1141778164 Q * phycho Ping timeout: 480 seconds
1141778266 J * phycho ~phycho@ext-gw.darktech.org.uk
1141778274 M * phycho Linux gw 2.4.32-QoS-grsec-vs1.2.10 #3 Tue Mar 7 23:46:45 GMT 2006 i686 pi386 GNU/Linux
1141778275 M * phycho :D
1141778442 M * mugwump heh, that's a mighty patchy kernel y'got there :)
1141778488 M * phycho lol
1141778496 M * phycho isnt half dude.. you should see the patch list lol
1141778524 M * phycho http://pastebin.com/590037
1141778525 M * phycho lol
1141779686 M * phycho hey
1141779690 M * phycho how do i remove the vservers folder?
1141779698 M * phycho root@gw:/# chmod 777 vservers
1141779698 M * phycho chmod: changing permissions of `vservers': Operation not permitted
1141779700 M * phycho :X
1141779719 M * mugwump what does showattr /vservers say?
1141779734 M * phycho d---------  2 root root  1024 2006-03-08 00:57 vservers/
1141779799 M * doener_ lsattr -d /vservers ?
1141779824 M * phycho root@gw:/usr/src# lsattr  -d /vservers
1141779824 M * phycho -----------t- /vservers
1141779824 M * phycho root@gw:/usr/src#
1141779842 M * doener_ chattr -t /vservers
1141779850 M * phycho done
1141779855 M * phycho ty
1141779859 M * phycho first ive ever had that problem ..
1141779864 M * phycho whats "t" flag for?
1141779881 M * doener_ 'tail', but in Linux-VServer terms it is the chroot barrier
1141779895 M * phycho aah
1141779899 M * doener_ the 2.6 version doesn't abuse the attribute anymore
1141779905 M * phycho k
1141779978 M * phycho any ideas if using 'cfdisk' to add another partition to a disk and write the partition table?
1141779984 M * phycho would that destroy the partitions already there?
1141779984 M * doener_ hm, it is 'notail' actually. but well... ;)
1141779995 M * mugwump is that chroot barrier or immulink?
1141780045 M * doener_ mugwump: wasn't that the same on 2.4? tbh I have no idea ;)
1141780080 M * mugwump well, initially the solution to the chroot problem was just the 000 permission
1141780082 M * doener_ http://linux-vserver.org/chroot-barrier
1141780092 M * doener_ good that I have written some docs back then :)
1141780116 M * mugwump but that attribute was probably immulink
1141780133 M * mugwump the bit we picked for it got used by that tail merge attribute
1141780143 M * doener_ mugwump: you mean as opposed to 'notail'?
1141780158 M * mugwump notail is short for no tail merge
1141780170 M * doener_ yeah...
1141780201 M * doener_ i am currently wondering about "but that attribute was probably immulink"
1141780230 M * doener_ it is (probably) immulink, but also part of the barrier...
1141780304 M * doener_ anyway, i have quite some problems understanding english lately, so we probably mean the same and I'm just weird right now ;)
1141780405 Q * brc Quit: BitchX: the un-Cola
1141780710 Q * phycho Ping timeout: 480 seconds
1141780729 J * brc bruce@20151181056.user.veloxzone.com.br
1141780734 Q * brc Quit: 
1141780742 J * brc bruce@20151181056.user.veloxzone.com.br
1141781066 J * phycho ~phycho@ext-gw.darktech.org.uk
1141781069 M * phycho hey guys
1141781076 M * phycho any way to create a vserver with a different distro than the host system?
1141781105 M * phycho im using a really old -STABLE version of vserver
1141781110 M * phycho 1.2.10
1141781382 Q * sladen Read error: Connection reset by peer
1141781396 J * sladen paul@starsky.19inch.net
1141781493 M * phycho theres no vserver-new command with the old release of vserver ;/
1141781548 M * doener_ it's "vserver <name> build" actually with util-vserver 0.30.x, and that is agnostic of the kernel patch version
1141781571 M * phycho agnostic?
1141781592 M * phycho and how do i assign it an ip in such an old version? :P
1141781601 M * doener_ you can use it with almost any version of the kernel patch, 1.2 series, 2.0 series, doesn't matter
1141781620 M * phycho so i can use any utility version.. right?
1141781620 M * doener_ that depends on the version of the tools, not of the kernel patch
1141781626 M * doener_ yes
1141781629 M * phycho k
1141781630 M * phycho cool
1141781640 A * phycho goes to install a newer one :)
1141781722 M * phycho can i use one of the development version of tools then?
1141781733 M * doener_ you should go for 0.30.210
1141781738 M * phycho k
1141781752 M * phycho kernel version? or userland version?
1141781757 M * phycho http://www.13thfloor.at/vserver/d_release/overview/
1141781759 M * phycho i only see those
1141781762 M * doener_ util-vserver version
1141781772 M * phycho no 0.30.210 in there
1141781778 M * phycho any ideas?
1141781799 M * doener_ http://www.13thfloor.at/~ensc/util-vserver/files/alpha/
1141781813 M * phycho k
1141781820 M * phycho aah
1141781822 M * phycho thanks
1141781846 M * doener_ kernel patch should be 1.2.10 for 2.4, the 1.3 series isn't maintained anymore AFAIK
1141781859 M * phycho im using 1.2.10 yep
1141781864 M * phycho Linux gw 2.4.32-QoS-grsec-vs1.2.10 #3 Tue Mar 7 23:46:45 GMT 2006 i686 pentium2 i386 GNU/Linux
1141782907 J * torabora ~asdasd@178gis168.gulftel.com
1141782916 P * torabora 
1141783044 J * Smutje_ ~Smutje@xdsl-87-78-16-5.netcologne.de
1141783154 Q * Smutje Ping timeout: 480 seconds
1141783154 N * Smutje_ Smutje
1141783400 M * phycho vc_get_task_xid(): Invalid argument
1141783400 M * phycho Failed to determine current context; aborting...
1141783403 M * phycho anyone know what that means?
1141784220 M * mugwump phycho: that's a new API call being made on an old kernel, I think
1141784224 M * mugwump phycho: strace() is
1141784231 M * mugwump strace it, even :)
1141784388 M * phycho so much for the new tools being able to be used on old systems then :P
1141784947 M * mugwump phycho: did you tell configure that you only wanted the old API?
1141784980 M * phycho nope?
1141785016 M * mugwump when you build util-vserver, check the options to configure
1141785036 M * mugwump you can specify which of the various APIs you wish to build support for
1141785043 M * mugwump perhaps legacy is not enabled by default
1141785056 M * phycho aah
1141785618 Q * PilatomiK Quit: Leaving
1141788131 Q * doener_ Quit: leaving
1141790031 J * matta ~matta@c-68-81-35-243.hsd1.pa.comcast.net
1141790750 Q * phycho Quit: 
1141795699 J * coocoon ~coocoon@p54A06897.dip.t-dialin.net
1141795935 M * coocoon morning
1141798132 Q * matta Ping timeout: 480 seconds
1141801635 J * Loki_muh loki@213.133.125.66
1141801695 Q * Loki|muh Read error: Connection reset by peer
1141801878 Q * meebey Read error: Connection reset by peer
1141801896 J * meebey meebey@booster.qnetp.net
1141804922 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl
1141806462 J * exp[a] USERNAME@eserv.comex.ru
1141807251 Q * shedi Quit: Leaving
1141808986 J * pflanze ~chris@84-73-54-235.dclient.hispeed.ch
1141809026 M * pflanze Hello. Would chbind work on a non-vserver-patched kernel? I think not, but somehow I hope it would.
1141809100 M * pflanze (And if not: is there no alternative way to make a process use another interface's ip address for outgoing connections?)
1141809280 M * SiD3WiNDR depends on the process I guess
1141809729 J * pagano ~pagano@lappagano.cnaf.infn.it
1141809936 M * pagano hi guys
1141810836 J * JonB ~NoSuchUse@kg45.kollegiegaarden.dk
1141810846 M * JonB damn, bertl is not here :-(
1141811131 M * daniel_hozac nope.
1141811141 M * JonB i found some interesting hardware
1141811153 M * daniel_hozac oh?
1141811158 M * JonB Unisys Mainframe ES 7000
1141811171 M * JonB 8x Intel Pentium 3 Xeon 700 mhz m 2mb cache mulighed for 16 procesoor
1141811171 M * JonB 4 gb ram mulighed for 32 gb,
1141811171 M * JonB 2x 9,1 gb scsi diske
1141811201 M * daniel_hozac nice
1141811202 M * JonB an 8 way machine
1141811210 M * JonB i figured that he might want to test it
1141811218 M * JonB the only problem is the electrical bill :-(
1141811233 M * JonB i think it's gonna be big :-(
1141811245 M * daniel_hozac probably.
1141811419 M * JonB i wonder if i could get the local lug to pay the power
1141811846 J * mikmak ~mikmak@iflap2.ujf-grenoble.fr
1141811855 M * mikmak hello
1141811916 M * mikmak I  have a host with 2 NICs and 2 IPs on different subnets, I would like to have one vserver to use one of this IP and be routed through it, and another vserver to use the other IP's subnet. Is there some doc on how to do that ?
1141811938 M * mikmak I would need a different default gw on each vserver actually
1141811997 M * JonB you can always use the iproute packet
1141812005 M * JonB that allows more advanced rotuing
1141812029 M * mikmak ok, but how do I tell iproute which vserver to route ? :)
1141812042 M * JonB based on the source ip address
1141812449 M * daniel_hozac this has been described multiple times on the mailing list.
1141812456 M * daniel_hozac i'm fairly certain it's also on the wiki.
1141812601 M * SiD3WiNDR what's "mulighed" ? :)
1141812651 M * mikmak well I checked the wiki and haven't found anything ;)
1141812664 M * mikmak except the ngnet thing which is not stable yet
1141812785 M * daniel_hozac http://archives.linux-vserver.org/200311/0470.html
1141812858 M * mikmak thanks :)
1141813027 Q * Aiken Quit: Leaving
1141813267 J * shedi ~siggi@tolvudeild-204.lhi.is
1141813995 Q * exp[a] Ping timeout: 480 seconds
1141814344 J * lilalinux ~plasma@h1-gw.of.net-lab.net
1141814480 M * mikmak thanks I got it to work :)
1141814492 Q * pflanze Quit: [x]chat
1141816990 J * meandtheshell ~markus@85-124-15-159.dynamic.xdsl-line.inode.at
1141818723 J * andrew_ling andrew_lin@231.198.233.220.exetel.com.au
1141818725 P * andrew_ling 
1141820617 J * chirp ~chirp@202-169-194-76.megapass.world-net.co.nz
1141821097 M * chirp can anyone point me to some good info about running screen inside a guest - i'm getting ye olde "No more PTYs" issue.. apologies if i've missed an obvious answer in my googlin'
1141821287 M * mnemoc chirp: the easier way is to start an sshd inside the guest, that way screen will use that pts
1141821520 M * chirp hrmm... thats what I'm doing.. i.e. not using vserver <host> enter - any suggestions? 
1141821598 N * Bertl_oO Bertl
1141821602 M * Bertl morning folks!
1141821613 M * chirp hi
1141821620 M * JonB hey Bertl 
1141821644 M * coocoon hi
1141821658 M * coocoon Bertl: have u got my messages yesterday
1141821662 M * Bertl chirp: what _are_ you doing precisely?
1141821663 M * Roey hey Bertl!
1141821698 M * chirp Bertl:  ssh user@guest.vsever, then just "screen" as non-root user
1141821739 M * chirp Bertl: from an xterm on my workstation 
1141821779 M * Bertl coocoon: I think no ...
1141821820 M * JonB Bertl: i found this interesting machine... a unisys mainframe. 8way xeon (though just 700Mhz) and i was thinking vserver test machine
1141821844 M * Bertl JonB: sounds good
1141821876 M * JonB Bertl: except when you consider the elektrical bill
1141821898 M * JonB Bertl: but i'll see what i can do, the seller has not even said the location yet
1141821934 M * Bertl i.c.
1141821971 M * JonB Bertl: and i was thinking of asking the local lug to pay the electrical bill, host it and ... to gain a special testing machine for kernel coding
1141821980 M * JonB Bertl: but, we'll see
1141822049 M * Bertl well, I _think_ somebody will be able to host it in the area once we know where it is ...
1141822197 J * doener ~doener@i5387F8BC.versanet.de
1141822203 M * JonB Bertl: it is probably in denmark somewhere
1141822235 M * phreak`` Bertl: heya :)
1141822250 M * doener morning :)
1141822265 M * phreak`` (and of course all other folks who are around :P)
1141822292 M * phreak`` doener: got a minute or so ? need help ;)
1141822313 M * doener sure... not sure if i'll be of any help though ;)
1141822317 M * JonB Bertl: but i think it would be used by other kernel hackers than just you
1141822348 M * coocoon bertl: no offline messges possible, so this is my error http://pastebin.com/590661 util-vserver: 0.30.210
1141822353 M * JonB Bertl: at least that was the intention to maximize the usage
1141822383 M * coocoon bertl: it happens to all vservers (Debian/ FC/Centos/gentoo)
1141822418 M * Bertl JonB: that's perfectly fine for me
1141822451 M * coocoon bertl: with util-vserver: 0.30.209 all works fine --> tesme.sh also works fine, with util-vserver: 0.30.210, testme.sh failled with missing chbind
1141822461 M * doener why should I? I can 'enjoy' matt here as well... *g*
1141822468 M * doener argh!
1141822470 M * Bertl coocoon: not unusual, either configure with --enable-apis=NOLEGACY
1141822501 M * coocoon bertl: during configure, right?
1141822503 M * Bertl coocoon: or configure the kernel to _not_ use the legacy apii
1141822533 M * doener i guess I'll never manage to get irssi's input focus right...
1141822545 M * coocoon bertl: ok thanx for the fast solution ;-)
1141822554 M * coocoon bertl: I will try
1141822555 M * Bertl coocoon: you're welcome!
1141822847 M * coocoon bertl: what have been changed in 0.30.210 to set this
1141822865 M * Bertl the old legacy interfaces have been deprecated
1141822887 M * Bertl the slightly 'confusing' NOLEGACY actually means that the
1141822903 M * Bertl legacy interfaces except for the very very old ones are enabled
1141822913 M * Bertl (not as one might think disabled)
1141822940 M * Bertl currently your kernel is in legacy mode, but the tools only support the latest apis
1141822953 M * Bertl #
1141822954 M * Bertl v13,net
1141823141 M * coocoon so what is better set it in the kernel or during installation of util-vserver
1141823186 M * chirp solved, user was not in tty group.  i am an idiot. 
1141823212 M * Bertl well, better is to configure the kernel for non legacy stuff, but it is more complicated and you have to make sure you have no legacy guests
1141823219 M * Bertl chirp: np, happens sometimes
1141823254 M * coocoon Bertl: how to get to know, whether my guests ar legacy or not
1141823435 M * Bertl good indication is an old style (file based e.g. name.conf) config
1141823472 M * Bertl guest xids over 49151 (in vserver-stat) are another indication (i.e. you are missing a context entry)
1141823499 Q * chirp Quit: Leaving
1141823649 M * coocoon bertl: oh ok I think that my system isn't involved
1141823657 M * coocoon so I will set it in the kernel
1141823660 M * coocoon thanx
1141823886 J * chirp ~chirp@202-169-194-76.megapass.world-net.co.nz
1141824114 J * phycho ~phycho@ext-gw.darktech.org.uk
1141824121 M * phycho hey guys.. what version of vserver should i use for 2.4
1141824123 M * phycho for the kernel patch
1141824126 M * phycho the development release?
1141824131 M * phycho http://www.13thfloor.at/vserver/d_release/v1.3.9/
1141824253 M * Bertl phreak``: no, the stable banch is the only (somewhat) maintained
1141824289 M * phycho Bertl - should i use development?
1141824552 M * phreak`` Bertl: I didn't do anything ;)
1141824748 M * phreak`` Bertl: do the 2.0.2 and 2.1.1 really differ that much ? (wrt. http://vserver.13thfloor.at/Experimental/delta-quota-fix01.diff), since that HANDLE_CASE doesn't exist
1141824958 M * Bertl phycho: the previous line was for you, my fault, sorry phreak``!
1141824973 M * phreak`` Bertl: no problem :)
1141824977 M * Bertl so, phycho: no, the stable banch is the only (somewhat) maintained
1141825120 M * doener phreak``: the patch fixes kernel command line parsing of debug options, that stuff doesn't exists in 2.0.2, so you can leave that patch out
1141825148 M * phreak`` doener: thanks a lot, thats what I wanted to hear :)
1141825293 M * Bertl btw, what do you think of the http://vserver.13thfloor.at/Experimental/delta-vproc-fix01.diff
1141825442 M * scotti hmm, is there an how-to arround how i can migrate guests from an linux-vserver 1.x system to a linux-vserver 2.x system?
1141825507 M * Bertl well, if you 'just' want to run them on the 2.x system, it should work out of the box, (given that you have the legacy stuff enabled for legacy guests)
1141826024 M * scotti Bertl: ah thx, will have a look at it
1141826396 P * mikmak Kopete 0.11.1 : http://kopete.kde.org
1141826516 Q * chirp Quit: Leaving
1141826546 J * chirp ~chirp@202-169-194-76.megapass.world-net.co.nz
1141826687 M * doener Bertl: hm, looks good, the other stuff in there is already like that anyway, so you would just have to guess the name, right?
1141826805 Q * chirp Quit: 
1141826824 M * Bertl doener: yup
1141826896 J * Smutje_ ~Smutje@xdsl-87-78-84-138.netcologne.de
1141827004 Q * Smutje Ping timeout: 480 seconds
1141827004 N * Smutje_ Smutje
1141827043 M * phycho Bertl - damn =(
1141827049 M * phycho why cant you guys support 2.4 more
1141827052 M * phycho 2.6 is a pile of dung
1141827142 M * Bertl phycho: hmm, I even updated my workstations by now (to 2.6 :)
1141827165 M * phycho i refuse to use it
1141827170 M * Bertl phycho: but feel free to use the 2.4 branch, it works quite well
1141827171 M * phycho it doesnt work as well as it should
1141827173 M * phycho k.
1141827181 M * doener Bertl: but you didn't apply a dozen patches, did you? ;)
1141827188 M * phycho haha
1141827202 M * Bertl doener: no, none at all actually ...
1141827208 A * phycho requires those dozen patches
1141827243 M * phycho its a one box does all situation ;)
1141827331 M * phycho its the grsecurity thats a bastard than anything else
1141827350 M * phycho does not play well with a lot of things
1141827406 M * Bertl phycho: what kind of patches do you need for the 'perfect' 2.4 branch?
1141827461 M * phycho its a gateway.. so a lot of relevant stuff for that
1141827463 M * phycho sec ill get a list
1141827467 M * doener http://pastebin.com/590037
1141827480 M * doener the list from yesterday ;)
1141827490 M * phycho yep
1141827499 M * phycho that lot
1141827517 M * Bertl hmm, looks like some 2.6 patches there, how comes?
1141827555 M * Bertl somehow my guts tell me that 2.6 would obsolete the majority of those patches ...
1141827563 M * phycho it doesnt
1141827571 M * phycho WRR etc is not in 2.6
1141827584 M * phycho the 2.6 patches are for iproute, not for kernel
1141827605 M * Bertl ah, so what patches are for the kernel?
1141827634 M * phycho all but ppp and iproute and iptables
1141827647 M * Bertl what's the wrr stuff doing?
1141827710 M * Bertl (doesn't look awfully large to me :)
1141827713 M * phycho http://wipl-wrr.sourceforge.net/wrr.html
1141827716 M * phycho its for QoS
1141827732 M * Bertl isn't QoS in 2.6?
1141827738 M * phycho yes.. but not wrr.
1141827757 M * phycho http://relaks.info/linux/mq/stable/
1141827764 M * Bertl and they stopped development 2002 ... wonder why ...
1141827765 M * phycho thats whats in the mq2 patchset that i apply
1141827774 M * phycho because its finished.
1141827790 M * Bertl ah, that sounds good :)
1141827803 M * phycho someone else is working on 2.6
1141827818 M * phycho http://www.zz9.dk/wrr/
1141827866 M * phycho so far ive got all the patches in together.. just need vserver in now :-)
1141827900 M * phycho patch-2.4.30-vs1.2.10.diff
1141827902 M * phycho that one right?
1141827946 M * phycho lol ouch. 20+ failed chunks
1141827949 A * phycho goes to hack at code
1141827963 J * matta ~matta@c-68-32-239-173.hsd1.pa.comcast.net
1141827982 M * Bertl phycho: there is a 1.2.11-pre release
1141828002 M * phycho whats the difference?
1141828017 M * Bertl but do you need the wrr stuff at all, I mean, it seems like it can be done via simple TC based classes too?
1141828026 M * phycho yeah i need it
1141828041 M * phycho tc isnt that good ;)
1141828133 M * Bertl gmm, rc1 even ... http://vserver.13thfloor.at/Experimental/patch-2.4.31-vs1.2.11-rc1.diff
1141828148 M * phycho k cool ty
1141828172 J * rs ~rs@office.dailymotion.com
1141828179 M * Bertl welcome rs!
1141828186 M * Bertl welcome matta!
1141828422 M * eyck yo
1141828566 M * coocoon bertl: questions about nat for vservers
1141828581 Q * meandtheshell Ping timeout: 480 seconds
1141828670 M * coocoon bertl: mom
1141828675 M * Bertl :)
1141828841 M * coocoon bertl: got this error message: http://pastebin.com/590806 after starting default-vservers
1141828842 M * coocoon bertl: here r my nat 1.) iptables -t nat -A POSTROUTING -s 1.2.3.4 -d ! 1.2.3.4 -j SNAT --to-source "HostIP" 2.) iptables -t nat -A PREROUTING -p tcp --destination-port 2221 -j DNAT --to-destination 1.2.3.4:22 SNAT --to-source "HostIP"
1141828884 M * coocoon bertl:  one or two vservers won't start then, also everything is working fine after starting them manually
1141828900 M * coocoon bertl: -also +but
1141828926 M * coocoon bertl: I thought my nat settings are right
1141828976 M * Bertl hmm, who is doing the iptables command in your guest startup?
1141829013 M * coocoon bertl: u have asked last time, but I do not know no one :-) I think
1141829016 M * Bertl I mean, the guest is not supposed to issue any iptables commands, they will fail ...
1141829051 M * Bertl it is strange that your sin02 guest does do any iptables commands
1141829104 M * coocoon right it is independent from guest, because of I have no vserver installed, not laughing, I started to set them up, but I have a "skeleton", 
1141829106 M * Bertl the iptable commands you listed above seem mangled
1141829132 M * Bertl there is no DNAT/SNAT combo as you have in 2.)
1141829162 M * Bertl okay, the sin02 is only a skeleton?
1141829211 M * Bertl in this case I'd suspect that everything works fine, and the iptables line is from the 'next' runlevel service
1141829216 M * doener heh, sendfile becomes a never ending story :)
1141829218 M * coocoon bertl: yes, but if there is a vserver installed there is the same error message so it can't have anything to do wit the guest os or some iptables settings in the guest
1141829254 M * coocoon bertl: 
1141829258 M * Bertl doener: it seems so, I assume kernel folks are slowly patching up sendfile, and we are behind there (because we have to adjust the missing parts
1141829290 M * coocoon 1. is for the internet access and 2. is for the ports
1141829301 M * Bertl yeah, but 2 is wrong/mangled
1141829309 M * Bertl should be something like:
1141829323 M * Bertl iptables -t nat -A PREROUTING -p tcp --destination-port 2221 -j DNAT --to-destination 1.2.3.4:22
1141829331 M * Bertl (without the SNAT --to-source "HostIP part)
1141829399 M * coocoon bertl: ok thanx I will try it, I know it is not vserver specific
1141829459 Q * Wenix Ping timeout: 480 seconds
1141829593 M * Snow-Man How does 'vserver blah stop' work wrt SysV init?
1141829607 M * Snow-Man It's running a bunch of stuff that I don't think it should be running. :(
1141829611 M * Bertl Snow-Man: it simply calls the stop scripts
1141829638 M * Snow-Man Bertl: I get the sinking feeling that it doesn't do what actual SysV does.
1141829652 M * Bertl hmm, in what way?
1141829665 M * Snow-Man Bertl: It doesn't appear to just call the stop scripts for the things which are started in the associated runlevel...
1141829680 M * coocoon bertl: sorry here are the right entries 
1141829682 M * Bertl coocoon: you're welcome! try to figure _why_ the sin02 reports errors ...
1141829690 M * coocoon bertl: 1. iptables -t nat -A POSTROUTING -s 1.2.3.0 -d ! 1.2.3.0 -j SNAT --to-source 85.214.22.240
1141829705 M * Snow-Man From the update-rc.d manpage under Debian...:
1141829708 M * coocoon bertl: 2. iptables -t nat -A PREROUTING -p tcp --destination-port 2220 -j DNAT --to-destination 1.2.3.0:22
1141829713 M * Snow-Man The correct way to disable services is to configure the service as stopped in all runlevels in which it  is  started by default.  In the System V init system this means renaming the service's symbolic links from S to K."
1141829723 M * coocoon bertl: I have made a mistake during copy and paste
1141829762 M * Bertl Snow-Man: yes, so the K* scripts are executed on runlevel exit, and the S* scripts on runlevel enter ...
1141829775 M * Bertl coocoon: that looks better ...
1141829784 M * Snow-Man hmmmmm.
1141829805 M * coocoon bertl: sorry yes I haven't change anything
1141829810 M * Snow-Man The problem is that I don't want the damn script to be run at all.
1141829830 M * coocoon bertl: they must be right
1141829835 M * Bertl Snow-Man: which one?
1141829846 M * Snow-Man Bertl: Well, 'umountfs', for one.
1141829855 M * Bertl Snow-Man: removing K and S entries should do that, no?
1141829867 M * Snow-Man I don't want them to come back when I upgrade the Debian package though.
1141829874 M * Bertl Snow-Man: on most distros chkconfig helps you with that setup
1141829896 M * Snow-Man When doing 'stop', what runlevels are entered/left?
1141829903 M * Bertl Snow-Man: and if debian 'knows' better, then that is a debian issue
1141829905 M * Snow-Man Don't just just enter 0, you don't leave it?
1141829910 M * Snow-Man s/just/you/
1141830054 J * meandtheshell ~markus@85-124-32-52.dynamic.xdsl-line.inode.at
1141830129 M * Bertl Snow-Man: usually you leave the 'current' runlevel and enter the 'new' one, e.g. 5->0 means
1141830144 M * Bertl all K* scripts from 5 are executed before the S* scripts of 0
1141830156 M * Bertl welcome meandtheshell!
1141830168 M * meandtheshell Bertl: hi ;-)
1141830174 M * Snow-Man Sure, the K* scripts of 5, then the S* scripts of 0, but the K* scripts of 0 aren't run, are they?
1141830189 M * doener Bertl: i'll look into the sendfile issue (actually, i'm already at it)
1141830372 Q * shedi Quit: Leaving
1141830610 Q * Hunger arion.oftc.net europa.oftc.net
1141830683 J * Hunger Hunger.hu@Hunger.hu
1141830723 M * Bertl doener: excellent, tx!
1141830955 Q * Hunger arion.oftc.net europa.oftc.net
1141831022 J * Hunger Hunger.hu@Hunger.hu
1141831125 J * frz ~frzzzz100@jaim.at
1141831136 M * frz hi
1141831170 M * Bertl hey frz!
1141831185 Q * JonB Quit: Leaving
1141831222 M * frz hi bertl :)
1141831339 M * frz would like to make ulimit -n for some programs - what is the actual state how todo this with 2.6 vs 2.0
1141831344 J * nomad_cz szywhjns@nezmar.netlab.cz
1141831464 M * Snow-Man Warning: Executing wildcard deletion to stay compatible with old scripts.
1141831468 M * Snow-Man What's that all about?
1141831502 M * nomad_cz Hi. Is it possible to setup X desktop in vserver ? I mean X including nvida drivers (hw acceleration) ...
1141831591 M * doener Snow-Man: a change in recent iproute versions. you can have the same address more than once if the prefix is different
1141831596 M * doener     inet 1.2.3.4/24 scope global eth0
1141831596 M * doener     inet 1.2.3.4/32 scope global eth0
1141831609 Q * pagano Quit: Leaving
1141831635 M * Snow-Man Nevermind, I forgot to touch nodev. :)
1141831650 M * doener "ip a d 1.2.3.4" will then randomly(?) delete one of them
1141831662 M * Snow-Man doener: Nice. :)
1141831707 M * Snow-Man Bertl: I figured out the SysV stuff, btw.
1141831710 M * doener no idea what having the same address with different prefixes is good for though
1141831742 M * Snow-Man Bertl: You have to put 'K' links into the 'previous' (ie: rc3.d in this case) runlevel to make it not run those K scripts again.
1141832112 J * hijacker ~hijacker@cable-84-43-140-185.mnet.bg
1141832115 M * hijacker hi all
1141832122 M * Bertl welcome hijacker!
1141832145 M * hijacker lool - that;s nice topic ;-)
1141832162 M * Bertl you like it?
1141832171 M * phycho heh, i think ive finally got vserver to work with all my patches
1141832172 M * phycho ;)
1141832176 M * phycho or at least.. its compiling
1141832178 M * phycho which is a start.
1141832179 M * hijacker yes, i do, that is true
1141832197 M * hijacker just installed the vserver on my debian box from the .debs phycho 
1141832221 M * hijacker struggling now to get it working(setup)
1141832226 M * phycho hehe
1141832227 M * phycho fun ;/
1141832230 M * hijacker aye ;-)
1141832234 M * phycho ill be joining you shortly
1141832247 M * phycho just managed to get grsecurity compiled along with vserver ;)
1141832252 M * phycho after a lot of manually editing kernel src ;/
1141832257 M * hijacker lool
1141832266 M * hijacker that should be time consuming I presume...
1141832277 M * phycho few hours to get it to work with all my patches
1141832283 M * phycho whats amusing, is that i know nothing of C
1141832284 J * Duckx ~duckx@195.75.27.158
1141832286 M * phycho yet still managing it
1141832287 M * phycho haha
1141832331 M * phycho spoke too soon
1141832333 M * phycho *sighs*
1141832337 M * phycho : undefined reference to `proc_pid_readdir'
1141832337 M * phycho fs/fs.o(.text+0x27842): In function `proc_root_readdir':
1141832337 M * phycho : undefined reference to `proc_pid_readdir'
1141832337 M * phycho make: *** [vmlinux] Error 1
1141832339 M * phycho heh
1141832371 M * Bertl interesting ... you probably missed a few hunks
1141832382 M * phycho yeah ;/ how gay
1141832385 M * phycho need to do it all again
1141832396 M * hijacker  ;-)
1141832410 M * phycho oh the joys of manual patching!
1141832511 Q * gerrit Quit: Client exiting
1141832537 M * hijacker still i cannot believe you know nothing about c and are editing the kernel sources
1141832585 M * Bertl hijacker: some folks are brave .. others ... :)
1141832616 M * Bertl phycho: what are you trying to combine/patch btw?
1141832626 M * phycho Bertl - all of those i had in that list
1141832639 M * phycho with vserver
1141832643 M * Bertl on 2.4 
1141832672 M * Bertl and you got the 1.2.11-rc1 patch, right?
1141832686 M * eyck oh goodie
1141832691 M * eyck we're working on 1.2.11 again?
1141832704 M * Bertl eyck: sure, always, wanna team up? :)
1141832707 M * phycho yep
1141832709 M * eyck sure, why not
1141832711 P * nomad_cz 
1141832734 M * eyck phycho: all your problems are cause by grsec. Howgh.
1141832754 M * phycho yep
1141832755 M * eyck caused
1141832757 M * phycho nothing new there dude.
1141832765 M * phycho grsec is a bastard when you try to compile it with anything else
1141832789 M * eyck well, if I would be saying anything new, I wouldn't be using 'Howgh', 
1141832797 M * phycho lol
1141832804 M * eyck with new things all bets are off...everything could've gone wrong..
1141832805 M * phycho it does a good job though
1141832818 M * eyck yeah, of keeping admins busy
1141832829 M * phycho haha
1141832844 M * eyck we wouldn't want those lazy bastard to be reading bash.org or sth...
1141832849 M * eyck bastards even.
1141832857 M * phycho lol
1141832919 M * phycho i might do some manual hacking on 2.6.x
1141832922 M * phycho if this doesnt work
1141832927 M * Bertl wasn't there a nice vserver/grsec combo patch for 2.4?
1141832939 M * eyck yeah! there were lots of those!
1141832951 M * eyck every kid and his dog had one of his own
1141832952 M * frz i would like to have more file decriptors inside a vserver (with 2.6 kernel stable release) - how can i do this? 
1141832955 M * eyck I made a few
1141832959 M * eyck very nice...
1141832964 M * eyck I made few, even.
1141832975 M * Bertl frz: what is your current limit?
1141832992 M * frz ulimit -n - tells me 1024
1141832996 M * Bertl frz: and is it a context resource limit or ulimit?
1141833006 M * Bertl frz: ah, so ulimit, I assume
1141833016 M * Bertl frz: what limits do you have on the host?
1141833084 M * frz ulimit -a inside vserver tells me : open files                      (-n) 1024 - and thats not enough
1141833102 M * Bertl and on the host, as root, what do you get there?
1141833113 M * frz on the main or inside vserver
1141833120 M * frz same
1141833164 M * eyck on the master vserver you probably set it yourself with pam, 
1141833190 M * eyck or sth
1141833197 M * phycho eyck - you still got one?
1141833207 M * Bertl frz: so I assume that your host (physical server) already limit that to 1024
1141833223 M * Bertl frz: lifting that limit, or changing it for the guest should help
1141833269 M * eyck phycho: hmm, grsec+vs? yeah, probably somewhere in the archives... but it's not current, against ~2.4.19 or sth.. I moved to openwall and am generally way happier person since.
1141833274 M * eyck my hair got better
1141833277 M * eyck not to mention sex life
1141833295 M * frz i try
1141833333 M * phycho k
1141833342 M * phycho haha
1141833374 M * eyck frz: look at your /etc/security/limits.conf, and also into startup scripts..., (on master v)
1141833376 M * phycho ive found an old grsecurity version
1141833508 M * Bertl http://team.lea-linux.org/bgigon/vserver/
1141833516 M * phycho http://www.felinemenace.org/~andrewg/stuff/grsec+vserver/
1141833517 M * phycho found one
1141833535 M * frz oki - i will tell you when success :) thx alot
1141833560 M * phycho Be careful, grsecurity 2.1.1 has a security hole with certain grsec configurations.
1141833560 M * phycho Use DaPhreak's patch : 
1141833561 M * phycho lol
1141833563 M * phycho how ironic!!
1141833620 M * Bertl frz: you're welcome! btw, check out the ulimit settings for the guest config, contrary to the documentation they should be supported
1141834212 Q * frz Remote host closed the connection
1141834240 J * frz ~frzzzz100@jaim.at
1141834348 M * Bertl wb frz!
1141834520 Q * baggins Quit: leaving
1141834588 M * harry first production server is in! :)
1141834609 M * harry phycho: http://harry.ulyssis.org/vserver
1141834611 M * Bertl harry: congrats!
1141834649 M * harry Bertl: tnx ;)
1141835192 Q * ||Cobra|| Remote host closed the connection
1141835209 M * SiD3WiNDR harry: did you find what was causing the securetty stuff?
1141835248 M * harry yes
1141835253 M * phycho harry - you manage to do those for 2.4?
1141835262 M * harry a many times broken down base-config
1141835273 M * harry no shadow passwords etc...
1141835278 M * harry just... weirdness :)
1141835280 M * harry all fixed now
1141835291 M * harry phycho: havent tried... sr
1141835292 M * harry y
1141835329 M * phycho k
1141835733 M * SiD3WiNDR :-)
1141835753 M * SiD3WiNDR that's something I do notice on new vservers though (at least on debian)
1141835756 M * SiD3WiNDR shadow is turned off
1141835779 M * h01ger run "shadowconfig on"
1141835785 M * SiD3WiNDR yes, I know that
1141835790 M * SiD3WiNDR I just think it should be default on ;)
1141835801 M * SiD3WiNDR cause I tend to forget that and only notice it after a month
1141835818 M * h01ger thats really no vserver issue.. (to configure the system..)
1141835863 J * stefani ~stefani@superquan.apl.washington.edu
1141836084 M * Bertl welcome stefani!
1141836164 M * stefani salut
1141836547 J * matt1 ~matta@c-68-32-239-173.hsd1.pa.comcast.net
1141836832 Q * phycho Quit: 
1141836914 Q * matta Ping timeout: 480 seconds
1141837023 M * doener Bertl: sendfile patch here: http://www.13thfloor.at/~doener/vserver/patches/delta-sendfile-fix.diff
1141837042 M * doener (in case that you don't like to extract it from the email)
1141837046 M * Bertl doener: tx!
1141837061 M * doener np
1141837141 M * SiD3WiNDR h01ger: no, it isn't, but a default debian install does enable it automatically ;)
1141837154 M * SiD3WiNDR and the "evil" debian vserver scripts did ask that question too ;)
1141837174 M * SiD3WiNDR but yes, it's become a habit to to some copying of files, tzconfig, shadowconfig, etc upon new vserver creation ;)
1141837206 M * h01ger SiD3WiNDR, a default install does. a default debootstrap "installation" not.
1141837225 M * h01ger (which doesnt change anything that this is a bug..)
1141837252 M * SiD3WiNDR indeed
1141838579 M * Bertl doener: details? did we (I?) miss that when adding the sendfile fixes?
1141838883 M * doener Bertl: seems like ;) those changes are the only to sendfile from 2.6.15 to 2.6.16-rc5
1141838914 J * fwl ~fwl@83-215-237-1.seek.stat.salzburg-online.at
1141838946 M * doener i didn't check verify_rw_area to see what was changed there
1141838981 M * Bertl wb fwl!
1141839505 J * bonbons ~bonbons@83.222.39.180
1141839659 M * Bertl welcome bonbons!
1141840001 M * bonbons Hi Bertl
1141840902 M * blizz heyho everybody
1141840924 M * Bertl welcome blizz!
1141841530 Q * frz Read error: Connection reset by peer
1141841583 J * frz ~frzzzz100@jaim.at
1141841624 Q * frz Remote host closed the connection
1141841677 J * frz ~frzzzz100@jaim.at
1141841771 Q * frz Remote host closed the connection
1141841813 J * frz ~frzzzz100@jaim.at
1141841829 Q * frz Remote host closed the connection
1141841874 J * frz ~frzzzz100@jaim.at
1141841886 P * frz 
1141842535 Q * coocoon Ping timeout: 480 seconds
1141842854 J * exp[a] USERNAME@eserv.comex.ru
1141842865 M * Bertl welcome exp[a]!
1141842874 M * FaUl welcome bertl! :-)
1141842885 M * Bertl hey FaUl! :)
1141843107 J * coocoon ~coocoon@p54A073D2.dip.t-dialin.net
1141843211 M * Bertl okay, off for a while now ... back later ...
1141843219 N * Bertl Bertl_oO
1141843447 J * phycho ~phycho@ext-gw.darktech.org.uk
1141843451 M * phycho harry
1141843453 M * phycho you around?
1141843959 M * Snow-Man Does apache2 use sendfile by default?
1141844023 M * daniel_hozac yes.
1141844041 M * Snow-Man Dangit.
1141844046 M * Snow-Man So I need that sendfile patch. :/
1141844070 J * shedi ~siggi@inferno.lhi.is
1141844077 M * daniel_hozac you could just disable it in the configuration.
1141844274 M * Snow-Man err, wait, except it's working atm...
1141844284 M * Snow-Man When was the bug introduced?
1141844466 M * doener Snow-Man: somewhere between 2.6.15 and 2.6.16-rc5... (well, the bug is in the vserver patch as it doesn't deal correctly with the change)
1141844470 Q * coocoon Quit: KVIrc 3.2.0 'Realia'
1141844473 M * Snow-Man hrmpf.
1141844479 M * Snow-Man ok.
1141844601 M * harry phycho: yes
1141844704 M * harry pm :)
1141845674 Q * hijacker Quit: Leaving
1141845784 Q * exp[a] Read error: Connection reset by peer
1141846445 J * doener_ ~doener@i5387D174.versanet.de
1141846855 Q * doener Ping timeout: 480 seconds
1141847221 J * chirp ~chirp@202-169-194-76.megapass.world-net.co.nz
1141847252 Q * fwl Quit: This computer has gone to sleep
1141847269 J * fwl ~fwl@83-215-237-1.seek.stat.salzburg-online.at
1141847297 Q * fwl Quit: 
1141847838 J * Geert geert@geert.irssi.be
1141848279 Q * chirp Quit: Leaving
1141848754 Q * phycho Ping timeout: 480 seconds
1141851729 Q * Hollow Quit: SIGTERM
1141851747 Q * bonbons Quit: Leaving
1141851764 J * Hollow ~hollow@home.xnull.de
1141851900 J * phycho ~phycho@ext-gw.darktech.org.uk
1141851903 M * phycho hey harry
1141851906 M * phycho just to let you know
1141851908 M * phycho it works fine
1141851910 M * phycho =) haha
1141854571 J * Aiken ~james@tooax6-082.dialup.optusnet.com.au
1141857197 Q * phycho Ping timeout: 480 seconds
1141857973 J * dearaujo ~dan@cpe-66-25-189-193.austin.res.rr.com
1141858315 M * dearaujo With the SET_UTSNAME flag present, I assume the Context can change only change its utsname - not the hosts?
1141858397 M * dearaujo ie, what held in /proc.../cvirt?
1141858418 P * stefani I'm Parting (the water)
1141858692 M * mugwump dearaujo: yes.  in fact the hostname being virtualised is compulsory and not possible to ever change the host's AFAIK
1141858731 M * dearaujo great - wanted to make sure I understood that correctly
1141858735 M * dearaujo mugwump: thanks
1141858848 P * dearaujo 
1141858913 J * phycho ~phycho@ext-gw.darktech.org.uk
1141859235 Q * lilalinux Remote host closed the connection
1141859580 N * Bertl_oO Bertl
1141859585 M * Bertl evening folks!
1141859640 M * doener_ evening Bertl!
1141860147 M * mugwump hey Bertl 
1141860160 M * mugwump I tried to post a submission the other day, but it didn't make it to LKML
1141860168 M * mugwump did you get that e-mail?
1141860208 M * Bertl the two part one?
1141860210 M * mugwump yeah
1141860222 A * mugwump waits for the "no, never heard of it" response
1141860255 M * mugwump I didn't think LKML was moderated
1141860384 Q * phycho Ping timeout: 480 seconds
1141860385 M * mugwump perhaps posts from non-members are, and this one was dropped.  maybe I'll just make those posts from my own address
1141860388 M * doener_ there are some rules for it, like the 100k size limit
1141860414 M * mugwump I have been using the catalyst address for the submissions to honour that they're paying me to work on this
1141860422 M * doener_ but AFAIK that's done by the ml software, no moderation
1141860424 M * mugwump well, they're paying me, and I'm working on this ;)
1141860601 M * Bertl mugwump: probably your host has no reverse or is on some blacklist
1141860637 M * Bertl mail1.catalyst.net.nz (godel.catalyst.net.nz [202.78.240.40])
1141860660 M * Bertl you should make both, forward and reverse show the same name
1141860763 M * mugwump are you sure?  my normal posts make it, and my other account has the same thing going on
1141860797 M * mugwump watts.utsl.gen.nz ([202.78.240.73]:35240 "EHLO mail.utsl.gen.nz")
1141860832 M * Bertl yeah, but your headers are usually more complicated, i.e.
1141860837 M * Bertl Received: from [127.0.0.1] (longdrop.watts.utsl.gen.nz [192.168.255.49])
1141860873 M * Bertl which looks like it 'came' from a host in watts.utsl.gen.nz
1141860885 M * mugwump right, which doesn't exist from the outside
1141860926 M * Bertl but there is a way to check such stuff for kernel.org
1141860929 J * comfrey ~comfrey@h-64-105-87-234.sttnwaho.covad.net
1141860936 M * Bertl welcome comfrey!
1141860957 M * Bertl mugwump: just check the web pages, they have a test option somewhere
1141861223 M * mugwump hmm weird.
1141861256 M * mugwump well, what I'm going to try to do next is port the next patch in my series (/proc hooks) on top of ebiederm's proc refactoring
1141861396 Q * meandtheshell Quit: bye bye ... 
1141861921 J * phycho ~phycho@ext-gw.darktech.org.uk
1141861931 M * Bertl wb phycho!