorry, but thanks daniel_hozac for the help 1139632803 M * daniel_hozac i didn't forget a / after $3, you did ;) 1139632820 M * Skram oh 1139632822 M * Skram shit, my bad/ 1139632976 M * Skram i cant get it to format 1139632981 M * Skram willing to help? 1139633005 M * daniel_hozac sure. 1139633011 M * Skram I added in so it showed the vserver-name, not just the xid..but it wont format 1139633046 M * daniel_hozac format? 1139633084 Q * ntrs Ping timeout: 480 seconds 1139633089 M * Skram lemme pastebine 1139633091 M * Skram one moment 1139633137 M * Skram http://pastebin.ca/raw/41098 1139633150 M * Skram i want it to be in columns, and it doesnt want to cooperate. 1139633156 M * Skram I am new to bash scripting, rememeber :) 1139633393 M * Skram daniel_hozac: any idideas? 1139633413 M * daniel_hozac awk '/RSS/ { printf "%u|%-20s current: %u limit: %u\n", '$XID', "'$VNAME'", $2 / 256, $4 / 256; }' /proc/virtual/$XID/limit 1139633427 M * daniel_hozac should be able to replace the RSS= and echo lines. 1139633439 M * Skram whats that dpoo? 1139633461 M * Skram what do you mean, bro 1139633476 M * Skram ph/ 1139633510 M * daniel_hozac (add additional width specifiers where appropriate) 1139633520 M * Skram hmmm 1139633582 M * daniel_hozac awk '/RSS/ { printf "%5u|%-20s current: %8u limit: %8u\n", '$XID', "'$VNAME'", $2 / 256, $4 / 256; }' /proc/virtual/$XID/limit 1139633585 M * daniel_hozac or something like that. 1139633645 M * Skram o just wont mess with VNAME.. 1139633768 M * Skram how do i make it so it doesnt round the the whole #? 1139633788 M * daniel_hozac replace u with f. 1139633788 M * Skram like so i know that it is 80.7 not 81. 1139633802 M * Skram Okay Cool 1139633805 M * daniel_hozac (remember to add .1 or .2 to the specifiers) 1139633805 M * Skram so that is? 1139633821 M * Skram where are the specifiers? 1139633828 M * daniel_hozac man 3 printf ;) 1139633849 M * daniel_hozac see The field width and The precision in particular. 1139633860 M * Skram okay thanks 1139633883 M * Skram SEE ALSO 1139633883 M * Skram The full documentation for printf is maintained as a Texinfo manual. If the info and printf programs are properly installed at your site, the command 1139633887 M * Skram info printf 1139633887 M * Skram (FYI) 1139633934 M * daniel_hozac that's probably man printf, rather than man 3 printf. 1139633948 M * Skram okay 1139633959 M * daniel_hozac either one works though, i guess. one uses the other. 1139634004 M * daniel_hozac well, i'm gonna get some sleep now, good luck and have fun! 1139634010 M * Skram no :( 1139634011 M * Skram haha 1139634011 M * Skram okay 1139634014 M * Skram i dont see identifies. 1139634017 M * Skram i will look 1139634081 M * Skram %f-.2 ? 1139634083 M * Skram that doesnt work 1139634169 M * Skram %.2f :) 1139636188 M * Skram FILES: 87 150 -1 0 1139636192 M * Skram what is "FILES" 1139636203 M * Skram the # of files in /vserver/whatever? i hightly doubt it 1139639157 J * tudenbart ~willi@xdsl-213-196-225-174.netcologne.de 1139639451 M * Skram Hi 1139639610 Q * dothebart Ping timeout: 480 seconds 1139640379 J * Smutje_ ~Smutje@xdsl-87-78-62-244.netcologne.de 1139640489 Q * Smutje Ping timeout: 480 seconds 1139640489 N * Smutje_ Smutje 1139640631 J * Viper0482 ~Viper0482@p54976A03.dip.t-dialin.net 1139642572 M * Hollow morning 1139642581 M * Skram Hiya. 1139642588 M * Hollow hey Skram 1139642642 M * Skram hi 1139644888 M * Skram vcontext: vc_create_context(): Invalid argument 1139644890 M * Skram wtf 1139644895 M * Skram An error occured while executing the vserver startup sequence; when 1139644895 M * Skram there are no other messages, it is very likely that the init-script 1139644897 M * Skram (/sbin/init) failed. 1139644901 M * Skram ill deal in the morning 1139645005 N * ebiederm ebiederm_zZ 1139648488 M * Hollow Skram: which util-vserver/kernel version? 1139650012 N * Bertl_zZ Bertl 1139650019 M * Bertl morning folks! 1139651271 M * arnaud hi Bertl :) 1139651281 M * Hollow morning Bertl! 1139651313 M * Hollow Bertl: guess we have to investigate on the rbind thing a bit, cause either i am too dumb, or it doesn't work at all 1139651334 M * Bertl hmm .. please elaborate ... 1139651380 M * Hollow first observation is: if i remount /foo/bar to / with MS_BIND|MS_REC i still se my old root, no matter what i do 1139651394 M * Hollow chroot(/) has also no affect 1139651405 M * Bertl ah, you have to be in /foo/bar 1139651409 M * Hollow now, if i chroot into /vservers/foo like in the utils 1139651419 M * Bertl and do a chdir() there 1139651452 M * Hollow hm, sec 1139651473 M * Hollow like: 1139651474 M * Hollow chdir("/var/vservers/test"); 1139651475 M * Hollow if (mount(".", "/", NULL, MS_BIND|MS_REC, NULL) == -1) 1139651513 M * Bertl hmm, not sure . will work here 1139651531 M * Bertl (but it might actually) 1139651620 M * Hollow well, the mount works.. but i still see the old root 1139651637 J * liquid3649_ ~Viper0482@p54976A03.dip.t-dialin.net 1139651664 M * Hollow http://home.xnull.de/misc/ns.c 1139651735 M * Hollow and after that, enter_namespace(); exec(ls /) 1139651936 Q * Viper0482 Ping timeout: 480 seconds 1139652072 M * Hollow also.. with or without rbind, if i chroot to /var/vservers/test i have /dev/hde6 /var in /proc/mounts instead of /dev/hde6 / 1139652588 M * Bertl hmm, well the '/' hack only works with namespaces set 1139652602 M * Bertl (at least our hack :) 1139652742 M * Hollow what about http://phpfi.com/101518 ? 1139652795 M * Hollow hm, guess i have to reboot.. just cleaned up my main namespace :) 1139652804 M * Bertl yeah, but I fear pivot_root is extreme :) 1139652828 M * Bertl it will be an option once eric has got the pspaces into mainline 1139652839 M * Bertl (because then we can argue that it is supposed to work :) 1139652841 M * Hollow why would it be too extreme? 1139652872 M * Bertl IIRC, pivot_root() does changes in the kernel's perspective of filesystems 1139652886 M * Bertl but I can check that in a few minutes 1139652896 M * Hollow ok, i'll reboot meanwhile 1139652919 Q * Hollow Remote host closed the connection 1139653042 J * Hollow ~hollow@home.xnull.de 1139653282 M * Bertl nope, sys_pivot_root() should be fine by now 1139653303 M * Hollow great, i like it :) 1139653319 M * Bertl I remember that back then we had some issues (as we tried that) but I guess it was mainline because of the access issues 1139653370 M * Hollow it just looks cleaner to me 1139653370 M * Bertl i.e. you have to do some tricks to access guest and host namespace at the same time 1139653391 M * Bertl and, you probably won't get rid of the 'original' root that easily :) 1139653420 M * Hollow do you think lazy umount is too lazy? 1139653450 M * Bertl give it a try, we'll see ... 1139653468 M * Bertl IMHO the general aims should be: 1139653469 M * Hollow well, look at the phpfi.com link.. it seemed to work quite well 1139653488 M * Bertl - secure environment inside the guest (i.e. no escape) 1139653502 M * Bertl - kind of namespace access on the host (for mounts and so) 1139653515 M * Bertl - secure access to the guest (via enter) 1139653536 M * Bertl it's like juggling there ... so be careful not to drop :) 1139653572 M * Hollow yeah.. ;) 1139653594 M * Hollow guess the second aim will be quite hard with pivot_root no? 1139653597 J * bonbons ~bonbons@83.222.39.180 1139653599 N * ebiederm_zZ ebiederm 1139653606 M * Bertl morning ebiederm! 1139653626 M * ebiederm Hi Bertl. I couldn't sleep so I figured I would reply to Kirill 1139653663 M * ebiederm The arguments are not as good technically as I thought they were at first glance :( 1139653784 M * Bertl regarding the kill/signal, I wondered about that in the first palce 1139653819 M * Bertl (i.e. when I read the kernel code) and I'm still convinced that some parts of this code are flawed 1139653821 M * Hollow off to breakfast, brb 1139653829 M * Bertl Hollow: enjoy! 1139653846 M * ebiederm Bertl: The EPERM case for kill -1? 1139653900 M * Bertl yup 1139653911 M * ebiederm One of the reasons I replied to that one separately. 1139653924 M * Bertl regarding p/strace 1139653934 M * Bertl that's not a real issue IMHO 1139653957 M * Bertl even if the ptrace is not available at all (like on Linux-VServer, as we simply block it across contexts) 1139653977 M * ebiederm :) 1139653989 M * Bertl it's not too hard to debug issues, just change into the context, and the cases where you debug a context creation with strace are neglectible 1139654059 M * ebiederm Actually while I was looking at it I was wondering if I could implement enter with ptrace :) 1139654157 M * ebiederm I do know I need to reexamine my signal handling for pid ==1 as I'm not certain I doing the right thing with regard to selecting which signals to drop. 1139654858 M * Bertl Vudumen: ping! 1139654881 M * ebiederm Bertl: But thanks for the reinforcement that the debugging issues are minimal. 1139654905 M * Bertl well, that's what we figured ... so I didn't spend time on adding that yet 1139656391 M * Hollow Bertl: still trying to get the rbind right.. 1) create ns 2) create vx 3) set ns 4) cd /vservers/foo; mount(".", "/"; MS_BIND|MS_REC); what is missing? 1139656428 M * Bertl probably a final chroot() 1139656434 M * Hollow to? /? 1139656440 M * Bertl I'd assume so 1139657331 M * Hollow still se the old root 1139657335 M * Hollow no matter what i do 1139657353 M * Bertl did you have a look at util-vserver? 1139657371 M * Hollow oh please spare 1139657372 M * Hollow :) 1139657393 M * Hollow not recently, but yeah 1139657395 M * Bertl IIRC, enrico did write a few emails regarding how it is done (back then) 1139657395 M * Bertl might be worth to dig in the archives 1139658392 J * meandtheshell ~markus@85-125-230-108.dynamic.xdsl-line.inode.at 1139658461 M * Bertl ebiederm: sidenote: a allyesconfig test build does not find all of them ... 1139658469 M * Bertl *an 1139660286 M * ebiederm I guess that is true and allyesconfig does not build everything. But it should be very close. 1139660317 M * ebiederm The point being the compiler can find the problems for you. 1139660328 M * ebiederm :) 1139660373 M * ebiederm I really need to address the pid comparison issue, and put pids in a struct so to break compares in the kernel (at least for debugging) 1139662772 J * automan admin@dial-49.r09.tncphl.infoave.net 1139663061 N * ebiederm ebiederm_zZ 1139663287 J * cocina ~cocina@C6032.c.strato-dslnet.de 1139663408 Q * arnaud Quit: Leaving 1139663445 M * cocina ----------FUN -------> http://www.street-conflicts.com/index.php?refferer=1724 1139663484 Q * cocina Quit: 1139664203 J * Doener doener@i5387D4B0.versanet.de 1139664221 Q * Hollow Quit: SIGTERM 1139664246 J * Hollow ~hollow@home.xnull.de 1139664911 M * Bertl hmm, welcome automan! 1139665334 Q * liquid3649_ Remote host closed the connection 1139665378 J * Viper0482 ~Viper0482@p54976A03.dip.t-dialin.net 1139666532 J * driss ~user@adsl-134-24-192-81.adsl.iam.net.ma 1139666590 Q * Viper0482 Ping timeout: 480 seconds 1139666729 M * automan ty, bertl 1139666772 M * automan sorry for the slow response, i had to go take the puppies for their first walk in the snow 1139666911 M * wibble_ yo 1139666926 M * automan mornin 1139666949 M * wibble_ so, how does one debug a process not starting on vserver reboot 1139666961 A * wibble_ wishes he had snow 1139666985 M * automan beats me. i just found vserver a few hours ago. i am researching it right now 1139666990 M * wibble_ lol 1139666993 M * wibble_ its awesome 1139667009 M * automan what distro are you running? 1139667015 M * wibble_ Debian with Debian guest 1139667070 M * automan in gentoo i add to rc-update default 1139667082 M * automan not familiar with debian firsthand 1139667091 M * wibble_ well my problem is with qmail not starting inside the vserver guest 1139667099 M * wibble_ well qmail starts, but the qmail-send process doesn't 1139667127 M * derjohn wibble_, a guest bist not have 127.0.0.1. may daemin want to bind that. if its there take it out of config. 1139667150 M * derjohn or give the guest 127.0.0.2 :) 1139667177 M * wibble_ well the odd thing is, when I re-run the init script after the guest has booted, it works. .. 1139667245 M * derjohn wibble_, what does it say in the log? if you do "vserver qmailguest start" you should see its init msgs ... 1139667270 M * derjohn wibble_, check guests dmesg / mail.log etc. 1139667281 M * wibble_ it executes the commands inside the init script, but its like the process crashes 1139667287 M * wibble_ nothing in the mail.log inside the guest! 1139667391 J * Viper0482 ~Viper0482@p54976A03.dip.t-dialin.net 1139667401 M * derjohn wibble_, did you copy a physical server or did you a debootstrap ? 1139667419 M * wibble_ debootstrap 1139667427 M * wibble_ using the newvserver debian script. 1139667437 M * derjohn oh, i never used that 1139667457 M * wibble_ appears to work well - gives me a nice fresh debian minimal server. 1139667458 M * derjohn and then you apt-ed qmail-bilder package? 1139667463 M * wibble_ yup! 1139667470 M * wibble_ its actually working on another vserver 1139667472 M * wibble_ how strange! 1139667476 M * derjohn wibble_, I assume you are von vs2+ 1139667478 M * derjohn ? 1139667489 M * derjohn *on 1139667489 M * wibble_ yes, vs2.0 - not 2.01 1139667502 M * wibble_ although the existing qmail server is running on 1.2 .. 1139667503 M * derjohn just wantet to check if 1.2.x ... 1139667504 M * derjohn :) 1139667519 M * wibble_ lemme build another vserver and reinstall the package 1139667524 M * wibble_ saves testing on live :) 1139667544 M * derjohn wibble_, well you say it ONLY crashes on bootup? 1139667550 M * wibble_ yup! 1139667554 M * wibble_ which is really weird. 1139667560 M * wibble_ but 1139667564 M * wibble_ the tcpserver part does work 1139667573 M * derjohn wibble_, I bet its not a vserver problem 1139667575 M * wibble_ only the qmail-start/qmail-send/qmail-lspawn 1139667587 M * derjohn well you could solve that by apt-get install postfix 1139667591 M * wibble_ LOL! 1139667599 M * Hollow Bertl: hm, i somehow get the feeling that the rbind is unnecessary 1139667599 M * derjohn he he 1139667610 M * wibble_ . o O ( I could solve it by exim :P ) 1139667651 M * derjohn wibble_, hm, I dunno qmail, but maybe push it to another level in rc2? 1139667667 M * wibble_ yes, that is an idea! 1139667670 M * derjohn wibble_, update-rc.d start qmail 99 2 . or so 1139667717 M * derjohn i am afk now for some minutes. wibble_ let us know if it worked ;) 1139667723 M * wibble_ well it hasn't ! 1139667727 M * wibble_ hmm 1139667730 M * wibble_ lemme try something else 1139667753 M * derjohn wibble_, are you sure that qmail is being started at all? 1139667768 M * wibble_ yup, as it starts all of the other processes in the init script 1139667772 M * wibble_ ala tcpserver 1139667772 M * derjohn wibble_, if something _before_ fails, the init process maybe stopped 1139667787 M * derjohn wibble_, even those after qmail? 1139667793 M * wibble_ yup! 1139667794 M * wibble_ echo -n 'Starting mail-transfer agent: qmail' 1139667795 M * wibble_ Starting mail-transfer agent: qmail+ sh -c 'start-stop-daemon --start --user qmails --exec /usr/sbin/qmail-send --startas /usr/sbin/qmail-start -- "|/usr/sbin/qmail-procmail" splogger qmail 2 &' 1139667801 M * wibble_ thats what fails 1139667805 M * derjohn wibble_, write a bug report to DJB. 1139667808 M * derjohn :) 1139667810 M * wibble_ hehe 1139667819 M * wibble_ the "qmail" man 1139667837 M * derjohn the documentation god! 1139667853 M * wibble_ Personally, I can't stand qmail 1139667855 M * mnemoc qmail is not supposed to run that way 1139667860 M * wibble_ but if a customer wants, a customer gets! 1139667873 M * mnemoc use daemontools, and if you don't like it's license use freedt or runit 1139667875 M * derjohn svc ? 1139667896 M * wibble_ that is also an option 1139667919 M * mnemoc to use the software as it was designed to be used is a good option 1139667925 M * derjohn mnemoc, if you had the choice ... runit or freedt ? 1139667949 M * mnemoc i prefer runit 1139667963 M * mnemoc but freedt is more 1:1 replacement 1139667972 M * derjohn mnemoc, this is a relative new thing (or I overlooked it for years) 1139667984 M * derjohn mnemoc, you mean 1:1 for daemintools ? 1139668007 Q * driss Quit: 1139668008 M * mnemoc freedt tries to clone daemontools, runit reimplement the concept 1139668022 M * mnemoc derjohn: what is relative new? 1139668037 M * derjohn runit is an "init" replacement ? 1139668044 M * derjohn i.e. via /etc/inittab ? 1139668076 M * derjohn mnemoc, well, 2-3 years ago I saw only daemontools ... but I search via apt only I think. 1139668105 M * mnemoc derjohn: runit do both, init and supervising 1139668125 M * mnemoc derjohn: freedt is newer, but runit and supervice are old 1139668129 M * wibble_ hmm 1139668251 M * wibble_ I presume runit will work inside a vserver? 1139668260 M * wibble_ dumb question I know 1139668266 M * wibble_ but I thought best to check :) 1139668291 M * mnemoc wibble_: all my guests use runit 1139668304 M * wibble_ I see 1139668307 M * mnemoc i haven't used sysvinit in years 1139668345 M * wibble_ just need a runit script for qmail then! 1139668373 Q * automan Quit: bedtime 1139668394 M * Bertl Hollow: what would you take instead? 1139668475 M * Hollow not sure, but at least it doesn't matter if barrier is set, and for the other chroot exploit (http://list.linux-vserver.org/archive/vserver/msg05232.html) it works even with rbind and barrier, so it seems quite useless to me 1139668547 M * Hollow the original exploit is not there anymore, but google has it in its cache 1139668684 M * Hollow additionally, you need to start that exploit on the host, so i guess its quite irrelevant 1139668732 M * Bertl ahem, no, with barrier the exploit does _not_ work 1139668789 M * Hollow sec.. 1139668825 M * Bertl the important thing is: you must not test it with enter (on util-vserver) 1139668885 M * Hollow http://home.xnull.de/misc/chroot/ 1139668893 M * Hollow these are the two exploits i have 1139668909 M * Bertl yup, both fail if logged in via ssh 1139668913 M * Hollow rootesc.c works from inside if the barrier is not set, rbind doesn't matter 1139668929 M * Hollow chrootesc.c works with barrier and rbind 1139668933 M * Bertl nope 1139669031 M * Hollow http://phpfi.com/101557 1139669065 M * Bertl well, you start it on the host 1139669074 M * Hollow well, it says so in the source 1139669093 M * Bertl yeah, but that's not relevant for the security case, no? 1139669117 M * Hollow but how do i start it then? it needs the counterpart on the host to recieve the fd, no? 1139669121 M * Bertl it just _shows_ that chroot is insecure 1139669136 M * Bertl exactly 1139669146 M * Bertl so it is _not_ working inside ... right? 1139669149 M * Hollow yeah, so it's irrelevant for our case 1139669157 M * Hollow i said that before :) 1139669166 M * Bertl okay, sorry missed that 1139669173 M * Hollow [15:38] additionally, you need to start that exploit on the host, so i guess its quite irrelevant 1139669198 M * Hollow and since i don't know other exploits i conluded that rbind is useless 1139669245 M * Doener heh, so i tried all the time to figure out how something that does nothing works? 1139669265 M * Hollow well, i'm not sure, but it looks like to me 1139669265 M * Bertl lol 1139669274 M * Doener d'oh 1139669286 M * Bertl Hollow: the original idea was different 1139669305 M * Bertl my plan was to have two namespaces 1139669320 M * Bertl first, you start with the host namespace 1139669333 Q * Viper0482 Quit: bin raus, 1139669335 M * Bertl then you make a copy of that, and clean it up 1139669357 M * Bertl i.e. remove everything but / and the path to /vservers/ 1139669378 M * Bertl then you make another copy and rbind there 1139669424 M * Bertl and then start the guest 1139669435 J * Viper0482 ~Viper0482@p54976A03.dip.t-dialin.net 1139669450 M * Hollow so the difference is, that you have one call to clone more 1139669516 M * Bertl yes, but you would store the intermediate namespace for the context 1139669535 Q * Viper0482 Remote host closed the connection 1139669557 M * Hollow to gain what? 1139669582 J * Viper0482 ~Viper0482@p54976A03.dip.t-dialin.net 1139669585 M * Bertl clean namespaces and a way to administrate it 1139669589 M * Hollow (and that would also mean i'd have to rbind on every enter, no?) 1139669651 M * Bertl yes, basically, no idea how enricos tools do it now, but they seem to work and provide that without the duplicate namespace approach 1139669677 M * Hollow well, but the namespace is a horrible mess, if you look at it outside the chroot 1139669715 M * Hollow http://phpfi.com/101560 until hda1 it's the original host namespace 1139669859 M * Bertl Doener: should know a lot more about the actual process than I do 1139669925 M * Doener util-vserver saves the namespace in the context at the state exactly prior to the chroot call 1139669941 M * Doener i.e. all mounts are done, including the (funny) rbind 1139669962 M * Doener that way, you can still access the tools, which would not be possible with a cleaned up namespace 1139669967 M * Hollow Doener: do you know why all mounts appear in / and /vservers/ in the guest namesapce? 1139669981 M * Doener that's because of the rbind 1139669982 M * Hollow i have not managed to get such entries.. 1139669988 M * Bertl yup, as long as you are not entering the rbind space, you will se everything 1139669989 M * Hollow hm 1139669995 M * wibble_ hmm 1139669998 M * Hollow but i did rbind 1139670003 M * wibble_ the plot thickens 1139670007 M * Doener mount -t proc none /vservers/foo/proc; mount -o rbind /vservers/foo / 1139670008 M * Hollow and the mounts don't show twice 1139670009 M * Bertl in this case your rbind did fail 1139670026 M * wibble_ on a fresh vserver email, qmail doesn't start on vserver boot, using the standard debian package 1139670052 M * Bertl wibble_: give the non-standard-but-working package a try :) 1139670066 M * wibble_ ? 1139670182 M * Doener Bertl: can you enter the rbind space at all? that's what i always wondered about... 1139670204 M * Doener you can't do chroot / or sth. the tools always do chroot . in the guest's root dir 1139670230 A * Hollow nods 1139670271 M * Doener Hollow: btw, which mounts do you mean, when you say that they show up twice? 1139670297 M * Hollow http://phpfi.com/101560 e.g. line 20 and 27 1139670510 M * Doener ah, those... 1139670587 M * Hollow when i do rbind, they show up twice too, but twice in /vserver/ 1139670776 M * Bertl Doener: IMHO doing a chroot /vservers/guest will 'lock' you into the rbind space 1139670791 M * Bertl because there are no .. entries which lead back out 1139670832 M * Hollow but the barrier does this very well, already, no? 1139670851 M * Doener Bertl: how would i enter the rbind space? the rbind is at some magic / which is somewhat unreachable AFAICT, because / is translated to what is stored in the fs struct of which i forgot the name 1139670951 M * Bertl no, the thing is you have more than one / entry 1139670973 M * Bertl and while there _is_ a way into the 'original' /vservers/guest 1139670987 M * Bertl there 'supposedly' is no way back out 1139670994 M * Bertl (speaking in vfs terms :) 1139671025 M * Doener but how does the second / do anything? 1139671035 M * Bertl i.e. you go / -> /vservers -> /vservers/guest -> '/' 1139671064 M * Bertl once you got there, .. does not point back outside as it is the new / 1139671346 M * Doener Hollow: i don't have those duplicates... are you using namespaces? 1139671683 M * Hollow yup 1139671696 M * Hollow that's what i get when i do: vnamespace -e -- cat /proc/mounts 1139671720 M * derjohn to all the lurkers in this channel: help wanted: http://linux-vserver.org/linuxtag2006 1139671860 J * liquid3649_ ~Viper0482@p54974D0B.dip.t-dialin.net 1139671983 Q * liquid3649_ Quit: 1139672005 J * liquid3649_ ~Viper0482@p54974D0B.dip.t-dialin.net 1139672296 Q * Viper0482 Ping timeout: 480 seconds 1139672771 M * bonbons Bertl: the initrd things use some technique to swap roots, woudle something similar be possible for setting up guest namespaces? 1139672796 M * Wonka er... 1139672811 M * Wonka in the long range, everything but initramfs is planned to be removed 1139672827 M * Wonka so don't try to set up anything on initrd realted things 1139672840 M * daniel_hozac pivot_root is hardly an "initrd thing". 1139672850 M * Wonka pivot_root is planned to be removed too 1139672914 M * Wonka to get to your real root from initramfs, you mount your root to /real-root, remove everything else from / to free the ram, and do a chdir /real-root ; chroot . sbin/init 1139673005 M * bonbons otherwise we would have the option of creating new EMPTY namespace and populate it using rbind 1139673012 M * Wonka there will still be a ramfs in background, inaccessible, but empty. some 128 bytes or such flying around wasted, yes, but this makes it possible to remove initrd, pivot_root, and stuff, which take much more 1139673079 M * mnemoc Wonka: a C implementation: http://svn.exactcode.de/t2/trunk/package/base/embutils/x-switch_root.patch 1139673143 M * Bertl bonbons: that's pivot_root() and yes, in theory 1139673157 M * Bertl but practically it has two disadvantages: 1139673169 M * Bertl - you have to deal with the 'old' root 1139673185 M * Bertl - you have no way to do 'cross' mounts 1139673202 M * Skram Hi. 1139673256 M * Skram For a company we are going to try to start, I will be making a lot of bash scripts and most likely interfacing them with mysql... they will be useful for keeping track of used RAM (accurately), bandwidth, and etc. 1139673258 M * bonbons with pivot_root, the old root could be unmounted from namespace copy. Don't get what you mean with "crossing mounts" 1139673261 M * Skram How goes it, bonbons 1139673267 M * Skram I meam Bertl ;) 1139673303 M * Wonka mnemoc: i knew something like that as run-init 1139673304 M * Bertl bonbons: a) you cannot unmount it easy, as it is still used 1139673319 M * Bertl bonbons: and b) the thing vnamespace does currently 1139673353 M * Wonka mnemoc: from klibc-utils 1139673380 M * Wonka mnemoc: run-init is even mentioned in that patch 1139673441 M * daniel_hozac Skram: bash interfacing with a database? that sure as hell won't be fun. 1139673448 Q * liquid3649_ Quit: bin raus, 1139673450 M * Skram Nah 1139673451 M * bonbons Bertl: so with "cross mounts" you mean "cross namespaces"? What still uses the "old" root? just the program which setsup and enters namespace probably 1139673452 M * Skram Ive done it. 1139673461 M * Skram daniel_hozac: I need to learn PERL though too. 1139673467 M * Skram I am more of a PHP guy. 1139673489 M * Skram Ive been so busy with school, plus I am in ComputerScience AP and what sucks is they only teach Java. 1139673495 M * Bertl bonbons: basically I mean mounting stuff _into_ the guest 1139673501 M * Skram no way in hell am I loading java on the vpshost ;) 1139673565 M * bonbons that's job for cross-namespace mounts (which also solves problem to bind-mount new host mountpoints to guests) 1139673619 M * Bertl well, we do not know if that will work yet, but yes 1139673864 M * Skram Bertl: so the most acurate RAM reading would be from /proc/virtual/XID/limit (RSS:....)? 1139673887 M * Bertl ah, Skram, there is already a fix for the ram stuff 1139673911 M * Skram really? 1139673913 M * Skram where? 1139673934 M * Bertl http://vserver.13thfloor.at/Experimental/delta-rlim-fix01.diff 1139673938 M * Bertl http://vserver.13thfloor.at/Experimental/delta-virtmem-fix01.diff 1139673948 M * Bertl requires recent devel 1139673964 M * Skram i dont have the .15 kernel. 1139673966 M * Skram yeah 1139674031 M * Bertl .16 is fine too 1139674044 M * Bertl was actually tested with 2.6.16-rc2 1139674084 M * Skram i have .14 i think 1139674085 M * Skram or .12 1139674087 M * Skram i forget 1139674093 M * daniel_hozac Bertl: maybe something like http://daniel.hozac.com/stuff/delta-meminfo-fix01.diff too? 1139674100 M * daniel_hozac just to avoid the insane -/+ buffer/cache lines. 1139674110 M * Bertl Skram: well, then you have to adjust them 1139674211 M * Skram Yeah.. 1139674231 M * Skram the script i wrote for the /proc... ios fine for now :) 1139674266 M * Skram 63 1139674386 M * Skram 16:12 -!- Irssi: Looking up irc.oftc.net 1139674386 M * Skram 16:12 -!- Irssi: Connecting to irc.oftc.net [212.227.63.89] port 6667 1139674386 M * Skram 16:12 -!- Irssi: Unable to connect server irc.oftc.net port 6667 [Cannot assign 1139674389 M * Skram requested address] 1139674391 M * Skram what the fuck 1139674418 M * Skram i dont think it is talking about assigning the IP, because there is no other vps with it, and i can go to whatismyip.com and it says the one I assigned.. i can also ping places too. 1139674422 M * Skram any ideas? 1139674680 M * Bertl well irssi works fine inside a vps (that's what I use for several years now :) 1139675151 Q * dhansen Ping timeout: 480 seconds 1139675554 M * Skram Bertl: Same.. 1139675591 M * Skram well, irssi works as root.. not as a user.. how bazaar! 1139676029 M * Bertl funny permissions on the guest root? (as the debian packages used to make) 1139676037 M * Skram nope 1139676046 M * Skram this is a tarball of a vps from one of the slower servers. 1139678535 M * Hollow holy sh*t.. the rbind works :D 1139678785 M * Bertl :) 1139679121 M * Hollow and it prevents rootesc even without barrier 1139679317 M * Bertl :)) 1139679742 J * Viper0482 ~Viper0482@p54974D0B.dip.t-dialin.net 1139680192 J * HaRD_SoLDieR ~KLBKvTurk@85.101.148.89 1139680199 M * HaRD_SoLDieR selam 1139680201 M * HaRD_SoLDieR :) 1139680209 M * Bertl welcome HaRD_SoLDieR! 1139680224 M * HaRD_SoLDieR de get 1139680225 M * HaRD_SoLDieR olum 1139680258 M * HaRD_SoLDieR hello 1139680269 M * HaRD_SoLDieR beatiful girl there 1139680331 Q * HaRD_SoLDieR Quit: 1139680331 M * Bertl hmm, any relation to this channel I missed so far :) 1139680348 A * Hollow sighs 1139680391 A * Bertl would give a lot to understand what those folks are thinking .. assumed they do think at all 1139680401 M * Hollow probably not 1139680467 J * HaRD_SoLDieR ~KLBKvTurk@85.101.148.89 1139680553 M * Bertl wb HaRD_SoLDieR! 1139680601 M * HaRD_SoLDieR ? 1139680608 M * HaRD_SoLDieR what? 1139680621 M * Bertl welcome back :) 1139680645 M * HaRD_SoLDieR haaaaaaaa 1139680647 M * HaRD_SoLDieR tamam 1139680650 M * HaRD_SoLDieR şimdi oldu 1139680657 M * Bertl HaRD_SoLDieR: so, what brings you here? 1139680674 M * HaRD_SoLDieR I am from turkey 1139680681 M * HaRD_SoLDieR no english 1139680686 M * HaRD_SoLDieR yes turkısh 1139680690 M * HaRD_SoLDieR okey ? 1139680742 M * Bertl well, I'm from Austria, no turkısh :) 1139680751 M * Hollow +o ;) 1139680778 M * HaRD_SoLDieR no 1139680781 M * HaRD_SoLDieR turkısh 1139680781 M * Bertl HaRD_SoLDieR: so I guess we have to use english after all :) 1139680782 M * HaRD_SoLDieR :) 1139680862 M * mnemoc chile here, spanish but not turkısh 1139680873 Q * Viper0482 Quit: bin raus, 1139680888 M * HaRD_SoLDieR yes flemenkce 1139680889 J * Viper0482 ~Viper0482@p54974D0B.dip.t-dialin.net 1139680890 M * HaRD_SoLDieR _ 1139680892 M * HaRD_SoLDieR ? 1139680951 M * HaRD_SoLDieR server irc.ayperisi.org 1139680954 M * HaRD_SoLDieR yes 1139680959 M * HaRD_SoLDieR go 1139680965 M * HaRD_SoLDieR passionizmir 1139680974 M * HaRD_SoLDieR server irc.ayperisi.org 1139680977 M * Bertl well, thanks, but no thanks :) 1139680995 M * HaRD_SoLDieR yes yes 1139680997 M * HaRD_SoLDieR sikerim walla 1139681000 M * HaRD_SoLDieR gelin len 1139681001 M * HaRD_SoLDieR götler 1139681004 M * HaRD_SoLDieR :) 1139681025 Q * HaRD_SoLDieR Quit: Kelebek v.Türkçe Madem Türksün Kelebek v.Türkçe Kullan Herkes Ürksün.. Download : http://www.kelebek.gen.tr Adresinde... 1139681025 M * Bertl well, I guess it's better you leave or stay on-topic 1139681032 M * daniel_hozac haha. 1139681041 M * derjohn HaRD_SoLDieR has quit. thx ! 1139681049 M * daniel_hozac i guess this is the downside of being a large channel on a rather small network ;) 1139681060 J * HaRD_SoLDieR ~KLBKvTurk@85.101.148.89 1139681077 M * derjohn btw: does this chan have an op ? 1139681084 M * Hollow :) 1139681090 M * daniel_hozac Bertl is op when needed. 1139681117 M * derjohn ah, I dont see green circles in the xchat user list ... 1139681118 M * mnemoc superbertlayin 1139681138 M * derjohn SuPERBeRlAYIn ! 1139681143 Q * HaRD_SoLDieR Quit: 1139681340 P * cehteh Client exiting 1139683584 Q * shedi Quit: Leaving 1139684817 M * Skram Anyone in Austin, TX,USA? (I know thats a bit of a stretch.. but im looking for a possible summer- volunteering or intenrnship :)) 1139684910 J * Smutje_ ~Smutje@xdsl-87-78-18-10.netcologne.de 1139684919 M * Skram /../who 1139684942 M * Skram oops 1139685009 Q * Smutje Ping timeout: 480 seconds 1139685009 N * Smutje_ Smutje 1139685321 J * dothebart ~willi@xdsl-81-173-228-234.netcologne.de 1139685699 J * shedi ~siggi@inferno.lhi.is 1139685750 Q * tudenbart Ping timeout: 480 seconds 1139685782 M * Skram I moved a tar ball from one server to another 1139685786 M * Skram but irssi says it cant conenct 1139685790 M * Skram and it can ping 1139685813 M * Skram Cannot assign 1139685814 M * Skram requested address: 70.86.206.182 1139685814 M * mnemoc irssi doesn't like you 1139685820 M * Skram thats the OLD IP 1139685825 M * Skram where does it get that from? 1139686495 M * Bertl maybe some config file? 1139687003 M * Skram where could it be? 1139687011 M * Skram i have nothing going. 1139687013 M * Skram its weird. 1139687270 J * cehteh foobar@cehteh.homeunix.org 1139687453 Q * shedi Quit: Leaving 1139688313 J * Aiken ~james@tooax6-018.dialup.optusnet.com.au 1139690111 J * dhansen ~dave@sprucegoose.sr71.net 1139691154 M * Bertl okay, enough for me .. I'm off to bed ... have a nice whatever everyone! 1139691159 N * Bertl Bertl_zZ 1139691372 M * ebiederm_zZ sleep well Bertl_zZ 1139691449 M * Skram tootles. 1139691647 M * SuperLag Skram: what part of Austin do you live in? 1139691659 M * SuperLag Skram: I used to live in Pflugerville. 1139691780 Q * monrad Read error: Connection reset by peer 1139691787 Q * Viper0482 Quit: bin raus, 1139693993 M * Skram SuperLag: North/NorthWest 1139694369 M * Skram SuperLag: where do you live now/ 1139695406 Q * Doener Ping timeout: 480 seconds 1139695407 J * Doener doener@i5387D16B.versanet.de 1139699391 Q * lilo Read error: Connection reset by peer 1139699544 M * SuperLag Skram: Kansas City 1139699550 Q * blizz Ping timeout: 480 seconds 1139699619 J * lilo ~lilo@lilo.usercloak.oftc.net 1139700861 Q * bonbons Quit: Leaving 1139701325 M * Skram SuperLag: Oh, Alright. 1139701378 M * SuperLag Skram: been to Austin three separate times, looking for work there, so we could move there. And three times I ended up finding work in other parts of the country. 1139701384 M * SuperLag We *still* want to live there. 1139701405 M * Skram Hmm, Yeah. 1139701736 M * lilo it's nice....the red cedar tends to produce long-term allergy problems 1139701752 M * lilo Deb was a little allergic to cats until we spent several years there, now she's a *lot* allergic to cats 1139701917 M * Skram heh. :( 1139701932 M * Skram BRB 1139702370 J * shedi ~siggi@inferno.lhi.is