1146960186 M * s0undt3ch how do I guive a guest logging capabilities? 1146960217 M * daniel_hozac you start syslog :) 1146960247 Q * ntrs_ Ping timeout: 480 seconds 1146960254 M * s0undt3ch daniel_hozac: my guest vhoster has syslog running 1146960275 M * s0undt3ch my guest can't start it because it does not have access to /proc/kmsg 1146960287 M * daniel_hozac yes, which is why you should comment that. 1146960299 M * s0undt3ch which leaves me no source at all 1146960312 M * s0undt3ch with the default conf 1146960336 M * daniel_hozac what distro is that? 1146960359 M * s0undt3ch gentoo (vserver-baselayout) 1146960395 M * s0undt3ch errr, never mind, I have 2 src's 1146960402 M * s0undt3ch source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); }; 1146960491 J * ntrs ~ntrs@68-188-51-87.dhcp.stls.mo.charter.com 1146960578 J * ntrs_ ~ntrs@dsl-203-81-rt2-bras.wnvl.centurytel.net 1146960962 M * hillct well, after all that, it's possible I just have a bad nic card 1146961027 Q * ntrs Ping timeout: 480 seconds 1146961184 M * Skram_[Sick] hillct: yeapps 1146961187 M * Skram_[Sick] possible 1146961194 M * Skram_[Sick] do you have only one server? 1146961233 M * Skram_[Sick] anyone have a used apple laptop they would be parting with anytime soon? 1146961302 M * hillct this one's the biggest 1146961335 J * ntrs ~ntrs@68-188-51-87.dhcp.stls.mo.charter.com 1146961336 M * hillct it's got two nics though so I'll be able to swap over 1146961352 M * hillct and I still need to do the kernel 1146961391 M * daniel_hozac that's the upside of using distribution kernels, you never have to worry :) 1146961440 M * daniel_hozac (well, except for when bad patches go in to the security errata kernels... /me sighs) 1146961478 Q * ntrs_ Read error: Connection reset by peer 1146961521 J * ntrs_ ~ntrs@dsl-203-81-rt2-bras.wnvl.centurytel.net 1146961896 Q * ntrs Ping timeout: 480 seconds 1146961962 M * s0undt3ch well, now, I have an apache server running on a guest, if I do 10.1.0.5 it's local ip I can access it, but using my domain I can't ideas? 1146962059 M * daniel_hozac from where are you accessing it? how? what does your iptables looks like? 1146962187 M * s0undt3ch 1: from my local lan, but using my FQDN 1146962198 M * s0undt3ch 2: browser !? 1146962215 M * s0undt3ch 3: running ipkungfu, a script that handles iptables rules 1146962232 M * s0undt3ch with nat enabled 1146962232 M * daniel_hozac FQDN resolving to...? how is your client connected to the server? 1146962269 M * s0undt3ch ... wait ... 1146962483 M * s0undt3ch FQDN resolving to the ip(dynamic) assigned by my isp 1146962500 M * s0undt3ch client and server are on local lan 1146962629 M * s0undt3ch hum, guess this 'iptables -t nat -A PREROUTING -d HOST_IP -i eth0 -p tcp -m tcp --dport HOST_PORT -j DNAT --to-destination GUEST_IP:GUEST_PORT' would do it, but I'm on dynamic ip 1146962872 M * s0undt3ch daniel_hozac: currently the rules I have that match my guest running apache ip are > http://vservers.pastebin.com/702818 1146962966 M * daniel_hozac you'll need to configure whatever decide is in front of your client and server to handle that. 1146963207 M * s0undt3ch daniel_hozac: what do you mean by client? 1146963223 M * daniel_hozac the one connecting to the server :) 1146963252 M * s0undt3ch daniel_hozac: an iptables rule(in between) right? 1146963309 M * daniel_hozac yeah. your rule above should do it. 1146963343 M * s0undt3ch I have to remove the part HOST_IP since I'm on dynamic ip 1146963362 M * s0undt3ch so, that paste I sent you includes the rule 1146963415 M * daniel_hozac and that's on your border router, i.e. the client's gateway? 1146963449 M * s0undt3ch yup 1146963505 M * s0undt3ch my router which is my gateway which is my vserver 1146963514 M * daniel_hozac so you can't connect to other websites from the client, right? 1146963523 M * s0undt3ch sure I can 1146963568 M * daniel_hozac then your rules are wrong, as those should redirect everything to your guest. 1146963573 M * daniel_hozac and where's the -t nat? 1146963630 M * s0undt3ch those aren't all the rules 1146963688 M * s0undt3ch http://vservers.pastebin.com/702830 <- these are 1146963750 M * daniel_hozac FYI, we have paste.linux-vserver.org 1146963771 M * daniel_hozac i assume those aren't the complete rules, right? you have no -t nat anywhere. 1146963883 M * s0undt3ch well, yes the last ones are 1146963936 M * daniel_hozac are what? 1146964017 M * s0undt3ch k, this is the output of iptables-save -> http://paste.linux-vserver.org/17 1146964025 M * s0undt3ch nothing in between 1146964067 M * s0undt3ch and aparently no I have no -t NAT 1146964104 M * s0undt3ch hum, still I have internet form a diff comp inside local lan 1146964177 M * daniel_hozac -A PREROUTING -s 10.1.0.0/255.255.255.0 -d ! 10.1.0.0/255.255.255.0 -j RETURN 1146964186 M * daniel_hozac 10.1.0.0/24 is your local network? 1146964191 M * s0undt3ch yes 1146964222 M * daniel_hozac you'll have to remove that rule then, if you want your local boxes to be able to access the guest. 1146964265 M * daniel_hozac (with the FQDN resolving to your public IP address) 1146964280 M * s0undt3ch oh, now that with ipkungfu might be a pain in the *ss 1146964323 M * s0undt3ch so basicly, the outside world is able to access my guest but I'm not? 1146964338 M * daniel_hozac i'd say so. 1146964346 M * s0undt3ch interesting 1146964366 M * s0undt3ch what do you use for firewall? plain iptables rules or a script? 1146964443 M * daniel_hozac a small script i wrote. 1146964443 Q * shedi Read error: Connection reset by peer 1146964542 M * s0undt3ch you also do shaping? 1146964600 M * daniel_hozac no, nothing fancy at all. it's very basic. 1146964641 M * s0undt3ch latter I'd like to do some shapping too, still have to investigate it 1146964661 M * daniel_hozac (it's basically stateful forwarding + port forwards) 1146964804 M * s0undt3ch k, removed that line you said from my scrip, now I see my web server 1146964806 M * s0undt3ch ;) 1146965385 J * shedi ~siggi@inferno.lhi.is 1146966355 M * s0undt3ch daniel_hozac: :( now I can't browse the internet, all I get is my gest webserver 1146966362 M * s0undt3ch got to make some changes 1146966369 M * daniel_hozac as i said ;) 1146966406 M * daniel_hozac you need to limit your -j DNAT's to -d 1146966484 M * s0undt3ch I can't my public ip is dynamic it changes every ~36hours 1146966530 M * daniel_hozac so you just need to put the DNATs in a separate chain that you flush and recreate every time you get a new IP address. 1146967699 M * Skram_[Sick] how do i do ipforwarding? i have iptables setup.. 1146967793 M * daniel_hozac echo 1 > /proc/sys/net/ipv4/ip_forward 1146968551 M * [PUPPETS]Gonzo daniel_hozac: don't you sleep ever? 1146968794 M * s0undt3ch daniel_hozac: wonder if you know: when a connection is established with rp-pppoe does /etc/ppp/ip-up get's runned also? 1146968827 M * s0undt3ch or anyone knows ;) 1146969066 Q * ntrs_ Quit: Leaving 1146969367 M * s0undt3ch seems like it; 1146969387 M * s0undt3ch the daniel_hozac I can have that -j DNAT's to -d rule always updated 1146969519 M * s0undt3ch well, got to get some sleep 1146969527 M * [PUPPETS]Gonzo sleep well 1146970179 J * s0undt3c1 ~s0undt3ch@bl7-241-169.dsl.telepac.pt 1146970216 M * Skram_[Sick] daniel_hozac: then what? 1146970242 M * Skram_[Sick] hercules / # cat /proc/sys/net/ipv4/ip_forward 1146970243 M * Skram_[Sick] 1 1146970278 M * Skram_[Sick] can i have some syntax? 1146970368 Q * s0undt3ch Ping timeout: 480 seconds 1146970408 M * Skram_[Sick] like this: ? iptables -t nat -A PREROUTING -p tcp -d 70.86.176.57 --dport 80 -j DNAT --to-destination 70.86.176.20 1146970730 M * daniel_hozac Skram_[Sick]: after that, your box will be forwarding packets, assuming the FORWARD chain allows it. 1146970828 M * Skram_[Sick] well 1146973959 M * Skram_[Sick] daniel_hozac: iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) 1146973963 M * Skram_[Sick] Perhaps iptables or your kernel needs to be upgraded. 1146973965 M * Skram_[Sick] wtf 1146973969 M * Skram_[Sick] i added the module to the kernel and recompiled. 1146974271 M * [PUPPETS]Gonzo depmod -a ? load the module manually? 1146974282 M * [PUPPETS]Gonzo gn8 1146974433 M * Skram_[Sick] fixed 1146974435 M * Skram_[Sick] this way i can have the ptr which is tied to a shell server go to the webserver when a user connects to port 80 1146974669 M * Skram_[Sick] is 1.8M for a kernel considered big? 1146976763 J * _nokoya young@hi-230-82.tm.net.org.my 1146976823 Q * nokoya Ping timeout: 480 seconds 1146976835 N * _nokoya nokoya 1146978197 J * keyser_soze ~cimarron@200.127.187.27 1146978424 Q * keyser_soze Remote host closed the connection 1146981231 M * Hollow [PUPPETS]Gonzo: pong? 1146982178 Q * hillct Read error: Connection timed out 1146983723 Q * softi42 Ping timeout: 480 seconds 1146984338 J * softi42 ~softi@p549D7E12.dip.t-dialin.net 1146986273 M * Skram_[Sick] sentien-shells mark # mtr 70.86.176.2 1146986273 M * Skram_[Sick] mtr: unable to get raw sockets. 1146986274 M * Skram_[Sick] ?? 1146986283 M * Skram_[Sick] any idea how i can SECURELY allow them a raw socket? 1146986289 M * Skram_[Sick] i only want root on the vps to be able to/ 1146986413 M * daniel_hozac you can't give a guest raw sockets in any secure manner. they're insecure by definition. 1146986445 M * daniel_hozac but as they require capabilities, you wouldn't be able to use it as a user. 1146986469 M * daniel_hozac Bertl_zZ: finally got it tracked down, http://daniel.hozac.com/vserver/delta-lease-fix01.diff seems to fix it. 1146986729 M * daniel_hozac (http://daniel.hozac.com/vserver/debug for debugging output + WARN_ON, http://daniel.hozac.com/vserver/test-lease.c for test case) 1146988020 J * bonbons ~bonbons@83.222.39.118 1146988080 N * Bertl_zZ Bertl 1146988085 M * Bertl morning folks! 1146988089 M * daniel_hozac morning! 1146988163 M * Bertl daniel_hozac: ah, that explains it ... 1146988275 M * Bertl daniel_hozac: question is, we have a file tag, it might make sense to tkae the lock tag from there, no? 1146988315 M * Bertl (it's early in the morning, so I might be missing something :) 1146988460 M * daniel_hozac i guess so, but i think filp may be NULL. 1146988514 M * Bertl ah, okay, good point, then maybe warn/BUG_ON inconsistancies? 1146988582 M * daniel_hozac we've got that in lease_alloc already, which calls lease_init. i guess moving it to lease_init might make sense though. 1146988629 M * Bertl do you have some good tool to test the locks? 1146988644 M * daniel_hozac all of them? no. 1146988659 M * Bertl well, at least some of them would do for a start :) 1146988670 M * daniel_hozac well, the leases are tested by test-lease.c above. 1146988694 M * Bertl ah, missed that one, good point, that's from the test suite, yes? 1146988706 M * daniel_hozac hmm? what test suite? 1146988776 M * daniel_hozac btw, what did you ping me about on friday morning? 1146988919 J * Viper0482 ~Viper0482@p5497727A.dip.t-dialin.net 1146989252 M * Bertl daniel_hozac: not relevant anymore, was looking for fc5 packages ... 1146989309 M * daniel_hozac ah, ok. did you find what you were looking for? 1146989336 M * Bertl I guess so, rpmfind did at least find some packages for me :) 1146989342 M * daniel_hozac hehe. 1146989395 M * Bertl we should definitely make a wiki page where all the distro package sources are listed ... maybe with some kind of automated or scriptable interface 1146989491 M * Bertl daniel_hozac: how did you find the lease issue? 1146989494 M * daniel_hozac distro package sources == util-vserver + kernel? 1146989512 M * Bertl yes, maybe the major dependancies like dietlibc too 1146989530 M * daniel_hozac i was cat'ing my samba guest's /proc/virtual/.../limit and noticed absurd values for LOCKS. 1146989560 M * daniel_hozac samba gets a lease for every file you open, apparently. 1146989587 M * Bertl I guess we should remove the assignment from alloc, no? 1146989615 M * Bertl and move the inc after the error check 1146989632 M * Bertl lease_alloc() that is :) 1146989638 M * daniel_hozac can we do that? 1146989651 M * Bertl I don't see why not? 1146989654 M * daniel_hozac lease_init calls locks_free_lock if the type is invalid. 1146989659 M * daniel_hozac which calls dec. 1146989688 M * daniel_hozac did you see http://daniel.hozac.com/vserver/delta-locks-fix01.diff? 1146989701 M * Bertl hmm, no, not yet .. sec 1146989718 M * daniel_hozac (speaking of locks_free_lock :)) 1146989741 M * Bertl BUG(); 1146989743 M * Bertl return; 1146989750 M * Bertl very interesting approach :) 1146989790 M * daniel_hozac hehe. 1146990076 M * Bertl okay, guess you are right, we cannot move the inc down 1146990117 M * Bertl but, what makes me wonder here is, why do you need the tagging in lease_init at all? 1146990178 M * daniel_hozac fcntl_setlease, it uses lease_init directly. 1146990193 M * Bertl more than that, I think that it might do the wrong thing when the lock is already tagged there? 1146990195 M * daniel_hozac because the lock is on the stack. 1146990227 M * daniel_hozac hmm, why would lease_init be called with an already existing lock? 1146990252 M * Bertl why would it be called without previously allocating the lock? 1146990265 M * daniel_hozac 10:23 < daniel_hozac> because the lock is on the stack. 1146990266 M * Bertl ah, because of the stack 1146990271 M * daniel_hozac ;) 1146990283 A * Bertl gets some caffeine ... 1146990304 M * daniel_hozac lease_init is just used in lease_alloc and fcntl_setlease. 1146990310 M * Bertl hmm, hmm, okay, let's get that together once again 1146990332 M * Bertl we cannot do the accounting _after_ an init, because init might dispose the lock, right? 1146990339 M * daniel_hozac right. 1146990362 M * Bertl surprisingly that even works (by luck?) with a lock on the stack ... 1146990383 M * daniel_hozac what does? 1146990394 M * daniel_hozac the init? 1146990398 M * Bertl yep 1146990415 M * daniel_hozac oh, i see what you mean, the lock freeing? 1146990444 M * Bertl well, init, I hope that it does not free it :) 1146990457 M * daniel_hozac well, it might. 1146990475 M * Bertl that's what I'm worrying about :) 1146990515 M * daniel_hozac yeah, that looks like a mainline bug. 1146990523 M * Bertl can we construct a test case which triggers that? 1146990539 M * Bertl should be pretty simple, I'd say 1146990546 M * daniel_hozac fcntl_setlease with an invalid arg should do it. 1146990610 M * Bertl okay, have to leave now .. but will be back in the afternoon ... feel free to investigate and/or submit an lkml bug report ... 1146990645 M * Bertl (will revisit the locking stuff then) 1146990673 N * Bertl Bertl_oO 1146991653 M * daniel_hozac heh, nice. it works. 1146991791 M * daniel_hozac not even a nice oops or anything, it just completely hangs the box. 1146992284 Q * derjohn Remote host closed the connection 1146992315 M * daniel_hozac i'll verify on 2.6.17-rc3-git12. 1146993491 M * daniel_hozac confirmed. 1146993501 M * daniel_hozac although it took longer to get the box to crash. 1146994655 J * knoppix_ ~knoppix@p54A85AFE.dip.t-dialin.net 1146994825 M * knoppix_ test 1146994885 M * daniel_hozac congratulations. 1146995737 M * knoppix_ thanks :) 1146997076 J * Dr4g ~Dr4g@82-40-41-19.cable.ubr06.uddi.blueyonder.co.uk 1146998048 Q * s0undt3c1 Quit: Lost terminal 1146998133 J * s0undt3ch ~s0undt3ch@bl7-241-169.dsl.telepac.pt 1146999592 Q * Smutje helium.oftc.net arion.oftc.net 1146999592 Q * virtuoso helium.oftc.net arion.oftc.net 1146999592 Q * cohan helium.oftc.net arion.oftc.net 1146999592 Q * sid3windr helium.oftc.net arion.oftc.net 1146999592 Q * nox helium.oftc.net arion.oftc.net 1146999592 Q * kilian helium.oftc.net arion.oftc.net 1146999592 Q * matti helium.oftc.net arion.oftc.net 1146999592 Q * [PUPPETS]Gonzo helium.oftc.net arion.oftc.net 1146999592 Q * Bertl_oO helium.oftc.net arion.oftc.net 1146999592 Q * sannes helium.oftc.net arion.oftc.net 1146999592 Q * Adrinael helium.oftc.net arion.oftc.net 1146999592 Q * s0undt3ch helium.oftc.net arion.oftc.net 1146999592 Q * Viper0482 helium.oftc.net arion.oftc.net 1146999597 Q * bonbons helium.oftc.net arion.oftc.net 1146999597 Q * nokoya helium.oftc.net arion.oftc.net 1146999597 Q * shedi helium.oftc.net arion.oftc.net 1146999597 Q * Zaki_ helium.oftc.net arion.oftc.net 1146999597 Q * Hollow helium.oftc.net arion.oftc.net 1146999597 Q * morrigan helium.oftc.net arion.oftc.net 1146999597 Q * BobR_oO helium.oftc.net arion.oftc.net 1146999597 Q * matvey helium.oftc.net arion.oftc.net 1146999597 Q * Skram_[Sick] helium.oftc.net arion.oftc.net 1146999597 Q * teukka helium.oftc.net arion.oftc.net 1146999597 Q * Wenix helium.oftc.net arion.oftc.net 1146999597 Q * mire helium.oftc.net arion.oftc.net 1146999597 Q * locksy helium.oftc.net arion.oftc.net 1146999597 Q * sukria helium.oftc.net arion.oftc.net 1146999597 Q * VAndreas helium.oftc.net arion.oftc.net 1146999597 Q * jkl helium.oftc.net arion.oftc.net 1146999597 Q * FireEgl helium.oftc.net arion.oftc.net 1146999597 Q * trash helium.oftc.net arion.oftc.net 1146999597 Q * Dr4g helium.oftc.net arion.oftc.net 1146999597 Q * cehteh helium.oftc.net arion.oftc.net 1146999597 Q * Vudumen helium.oftc.net arion.oftc.net 1146999597 Q * rmoriz helium.oftc.net arion.oftc.net 1146999597 Q * Loki|muh helium.oftc.net arion.oftc.net 1146999597 Q * phreak`` helium.oftc.net arion.oftc.net 1146999597 Q * baggins helium.oftc.net arion.oftc.net 1146999597 Q * Johan helium.oftc.net arion.oftc.net 1146999597 Q * sladen helium.oftc.net arion.oftc.net 1146999597 Q * SNy helium.oftc.net arion.oftc.net 1146999597 Q * insomniac helium.oftc.net arion.oftc.net 1146999597 Q * waldi helium.oftc.net arion.oftc.net 1146999597 Q * ddlp helium.oftc.net arion.oftc.net 1146999597 Q * micah helium.oftc.net arion.oftc.net 1146999597 Q * Radiance helium.oftc.net arion.oftc.net 1146999597 Q * BenBen helium.oftc.net arion.oftc.net 1146999597 Q * cemil helium.oftc.net arion.oftc.net 1146999597 Q * Snow-Man helium.oftc.net arion.oftc.net 1146999597 Q * ag- helium.oftc.net arion.oftc.net 1146999597 Q * weasel helium.oftc.net arion.oftc.net 1146999597 Q * Hunger helium.oftc.net arion.oftc.net 1146999597 Q * knoppix_ helium.oftc.net arion.oftc.net 1146999597 Q * gdm helium.oftc.net arion.oftc.net 1146999597 Q * bogus helium.oftc.net arion.oftc.net 1146999597 Q * thorkild helium.oftc.net arion.oftc.net 1146999597 Q * otaku42_away helium.oftc.net arion.oftc.net 1146999597 Q * alexx|ikse helium.oftc.net arion.oftc.net 1146999597 Q * daniel_hozac helium.oftc.net arion.oftc.net 1146999597 Q * eyck helium.oftc.net arion.oftc.net 1146999597 Q * mountie helium.oftc.net arion.oftc.net 1146999597 Q * dhansen helium.oftc.net arion.oftc.net 1146999597 Q * bragon helium.oftc.net arion.oftc.net 1146999597 Q * MrX helium.oftc.net arion.oftc.net 1146999597 Q * tokkee helium.oftc.net arion.oftc.net 1146999623 J * s0undt3ch ~s0undt3ch@bl7-241-169.dsl.telepac.pt 1146999623 J * Viper0482 ~Viper0482@p5497727A.dip.t-dialin.net 1146999623 J * bonbons ~bonbons@83.222.39.118 1146999623 J * nokoya young@hi-230-82.tm.net.org.my 1146999623 J * shedi ~siggi@inferno.lhi.is 1146999623 J * Zaki_ ~Zaki@212.118.96.92 1146999623 J * Hollow ~hollow@home.xnull.de 1146999623 J * BobR_oO odie@212.16.62.52 1146999623 J * morrigan morrigan@212.16.62.52 1146999623 T * xenon.oftc.net http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.{0.2,1.1}-rc19 | util-vserver-0.30.210 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1146999745 J * knoppix_ ~knoppix@p54A85AFE.dip.t-dialin.net 1146999745 J * tokkee tokkee@ssh.faui2k3.org 1146999745 J * mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com 1146999745 J * eyck eyck@ghost.anime.pl 1146999745 J * daniel_hozac ~daniel@c-2d1472d5.010-230-73746f22.cust.bredbandsbolaget.se 1146999745 J * MrX ~urk@218.208.209.61 1146999745 J * gdm ~gdm@64.62.195.81 1146999745 J * bogus ~bogusano@fengor.net 1146999745 J * dhansen ~dave@sprucegoose.sr71.net 1146999745 J * thorkild ~Hiya@stray.priv.no 1146999745 J * otaku42_away ~otaku42@legolas.otaku42.de 1146999745 J * bragon ~bragon@sd866.sivit.org 1146999745 J * alexx|ikse ~alexx@proxy.ikse.net 1146999760 J * jkl eric@c-71-56-216-223.hsd1.co.comcast.net 1146999760 J * VAndreas ~Hossa@212.110.98.7 1146999791 J * mire ~mire@46-166-222-85.COOL.ADSL.VLine.Verat.NET 1146999791 J * sukria ~sukria@www.sukria.net 1146999791 J * Wenix ~wenix@81.7.189.11 1146999791 J * teukka ~tmatilai@backport.ri.fi 1146999791 J * locksy ~locksy@mrtg.sisgroup.com.au 1146999791 J * matvey ~matvey@host-234-246.netflow.ru 1146999791 J * Skram_[Sick] ~mark@admins.sentiensystems.net 1146999794 J * click click@ti511110a080-5538.bb.online.no 1146999821 J * FireEgl Atlantica@2001:5c0:84dc:: 1146999821 J * trash trash@databerlin.org 1146999879 J * matti matti@linux.gentoo.pl 1146999879 J * Smutje ~Smutje@xdsl-87-78-98-134.netcologne.de 1146999879 J * Bertl_oO herbert@212.16.62.52 1146999879 J * virtuoso ~s0t0na@80.253.205.251 1146999879 J * sannes ~ace@simula-084.simula.no 1146999879 J * cohan ~cohan@koniczek.de 1146999879 J * kilian kk@projects.verfaction.de 1146999879 J * sid3windr luser@bastard-operator.from-hell.be 1146999879 J * [PUPPETS]Gonzo gonzo@langweiligneutral.deswahnsinns.de 1146999879 J * nox ~nox@nox.user.oftc.net 1146999879 J * Adrinael adrinael@hoasb-ff09dd00-79.dhcp.inet.fi 1146999895 J * Dr4g ~Dr4g@82-40-41-19.cable.ubr06.uddi.blueyonder.co.uk 1146999895 J * cehteh foobar@cehteh.homeunix.org 1146999895 J * sladen paul@starsky.19inch.net 1146999895 J * insomniac ~insomniac@slackware.it 1146999895 J * ddlp ~ddlp@sarayi.kariva.org 1146999895 J * Hunger Hunger.hu@Hunger.hu 1146999895 J * Radiance 40fcc563d9@neon.trighost.org 1146999895 J * BenBen ~benny@defiant.wavecon.de 1146999895 J * Johan ~finger@lounge.datux.nl 1146999895 J * Vudumen ~vudumen@perverz.hu 1146999895 J * cemil ~cemil@defiant.wavecon.de 1146999895 J * rmoriz ~roland@moriz.name 1146999895 J * Snow-Man ~sfrost@kenobi.snowman.net 1146999895 J * Loki|muh loki@satanix.de 1146999895 J * ag- ag@caladan.roxor.cx 1146999895 J * weasel weasel@weasel.noc.oftc.net 1146999895 J * phreak`` ~phreak``@140.211.166.183 1146999895 J * baggins baggins@kenny.mimuw.edu.pl 1146999895 J * waldi ~waldi@bblank.thinkmo.de 1146999895 J * SNy 884dfbacff@bmx-chemnitz.de 1146999895 J * micah ~micah@69.90.134.205 1147003299 J * yarihm ~yarihm@84-74-17-70.dclient.hispeed.ch 1147003860 Q * Dr4g Ping timeout: 480 seconds 1147004504 J * hillct ~H@client200-5.dsl.intrex.net 1147005016 M * hillct daniel_hozac: ping 1147005048 J * doener ~doener@i5387D12C.versanet.de 1147005077 M * hillct do you know of any testing done, applying the 2.0.1 release patches to the newest 2.6.16.14 kernel? 1147005104 M * hillct morning doener 1147005264 J * dna ~naucki@dialer-150-148.kielnet.net 1147005327 M * doener morning 1147005331 M * dna ;) 1147005380 M * doener hillct: not that i'd know. any specific reasons for not using -rc19? 1147005406 M * hillct is that what 2.1 is up to now? 1147005409 M * hillct geez 1147005424 M * hillct I was working under the theory that stability is better 1147005433 M * doener both, 2.0.2 and 2.1.1 are at rc19 1147005440 M * hillct I'm upgrading from 2.0.1-pre2 1147005471 M * doener rc numbers are kept in sync, i.e. even if there are only changes in 2.1.1-rcX, 2.0.2 also goes up to rcX 1147005490 M * hillct ah 1147005496 M * doener 2.0.2-rc19 is the latest rc for the stable branch 1147005537 M * hillct how'd I miss that on the page 1147005538 M * doener (The official terms might be slighty different, I was confused when I heard an explanation for stable/devel/exp. the last time...) 1147005541 A * hillct checks again 1147005581 M * doener it's right under Download -> Stable Sources 1147005613 M * doener someone even managed to keep it up2date :) 1147005637 M * hillct heh 1147005647 M * hillct I was looking directly on 13thfloor 1147005654 M * hillct my mistake :) 1147005752 M * doener 13thfloor.at only has releases, neither -rcs nor deltas or whatever 1147005802 M * hillct ah 1147005842 M * hillct and your thinking is I should stick with kernel 2.6.13? 1147005953 M * doener the differences between .13 and .14 are small, probably only the Makefile hunk will fail if you apply both patches 1147005977 M * doener and that one is easy to fix yourself, so nobody cared to make another release 1147005998 M * doener ... and ofcourse we all were pretty busy at LinuxTag :) 1147006008 M * hillct yeah 1147006034 Q * Hollow Remote host closed the connection 1147006455 J * ntrs ~ntrs@68-188-51-87.dhcp.stls.mo.charter.com 1147006908 J * Hollow ~hollow@home.xnull.de 1147007101 Q * Hollow Remote host closed the connection 1147007154 J * Hollow ~hollow@home.xnull.de 1147008652 M * bonbons Bertl_oO: Is it intended behavior to prohibit link(src, dst) if src has IMMUTABLE flag set (IUNLINK is not set)? (running 2.1.1-rc19) 1147008720 M * doener bonbons: that's vanilla behaviour 1147008755 M * doener uhm... wait, I'm on the wrong box... 2.0.2-rc19 here... sec 1147008836 M * doener ok, confirmed, it's the same on vanilla 1147008905 M * hillct LOL 1147008918 M * bonbons but that's not really practical if we want to do unification/CoW. If we unify guest one after the other on second guest it will certainly fail (unless we remove immutable flag first) 1147008929 M * hillct you gotta be kidding. THAT's the makefile hunk faulure? 1147008964 J * luuca ~ytuty@80.91.114.179 1147009000 M * doener hillct: hm? 1147009013 M * hillct when you said easy to fix 1147009022 M * hillct you weren't kidding 1147009043 M * ntrs Is there an example or some more information about Ben_'s admin interface? It is mentioned on the linux tag page. 1147009043 M * bonbons but removing immutable for the time of hard-linking opens a small timeframe for guest to break other guests... 1147009125 M * doener hillct: of course not... it's just a matter of appending -vs2.0.2-rc19 to a line in the Makefile. that hunk always fails when the .y version changed and is almost always the only one that fails 1147009207 M * doener ntrs: AFAIK it's not yet ready for being GPL'd (or whatever license it will be) and AFAIK there's almost no information available yet 1147009210 M * hillct I figured there was sicnificant (actual) content there 1147009216 M * hillct anyway... 1147009218 M * hillct here goes 1147009230 M * ntrs doener, thanks. 1147009264 M * ntrs doener, it was shown on Linux-Tag thought, so it must be out there I guess. 1147009311 M * doener Ben_ was there and provided an installation for the purpose of showing it 1147009373 M * doener I didn't care that much about it, and only remember the login page, so unfortunately I can't tell much... 1147009424 M * doener IIRC it is based on daemons running on the vserver hosts, and a php-based web-applications that uses these daemons. 1147009473 M * doener VServer creation is based on vserver images and IIRC gerrit (author of the web-interface) said something about "ipflow"(?) based traffic accounting... 1147009490 M * doener that's about all I know about it 1147010164 M * hillct what default IO scheduler is recommended for vserver usage? 1147010173 A * hillct is going through make oldconfig 1147010242 J * ometra ~ometra@mc-media.com 1147010261 Q * mire Ping timeout: 480 seconds 1147010338 M * cehteh hillct: i would rather say that depends on what you want to run on your vserver 1147010350 M * cehteh but defaults should suffice 1147010415 J * _coocoon_ ~coocoon@p54A06429.dip.t-dialin.net 1147010419 M * _coocoon_ hello 1147010437 M * doener welcome _coocoon_ 1147010610 Q * luuca Quit: 1147011586 M * s0undt3ch I wrongly created a server with 'vserver-net --interface eth1:10.1.0.3' instead of 'vserver-net --interface eth1:10.1.0.3/24' 1147011592 M * s0undt3ch what's the easy way to fix this? 1147011685 M * doener echo 24 > /etc/vservers//interfaces/0/prefix 1147011791 M * daniel_hozac bonbons: why would you do unification and set immutable but not iunlink? 1147011869 M * doener btw, what's vserver-net? is that from vserver-utils? 1147011891 M * bonbons daniel_hozac: unifiying parts that should not be manipulated by guest (like /usr, /bin, /sbin/ and /lib) 1147011924 M * daniel_hozac again, why would you ever set immutable but not iunlink? 1147012029 M * doener daniel_hozac: to prevent any modifications... guests cannot unset the immutable flag. with iunlink they could remove the file and replace it 1147012063 M * bonbons in order to have similar result to ro fs + unionfs. With iunlink we fall back to CoW 1147013827 Q * shedi Quit: Leaving 1147013881 J * derjohn ~derjohn@80.69.37.19 1147014411 Q * yarihm Quit: Leaving 1147014571 M * daniel_hozac doener: btw, do you think http://daniel.hozac.com/vserver/delta-setlease-fix01.diff looks sane? 1147014961 M * daniel_hozac (it doesn't seem to fully fix the problem though) 1147015083 M * doener what is the problem if i may ask? ;) 1147015125 M * doener the changes to the locking code look a bit funny, but I only read the patch, will check the rest of the code 1147015261 M * daniel_hozac lease_init calls assign_type, and if it's invalid, calls locks_free_lock. 1147015329 M * daniel_hozac which leads to a kmem_cache_free(filelock_cache, ) 1147015371 M * doener fl on the stack sounds bad 1147015385 M * daniel_hozac it completely hangs my test box. 1147015431 M * daniel_hozac (eventually, it takes a while) 1147015474 M * daniel_hozac i'm not entirely sure if that's due to this, as the patch doesn't fix it... 1147015488 M * [PUPPETS]Gonzo hollow, are you there? 1147018703 Q * balbir Ping timeout: 480 seconds 1147019922 J * Java ~cdg@ppp-124.120.15.199.revip2.asianet.co.th 1147019930 P * Java 1147019946 M * Hollow [PUPPETS]Gonzo: yup 1147019954 M * Skram_[Sick] Hey all. 1147021019 J * Serh ~serh@86.34.44.81 1147021057 N * Serh Undernet 1147021101 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021102 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021102 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021103 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021142 M * hillct hey Skram_[Sick] 1147021154 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021154 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021154 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021155 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021155 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021155 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021156 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021157 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021157 M * Undernet aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 1147021252 M * Skram_[Sick] wtf. 1147021257 M * Skram_[Sick] hi, hillct 1147021275 M * hillct no ops awake aparently 1147021286 M * Undernet dsfsd 1147021286 M * Undernet sd 1147021286 M * Undernet f 1147021286 M * Undernet sdfsd 1147021287 M * Undernet f 1147021287 M * Undernet sd 1147021287 M * Undernet fsd 1147021289 M * Undernet f 1147021289 M * Undernet sd 1147021291 M * Undernet fsd 1147021291 M * Undernet f 1147021293 M * Undernet sd 1147021293 M * Undernet s 1147021295 M * Undernet sd 1147021295 M * Undernet sd 1147021297 M * Undernet dddddddddd 1147021347 M * Undernet sdfsdfsdfsdfdsm 1147021347 M * Undernet [gsdhp 1147021348 M * Undernet [dfpgh 1147021348 M * Undernet [dfh[jddf 1147021348 M * Undernet hg 1147021349 M * Undernet gpj 1147021349 M * Undernet dfjhfdh 1147021351 M * Undernet ofdjh 1147021351 M * Undernet pofh 1147021353 M * Undernet jddpfohojdfg 1147021353 M * Undernet phjf 1147021355 M * Undernet cjh 1147021355 M * Undernet fopdfjh 1147021357 M * Undernet ofojhdf 1147021357 M * Undernet oo 1147021359 M * Undernet dfhjdfjh 1147021359 M * Undernet fdjh 1147021361 M * Undernet dfp 1147021448 Q * Undernet Quit: 1147021765 M * Wonka what an asshole 1147021770 M * Skram_[Sick] Indeed. 1147021802 M * SNy I told #otfc about the situation. He was in #uml, too, doing the same, really. 1147022625 M * Skram_[Sick] *shower power* 1147023001 M * s0undt3ch has anyone kicked that ass! 1147023034 M * Wonka he has quit 1147023042 M * Wonka or was quit, i dunno. 1147023056 M * Wonka but i suppose has, because of his empty quit message 1147023063 M * s0undt3ch what does localhost(127.0.0.1) resolve on a guest, it's own ip or the main servers ip? 1147023077 M * s0undt3ch wonderfull 1147023078 M * Wonka whatever you put into /etc/hosts 1147023087 M * Wonka i'd say 1147023094 M * s0undt3ch yeah, but if I have 127.0.0.1? 1147023113 M * s0undt3ch will it resolve to the main server? 1147023130 M * Wonka $ host 127.0.0.1 1147023130 M * Wonka Name: localhost 1147023130 M * Wonka Address: 127.0.0.1 1147023152 M * Wonka # /etc/hosts 1147023152 M * Wonka 127.0.0.1 localhost 1147023191 M * Wonka but i cannot ping localhost or 127.0.0.1 1147023194 M * hillct Wonka: are you looking for each vserver to have it's own separete localhost IP? 1147023211 M * s0undt3ch my doubt is if the guest will think he's alone in the machine, so 127.0.0.1 would resolve to him, but since he's not alone might resolve to the master server localhost 1147023212 M * Wonka i am longing for each vserver's own lo 1147023218 M * hillct K 1147023219 M * hillct do this 1147023247 M * hillct touch /etc/vservers//interfaces/1/nodev 1147023252 M * Wonka best would be if each vserver had a lo with IP 127.0.0.1/8 1147023280 M * s0undt3ch hillct: what are the exact implications of that touch? 1147023290 M * hillct echo 127.0.0.2 >/etc/vservers//interfaces/1/ip 1147023297 M * hillct s0undt3ch: create an empty file 1147023326 M * hillct the second command created a file containing the IP address 1147023329 M * s0undt3ch hillct: besides that ;) 1147023355 M * s0undt3ch I'll rephrase what does the nodev exactly do 1147023358 M * hillct all we did here is create a new interface with no device associated with it 1147023395 M * hillct the alternative would be to create a file 'dev' containing the network device name to which the virtual ntwork device would be associated 1147023436 M * hillct nodev is not well documented. Bertl_oO mentioned it to me back when I first needed individual localhost IPs per server 1147023464 M * hillct Wonka: you'll of course want to update /etc/hosts in the vserver to reflect the new localhost IP 1147023468 M * hillct then restart 1147023471 M * Wonka mhmh 1147023490 M * Wonka but 127.0.0.1 won't work? 1147023743 Q * _coocoon_ Ping timeout: 480 seconds 1147024189 J * cyfer ~cyfer@tor-irc.dnsbl.oftc.net 1147024297 P * cyfer 1147024398 J * _coocoon_ ~coocoon@p54A06B52.dip.t-dialin.net 1147024732 M * hillct Is there any reason I wouldn't be able to compile the tools 30.210 while still on the 2.0.1-pre2 kernel ? 1147024753 M * hillct I wouldn't epect to use them of course, until after switching 1147024775 M * derjohn hillct, no, you can even compile the tools on an non-vs-pachted kernel 1147024777 M * harry hillct: dont' think so 1147024845 M * Skram_[Sick] sys-cluster/util-vserver-0.30.210-r13 1147024850 M * Skram_[Sick] where is the change log 1147024856 M * doener hillct: in your kernel config, make sure to either turn on legacy networking support or turn off the legacy version thingy (the latter being preferred) 1147024908 Q * rmoriz Quit: server migration. back in a few days. 1147024933 M * daniel_hozac hillct, Wonka, s0undt3ch: there's an experimental patch for per-guest isolated loopback. 1147024938 M * doener uhm, wrong, the former won't help anyway if you don't explicitly enable legacy support for util-vserver, so just turn off all legacy stuff with 0.30.210 1147024953 M * Skram_[Sick] /usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.6/../../../../i686-pc-linux-gnu/bin/ld: warning: creating a DT_TEXTREL in object. 1147024956 M * Skram_[Sick] collect2: ld returned 1 exit status 1147024958 M * Skram_[Sick] make[2]: *** [libbeecrypt.la] Error 1 1147024964 M * Skram_[Sick] is libbeecrypt needed for util-vserver?" 1147024970 M * daniel_hozac yes, for vhashify. 1147025005 M * Skram_[Sick] meh 1147025010 M * Skram_[Sick] it wont compile on my server 1147025040 M * doener daniel_hozac: the whole process fcntl_setlease goes through looks funny to me 1147025048 J * toblerp ~toblerp@85.90.130.132 1147025062 M * toblerp hi 1147025066 M * daniel_hozac doener: yeah, i agree. 1147025122 M * hillct daniel_hozac: I built the kernel with legacy version support off (first item) and legacy network support on. 1147025130 M * toblerp what is the split-x patch for vserver? 1147025179 M * daniel_hozac toblerp: it's a series of smaller patches that together form the larger patch. 1147025186 M * Skram_[Sick] File "test_all.py", line 19, in print_versions 1147025186 M * Skram_[Sick] from _bc import mpw 1147025186 M * Skram_[Sick] ImportError: No module named _bc 1147025186 M * Skram_[Sick] make[2]: *** [check] Error 1 1147025187 M * Skram_[Sick] ? 1147025214 M * toblerp why are there 2 patches? the normal one and the splitted ones? 1147025239 M * daniel_hozac toblerp: the split patches makes it easier to review. 1147025264 M * daniel_hozac toblerp: logically separated features vs. all of them mashed together. 1147025374 M * toblerp i see, thanks :) 1147025551 J * mire ~mire@233-167-222-85.COOL.ADSL.VLine.Verat.NET 1147025746 J * KelebekTurkce262 ~KLBKvTurk@85.101.53.184 1147025749 M * KelebekTurkce262 hello 1147025767 N * KelebekTurkce262 umit 1147025890 Q * _coocoon_ Quit: KVIrc 3.2.0 'Realia' 1147026315 Q * knoppix_ Quit: Verlassend 1147026736 M * umit #zafer came 1147026832 Q * umit autokilled: Spamming for your channel is not welcomed on this network. Mail support@oftc.net if you feel this ban to b 1147026889 M * s0undt3ch why am I getting this -> http://paste.linux-vserver.org/18 1147026944 M * s0undt3ch daniel_hozac: thanks for the experimental patch, but my server still ain't fully working :) 1147026983 M * daniel_hozac looks like you forgot to clean up your guest. 1147027016 M * s0undt3ch daniel_hozac: what needs to cleaned up? 1147027024 M * daniel_hozac /etc/inittab 1147027054 M * s0undt3ch daniel_hozac: remove all terminals? 1147027061 M * daniel_hozac yep. 1147027068 M * derjohn can't i renice within a guest? 1147027081 J * zafer ~Kelebek7@85.100.213.2 1147027084 M * daniel_hozac derjohn: only to higher nice values. (yay i got it right) 1147027099 A * zafer #zafer 1147027127 M * derjohn daniel_hozac, odd, but I regard it as a feature :) 1147027141 M * zafer :D 1147027142 Q * Viper0482 Ping timeout: 480 seconds 1147027155 M * zafer go home #zafer 1147027271 P * zafer 1147027281 M * daniel_hozac doener: hmm, __setlease doesn't set *flp when there was a previous lock. that would also break fcntl_setlease, wouldn't it? 1147027319 M * daniel_hozac (break for sure with my patch, not do what it's supposed to without it) 1147027425 M * doener derjohn: if the -EPERM from nice is problematic, there's a flag that makes the vserver just ignore requests to lower nice values 1147027444 M * doener that was introduced around the time that debian started nicing mysqld... 1147027695 M * doener daniel_hozac: where in __setlease exactly? 1147027703 J * Viper0482 ~Viper0482@p54977047.dip.t-dialin.net 1147027903 M * doener daniel_hozac: hm, doesn't your patch actually destroy the inserted lock and would therefore probably break in interesting ways? 1147027942 M * doener a slab leak plus an invalid lock in the filp 1147028896 M * derjohn doener, this would "nicer" from a user's point of view (no annoying errors) 1147029178 M * daniel_hozac doener: it's not in __setlease, that's what i'm saying. if (my_before != NULL) { ... 1147029252 M * daniel_hozac doener: how would it destroy the lock? the way i understood it, fl in fcntl_setlease is just used to find the correct lock, or contain settings for creating a new one. 1147029282 M * doener exactly 1147029325 M * doener it was an automatic variable and thus didn't need to explitcitly destroyed 1147029348 M * daniel_hozac right, but that doesn't work because lease_init wants to free it if the arg is invalid. 1147029354 M * doener you changed it to be allocated from slab 1147029401 M * doener then you store the pointer in flp, in __setlease the pointer is changed to point to a new slab allocated lock 1147029422 M * doener damn, brain bug 1147029478 M * daniel_hozac it's freed when i thought i was done with it. 1147029504 M * daniel_hozac but since __setlease doesn't set *flp = *my_before in the modify case, that'll break too. 1147029510 M * doener i missed the point that it was &flp being passed, not flp 1147029532 M * doener mixed up the code of fcntl_setlease and __setlease 1147029537 M * daniel_hozac hehe. 1147029568 M * daniel_hozac yeah, it's pretty confusing. i stared a minute or so at setlease wondering where all the code had gone :) 1147029687 M * daniel_hozac but the fasync_helper call is wrong too, right? 1147029693 Q * nebuchadnezzar Read error: Connection reset by peer 1147029694 M * daniel_hozac (even without my patch) 1147029787 M * daniel_hozac (in the RDLCK becoming WRLCK case, which notices the missing *flp = *my_before in __setlease) 1147029805 J * nebuchadnezzar ~nebu@zion.asgardr.info 1147030007 M * s0undt3ch any gentoo users here? 1147030099 M * derjohn s0undt3ch, there are ... you may ask Hollow 1147030140 M * s0undt3ch derjohn: he's not in(or at least awake) :| 1147030761 M * tokkee Hi ;-) 1147032840 M * Hollow s0undt3ch: i am awake 1147032957 M * doener daniel_hozac: where does RDLCK become WRLCK? 1147033126 M * daniel_hozac doener: if you call fcntl_setlease with arg=RDLCK, and then with arg=WRLCK for the same file. 1147033813 M * daniel_hozac hmm, nevermind that, that is caught by the EAGAIN. 1147033902 M * doener i_count? 1147033943 A * doener has little knowledge about that stuff 1147034009 Q * Viper0482 Quit: bin raus, 1147034130 M * daniel_hozac (arg == F_WRLCK && ((rdlease_count + wrlease_count) > 0)) 1147034132 M * daniel_hozac i guess. 1147034237 M * doener that only happens if there are leases with other filps 1147034272 M * daniel_hozac hmm, yeah, true. 1147034290 M * daniel_hozac but my test case gets EAGAIN from one of those checks... 1147034345 M * daniel_hozac http://daniel.hozac.com/vserver/test-lease.c 1147034384 M * ntrs Does anyone know if there is a problem/bug in 2.0.2-rc17 involving the kernel mem split patch? 1147034437 M * ntrs Apparently, I have the 3/1 GB memory split enabled and the server only sees about 900 MB of RAM. 1147034459 M * daniel_hozac 896? that's expected. 1147034471 M * doener well, 3/1 is the default and limit low mem to about 900mb 1147034490 M * doener for full 1024mb use 2.5/1.5 1147034515 M * ntrs actually I use 1/3 I think 1147034522 M * ntrs CONFIG_VMSPLIT_3G=y 1147034567 M * ntrs Basically it was all working ok with the same config file until this version. 1147034594 M * daniel_hozac 3G == 3/1 1147034595 M * ntrs Ok, so there is no known issue with it? 1147034604 M * doener yep 1147034608 M * ntrs Why was it working until now then? 1147034610 M * daniel_hozac did you have HIGHMEM enabled before? 1147034626 M * ntrs no 1147034772 M * daniel_hozac are you sure you didn't use 2.6.15 before? 1147034784 M * ntrs let me check 1147034792 M * doener daniel_hozac: and the F_WRLCK gets you an -EAGAIN? *totally confused now* 1147034795 M * daniel_hozac where the memory split was in the vserver patch, and was called something else? 1147034809 M * ntrs yes, I was using 2.6.15 before. 1147034810 M * daniel_hozac doener: yeah. 1147034833 M * ntrs daniel_hozac, it is no longer in the vserver patch? 1147034858 M * doener daniel_hozac: the vserver patch still comes with the split patch (at least in rc19) 1147034868 M * daniel_hozac doener: no, it's in mainline. 1147034885 M * ntrs I see, so how do I use it now that it is in mainline? 1147034885 M * daniel_hozac vserver just adds a few options and changes the values, IIRC. 1147034892 M * doener well, the vserver patch adds a few more options 1147034915 M * doener ie the names are still the same and that's the only thing that would break the config 1147034953 M * ntrs ok, so the config file would still be the same. 1147034964 M * doener ntrs: just use anything else than VMSPLIT_3G 1147034975 M * daniel_hozac ntrs: the names changed from CONFIG_SPLIT_x to CONFIG_VMSPLIT_x 1147034982 M * ntrs doener, I want the machine to see the whole 2 GB 1147034985 M * daniel_hozac (2.6.15->2.6.16) 1147034997 M * daniel_hozac ntrs: CONFIG_VMSPLIT_15GB 1147035004 M * daniel_hozac s/B$/ 1147035010 M * doener daniel_hozac: sorry, thought it was VMSPLIT before as well 1147035012 M * ntrs Ok, got it. 1147035061 M * doener daniel_hozac: EAGAIN with your patch or always? 1147035100 M * daniel_hozac EAGAIN was on my desktop, so without. 1147035126 Q * bonbons Quit: Leaving 1147035128 M * daniel_hozac same for with my patch though. 1147035177 Q * softi42 Read error: Connection reset by peer 1147035183 M * daniel_hozac hmm, no sorry, wrong kernel booted on the test machine. 1147035335 M * daniel_hozac yeah, same with my patch. 1147035375 M * doener test.c:23: error: ‘F_SETLEASE’ undeclared (first use in this function) 1147035378 M * doener ?! 1147035387 M * daniel_hozac ah, you need -D_GNU_SOURCE 1147035462 M * doener stupid manpage... why can't they write that in the section on F_{SET,GET}LEASE? bah 1147035469 M * daniel_hozac i agree. 1147035476 M * daniel_hozac i had to grep through /usr/include to figure it out. 1147035591 J * Milf ~Miranda@IP-213157005220.dialin.heagmedianet.de 1147035609 Q * Milf Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org 1147035958 M * doener daniel_hozac: are there differences for fcntl_setlease between 2.6.16.13 and 2.6.17-rc3-git12? Can't seem to find any and your test suceeds here (2.6.16.13-vs2.0.2-rc19) 1147036758 J * Aiken ~james@tooax6-135.dialup.optusnet.com.au 1147036966 J * shedi ~siggi@inferno.lhi.is 1147037045 M * daniel_hozac doener: hmm, ah, yes it succeeds here too. 1147037061 M * daniel_hozac i was running it on the binary itself :| 1147037067 M * doener *lol* 1147037087 A * daniel_hozac will never use globs when testing again. 1147037223 J * softi42 ~softi@p549D54F3.dip.t-dialin.net 1147037255 M * doener daniel_hozac: so we're left with the stack-pointer as slab cache entry bug, right? 1147037265 M * daniel_hozac right. 1147037380 M * daniel_hozac http://daniel.hozac.com/vserver/delta-setlease-fix02.diff 1147037812 M * daniel_hozac or am i still on crack? 1147037881 M * doener why exactly the change in __setlease? still didn't get that... 1147037949 M * daniel_hozac if a previous lock exists, flp will still be pointing to fl. 1147037953 M * daniel_hozac and then we free fl. 1147037969 M * daniel_hozac and then we use flp in fasync_helper. 1147038137 M * Skram_[Sick] is it possible to mak ethe vps host look like a router, and in a traceroute it would be an extra hop? -- crazy uquestion from a colleague of mine 1147038431 M * cehteh you could prolly use tun devices in the guests and route them 1147038491 M * Skram_[Sick] tun? 1147038494 M * Skram_[Sick] it wouldnt be on the host? 1147038514 M * cehteh mhm ... some virtual network thing 1147038554 M * Skram_[Sick] want to help or point me in the right direction? 1147038702 M * cehteh not really, i could just imagine how to do it .. but would have to figure the details out too, never did it 1147038760 M * cehteh there are some things which can be uses for virtual networking .. and vserver will get its own soon too, dunno how much of it is ready 1147038850 M * cehteh vlan - user mode programs to enable VLANs on your ethernet devices 1147038859 M * cehteh *maybe* that helps you 1147038937 M * cehteh do you need performance or is it just for a experimental/test setup? 1147039099 M * doener daniel_hozac: is there a way to force slab cache cleanup? 1147039215 M * daniel_hozac doener: hmm, no idea. 1147039298 M * doener I somehow think there's a slab leak as well in that case... 1147039303 M * doener Slab: 1523604 kB 1147039347 M * daniel_hozac ouch. 1147039351 M * doener i just don't know whether if it is really leaked or just not freed yet (I also know little about slab) 1147039373 M * doener but at least a small test with malloc did not cause it to get freed (which I'd expect) 1147039447 M * daniel_hozac /proc/slabinfo 1147039497 M * daniel_hozac file_lock_cache should be accurate, right? 1147039553 M * doener the test case is fasync_cache actually 1147039568 M * daniel_hozac ah. 1147039579 Q * FireEgl Quit: Bye... 1147039594 M * doener we still have the fl on the stack when my_before is not NULL, and the helper allocates a fasync_struct for it 1147039606 M * doener and that happens over and over again 1147039631 M * daniel_hozac hmm? fl shouldn't be on the stack with the patch. 1147039644 M * doener I'm talking about vanilla 1147039667 M * doener I just saw that the patch actually fixes two problems, a crash and a mem leak 1147039688 M * doener s/crash/slab corruption/ *hopes that the term is right* 1147039693 M * daniel_hozac ok, good. 1147039787 M * doener but actually, the stuff after __setlease basically should not do anything in that case, right? 1147039806 M * doener ... that case being "my_before != NULL" 1147039825 M * daniel_hozac why wouldn't it? 1147039864 M * daniel_hozac assuming it was successful, at least RDLCK->WRLCK should run the fasync_helper and f_setown. 1147040106 M * doener what will fasync_helper do? allocate a fasync_struct, find that the existing fa has the same filp, replace the fa's fd with the same fd, free the allocated fasync_struct and return. right? 1147040207 M * daniel_hozac yeah. 1147040266 M * doener so that's basically nothing (except the fact that it works with a stack variable atm and thus does not find an existing fa with the same filp -> leak) 1147040406 M * daniel_hozac yeah. 1147040434 M * doener same for f_setown, it just sets the values in filp with the same values again, as we already have a lease and thus own it anyway 1147040469 M * doener so unless I've missed anything once again (well possible) there's nothing that stuff does anyway 1147040537 Q * dna Quit: Verlassend 1147040588 M * daniel_hozac yeah, true... for new locks though, it does stuff. 1147040720 M * doener sure, it's just the my_before != NULL case... but I've been after a (&fl != flp) check, which doesn't solve the slab corruption bug when 'arg' is invalid anyway, so it doesn't matter that much 1147040830 M * doener the second patch looks fine, it probably solves the slab corruption/crashes, right? 1147040851 M * daniel_hozac it does on my test system. 1147040952 M * doener http://www.13thfloor.at/~doener/vserver/tools/slab_leak_test.c 1147040965 M * doener could you check if the slab leak is also solved? 1147041022 M * doener I dunno how much slab it grabs each time it is run right now, and doing another test might use the rest of my physical ram, not much left ;) 1147041044 M * daniel_hozac fasync_cache? 1147041049 M * doener yep 1147041079 M * doener grep fa /proc/slabinfo works fine 1147041089 M * doener gets the header and just that line of values 1147041153 M * doener daniel_hozac: hm, slab leak is probably considered local DoS, eh? 1147041167 M * daniel_hozac the crash is probably too. 1147041182 M * doener 2.6.16.15? :) 1147041204 M * daniel_hozac it takes a while before all the cache's are freed (few seconds), but they are. 1147041208 M * daniel_hozac hehe. 1147041211 M * doener yeah, that one as well, sure! 1147041267 M * doener slab is still 1.5GB here, and 54M active objects in fasync_cache 1147041321 M * daniel_hozac 7 MiB of slab here, heh. 1147041549 M * doener please include me in CC when you send the patch to lkml and/or whoever should get it directly 1147041621 M * daniel_hozac sure. 1147041676 M * daniel_hozac i'll verify against 2.6.17-rc3-git12 again before sending it. 1147041696 M * daniel_hozac hmm, git13, i guess. 1147041734 M * Skram_[Sick] 16:55 < cehteh> do you need performance or is it just for a experimental/test setup? 1147041738 M * Skram_[Sick] I want preformance 1147041746 M * Skram_[Sick] but it doenst have to be anything too spectacular 1147041820 M * doener well, for performance, you don't want the host to act as a router 1147041854 M * s0undt3ch ppl I will be root in all vservers I'll be hosting, is it safe/doable to symlink all /etc/passwd from the main host? 1147041869 M * doener impossible 1147041877 M * s0undt3ch kind'a like a a central storage 1147041882 M * s0undt3ch doener: bummer 1147041887 M * doener a symlink just says: look into that file instead 1147041889 M * cehteh hardlink 1147041900 M * doener and /etc/passwd of the host is out of reach 1147041903 M * s0undt3ch hardlink is the way? 1147041912 M * cehteh but that likely gets broken when you update it 1147041913 M * daniel_hozac only if you have your guests on the same filesystem as /etc. 1147041924 M * daniel_hozac which you shouldn't. 1147041925 M * doener would work if the vservers are on the same filesystem as /etc/passwd 1147041927 M * s0undt3ch daniel_hozac: nope 1147041931 M * cehteh you can use a bind mount 1147041954 M * s0undt3ch cehteh: for just a file? or 2, maybe include /etc/groups too 1147041959 M * Skram_[Sick] cehteh: well, a vlan is for physical computers 1147041965 M * cehteh maybe symlinks then ... 1147041984 M * s0undt3ch cehteh: "00:43:18 < doener> a symlink just says: look into that file instead" 1147041996 M * s0undt3ch "00:43:31 < doener> and /etc/passwd of the host is out of reach" 1147042008 M * Skram_[Sick] indeed. 1147042011 M * Skram_[Sick] whats your question? 1147042016 M * cehteh bind-mount a /etc/global into all vservers and let a symlink point from /etc/passwd to /etc/global/passwd 1147042035 M * s0undt3ch cehteh: now that's a way ;) 1147042036 M * cehteh just try that.. no warranty :) 1147042058 M * s0undt3ch wonder if that'll break my main passwd 1147042079 M * cehteh considered to use ldap or nis or such? 1147042083 M * daniel_hozac probably. 1147042094 M * Skram_[Sick] hey, vconfig comes with VServer? 1147042101 M * daniel_hozac no. 1147042102 M * s0undt3ch well, I'm trying to use nic, but it's a first time 1147042106 M * daniel_hozac vconfig is for vlans... 1147042108 M * Skram_[Sick] o ok 1147042115 M * Skram_[Sick] then it is on my server for some other reason 1147042121 M * Skram_[Sick] anyone used it to configure a vlan? 1147042125 M * cehteh well ... nis sucks somewhat 1147042131 M * s0undt3ch and i'm not including id's < 1000, maybe I should to get what i want 1147042134 M * doener util-vserver depends on the vlan tools, including vconfig ;) 1147042139 M * Skram_[Sick] ok 1147042150 M * daniel_hozac doener: patch seems to work fine on 2.6.17-rc3-git12, fixing the leak and crash. 1147042159 M * doener excellent :) 1147042187 M * daniel_hozac hmm, are there inter-git diffs anywhere? 1147042196 M * daniel_hozac or will i have to use interdiff? 1147042204 M * doener then go and get your first(?) CVE entry :) 1147042247 M * doener no idea 1147042293 M * Skram_[Sick] hercules masilverberg # vconfig add eth0:0009 marks 1147042293 M * Skram_[Sick] WARNING: Could not open /proc/net/vlan/config. Maybe you need to load the 8021q module, or maybe you are not using PROCFS?? 1147042295 M * daniel_hozac only changes to kernel/ptrace.c, so nothing relevant. 1147042317 M * doener from git12 to git13? 1147042321 M * daniel_hozac yeah. 1147042324 M * Skram_[Sick] hercules / # vconfig add eth0:0009 marks 1147042324 M * Skram_[Sick] ERROR: trying to add VLAN #0 to IF -:eth0:0009:- error: Invalid argument 1147042324 M * doener k 1147042333 M * Skram_[Sick] ideas? 1147042378 M * daniel_hozac who should i send it to? linux-kernel, security@kernel.org? 1147042395 A * daniel_hozac is not really up to speed on mainline development. 1147042395 M * cehteh Skram_[Sick]: well i had a sicko idea of using ppp between root and guest .. performance might be ok .. but eats some resources 1147042403 M * Skram_[Sick] with vconfig, can I add virtual interfaces such as eth0:0009 to it 1147042411 M * Skram_[Sick] ppp? 1147042458 M * cehteh ppp server on the root and ppp client on the guest .. like a normal dialin .. but over a pipe or something similar 1147042463 M * Skram_[Sick] hercules / # vconfig add eth0:0009 0 1147042463 M * Skram_[Sick] ERROR: trying to add VLAN #0 to IF -:eth0:0009:- error: Invalid argument 1147042467 M * Skram_[Sick] I cant put :'s 1147042476 M * Skram_[Sick] cehteh: nah 1147042480 M * Skram_[Sick] seems too complicated 1147042482 M * daniel_hozac vlans use dots. 1147042485 M * s0undt3ch will ldap work with lower ids? 1147042495 M * cehteh there is even some software which does ppp through ssh for vpn's ;) 1147042496 M * doener daniel_hozac: I'd probably go for lkml + gregkh + linux + 1147042500 M * s0undt3ch or it only works with some higher ones? 1147042506 M * doener s/linux/linus/ 1147042508 M * Skram_[Sick] daniel_hozac: right, but i want to put a VIRTUAL eth0 (made by vserver) behind the VLAN 1147042521 M * Skram_[Sick] Usage: add [interface-name] [vlan_id] 1147042534 M * Skram_[Sick] the interface name is eth0:0009 1147042541 M * cehteh Skram_[Sick]: when you want something simple and efficent, then use normal networking and not vlan/routing 1147042551 M * doener daniel_hozac: anything @kernel.org is probably a bad idea 1147042562 M * Skram_[Sick] cehteh: like a physical router? 1147042563 M * Skram_[Sick] meh 1147042569 M * doener at least the comments on the front page make me think that :) 1147042584 M * daniel_hozac doener: linux-fsdevel or matthew@wil.cx for maintainer? 1147042606 M * Skram_[Sick] ? 1147042641 M * cehteh Skram_[Sick]: like no router 1147042659 M * cehteh why do you want a router? 1147042678 M * Skram_[Sick] im just testing, etc. 1147042689 M * Skram_[Sick] and want to show another hop to a test-customer's vps 1147042690 M * doener daniel_hozac: i guess matthew will be sufficient, but you probably won't get killed for cc'ing linux-fsdevel 1147042691 M * cehteh err .. precise why do you want the root to be a router 1147042706 M * cehteh whats the purpose? 1147042712 M * doener just cc to both 1147042719 M * Skram_[Sick] just playing and testing 1147042721 M * cehteh besides just another hop 1147042734 M * Skram_[Sick] and it seems you can do qos on that 1147042756 M * cehteh you can likely qos without that 1147042786 M * cehteh anyways .. good night 1147042837 Q * toblerp Remote host closed the connection 1147042978 M * Skram_[Sick] what is a better way to do qos in a vserver environment 1147043330 M * doener ok, I'm off to bed. have a good one! 1147043333 Q * doener Quit: leaving 1147043467 Q * ometra Ping timeout: 480 seconds 1147044124 M * ntrs daniel_hozac, do you know of any reason why the 2.4.16.14 kernel with 2.0.2-rc19 sees only two logical CPUs when it used to be able to see four in the previous versions? These are XEON cpus with multithreading. 1147044134 M * daniel_hozac CONFIG_SMT? 1147044139 M * ntrs It is set. 1147044146 M * daniel_hozac i think that does it. 1147044167 M * daniel_hozac it makes it some sort of scheduling decision rather than exposing the HT as more CPUs. 1147044167 M * ntrs wait a minute 1147044170 M * daniel_hozac i'm not sure though. 1147044185 M * daniel_hozac (i don't have any HT boxes) 1147044187 M * ntrs Is the option CONFIG_SCHED_SMT? 1147044196 M * ntrs or CONFIG_SMT? 1147044228 M * daniel_hozac sorry, CONFIG_SCHED_SMT. 1147044249 M * ntrs ok, so it is fine. I wonder what happened to the kernel or the patches that is suddenly stopped working. 1147044257 M * ntrs is=it 1147044597 M * ntrs Is ACPI now required for smt? 1147044649 M * daniel_hozac isn't ACPI required for SMP even? 1147044689 M * ntrs No. I had acpi disabled and I could see both CPUs. 1147044718 M * ntrs I will give it a try with acpi and smt both enabled. 1147046176 J * FireEgl Atlantica@Atlantica.US