1140566853 M * Bertl PotatoBob: so what's your yum issue? 1140566901 P * anonc adios 1140567289 J * Smutje_ ~Smutje@xdsl-84-44-144-90.netcologne.de 1140567399 Q * Smutje Ping timeout: 480 seconds 1140567399 N * Smutje_ Smutje 1140568446 M * Bertl mugwump: btw, congrats to your reply on lkml (lumberjack) 1140568603 M * ebiederm Bertl: What did mugwump do? 1140568655 M * Bertl I read Sam's reply to Kirills posting _after_ I replied, and he said it so much better than I :) 1140568685 M * ebiederm Ok. I definitely need to catch up on that thread. I am now 2 days behind! 1140568718 M * Bertl well, it's mostly praising OVZ and it's qualities ... 1140568739 M * ebiederm Still I think there are some useful qualities there. 1140568744 M * Bertl (the years of stable releases, the superior code ...) 1140568748 J * entroposcope ~entroposc@user-0c992og.cable.mindspring.com 1140568758 M * Bertl welcome entroposcope! 1140568779 M * ebiederm I think Donald Becker said somethnig like that just before he gave up trying to maintain network drivers... 1140568803 M * Bertl ebiederm: I can assure you, OpenVZ has only one thing which isn't present in Linux-VServer the network stack (and this is intentional) 1140568834 M * ebiederm I think I saw a bit in there about collaborating on the network stack. And if Kirill is serious that may be a reasonable place to start. 1140568919 M * Bertl you know, I'm all for collaboration ... but you definitely do not want to 'just include' the OVZ stack changes 1140568955 M * Bertl I had a deep look at the code when I designed the ngnet stuff (which is curently waiting for your input) 1140568958 M * ebiederm Bertl. Not at all. But if we can agree on semantics it will allows us to talk implementation. 1140569088 M * Bertl the networking is the cruicial part, as it has a huge potential for unwanted and hidden overhead 1140569141 M * Bertl virtualize this and virtualize that, and suddenly each packet traverses the stack tree times and all caches have to cache the info twice 1140569149 M * Bertl *three 1140569162 M * ebiederm If we ever get to netchannels a lot of that goes away. But yes I agree. 1140569203 M * Bertl don't get me wrong, it's pretty easy to 'just' virtualize the network stack (you already know that :), but it's damn hard to do it proper 1140569239 A * mugwump leaps from tree to tree as they float down the mighty rivers of British Columbia 1140569240 M * ebiederm Well the easy case it to just filter the ip addresses on bind :) 1140569244 M * Bertl and that will be something where we need a lot of support from the network folks and a lot of testing ... 1140569265 M * ebiederm Bertl: I agree. That is why in part I have been hoping we can do it later. 1140569292 M * ebiederm But if that is where we have enough common ground to make headway. 1140569337 M * ebiederm The big danger is that we might get stuck in a wait for netchannels if they are in the middle of a stack rewrite to accomplish that. 1140569344 M * Bertl nah, I guess this is just steering into some arbitrary direction to get away from an actual solution (sorry for being so pessimistic here) 1140569394 M * Bertl btw, I really hope I'm completely wrong here :) 1140569454 M * ebiederm Well if Kirill listened a little more to what people said... 1140569487 M * ebiederm Anyway I think the productive thing to do is for mugwump and I to work together and see how far we can get. 1140569495 M * Bertl .. he would not be employed for much longer 1140569536 M * Bertl ebiederm: as I said, as soon as you have something 'working', we can easily integrate it into linux-vserver 1140569924 M * ebiederm I am just putting the finishing touches on after rewriting /proc. Doubtless there are plenty of bugs in my pspace stuff still but it looks like it will be a good base for development. 1140569958 M * Bertl excellent, we already separated out the pid stuff, so replacing and reintegrating that should be quite easy 1140570005 M * ebiederm The ironic thing is that I think when I am done most of the cruft in /proc will have an excuse to be there because it will have become per process :) 1140570535 M * ebiederm Well I finally figured out how to do multiple mounts of /proc cleanly. I have multipe super blocks pointing to different places in the same dentry tree! 1140570795 M * ebiederm Bah. I forgot to convert the flush function! 1140570827 M * Bertl so no toilet yet? 1140570848 M * ebiederm Well only on the default pid space. 1140570890 M * ebiederm It is an optimization so it really doesn't hurt anything, except allow old /proc entries to hang around after a process has exited. 1140570901 M * ebiederm But still it is polite not to clutter up the dcache. 1140571132 M * Doener hm, proc entries hanging around... that makes me shiver... 1140571157 M * ebiederm pid_revalidate ensures the do no harm. 1140571183 M * ebiederm Or is there some play on workds that I am missing. 1140571239 M * Bertl Doener: you keep an lkml archive? 1140571252 M * Doener we once had some really annoying issues with proc entries keeping contexts alive, because they (used to?) hold refs to the context, no idea if that will happen with your stuff though 1140571261 M * Doener Bertl: i'm not even subscribed 1140571278 M * Bertl hmm, k, but you're good at searching it? 1140571317 M * Bertl ('it' being lkml mailing list archives) 1140571338 M * Doener sometimes ;) 1140571355 M * ebiederm Doener: I have updated things so I don't even really hold refs to tasks. I get everything else indirectly through tasks. 1140571370 M * ebiederm But I understand the concern about /proc holding things in memory too long. 1140571380 M * Bertl Doener: well, I seem to suck there .. can't even find my own postings, so could you do me a favor and look for one? 1140571387 M * Doener sure 1140571400 M * Bertl Doener: Subject: [PATCH] change from EMBEDDED to EXPERT 1140571410 M * Bertl Date: Tue, 7 Feb 2006 12:28:16 +0100 1140571452 M * ebiederm Hmm. I think I read that one a while ago. 1140571475 M * Bertl well, I'd like to refer to it, but I just can't find it 1140571487 M * ebiederm I think if they are going to change the name something like SPECIALIZED is more appropriate than EXPERT. 1140571512 M * Bertl well, was a shot in the dark, and the patch would allow easy replacement 1140571536 M * Bertl s/EXPERT/SPECIALIST/ :) 1140571579 M * ebiederm Basically the options under EMBEDDED are ones that a normal distro should never care about :) 1140571594 M * Bertl hum hum ... 1140571635 M * Doener Bertl: are you sure it went to lkml? 1140571663 M * Bertl well, no, but it left my mailer with cc linux-kernel@vger.kernel.org 1140571670 M * ebiederm I remember reading that thread.... 1140572559 M * Doener didn't find it in any archive... 1140572627 M * Bertl okay, tx, did upload it on vserver.13thfloor.at/Stuff 1140572640 M * Bertl (so I could reference it) 1140572889 M * ebiederm Ok. I just put my current work up in my git tree in the branch proc-19-Feb-2006. 1140572916 M * ebiederm mugwump: You around? 1140573004 M * Bertl ebiederm: could you provide a patch too please? 1140573016 M * ebiederm Yeah. 1140573017 M * mugwump ebiederm: hi 1140573078 M * mugwump oh. 1140573080 A * mugwump pulls 1140573084 M * ebiederm I was just telling Bertl that I have just finished my latest round of work, which is pspaces built on top of a proc rewrite. 1140573118 M * ebiederm mugwump: I suspect that branch won't be available for a couple more minutes.... 1140573201 M * ebiederm Anyway it will take a pass or two more to merge and cleanup all of the patches. But once that is done I intend to start submitting the /proc rework and my task_ref stuff to Andrew. 1140573220 M * mugwump error: no such remote ref refs/heads/pspace-19-Feb-2006 1140573229 Q * click_ Ping timeout: 480 seconds 1140573232 M * mugwump seems you're right 1140573285 M * Bertl ebiederm: if possible, please do so :) 1140573303 M * Bertl (was regarding the patch :) 1140573332 M * ebiederm Megapatch or do you want all 71 of them? 1140573333 M * Bertl mugwump: rc8 is uploaded, broken out version will be there shortly 1140573341 M * Bertl ebiederm: megapatch 1140573362 M * mugwump ouch, not submitting 71 patches I hope 1140573368 M * ebiederm Bertl: Ok. The broken out version really is a fairly sane patch series. 1140573369 M * Bertl ebiederm: the 71 commits do not make much sense to me ... 1140573404 M * ebiederm mugwump: Not all of them. About half are my pspace stuff that I put on top to make certain everything was sane. 1140573406 M * Bertl ebiederm: if you have something split up in categories/areas, yes please 1140573452 M * Bertl ebiederm: but adding a few lines of code in patch 27, which will be removed in patch 59 doesn't help me much ... 1140573484 M * ebiederm Bertl: Because I'm not done there are a few like that. But mostly not. 1140573495 M * Bertl then megapatch please 1140573549 M * Doener Bertl: ah, you probably hit this one: "Message size exceeding 100 000 characters causes blocking." 1140573565 M * Bertl uhum, really that much? 1140573579 M * Doener 138.51 KB (141,838 bytes) 1140573600 M * Doener or some similar limit on the archives 1140573614 M * Bertl yeah, right ... well, good to know :) 1140573636 M * ebiederm Bertl: I will get to that in a moment. I need to stop and get and take a breather. 1140573652 M * Bertl I guess those patches are best sent bzip2 compressed and mime64 encoded, inline of course :) 1140573828 M * Doener i'm off to bed, good night folks 1140573831 Q * Doener Quit: Leaving 1140573839 M * Bertl that was quick ... 1140574124 Q * shuri Ping timeout: 480 seconds 1140574203 Q * gerrit Ping timeout: 480 seconds 1140574496 N * ebiederm ebiederm_oO 1140574523 M * Bertl hmm, did I miss the patch? 1140575160 Q * lilo Quit: leaving 1140575177 J * lilo ~lilo@lilo.usercloak.oftc.net 1140575910 M * brc bertl 1140575964 M * brc Has anything changed on the memory limits from 2.6.13 to 2.6.15 ? It seems that all vservers are using really less memory than they used to use before the upgrade 1140576046 M * brc maybe i am getting crazy with all these numbers :) 1140576316 M * Bertl no, memory limits did not change AFAICR 1140576493 M * Bertl mugwump: http://vserver.13thfloor.at/Experimental/split-2.6.16-rc4-vs2.1.1-rc8/ (not cleaned up yet, so probably a bunch of patches are in the wrong category) 1140576500 M * mugwump Bertl++ 1140576538 M * Bertl mugwump: please be so kind a make a diff/patch of eric's stuff for me once you can reach his repositories ... I'm off to bed for today, and will clean up the split tomorrow 1140576639 M * mugwump ok, I'll have a play 1140576655 M * Bertl have fun! cya tomorrow! 1140576666 N * Bertl Bertl_zZ 1140578648 J * Aiken_ ~james@tooax8-104.dialup.optusnet.com.au 1140578994 J * LMS_Guest ~LMS_Guest@adsl-68-94-39-58.dsl.rcsntx.swbell.net 1140579004 Q * Aiken Ping timeout: 480 seconds 1140579365 Q * PotatoBob Ping timeout: 480 seconds 1140580240 Q * LMS_Guest Ping timeout: 480 seconds 1140580378 Q * cehteh Remote host closed the connection 1140580426 J * cehteh foobar@cehteh.homeunix.org 1140580667 Q * entroposcope Remote host closed the connection 1140580833 J * brisho ~brians@adsl-66-142-59-236.dsl.kscymo.swbell.net 1140581199 Q * brisho Quit: using sirc version 2.211+KSIRC/1.3.11 1140581810 J * entroposcope ~entroposc@user-0c992og.cable.mindspring.com 1140582558 J * anonc ~anonc@staffnet.internode.com.au 1140582805 J * fwl ~fwl@83.215.237.1 1140582899 Q * fwl Quit: 1140583014 Q * Aiken_ Quit: Leaving 1140583357 M * mugwump Bertl_zZ: http://vserver.utsl.gen.nz/patches/ebiederm/ 1140583967 J * Aiken ~james@tooax8-104.dialup.optusnet.com.au 1140583972 N * ebiederm_oO ebiederm_zZ 1140586815 Q * anonc Quit: adios 1140587681 J * anonc ~anonc@staffnet.internode.com.au 1140588609 J * jia ~paranoid9@221.216.33.33 1140588681 P * jia 1140589990 J * fwl ~fwl@83.215.237.1 1140590226 N * ebiederm_zZ ebiederm 1140590297 M * ebiederm mugwump: Do my patches look sane? 1140591994 Q * anonc Read error: Connection reset by peer 1140594310 Q * fwl Quit: This computer has gone to sleep 1140594802 J * fwl ~fwl@83.215.237.1 1140595924 Q * Aiken Ping timeout: 480 seconds 1140597539 Q * shedi Quit: Leaving 1140598037 J * phreak`` ~phreak``@styx.xnull.de 1140598420 Q * fwl Ping timeout: 480 seconds 1140598493 J * fwl ~fwl@83.215.237.2 1140598774 Q * fwl Quit: 1140599518 M * RoadRunnR morning 1140599558 M * RoadRunnR quick question, for a production system, what is the best version to run at the moment? vs-2.1.1 ? 1140600165 J * fwl ~fwl@83.215.237.2 1140600349 N * ebiederm ebiederm_zZ 1140601697 Q * lonewolff Read error: Connection reset by peer 1140601862 J * prae ~prae@ezoffice.mandriva.com 1140602066 J * lonewolff lonewolff@adleman.lonewolff.info 1140602246 Q * fwl Quit: This computer has gone to sleep 1140602351 J * fwl ~fwl@83.215.237.2 1140602378 Q * lonewolff Remote host closed the connection 1140602730 J * lonewolff lonewolff@adleman.lonewolff.info 1140603015 Q * ComplexMind Ping timeout: 480 seconds 1140603036 J * ComplexMind ~ComplexHo@cpc1-brig3-6-0-cust194.brig.cable.ntl.com 1140603051 M * daniel_hozac RoadRunnR: stable series unless you need devel features. 1140603073 M * daniel_hozac i.e. 2.0.2-rc6 1140603160 M * RoadRunnR daniel_hozac: thanks 1140603189 M * daniel_hozac it's called stable and devel for a reason ;) 1140603200 J * Ponomar[away] ~Ponomar@gamma2.spacegate.com.ua 1140603263 M * SiD3WiNDR but it's an rc! :) 1140603265 M * SiD3WiNDR that means devel :> 1140603271 M * RoadRunnR daniel_hozac: yes, but i was not sure if the problems that i had, have already been fixed in the stable series, e.g. brocken 64bit sendfile, abstract UNIX socket leaking 1140603299 P * Ponomar[away] 1140603320 M * daniel_hozac all bugs are fixed in all series as soon as there is a fix, pretty much ;) 1140603384 M * daniel_hozac sendfile is not even modified by the stable series. that's part of the CoW link breaking, which is only in devel. 1140603451 J * bonbons ~bonbons@83.222.39.180 1140603474 M * RoadRunnR daniel_hozac: ah, thanks for the clarification, looks like my "brocken" server is running a -devel version, so i'm going to switch it to stable... 1140603525 Q * ComplexMind Ping timeout: 480 seconds 1140603934 J * ComplexMind ~ComplexHo@cpc1-brig3-6-0-cust194.brig.cable.ntl.com 1140605035 Q * fwl Quit: This computer has gone to sleep 1140605435 J * click click@ti511110a080-5178.bb.online.no 1140605796 J * fwl ~fwl@83.215.237.2 1140606037 J * lilalinux ~plasma@80.69.35.186 1140607048 J * Kara_ ~Kashira@ip-80-226-183-85.vodafone-net.de 1140607051 M * Kara_ hiall 1140607128 M * daniel_hozac hello 1140607172 M * Kara_ trying to figure out how to use /proc/virtual//cacct for traffic monitoring. there are three pairs of data - incomming messages/bytes, outgoing messages/bytes. But I cannot see which is the third. is there anybody who could explain that to me? 1140607291 M * phreak`` Kara_: take a look at http://linux-vserver.org/HowTo+Read+ProcFS 1140607309 M * Kara_ did that already 1140607356 M * phreak`` http://phpfi.com/103537 ? especially the first line :) 1140607366 M * Kara_ :) 1140607387 N * Bertl_zZ Bertl 1140607394 M * Kara_ d'oh. you saved my day. thx 1140607395 M * Bertl morning folks! 1140607403 M * Kara_ hi bertl 1140607410 M * daniel_hozac morning! 1140607460 J * tudenbart ~willi@xdsl-213-196-251-169.netcologne.de 1140607899 Q * dothebart Ping timeout: 480 seconds 1140607918 M * harry hey folks! 1140607937 M * harry q: i want to have the latest vserver patches 1140607942 M * harry which one should i take? 1140608020 M * Bertl http://vserver.13thfloor.at/Experimental/patch-2.6.16-rc4-vs2.1.1-rc8.diff 1140608034 M * harry Bertl: i want to use kernel 2.6.14.7 1140608035 M * phreak`` bah, rc8 ? :) 1140608057 M * harry since there is no grsec for 2.6.14+ 1140608064 M * Bertl harry: well, then you have to backport it :) 1140608068 M * harry hmm... 1140608074 M * Bertl harry: (or forward port the grsec) 1140608076 M * harry this is gonna be hell :s 1140608082 M * harry Bertl: no option 1140608089 M * harry too many changes to vmm etc.. 1140608093 M * Bertl http://vserver.13thfloor.at/Experimental/patch-2.6.15.4-vs2.1.1-rc8.diff 1140608101 M * Bertl (oldest mainline kernel supported) 1140608106 M * harry i'll just backport it 1140608115 M * harry redo all the merges :s 1140608144 M * harry but, on a brighter note... we'll have vserver 2.1.1 AND grsec 2.1.9 1140608177 M * harry thing is... forward port grsec to 2.6.14.7, backport vserver to that one and merge those :s 1140608197 M * Bertl is grsec dead? 1140608221 M * harry no 1140608236 M * harry they just have a lot of work on getting grsec to work on 2.6.14+ 1140608240 M * Bertl what's the last supported kernel? 1140608271 M * harry 2.6.14.6 1140608278 M * harry so that will probably apply pretty clean 1140608289 M * Bertl i.c. 1140608304 M * Bertl sounded like pre 2.6.14 to me 1140608397 M * harry mkay... latest grsec patch... applied 1140608429 M * harry Bertl: the 2.1.1-rc8 patch for 2.6.15.4 is the same as the one for 2.6.16.? 1140608442 M * Bertl http://vserver.13thfloor.at/Devel/PAT-2.6.15/ 1140608442 M * Bertl (might be a good hint for a backport) 1140608444 Q * nokoya Quit: changing servers 1140608460 M * Bertl harry: no, because if so, it would not apply :) 1140608460 J * nokoya young@hi-230-82.tm.net.org.my 1140608469 M * Bertl harry: but the same features :) 1140608508 M * harry that's what i meant off course :) 1140608620 M * harry Bertl: can't find file to patch at input line 1311 1140608620 M * harry Perhaps you used the wrong -p or --strip option? 1140608620 M * harry The text leading up to this was: 1140608620 M * harry -------------------------- 1140608620 M * harry |diff -NurpP --minimal linux-2.6.15.4/arch/powerpc/Kconfig linux-2.6.15.4-vs2.1.1-rc8/arch/powerpc/Kconfig 1140608624 M * harry |--- linux-2.6.15.4/arch/powerpc/Kconfig 2006-01-03 17:29:13 +0100 1140608626 M * harry |+++ linux-2.6.15.4-vs2.1.1-rc8/arch/powerpc/Kconfig 2006-01-06 18:48:42 +0100 1140608629 M * harry wtf? 1140608699 M * harry there is no powerpc dir in 2.6.14 1140608724 M * harry anyway... time for lunch now... will continue later 1140608774 M * Bertl not quite unexpected ... 1140608809 M * harry just... remove the powerpc patch then? :) 1140608984 M * harry what do i do? 1140609213 M * bonbons phreak``: rc8 adds fix to reparenting daemons inside guests (so that SIGCHLD reaches the guest's init once those daemons exit) 1140609408 M * Bertl harry: backporting means understanding the changes between the releases, and mapping one to the other 1140609627 M * yang hm is talkd disabled with vserver? Feb 22 12:55:30 jason kernel: process `talk' is using obsolete setsockopt SO_BSDCOMPAT 1140609708 J * shedi ~siggi@tolvudeild-204.lhi.is 1140610094 Q * bubulak Ping timeout: 480 seconds 1140610444 M * Bertl yang: no, just an older version, which uses compat stuff 1140610469 M * Bertl yang: i.e. that's a mainline message, not vserver realted 1140610497 M * yang well it looks like my talkd requires some extra options in the kernel...it wont work 1140610535 M * Bertl talkd is always tricky to get right, what does 'won't work' mean exactly? 1140610547 M * yang it doesnt initiate tha talk 1140610551 M * Bertl i.e. does it crash/fail/coredump? 1140610557 M * yang its just saying "checking on caller machine" 1140610570 M * yang but no calls received on the other side 1140610573 M * Bertl and you are sure the talkd is getting your talk request? 1140610702 M * Roey heya all 1140610708 M * Roey Bertl: Bertl!!! 1140610720 M * Roey harry: whatup 1140610728 M * Bertl hey Roey! 1140610836 Q * mountie Remote host closed the connection 1140610918 M * Roey Bertl: I'm wondering how iptables on the host affects the guests 1140610934 M * Roey Bertl: because I want to lock down all the ports on the host 1140610951 M * Bertl well, iptables on the host is the iptables for the guests too 1140611608 M * Skram Indeed. We run IPTABLES on the host. 1140611680 J * mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com 1140611816 M * Roey oh 1140611817 M * Roey ok 1140611841 M * Roey Skram: so if I close all the ports for bond0 then all the guests which use bond0 will be affected too 1140611850 M * Bertl precisely 1140611853 M * Roey Bertl, Skram: even if they use different IPs. 1140611870 M * Bertl if your rules contain only host IPs no 1140611882 M * Bertl if they 'just' contain interface related rules, yes 1140611885 M * Roey Bertl: lemme show you what I'm thinking of doing: 1140611971 M * Roey http://rafb.net/paste/results/Jg3Hbw27.html 1140611972 M * Roey there. 1140611978 M * Roey that's my script for my home box. 1140612001 M * Roey that one's connected directly to the cable modem, so I closed /all/ the ports on it and enabled SSH only through port knocking. 1140612036 M * Bertl well, will affect _all_ IPs as there are _no_ ip checks ... 1140612071 J * brisho ~brians@adsl-66-142-59-236.dsl.kscymo.swbell.net 1140612086 M * Bertl Roey: add proper -s or -d to the rules and they will work fine 1140612090 M * Bertl welcome brisho! 1140612100 M * Roey Bertl: ok, perfect :) 1140612114 M * Roey Bertl: or maybe the guests can have their own also? or they can't set iptables stuff at all? 1140612121 M * Roey I assume they cannot set iptables rules. 1140612127 M * Bertl nope, no iptables inside guests 1140612134 M * Roey awesome, just as it shoudl be :) 1140612151 M * Roey see, and people don't get why vserver & xen are complements and not susbtitutes 1140612248 M * bonbons Roey: IPTables inside guests is future (ngnet), then guest should only be able to control IPTables for it's local interfaces 1140612273 M * Roey ok. 1140612283 M * Roey bonbons: well in my case all the guests share the same iface... bond0. 1140612302 M * Roey bonbons: they do hvae different IPs though 1140612333 M * Roey bonbons: but I consider it important that they don't have the ability to manipulate iptables or iface definitions. 1140612354 M * bonbons but ngnet will add a virtual interface that forwards to the real interface if needed, current IP based filtering will stay available as far as I know 1140612370 M * Roey bonbons: that way if some vserver instance gets rooted, it limits how much damage that instance can do to the rest of the network 1140612387 M * Roey bonbons: any chance that openvpn could get in before ngnet? 1140612426 M * bonbons this should stay that way, if a guest can only do iptables for it's own interfaces, it can't disturb the rest (except by high-load rules) 1140612452 M * Roey ok. 1140612462 M * Roey bonbons: well here's an example: 1140612464 M * Roey with Xen or vmware, 1140612477 M * Roey you have separate instances which act like different machines. 1140612486 M * Roey now, if one gets rooted, it's like having anohter rooted machine on your network 1140612492 M * bonbons openvpn was reported to work (with unsafe guest: capa net-admin) 1140612519 M * Roey but with VServer, if an instance gets rooted, it still can't even change its own IP, so that's a positive thing 1140612528 M * Roey bonbons: right, I read... but it also needed other stuff right? 1140612536 M * Roey bonbons: plus it was sorta limited somehow 1140612605 Q * fwl Quit: This computer has gone to sleep 1140612606 M * bonbons yep, limited because it's doing dynamic network stuff -- only ngnet can solve this in a clean way (with local network namespace for each guest) 1140612663 J * Smutje_ ~Smutje@xdsl-87-78-18-117.netcologne.de 1140612804 Q * Smutje Ping timeout: 480 seconds 1140612804 N * Smutje_ Smutje 1140613319 M * Roey bonbons: when is ngnet coming? 1140613331 M * Roey bonbons: and will it require a big overhaul of existing vserver instances? 1140613385 M * bonbons Roey: don't know, it's ebiederm who's writing ngnet 1140613434 M * Bertl well, no, actually ebiederm is working on mainline virtualization, which mightbe the basis for ngnet 1140613458 M * Bertl I'm just waiting with ngnet to sync with his effords 1140613503 M * bonbons oh, then I missed something, sorry for the incorrectness 1140613702 M * Bertl np 1140613785 M * SiD3WiNDR hmm 1140613788 A * SiD3WiNDR pushes ebiederm_zZ 1140613793 M * SiD3WiNDR go go go :> 1140613826 M * SiD3WiNDR actually I'm quite interested in v6 1140613834 M * SiD3WiNDR I don't especially need an "own" eth0 1140613838 M * SiD3WiNDR or even netfilter for that matter 1140613875 M * bonbons SiD3WiNDR: I thought there was addition of v6 to current v4 handling somewhere in the works 1140613885 M * SiD3WiNDR that would be nice 1140613928 M * bonbons but sure I would like to have v6 too :) 1140613931 M * SiD3WiNDR we run a research network, and we have native v6 .. but the vservers can't use it, and that's a pity 1140613934 M * Bertl well, let me put it this way, ipv6 is no real problem (in Linux-VServer) 1140613966 M * harry 12:56 < Bertl> harry: backporting means understanding the changes between the releases, and mapping one to the other 1140613966 M * Bertl as you can easily verify, it works on the host, so it isn't too hard to make it work inside the guest 1140613975 M * harry so that's why i ask... what are the changes?;) 1140613990 M * Bertl harry: see kernel.org (changelog) 1140614020 M * Bertl bonbons, SiD3WiNDR: so, why is ipv6 not part of Linux-VServer yet? 1140614040 M * Bertl simple, there are actually three reasons for that: 1140614054 M * Bertl - I have no bloody idea about ipv6 details 1140614070 M * bonbons probably because noone has written or shared the patch yet I guess 1140614072 M * Bertl - adding ipv6 ip addresses would require changes in the userspace interfaces 1140614105 M * Bertl - nobody is willing to sponsor that development 1140614160 M * bonbons ok, which ones of the split patches does v4 by now? 1140614169 M * bonbons 09_net.diff? 1140614196 M * Bertl http://www.13thfloor.at/vserver/s_rel26/v2.01/split-2.6.14.3-vs2.01/ 1140614227 M * Bertl the patches 09,12, and 30 1140614240 M * Bertl (where 30 can be ignored I guess) 1140614254 M * bonbons I was looking in 2.6.16rc4-2.1.1rc8 :) 1140614359 M * cehteh mhm ... ssh -X to a chbinded vserver doesnt work, anyone knows that? 1140614371 M * Bertl works here 1140614384 M * cehteh mhm 1140614409 M * cehteh maybe something diffrent borked 1140614412 M * cehteh $ ssh -XC starbase.localnet xeyes 1140614412 M * cehteh X11 connection rejected because of wrong authentication. 1140614412 M * cehteh X connection to localhost:10.0 broken (explicit kill or server shutdown). 1140614428 M * cehteh .. but i had that before on another machine 1140614429 M * Bertl what does /etc/hosts say about localhost? 1140614436 M * harry Bertl: quite a lot of powerpc stuff in 2.6.15 changelog! 1140614467 M * cehteh 10.20.20.10 starbase localhost 1140614467 M * cehteh ... hacky :) 1140614513 M * Bertl is that your guest IP? 1140614524 M * harry powerpc: Move remaining .c files from arch/ppc64 to arch/powerpc 1140614540 M * harry hmm... this means, look for the correct files in arch/ppc64 1140614548 M * bonbons cehteh: check what IP addresses X accepts connections from! 1140614588 M * bonbons there is the xauth thing that may interfere here 1140614598 M * Roey bonbons: ohhhh ok 1140614600 M * cehteh FireHOL: Clearing Firewall: OK 1140614605 M * cehteh .. still not working 1140614609 M * Roey bonbons: what do you work on in the Project? 1140614643 M * Roey Bertl: is the general aim for vserver to implement a virtual machine, or to be a jail-on-steroids? I thought it's the latter 1140614663 M * Bertl cehteh: check that your guest's sshd has X forwarding enabled (sshd_config) 1140614678 M * bonbons Roey: currently I'm just playing around on hollow's vserver-utils 1140614691 M * Roey gotcha 1140614697 M * cehteh sure it has ... 1140614712 M * harry grmbl... not simple :s 1140614723 M * cehteh mhm litented on ipv6 ... but turning v4 only on dint solved it either 1140614746 M * cehteh tcp 0 0 10.20.20.10:6010 0.0.0.0:* LISTEN - 1140614784 J * fwl ~fwl@83.215.237.2 1140614791 M * Bertl welcome fwl! 1140614969 M * harry Bertl: am i right when i replace powerpc with ppc64 ? 1140614983 A * harry looking into the patch but it seems that it's just the same 1140614985 M * bonbons Bertl, SiD3WiNDR: for IPv6 the most difficult part will probably be link-local fe80:* address and the multicasting... (but the guest should be able to live without I think) 1140615044 M * Wonka each vserver would need his own link-local address... 1140615054 M * Bertl bonbons: yep, you have to address 3 things IMHO (for ipv6) 1140615066 M * Bertl - local IP remapping 1140615079 M * Roey http://www.linuxjournal.com/article/6811 1140615080 M * Bertl - routing and source address selection 1140615084 M * Roey that's a nice article :) 1140615098 M * Bertl - setting and verifying ipv6 addresses 1140615112 Q * brisho Quit: using sirc version 2.211+KSIRC/1.3.11 1140615151 A * harry thinks powerpc is just a new name for ppc64, can you give me a confirmation on that, Bertl ? 1140615170 M * bonbons Well, before trying to know what has to be done for v6, understanding what is done for v4 would be nice :) *reading 09_net.diff* 1140615199 M * Wonka harry: ppc is short for powerpc, afaik... 1140615225 M * harry Wonka: i'm trying to backport 2.1.1-rc8 to 2.6.14 kernels 1140615244 M * harry e.g. there is no misc_32.S and misc_64.S in 2.6.14 kernels 1140615249 M * harry only a misc.S 1140615258 M * harry the patch looks the same for those 2 files 1140615302 M * harry but i want absolution from the expert on it , before i patch the patch :) 1140615307 M * SiD3WiNDR Bertl: I see 1140615309 M * Bertl harry: you might also have a look at _older_ linux-vserver patches in this area, and see what they do :) 1140615348 A * SiD3WiNDR will also take a look 1140615360 M * harry Bertl: ack :) 1140615366 M * SiD3WiNDR hot diff view 1140615370 A * SiD3WiNDR like 1140615372 M * Bertl bonbons, SiD3WiNDR: if you have questions, just ask ... 1140615411 M * SiD3WiNDR after reading patch 12 I thought heh this isn't a lot of patch. then I opened 9 .. :p 1140615424 J * LiamH ~none@healy.washington.dc.us 1140615430 M * Bertl welcome LiamH! 1140615431 M * bonbons Bertl: will do once I have a sufficient picture of it :) 1140615445 M * LiamH Thanks Bertl 1140615525 M * harry hahaaaa 1140615527 M * harry i was right! 1140615529 A * harry rules :) 1140615562 M * SiD3WiNDR :p 1140615569 M * SiD3WiNDR you're so modest ;) 1140615583 M * harry hehe 1140615595 A * harry done! 1140615603 M * harry now for something completely different... 1140615634 M * Bertl a man with two noses? 1140615635 M * harry Bertl: interested in that patch for 2.6.14.7 ? 1140615646 M * harry then i will try to make it clean for a vanilla 2.6.14.7 1140615663 M * harry if not, i'll just apply it together with grsec 1140615667 M * Bertl harry: if you do some testing with it, to make sure everything works as expected, then yes 1140615689 A * harry thinks... 1140615712 M * harry question is... wil anyone use that one... ever? 1140615727 M * Bertl maybe the debian folks *G* :) 1140615736 M * harry hehe 1140615740 M * harry kill them... 1140615745 M * harry it's quite useless i think 1140615756 A * harry will fix the vserver + grsec 1140615759 M * harry i'll put that online 1140615761 M * Bertl it's definitely not worth maintaining ... 1140615778 M * Cru as 2.6.15+ has problems with older udev versions, I am sure there will be some people preferring 2.6.14.x 1140615805 M * harry Bertl: what is? 1140615821 M * Bertl harry: ah, here you have your first potential 'customer' 1140615824 M * harry Cru: they can have grsec + vserver patch then :) 1140615837 M * harry if they don't want grsec , they have to disable it :) 1140615846 A * harry has other work too... :) 1140615945 J * bubulak ~bubulak@cicka.wnet.sk 1140615995 M * Bertl welcome bubulak! 1140616153 M * harry -SYSCALL(ni_syscall) 1140616153 M * harry +SYSX(sys_vserver, sys32_vserver, sys_vserver) 1140616153 M * harry SYSCALL(ni_syscall) 1140616171 M * harry this looks kinda weird... why was there twice the SYSCALL(ni_syscall) ??? 1140616186 M * Hollow morning 1140616415 A * harry a bit stuck here... 1140616601 M * harry aha... it's in misc.S there too... 1140616607 M * harry manually patching again... :s 1140616666 M * harry haha... imagine that! i get it now! :) 1140616744 M * harry config:/usr/local/config/kernel/linux-2.6.14.7# find . -name "*.rej"|wc -l 1140616744 M * harry 67 1140616747 M * harry fun :S 1140616875 Q * fwl Quit: This computer has gone to sleep 1140617182 M * harry and off we go :) 1140617212 J * fwl ~fwl@83.215.237.2 1140617549 M * harry Bertl: are you there? 1140617553 M * Bertl yup 1140617554 M * harry + #define ELF_ET_DYN_BASE ((TASK_UNMAPPED_BASE) * 2) 1140617561 M * harry i've got thet in asm-i386 1140617565 M * harry elf.h 1140617573 M * Bertl yup 1140617578 M * harry how important is that? 1140617588 M * harry i mean... what's wrong with the - #define ELF_ET_DYN_BASE (TASK_SIZE / 3 * 2) 1140617591 M * Bertl not very, but older patches should do that similar 1140617629 M * harry i remember i put a lot of time in that the previous time 1140617758 M * harry so it's not a bad idea to just leave it defined as TASK_SIZE /3*2 ? 1140617791 M * Bertl you can leave that 1140617796 A * harry wants a second opinion on these things... sry if it bothers you :) 1140617808 M * harry #ifdef CONFIG_PAX_SEGMEXEC 1140617808 M * harry #define ELF_ET_DYN_BASE ((current->mm->pax_flags & MF_PAX_SEGMEXEC) ? SEGMEXEC_TASK_SIZE/3*2 : TASK_SIZE/3*2) 1140617811 M * harry #else 1140617814 M * harry #define ELF_ET_DYN_BASE (TASK_SIZE / 3 * 2) 1140617816 M * harry #endif 1140617860 M * harry i can change the TASK_SIZE / 3 with (TASK_UNMAPPED_BASE) 1140617871 M * harry but the SEGMEXEC_TASK_SIZE/3*2 is hte problem here afaik 1140617885 M * harry what do you think? 1140618022 M * harry what's the reason you changed it? 1140618041 M * Bertl because of the different memory splits 1140618070 M * harry ah... 1140618072 M * harry hmm.. 1140618465 M * bonbons Bertl: has the IPv4 part any (special) support for multicast? 1140618482 M * Bertl no 1140618509 M * Bertl you 'just' assign the multicast ips to the guest (if you need them) 1140618527 M * bonbons ok 1140618823 J * f_ ~fwl@83.215.237.1 1140619153 M * harry Bertl: what's the reason to do the PAGE_ALIGN ? 1140619171 M * Bertl well, you don't want odd aligned addresses 1140619181 M * harry why isn't it done like that normally? 1140619189 Q * fwl Ping timeout: 480 seconds 1140619211 M * harry it would make more sense to always #define ELF_ET_DYN_BASE ((TASK_UNMAPPED_BASE) * 2) 1140619230 M * harry or am i missing stuff? 1140619289 M * Bertl I guess it's a matter of taste, you just should make sure that a) it is within the limits, and b) well aligned 1140619320 M * harry i see... 1140619330 M * harry i still don't konw what to do with that define :( 1140619333 N * ebiederm_zZ ebiederm 1140619492 M * Bertl morning ebiederm! 1140619504 M * Bertl harry: leave it as is 1140619518 M * ebiederm morning. 1140619541 M * ebiederm hey we aren't fighting over the time of day today :) 1140619593 M * harry Bertl: http://pastebin.com/566778 1140619674 M * Bertl harry: well, no ideas what the pax stuff does there :) 1140619683 M * harry me neither ;) 1140619701 M * Bertl maybe you should ask the pax guy then? 1140619707 M * harry but it seems that, if the segmexec is defined, it actually does the same as it would in (TASK_UNMAPPED_BASE) 1140619885 M * LiamH OK, I got my first vserver going! 1140619899 M * Bertl LiamH: congrats! 1140620027 M * Bertl ebiederm: your 'patch' does only contain proc/pid changes not user virtualization, right? 1140620146 M * SiD3WiNDR LiamH: I bet it won't be your last ;) 1140620276 M * LiamH Well, I'm going to be playing with this one a fair bit before I start making more. 1140620332 M * ebiederm Bertl: I have 3 things going on in my 'patch'. task_refs, my proc cleanup, my pspaces work. 1140620381 M * ebiederm The branch was in part for putting all of the pieces together so I could shake them out in view of each other. 1140620417 M * Bertl pspaces means? 1140620426 M * ebiederm Only the task_ref and proc stuff is on my todo for mainline. 1140620437 M * ebiederm My implementation of pid spaces... 1140620460 M * Bertl okay, and this does _not_ include 'struct user' virtualization, right? 1140620481 M * ebiederm Nope. 1140620486 M * Bertl good, thanks! 1140620501 M * ebiederm struct user is not something I have gotten to in any form. 1140620529 M * Bertl that's all I wanted to know .. tx 1140620587 M * ebiederm Welcome.... 1140621052 Q * Kara_ Quit: bbl 1140621363 Q * f_ Quit: This computer has gone to sleep 1140622025 J * f_ ~fwl@83.215.237.1 1140622066 Q * mkhl Ping timeout: 480 seconds 1140622588 J * mnmr ~mnmr@mail.mertner.com 1140622683 M * bonbons Bertl: vc_net_remove does not do with IPv4 what I would have expected from it's name... it does "vc_net_clear" 1140622784 M * Bertl hmm? check latest source code for that 1140622801 M * daniel_hozac only for NXA_TYPE_ANY. 1140622818 M * daniel_hozac which seems like the appropriate thing to me. 1140622825 M * Bertl yup 1140622857 M * Bertl btw, we still have to think about the single ip optimizations 1140622903 M * bonbons single ip optimizations, what are those? 1140622915 M * daniel_hozac optimizations for the single IP case? :) 1140622929 M * Bertl if the guest has just one IP assigned, then 0.0.0.0 is remapped to that ip 1140623005 M * bonbons ok... but that looks "dangerous" if more IPs may be added during guest's livetime 1140623016 M * daniel_hozac i guess that's the problem with it. 1140623025 M * daniel_hozac daemons will not automatically get the new IP address. 1140623047 M * bonbons that's exactly what I was thinking about 1140623073 M * Bertl but it is a really effective optimization, so we have to decide to either make it a special case (e.g. single ip guest) or to do some magic there :) 1140623099 M * daniel_hozac how common of a use case is the "add IP address to a running guest" though? 1140623110 M * Bertl basically zero right now 1140623113 M * daniel_hozac right. 1140623117 M * daniel_hozac but that's because there's no support. 1140623129 M * daniel_hozac (userspace wise) 1140623148 M * brc adding IPs to running guests would be interesting 1140623153 M * brc adding and removing 1140623161 M * daniel_hozac but how often would you do it? 1140623201 M * daniel_hozac does it warrant sacrificing the optimizations for the single IP case? 1140623216 M * brc interesting but not necessary 1140623220 M * Bertl especially if you still can do it, you just need to restart the service :) 1140623264 M * bonbons vserver-utils has it... but it's not yet really used 1140623284 M * daniel_hozac right. 1140623367 M * bonbons Bertl: only difficulty with "service has just to be restarted", system admin and guest admin are not always the same person 1140623398 M * Bertl well, changing an IP behind the guest admin's back is evil :) 1140623412 M * Bertl especially as he might have bound the services to specific IPs 1140623438 M * brc not really usefull, all services would need to be restarted to bind to the new ip. better to restart the entire vserver 1140623500 M * Bertl brc: well, depends, services which have bound to 0.0.0.0 would not need a restart 1140623521 M * daniel_hozac for the single IP case, they would, no? 1140623525 M * Bertl (one can test this with guests with more than one IP) 1140623561 M * bonbons ok, but for a guest's admin who has just bought a new IP, it looks intuitive that a service bount to 0.0.0.0 will just get the new IP 1140623582 M * daniel_hozac but it won't be bound to 0.0.0.0 due to the optimization ;) 1140623583 J * matta ~matta@c-68-32-239-173.hsd1.pa.comcast.net 1140623637 M * Bertl welcome matta! 1140623660 M * matta hey 1140623687 M * daniel_hozac if you give all guests a second dummy IP address, i.e. they're all sharing it, will the guests be able to bind to the same port? 1140623754 M * bonbons yep, but the service is initially configured to 0.0.0.0, and the optimization overlooked if no netstat is done 1140623774 M * daniel_hozac right. 1140623902 M * bonbons hmm, that's a dangerous case, A and B have 0.0.0.0:123, then they get same ip added... 1140623971 M * bonbons maybe first one who bound to the port should get it -- other option would be to handle it the same way as two boxes in same lan having same IP 1140624043 M * daniel_hozac maybe make the single IP case dependent on a flag? 1140624049 M * daniel_hozac (network flags?) 1140624063 M * Bertl adding and removing adds all kinds of special and corner cases, that's why we ignored it for now ... 1140624099 M * Bertl I consider it a nice to have feature, which is not worth the trouble ATM 1140624149 M * Bertl if you want ip flexibility (i.e be able to change the ip for the guest at any time) then you can simply use private IPs and a proper S/DNAT rule 1140624162 M * bonbons I agree, just see how it behaves if same IP is added to multiple guests (not yet read that part enough) 1140624271 M * bonbons and I guess we should not add an IP a second time if it's already there... (overwrite if mask changed, or just skip/ignore?) 1140624290 M * daniel_hozac that sounds more like userspace policy. 1140624458 M * bonbons yep, looks so, as it's possible to add the same IP multiple times to a device with different masks (not same mask) 1140625101 M * Skram # CONFIG_VSERVER_NGNET is not set 1140625108 M * Skram whats that do./ 1140625124 M * Bertl disable the 'old style' networking 1140625148 M * Bertl Skram: there is a help entry for that :) 1140625185 M * Skram Okies. 1140625259 M * harry Bertl: include/linux/mount.h 1140625277 M * harry in 2.6.14.x patches, that file was completely different 1140625295 M * Bertl bme was added since 1140625296 M * harry what do i do there? 1140625301 M * harry what's bme? 1140625308 M * Bertl bind mount extensions 1140625313 M * harry ah 1140625324 M * Bertl making --bind behave like real mounts, i.e. honor ro and noatime 1140625356 M * harry hmm... i don't know how to backport that MNT_RDONLY etc... 1140625365 M * harry since it's not there in 2.6.14.x 1140625388 M * Bertl best would be to get bme for 2.6.14 and replace the proper parts 1140625428 M * harry hmmmmmm... 1140625443 A * harry will have to start looking for those patches... 1140625464 M * Bertl i.e. revert bme from your current (to-be-backported) tree and apply the older bme 1140625479 M * harry ? 1140625496 M * harry i don't get it 1140625513 M * Bertl 2.6.15*vs* contains bme, right? 1140625518 M * harry i have a 2.6.14.7 kernel patched with grsec, i'm trying to apply the vserver 2.1.1-rc8 patch to it 1140625530 M * harry yes 1140625541 M * Bertl okay, there is a bme for 2.6.14 something 1140625550 M * harry i'm trying to find that... 1140625570 M * Bertl http://vserver.13thfloor.at/Experimental/BME/ 1140625590 M * Bertl now, the probably best approach would be to: 1140625603 M * Bertl a) remove (revert) the bme from 2.6.15*vs* 1140625624 M * Bertl b) add (apply) the bme for 2.6.14 1140625660 M * harry http://vserver.13thfloor.at/Experimental/BME/delta-2.6.14.2-vs2.0.1-rc2-bme0.06.1.diff <-- this one ? 1140625668 M * Bertl for example :) 1140625688 M * harry looks like the latest one 1140625712 M * harry how do you remove bme from the patch? 1140626168 M * bonbons harry: patch -R, with the BME patch used for the vserver patch you are backporting 1140626206 M * bonbons that is, the bme patch against 2.6.15 or 2.6.16* 1140626211 M * harry 2.6.125 1140626213 M * harry 15 1140626261 M * harry afaik the 2.6.14.x patches only have different values for the defines 1140626263 M * harry that's all 1140626271 M * bonbons the bme patch is in the split* patchset if you want 1140626443 M * Bertl daniel_hozac: mm/fremap.c has a // dec_mm_counter(mm, file_rss); any ideas why? 1140626472 M * Bertl (zap_pte) 1140626493 A * harry fixed it! 1140626506 M * harry didn't revert anything, just looked at diffs between bme patches 1140626511 M * harry it's only the values 1140626519 M * harry and mnt_xid became mnt_tagid 1140626543 M * harry so adjusting the values of the defines will do the trick (i hope ;)) 1140626695 M * daniel_hozac Bertl: no idea. 1140626705 M * harry attr_tag ? 1140626747 M * harry does that value make a difference ? 1140626771 J * stefani ~stefani@superquan.apl.washington.edu 1140626772 M * harry (if this patch works... im a god :)) 1140626931 M * Bertl welcome stefani! 1140626998 M * harry Bertl: if i #define ATTR_TAG 8192 instead of 16384, does that make a difference ? 1140627023 M * harry because, in 14, there was no ATTR_FILE defined as 8192 1140627029 M * harry in 15+ there is 1140627050 M * harry then again, in 14 , there was no ATTR_TAG 1140627066 M * Bertl no, as long as it doesn't clash with others 1140627095 M * daniel_hozac bit fields defined as integers? that's confusing :) 1140627107 J * dearaujo ~dan@pixpat.austin.ibm.com 1140627130 M * daniel_hozac base 10, i mean. 1140627152 M * Bertl hmm? 1140627177 M * dearaujo hello, can someone explain to me the use of novlandev? 1140627179 M * daniel_hozac 0x... or (1 << ...) is just more legible, IMHO. 1140627203 M * Bertl ah, well, yes, feel free to send a patch against mainline 1140627210 M * bonbons Bertl: what should vc_net_remove() return when it does selective removal of addresses? count of addresses removed, count of addreses left? 1140627226 M * daniel_hozac removed would seem most logical. 1140627252 M * bonbons that's what I think too 1140627259 M * Bertl bonbons: not decided yet, but removed would make sense 1140627273 J * gerrit ~gerrit@129.33.1.37 1140627274 M * bonbons especially as for add it's the count added 1140627526 M * daniel_hozac Bertl: how much of a gain is the single IP optimization? 1140627613 M * daniel_hozac dearaujo: it inhibits the vlan creation/destruction done by util-vserver. 1140627711 M * Bertl daniel_hozac: well, on every packet, it avoids the entire nx lookup/check 1140627717 M * dearaujo daniel_hozac: please forgive my ignorance, but the Vlan is used how? 1140627735 M * Bertl dearaujo: eth0.10 ? 1140627754 M * daniel_hozac Bertl: ouch, ok. 1140627809 M * dearaujo hmm perhaps I should rephrase - Vlan differs from say dev (eth0) by... 1140627841 M * Bertl if you specify eth0.10 as device, then the tools 'try' to create that vlan for you 1140627854 M * dearaujo ohhhhhhh 1140627865 A * dearaujo gets a moment of clarity 1140627871 M * Bertl if you just want to 'use' and address or so on an existing vlan, you do not need/want that 1140627896 M * Bertl IMHO the option is wrong, as devices aren't created either 1140627917 M * Bertl so there should be a vlancreate flag or so, and the default should be inverted 1140627939 M * Bertl i.e. do not create devices without good reason 1140627941 M * harry 57 to go... 1140627948 M * harry this is harder than originally expected! 1140627948 M * dearaujo :) 1140627954 M * dearaujo Bertl: thanks 1140627965 M * Bertl you're welcome! 1140627967 M * daniel_hozac harry: lol. maybe you should've gone old patch + deltas ;) 1140627987 M * Bertl daniel_hozac: nah, that would have been too easy :) 1140628014 Q * shedi Quit: Leaving 1140628037 M * daniel_hozac hehe. 1140628094 M * Bertl daniel_hozac: can we revert that, or do you see any issues? http://vserver.13thfloor.at/Experimental/nocheck.diff 1140628160 J * Viper0482 ~Viper0482@p549778D3.dip.t-dialin.net 1140628179 M * harry daniel_hozac: problem is, grsec 2.1.7 -> 2.1.9 1140628193 M * harry and vserver incremental.... was kinda hard to find 1140628197 M * harry still 56 to go 1140628200 M * harry tomorrow 1140628209 M * harry time for shower now! (and first go home off course :)) 1140628227 M * harry backporting this stuff isn't easy dammit! 1140628228 M * harry ;) 1140628237 M * Bertl maybe it's raining, then you can combine that :) 1140628281 M * harry hehe 1140628441 M * daniel_hozac Bertl: looks fine to me. 1140628483 M * ebiederm I seem to be suffering from a desire to be cool. 1140628488 M * daniel_hozac i guess the append/immutable is check elsewhere, right? 1140628489 M * ebiederm I just tried to take a rad_lock ..... 1140628516 M * daniel_hozac haha. 1140628528 J * Doener doener@i5387CBE3.versanet.de 1140628530 M * ebiederm Things worked much better when I decided to be a book work and make it a read_lock instead. 1140628542 M * daniel_hozac i bet. 1140628586 M * ebiederm Being cool just isn't in style for kernel code :( 1140629143 Q * Viper0482 Quit: bin raus, 1140629367 P * dearaujo 1140629747 Q * f_ Quit: This computer has gone to sleep 1140631158 Q * prae Quit: Execute Order 69 ! 1140632098 M * Bertl mugwump: http://vserver.13thfloor.at/Experimental/split-2.6.16-rc4-vs2.1.1/ 1140632113 M * daniel_hozac 2.1.1 final? 1140632121 M * Bertl no, just a splitup ... 1140632131 M * Bertl but it is neither rc8 nor rc9 1140632142 M * Bertl maybe I should make it rcX 1140632146 M * daniel_hozac ah, ok. 1140632150 Q * Duckx Ping timeout: 480 seconds 1140632150 Q * DuckMaster Ping timeout: 480 seconds 1140632176 M * Bertl http://vserver.13thfloor.at/Experimental/split-2.6.16-rc4-vs2.1.1-rcX/ 1140632180 M * Bertl so :) 1140632204 M * daniel_hozac hehe. 1140632238 M * Bertl but it is interesting, as it breaks out a lot more stuff than the previous 1140632307 M * Bertl and now I'm going to replace the vpid part with Eric's stuff, just for the fun of doing that (well, right after a new rc* series and the plm kick) 1140632353 M * daniel_hozac cool! 1140632789 T * Bertl http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.{0.2,1.1}-rc9 | util-vserver-0.30.210 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1140632942 M * Bertl somehow the patch sizes point to some imbalance ... 1140632990 M * daniel_hozac ? 1140633288 M * Bertl 2.1.1-2.0.2 is quite different for 2.6.15.4 and 2.6.16-rc4 1140633484 M * daniel_hozac hmm, yes... 1140633505 J * shedi ~siggi@inferno.lhi.is 1140634063 M * mnmr I was unable to make 2.6.16-rc4-2.1.1-rc7 work here (so settled for 2.6.15.4 instead) 1140634085 M * daniel_hozac what was the problem? 1140634185 M * mnmr hard to say exactly, but apache wasn't working right. gave error 206 on all image and css types.. 1140634257 M * mnmr it could be some other issue (I had lots of pain with vserver-utils/util-vserver mixup), but I was in a hurry so rebooting was a preferred option.. 1140634289 M * mnmr also, I had been awake way too long and my head was swimming :) 1140634299 M * daniel_hozac error 206? 1140634311 M * daniel_hozac HTTP core? 1140634316 M * daniel_hozac s/core/code/ 1140634334 J * f_ ~fwl@83.215.237.1 1140634335 M * mnmr yes, weird error. partial content something. unknown, I didn't strace apache. 1140634363 M * daniel_hozac 20* is success. 1140634371 M * mnmr but the configs + apache were exactly identical as to before (which was 2.6.15-vs2.1.0.4) and after.. 1140634392 M * mnmr yes, the page would load, but embedded content would not (referred images/css etc) 1140634432 M * mnmr and no, it's not a client issue.. tested it from 2 different pcs, both unable to fetch the images (even when entered directly as url) 1140634453 M * mnmr it was just bizarre, never seen anything like it. 1140634493 M * daniel_hozac hmm. 1140634706 M * mnmr come to think of it, all the pages I loaded were handled by php.. so perhaps it was something used by the internal request handler that broke, which would explain the behavior seen. anyway, not a biggie - 2.6.15.4 seems stable! :) 1140635159 Q * eyck Ping timeout: 480 seconds 1140635229 M * Bertl mnmr: hmm, so replacing the 2.6.16-rc4 with the same version (of the patch) 2.6.15.4 did change something for you? 1140636342 J * Duckx ~duckx@195.75.27.158 1140636352 J * DuckMaster ~duckx@195.75.27.158 1140636795 M * mugwump ooo, an extra 6 patches 1140636818 M * Bertl well, and look, there is a vpid one too :) 1140636824 M * mugwump ahh 1140636853 M * Bertl just to make it easier to fuse with Eric's stuff 1140636882 M * Bertl I suggest we both do some kind of integrate and compare the results later 1140636889 M * Bertl *integration 1140636993 M * Bertl daniel_hozac: ah, found it: kernel/sched.c.rej2 1140637534 M * Bertl hmm, well, doesn't explain all of it ... 1140637749 M * Bertl mnmr: ping?! 1140638350 Q * DuckMaster Ping timeout: 480 seconds 1140638350 Q * Duckx Ping timeout: 480 seconds 1140638529 M * Doener bah, 1.5g files in vim are no fun... Bertl do you know any settings to make that more bearable? 1140638560 M * ebiederm 1.5g files whatever from? 1140638620 M * Doener some stupid mysql dump, made with the worst settings and all databases from that host in one file... 1140638643 M * ebiederm That would do it. 1140638744 M * Doener but extracting the relevant parts with vim is still faster than re-creating the databases, cause the dump doesn't use extended inserts, so one insert per row and that takes ages... 1140638813 M * Bertl Doener: hmm, no idea, but, why use vim at all? 1140638830 M * Bertl I mean, why not do whatever you do via sed/gawk/perl? 1140638837 M * Doener i'm just being lazy 1140638881 M * Doener actually, I once knew some way to do such stuff quickly in vim, but I lost the settings 1140638944 M * ebiederm I know vim has a swap file to make large files barable but I don't know it enough to know the magic settings. Mostly I use emacs.... 1140638962 M * Bertl okay, off for a while, back later ... 1140638969 N * Bertl Bertl_oO 1140639287 J * eyck eyck@81.219.64.71 1140639364 A * mugwump grabs the openvz patch and throws it in his git repo for a laugh 1140639407 M * ebiederm The hugh thing or their ``broken-out'' patch? 1140639438 M * ebiederm s/hugh/huge/ 1140639479 M * mugwump hey, may as well at least track it :) 1140639486 Q * comfrey Remote host closed the connection 1140639849 M * mugwump oh, I thought you were referring to the broken out patch with 'huge'. No, not the 2.6.8 backport insanity. 1140639878 M * ebiederm Well even broken out it is huge. 1140639904 M * ebiederm They also have a 2.6.15 broken out thing, that has separate patches for openvz and beancounters. 1140639952 M * mugwump that's the one I'll be tracking. I don't even have 2.6.8 in my git repo :) 1140639977 M * mugwump 2.6.8 is just Jurassic 1140640015 M * ebiederm There is a historic git-repo that has everything from when they started using bk. 1140640035 M * Doener ebiederm: ah, turning off the swapfile helps a lot already :) 1140640038 M * ebiederm Well in my patchset I have bug fixes for bugs introduced in 2.1 or 2.2 in /proc. 1140640132 M * ebiederm I don't know if they are proper bugs but when you start inforcing permission checks that make no sense for the data in the file it is at least non-sense obfuscated code. 1140640136 M * mugwump http://openvz.org/news/links/osnews-20051201 # only just declared stable! :) 1140640154 A * mugwump is really baiting now 1140640176 M * mnmr berl: sorry was away yo eat a bit :) .. yes, it would seem so (different kernel, same vserver patch). 1140640220 M * ebiederm mugwump: Have you looked at any of my patches or just slung them around? 1140640272 M * mugwump I did look at the pspace one, not the proc one yet 1140640285 M * ebiederm Ok. 1140640364 M * mugwump I like the way you're abstracting, and once I get my test suite running I'm going to try and merge in your initpid() stuff 1140640424 M * mugwump hmm, those openvz patches are only applying with fuzz 1140640516 Q * lilo Quit: leaving 1140640549 M * ebiederm My favorite thinko in /proc (that took me a long time to realize how silly it was) is there was a special case to set the owner of directores that are world readable and executable! 1140640559 J * lilo ~lilo@lilo.usercloak.oftc.net 1140641276 M * LiamH df shows I'm using just about all of my 15 GB virtual hard drive, but du / shows only about 2.2GB usage. Is df just not reliable on the guest OS? 1140642580 J * ntrs ~ntrs@vs835.rosehosting.com 1140642715 M * daniel_hozac LiamH: virtual harddrive? 1140642965 Q * ntrs Quit: Leaving 1140643051 J * Duckx ~duckx@195.75.27.158 1140643112 J * DuckMaster ~duckx@195.75.27.158 1140643184 M * ebiederm LiamH: It could be that the guest just can't see all of the directories on the filesystem because it is limited to a subdirectory. 1140643310 M * LiamH ebiederm: Ahh, OK. So do I need to expand my virtual hard drive /dev/hdv1, and if so, how do I do that? 1140643375 M * LiamH daniel_hozac: not sure what to call it, basically the hard drive /dev/hdv1 that the guest OS uses. 1140643388 M * ebiederm Cluess. I took a stabe in the dark. I know how to build these things but I'm not familiar with the vserver details. 1140643409 M * ebiederm I can't see why anyone would implement a virtual harddrive though. 1140643422 M * daniel_hozac LiamH: there is no such thing as a virtual harddrive. 1140643439 M * daniel_hozac /dev/hdv1 is just what's in mtab. it doesn't normally exist, unless you're using quotas and vroot. 1140643439 M * LiamH OK. What do you call /dev/hdv1? 1140643458 M * LiamH I'm not. So it will just expand as needed? 1140643471 M * daniel_hozac expand? 1140643507 M * daniel_hozac the sizes are for the filesystem on which the guest resides, i.e. /vservers or /. 1140643508 M * LiamH Now showing /dev/hdv1 ufs 15612928 15201524 411404 98% / 1140643523 M * LiamH 98% full - what happens when I use more space? 1140643539 M * daniel_hozac it'll be full. 1140643566 M * daniel_hozac just as for a regular system. 1140643588 M * LiamH So... I have no more room? Or I have 13GB more room? 1140643606 M * ebiederm The 13GB sounds like it is used outside of your guest. 1140643615 M * daniel_hozac indeed. 1140643627 J * mkhl mkhl@200-148-41-77.dsl.telesp.net.br 1140643627 M * daniel_hozac by other guests or the host system itself, depending on your setup. 1140643654 M * LiamH I only have one guest at this point. 1140643657 J * Aiken ~james@tooax6-184.dialup.optusnet.com.au 1140643728 M * ebiederm What does df outside of the guest say? 1140643766 M * mugwump perhaps try seeing where that space is with `du`; eg du -x | perl -nle 'print if m{^\d+\s+\.(/[^/]*)?$}' 1140643788 M * LiamH ebiederm: heh, good point. Partition is almost full. 1140643789 M * ebiederm But do the du outside of the guest.... 1140643789 M * mugwump that will give you a report of space usage below the current directory, by directory, with a total 1140643820 M * ebiederm The du report for that partiion inside and outside the guest should be identical. 1140643838 M * daniel_hozac s/du/df/ 1140643856 M * ebiederm yes 1140643886 M * LiamH ebiederm: yes, I see that now. My host / partition is 15 GB and almost full. 1140643967 M * mugwump Bertl_oO: rcX diff has error in 01_include: missing header for unified diff at line 1284 of patch 1140644053 Q * f_ Quit: This computer has gone to sleep 1140644088 M * LiamH Well, host OS is using 7+ GB for /var/cache/apt. 1140644091 M * daniel_hozac mugwump: filename? 1140644119 M * mugwump http://vserver.13thfloor.at/Experimental/split-2.6.16-rc4-vs2.1.1-rcX/01_include.diff 1140644133 M * ebiederm LiamH: apt-get clean? 1140644158 M * daniel_hozac mugwump: i meant on line 1284 ;) 1140644176 M * LiamH ebiederm: oh yeah 1140644214 M * LiamH actually, I got tons of disk space, just not in that partition, and it is nice to have old debs sometimes, so I'll just move it over. 1140644215 M * mugwump daniel_hozac: search for arch/x86_64/ia32/sys_ia32.c 1140644228 M * daniel_hozac thanks. 1140644244 M * mugwump there's four hyphens at the start for some reason 1140644258 M * daniel_hozac hmm, yeah, that's weird. 1140644365 J * f_ ~fwl@83.215.237.1 1140644387 Q * f_ Quit: 1140644495 M * mugwump fs/quota_v2.c in the 39-quota patch is also very weird 1140644514 M * mugwump there's a malformed hunk there 1140644880 Q * Aiken Quit: Leaving 1140644888 M * Skram how do i disable memory limiting w/o restarting 1140645102 M * waldi hmm, where can I find testme.sh? 1140645113 M * daniel_hozac http://vserver.13thfloor.at/Stuff/SCRIPT/testme.sh 1140645179 M * Skram nevermind 1140645185 M * Skram now my problem is i cant do soft limiting. 1140645187 M * Skram This sucks. 1140645218 M * Skram because it kills the C compiler when there is a hard limit.. 1140645234 M * daniel_hozac might want to increase the limit ;) 1140645304 M * Skram welp. 1140645325 M * Skram vlimits should have the option to take away the limit, or is like -1 no limit? 1140645387 M * mugwump Bertl_oO: could you repair the -rcX patch? 1140645562 M * daniel_hozac -1 is infinity, yes. 1140645614 Q * mkhl Quit: 1140646172 N * Bertl_oO Bertl 1140646200 M * Bertl mugwump: I could, but currently my build/test system is offline ... so I actually can't ... 1140646226 M * Bertl mugwump: but I assume it's just a missing line (check the hunk for plausibility) 1140646258 M * mugwump There's an extra 1 line hunk ~ line 3946 of 39_quota.diff 1140646261 M * Bertl Skram: why can't you do soft limiting? 1140646293 M * Bertl Skram: latest devel releases support a soft limit ... 1140646293 M * Skram the kernel 1140646351 M * Bertl anyway, as I can't do really much right now, I'm off to bed, and will be back tomorrow ... have a good one everyone ... cya! 1140646361 M * daniel_hozac good night! 1140646363 N * Bertl Bertl_zZ 1140646575 P * mnmr 1140647456 M * daniel_hozac Bertl_zZ: 2.6.16-rc4-vs2.0.2-rc9 has a CLONE_KTHREAD hunk in arch/powerpc/kernel/asm-offsets.c 1140647518 Q * LiamH Quit: bye 1140647522 M * daniel_hozac Bertl_zZ: 2.6.15.4-vs2.0.2-rc9 hasn't fixed the drivers/mtd/devices/blkmtd.c name_to_dev_t issue. 1140647749 J * ntrs ~ntrs@vs835.rosehosting.com 1140647802 Q * ntrs Quit: 1140647904 J * Aiken ~james@tooax6-184.dialup.optusnet.com.au 1140649095 Q * entroposcope Ping timeout: 480 seconds 1140649170 Q * Doener Ping timeout: 480 seconds 1140649196 Q * lilalinux Remote host closed the connection 1140649206 J * Doener doener@i5387C150.versanet.de 1140649769 M * derjohn may I report an annoyance here? I have a guest bound to e.g. 192.0.0.10/24 and another on 192.0.0.20/32 .. what happens it you vserver-stop the first? The second goes down (this is known to me). If you bring the first up again, the second is still down. you have to vserver stop and start it again ... 1140649824 M * Doener cause all ip addresses are removed, there's some fix in mainline for that now, but you have to enable it... 1140649850 M * derjohn net/ipv4/conf/all/promote_secondaries=0 1140649884 M * derjohn it did that already ( i think you are talkign about that fix) 1140649948 M * derjohn but: either i-mis-did it, or it's not working if the ips are in different contexts 1140649949 Q * bubulak Read error: Connection reset by peer 1140649964 M * derjohn and then: The bringitup problem .... 1140649981 M * Doener hm, they're both primary anyway... 1140650019 J * bubulak ~bubulak@cicka.wnet.sk 1140650052 M * derjohn bit the mask of the primary covers the /32 ... 1140650102 M * derjohn s/bit/but 1140651153 J * mnmr ~mnmr@mail.mertner.com 1140651161 M * mnmr :) harmony data # vs angel stop 1140651161 M * mnmr 1140651161 M * mnmr A timeout occured while waiting for the vserver to finish and it will 1140651161 M * mnmr be killed by sending a SIGKILL signal. The following process list 1140651161 M * mnmr might be useful for finding out the reason of this behavior: 1140651163 M * mnmr 1140651163 M * mnmr ---------------------------------------------------------------------- 1140651165 M * mnmr 30020 3245 angel ? D 0:03 [apache2] 1140651165 M * mnmr ---------------------------------------------------------------------- 1140651167 M * mnmr Vserver '/etc/vservers/angel' still running unexpectedly; please investigate it manually... 1140651177 M * mnmr anyone got any ideas what I can do to restart that instance? 1140651236 P * stefani I'm Parting (the water) 1140651364 J * arnaud ~arnaud@d80-170-59-45.cust.tele2.fr 1140651394 M * mnmr anyone here? :) 1140651407 M * mnmr :) angel / # ps aux 1140651407 M * mnmr USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND 1140651407 M * mnmr apache 30020 0.0 0.0 0 0 ? D Feb22 0:03 [apache2] 1140651407 M * mnmr root 4892 0.1 0.0 5540 1500 pts/2 S 01:32 0:00 /bin/bash -login 1140651407 M * mnmr root 5247 0.0 0.0 5452 836 pts/2 R+ 01:32 0:00 ps aux 1140651409 M * mnmr :) angel / # kill -9 30020 1140651409 M * mnmr :) angel / # ps aux 1140651411 M * mnmr USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND 1140651411 M * mnmr apache 30020 0.0 0.0 0 0 ? D Feb22 0:03 [apache2] 1140651413 M * mnmr root 4892 0.1 0.0 5540 1508 pts/2 S 01:32 0:00 /bin/bash -login 1140651413 M * mnmr root 5319 0.0 0.0 5452 836 pts/2 R+ 01:32 0:00 ps aux 1140651415 M * mnmr :) angel / # 1140651433 M * mnmr never had a process that kill -9 couldn't take down before.. not a good sign for the latest 2.1.1-rc7 patch 1140651491 M * mnmr can I kill a vserver instance somehow? 1140651544 M * Doener hm, looks like a zombie in D state? never seen that, but that's a mix of the worst things to happen... 1140651555 M * Doener last process in a context is a zombie -> will stay 1140651563 M * Doener process stuck in D state -> will stay 1140651613 M * mnmr so no way to get rid of it? I have to reboot the server? 1140651698 M * Doener i'd say so... unless some way was discovered/introduced to get rid of such processes 1140651739 M * mnmr crap.. should've gone with xen, perhaps :/ 1140651748 M * mnmr brb (reboot) 1140651796 M * bonbons Doener: one could write a utility that goes wait(pid) for those zombies... in rc8 there's a fix for sending the SIGCHLD to the right init, not sure this would help here 1140651838 M * Doener bonbons: can you wait() for processes that are not your childs? 1140651862 M * Doener AFAIK you'd need to reparent them 1140651872 M * bonbons Doener: don't know... 1140651988 M * bonbons yep, manpage says we need to be their parent. 1140652088 J * bobo ~LMS_Guest@adsl-68-94-7-216.dsl.rcsntx.swbell.net 1140652211 Q * bobo Remote host closed the connection 1140652234 Q * mnmr Read error: Connection reset by peer 1140652486 Q * bonbons Quit: Leaving 1140652546 J * mnmr ~mnmr@mail.mertner.com 1140652711 M * mnmr that was a nasty experience.. if I see it again I'll have to try a different vs-version.