1148515569 M * FCOJ So 2 - 4 gb swap should suffice in my case, if mem overcommitment is disabled? 1148515670 M * FCOJ I'm trying vsever for the first time, so I am mostly clueless regarding the needs and nuances of the system. 1148515772 M * jpacheco question guys 1148515796 M * jpacheco how are you guys managing multiple vservers with logging? 1148515827 M * jpacheco do you merg all the log directories into one? or do you just keep them separate with each vserver doing its own logging 1148516066 Q * Methos Quit: Methos 1148516199 J * shedi ~siggi@inferno.lhi.is 1148516519 Q * FCOJ Quit: Leaving 1148517322 M * Aiken for the guests I am playing with I am letting them do their own logging, cron logrotate and syslogd 1148517368 M * Bertl off to bed now .. back tomorrow! ahve a good one everyone, cya! 1148517372 M * sarnold Bertl: night 1148517378 N * Bertl Bertl_zZ 1148517448 M * Skram peace 1148517936 J * doener_ ~doener@i5387C8E2.versanet.de 1148518351 Q * doener Ping timeout: 480 seconds 1148519460 Q * alamar Remote host closed the connection 1148519461 J * alamar ~alamar@sol.diddens.de 1148519901 Q * Snow-Man Ping timeout: 480 seconds 1148520212 J * Snow-Man ~sfrost@kenobi.snowman.net 1148520300 M * mugwump anyone know how to use clone(2) properly? 1148520409 M * mugwump it's being called directly in util-vserver 1148520428 M * mugwump (ie, using the __syscall mechanism) 1148520451 M * mugwump I just want to call the normal clone() with extra flags, but I can't decipher the usage from the man page 1148520472 M * Skram no idea 1148520518 N * sarnold sars 1148520522 M * mugwump oh, I actually want sys_clone(2) 1148520541 M * mugwump actually that's not documented 1148520620 M * mugwump not alone, it's on the clone(2) man page 1148520625 M * doener_ mugwump: you got the term sys_clone from clone(2)? it's just called sys_close there to avoid confusion with the kernel function clone 1148520654 M * doener_ and the syscall... 1148520673 M * doener_ bah, now I'm confused... 1148520681 M * mugwump hmm yeah, my program's not linking if I write sys_clone() 1148520757 M * mugwump wahey, I have a working binary with: 1148520762 M * mugwump newpid = syscall(SYS_clone, SIGCHLD|CLONE_NEWUTS, 0); 1148520824 A * mugwump boots qemu 1148520947 M * mugwump and it works! 1148520997 M * doener_ btw, did you pay your "Signed-off by:"s to Andrew? ;) 1148521047 M * doener_ hmm... guess you're testing the uts changes right now... 1148521055 M * mugwump Tested, and successful 1148521066 M * mugwump root@ken:~# ./chuts /bin/sh -c "hostname bert && cat /proc/sys/kernel/hostname" 1148521066 M * mugwump bert 1148521074 M * mugwump root@ken:~# ./chuts /bin/sh -c "echo 'bob' > /proc/sys/kernel/hostname && uname -n" 1148521077 M * mugwump bob 1148521102 M * doener_ nice 1148521107 M * mugwump that's one small step for virtualisation... ;) 1148521164 M * doener_ hm, guess I'll give my approach to network virtualisation another try... 1148521182 M * mugwump ngnet? 1148521231 M * doener_ well, kind of... it's quite a different approach (maybe split-personality networking?) 1148521252 M * mugwump schizonet? :) 1148521284 M * doener_ a few things work, some do not yet, one does panic atm... 1148521319 M * doener_ and some semantics are not really clear to me yet, the routing stuff in the kernel is still a riddle to me in some places 1148522267 J * stefani ~stefani@c-24-19-46-211.hsd1.wa.comcast.net 1148522553 J * DarthVader ~Aniken@203.177.212.163 1148524586 Q * softi42 Ping timeout: 480 seconds 1148525202 J * softi42 aoisle@p549D7AB4.dip.t-dialin.net 1148527332 Q * hallyn Read error: Connection reset by peer 1148527813 J * hallyn ~xa@adsl-75-2-88-13.dsl.chcgil.sbcglobal.net 1148528113 J * hallyn_ ~xa@adsl-75-2-76-149.dsl.chcgil.sbcglobal.net 1148528302 Q * hallyn Ping timeout: 480 seconds 1148529265 J * Methos ~mjoconr@hacker.pineview.net 1148530283 M * jpacheco lost is the best show ever! 1148530742 M * mugwump hit semaphores limit ... is there a quick fix? 1148531378 M * mugwump hmm, clear stale semaphores for a start I guess 1148531669 M * mugwump are there any tidy solutions to the leaky IPC vservers? 1148535442 N * MrX` MrX 1148535686 P * stefani parting (is such sweet sorrow) 1148537191 M * Methos FCOJ: Most PC site around doing nothing, and the implementation of vserver add almost no load, much less than 1%. So just spec the machine as if it was going to run the number of process in one machine an it will work perfectly 1148538567 Q * Methos Quit: Methos 1148538732 J * Methos ~mjoconr@hacker.pineview.net 1148541222 Q * Aiken Ping timeout: 480 seconds 1148542457 J * pbryan ~pbryan@S010600095baae0ff.vf.shawcable.net 1148542517 M * pbryan Linux-VServer: Your project seems to have the momentum of a runaway freight train. Why are you so popular? 1148542560 M * tokkee ? 1148542785 M * Wonka 'cause it rocks 1148542963 M * tokkee Ack ;-) 1148543064 M * pbryan :) 1148543166 M * Wonka always have your towel ready 1148543395 M * Hollow morning! 1148543473 M * pbryan Wonka: http://en.wikipedia.org/wiki/Towelie 1148543511 M * Wonka lol 1148543512 M * Hollow towelie rocks :) 1148543602 M * Wonka i thought more about http://en.wikipedia.org/wiki/Towel#Hitchhiker.27s_Guide_to_the_Galaxy 1148543651 M * pbryan Interesting that Towelie is now referred to on that page. 1148543716 M * Wonka it's wikipedia, what did you expect? ;) 1148543783 M * pbryan Yeah. I guess. 1148543860 J * pagano ~pagano@131.154.5.17 1148543865 M * pagano hi guys 1148543986 J * dna ~naucki@p54BCDD48.dip.t-dialin.net 1148544018 Q * Methos Quit: Methos 1148544045 P * pbryan 1148544895 J * Methos ~mjoconr@hacker.pineview.net 1148545325 J * bonbons ~bonbons@83.222.38.81 1148547939 Q * dna Ping timeout: 480 seconds 1148547945 J * dna ~naucki@p54BCDD48.dip.t-dialin.net 1148548100 J * dna_ ~naucki@p54BCF41B.dip.t-dialin.net 1148548426 Q * dna Ping timeout: 480 seconds 1148548636 J * dna ~naucki@p54BCF41B.dip.t-dialin.net 1148548746 Q * complexmind Quit: using sirc version 2.211+KSIRC/1.3.12 1148548765 M * mire hey, I can't shutdown centos 4, its stuck with shutting down lo interface 1148548769 J * Naucki ~naucki@p54BCD753.dip.t-dialin.net 1148548796 M * mire it just hangs there, can I just kill it somehow? 1148549026 Q * dna_ Ping timeout: 480 seconds 1148549119 Q * dna Ping timeout: 480 seconds 1148549239 M * mire ok, killed it ;) 1148549612 N * Bertl_zZ Bertl 1148549621 M * Bertl morning folks! 1148549625 M * mire morning 1148549668 M * mire I removed pam_loginuid from pam.d scripts but now when I log in via ssh I got immidiatelly logged out 1148549691 M * mire centos 4 on debian 1148549699 M * Bertl sounds interesting ... what kernel version/patches do you use? 1148549707 M * mire I also removed al of selinux things in pam.d 1148549721 M * mire Kernel: 2.6.14.3-vs2.0.1-vserver-1 1148549721 M * mire VS-API: 0x00020001 1148549721 M * mire util-vserver: 0.30.209; Jan 8 2006, 12:24:41 1148549740 M * mire [root@vserver:rh9 pam.d]cat /etc/redhat-release 1148549740 M * mire CentOS release 4.2 (Final) 1148549829 M * mire I guess there's something wrong with pam, but what? I tried looking at the /var/log/messages but I got nothing 1148549860 M * mire ok got something 1148549864 M * mire May 25 05:32:47 rh9 sshd[23291]: Accepted password for mire from 192.168.0.69 port 49560 ssh2 1148549864 M * mire May 25 05:32:47 rh9 sshd[23294]: fatal: PAM: pam_open_session(): Permission denied 1148549940 M * Bertl could you try a more recent kernel? 1148549949 M * mire I guess so 1148549954 M * Bertl IIRC, we worked around that some time ago 1148549974 M * mire tnx. :) 1148549975 M * Bertl so something like 2.6.16.18-rc2.1.1-rc21 should not be affected 1148549984 M * Bertl (without modifying the pam stuff) 1148549999 M * Bertl but maybe I'm wrong, in which case we _will_ fix it today :) 1148550130 J * dna_ ~naucki@p54BCE4FC.dip.t-dialin.net 1148550242 M * mire I think this is the famous nice debian problem 1148550242 N * dna_ dna 1148550530 Q * Naucki Ping timeout: 480 seconds 1148551131 J * dna_ ~naucki@p54BCDCC9.dip.t-dialin.net 1148551281 Q * dna Ping timeout: 480 seconds 1148551697 J * Naucki ~naucki@p54BCDCC9.dip.t-dialin.net 1148552127 Q * dna_ Ping timeout: 481 seconds 1148553022 J * ben_ ~ben@88.134.54.56 1148553116 Q * pagano Ping timeout: 480 seconds 1148553378 J * pagano ~pagano@131.154.5.17 1148553553 J * Dr4g_ debian-tor@tor-irc.dnsbl.oftc.net 1148553553 Q * Dr4g Read error: Connection reset by peer 1148554588 Q * Naucki Ping timeout: 480 seconds 1148557326 M * jpacheco morning everyone! 1148557997 Q * ben_ Remote host closed the connection 1148558032 M * Bertl morning jpacheco! 1148558818 Q * jpacheco Quit: BitchX-1.1-final -- just do it. 1148559208 J * tassieboy ~tassieboy@124-254-81-133-dsl.ispone.net.au 1148559236 P * tassieboy 1148560545 Q * mire Quit: Leaving 1148561421 J * dna ~naucki@p54BCD6CB.dip.t-dialin.net 1148561847 N * Zaki_ Zaki 1148563089 Q * dna Ping timeout: 480 seconds 1148563216 J * dna ~naucki@p54BCD6CB.dip.t-dialin.net 1148564289 Q * dna Ping timeout: 480 seconds 1148564415 J * dna ~naucki@p54BCD6CB.dip.t-dialin.net 1148564779 J * mire ~mire@193-166-222-85.COOL.ADSL.VLine.verat.net 1148564966 Q * Dr4g_ Quit: Open Source Development :: http://dynamichell.org 1148565037 J * yarihm ~yarihm@84-74-17-70.dclient.hispeed.ch 1148565972 Q * shedi Quit: Leaving 1148566104 Q * Methos Quit: Methos 1148566720 Q * dna Ping timeout: 480 seconds 1148566819 J * dna ~naucki@p54BCD6CB.dip.t-dialin.net 1148567981 M * Bertl okay, off for now .. back later ... 1148567985 N * Bertl Bertl_oO 1148569257 Q * DarthVader Quit: Leaving 1148569424 M * yarihm hmm ... having vservers in a private network and doing the NAT on the same box is a non trivial task as it seems, hm? 1148569519 M * brc it is. what are you trying to do ? 1148569598 J * shedi ~siggi@dsl-og-108-50.du.vortex.is 1148569617 M * brc you might need to SNAT your vservers 1148569655 M * yarihm brc: you mean that way: http://list.linux-vserver.org/archive/vserver/msg12434.html 1148569662 M * yarihm in fact you are right, it's not black magic :) 1148569703 J * stefani ~stefani@tsipoor.banerian.org 1148570627 M * brc lemme check it 1148570641 M * brc i am at work cant read all that right now 1148570651 M * brc but what you need to do is snat the ip of your vserver to the host's valid ip 1148571255 M * doener_ with recent kernels, masquerading also works for connections originating from the same box 1148571662 J * Roey ~katz@h-69-3-4-130.mclnva23.covad.net 1148571973 J * dna_ ~naucki@p54BCD6CB.dip.t-dialin.net 1148572182 M * yarihm doener_: well, i can use SNAT too because the external IP is static ... that seems to be the only drawback of the SNAT-approach but in that case it does not matter 1148572368 Q * dna Ping timeout: 480 seconds 1148572724 M * yarihm doener_: how recent should recent be in order to have MASQUERADE work for connections originating from localhost? 1148572934 M * doener_ I don't know... at least 2.6.16.16-vs2.0.2-rc20 works ;) 1148572992 Q * schimmi Ping timeout: 480 seconds 1148573318 J * schimmi ~sts@port-212-202-73-176.dynamic.qsc.de 1148573359 Q * schimmi Read error: Connection reset by peer 1148573463 J * dna ~naucki@p54BCD6CB.dip.t-dialin.net 1148573899 Q * dna_ Ping timeout: 480 seconds 1148574061 Q * dna Ping timeout: 480 seconds 1148574308 J * dna ~naucki@p54BCEAED.dip.t-dialin.net 1148575269 J * dna_ ~naucki@p54BCEAED.dip.t-dialin.net 1148575354 M * Wonka hi dna_ 1148575365 M * Wonka don't i know you from #uni-kiel? 1148575376 Q * dna Ping timeout: 480 seconds 1148575580 J * SunBug ~SunBug@dslb-084-058-218-032.pools.arcor-ip.net 1148575954 M * Loki|muh is there are vserver-copy skript for the newstyle-config yet? 1148575997 M * nebuchadnezzar I have one at http://www.asgardr.info/twiki/bin/view/Main/VserverCopy 1148576016 M * nebuchadnezzar I do not test the ssh copy, I'll do it in the day normally 1148576063 M * Loki|muh how do you copy the vservers? over a nfs connection? 1148576082 M * nebuchadnezzar I just use it to clone a vserver on the same machine 1148576089 M * nebuchadnezzar I have a master 1148576114 J * dna ~naucki@p54BCEAED.dip.t-dialin.net 1148576361 M * SunBug can someone help me .. I have run a 2.6.16.11 kernel and install util-vserver-0.30.210. the testme.sh said Linux-VServer Test [V0.15] Copyright (C) 2003-2006 H.Poetzl 1148576361 M * SunBug Can't set the new security context 1148576361 M * SunBug : Invalid argument 1148576361 M * SunBug chcontext failed! 1148576361 M * SunBug chbind version 0.30 1148576363 M * SunBug chbind [ --silent ] [ --ip ip_num[/mask] ] [ --bcast broadcast ] command argument 1148576365 M * SunBug chbind failed! 1148576366 Q * dna_ Ping timeout: 480 seconds 1148576367 M * SunBug Linux 2.6.16.11NeubiX #3 SMP PREEMPT Sat Apr 29 23:52:46 CEST 2006 i686 1148576369 M * SunBug E 0.30 273/glibc (DSa) 1148576371 M * SunBug VCI: 0002:0001 273 03000076 (TbLgnP) 1148576430 M * daniel_hozac why are you using ancient utils? 1148576450 M * daniel_hozac and an old kernel? 1148576514 M * daniel_hozac you seem to have a mix of utils too. 1148576672 M * SunBug old kernel ? the patch fpr the newest kernel is on http://linux-vserver.org/ is 2.6.16 and the newest utils are http://www.13thfloor.at/vserver/s_rel26/v2.01/util-vserver-0.30.2xx 1148576924 M * SunBug if you call 2.6.16 an old kernel, I must update every day ;-) .. I don't mix the utils .. on a blank system only configure, male make install and make install-distribution 1148577094 J * dna_ ~naucki@p54BCEAED.dip.t-dialin.net 1148577109 Q * s0undt3ch Quit: Lost terminal 1148577181 Q * dna Ping timeout: 480 seconds 1148577185 J * s0undt3ch ~s0undt3ch@bl7-247-101.dsl.telepac.pt 1148577295 M * doener_ SunBug: the chbind output is not from 0.30.210, and testme.sh also identified it as 0.30 1148577321 J * AQUILA1966 Padre@d83-184-156-242.cust.tele2.it 1148577337 P * AQUILA1966 1148577593 M * SunBug Doener: I think, there is realy a old version .. I don'r remember that I install it.. hmmm .. ok, I clean it ... 1148578106 N * sars sarnold 1148578221 Q * brc Quit: [BX] iTs bEttEr tO bUrN oUt tHaN tO fAdE aWaY 1148578748 Q * mkhl Ping timeout: 481 seconds 1148579341 Q * shedi Quit: Leaving 1148579945 N * Bertl_oO Bertl 1148579949 M * Bertl evening folks! 1148580101 M * doener_ evening Bertl 1148580689 M * yarihm evening 1148580927 J * dna ~naucki@p54BCEAED.dip.t-dialin.net 1148581049 M * Bertl wb dna! 1148581133 M * Skram hi all 1148581183 M * Bertl when zeng shows up, here is his patch for testing: http://vserver.13thfloor.at/Experimental/delta-zeng01.diff 1148581196 M * Bertl I'm off for dinner now .. back later :) 1148581201 Q * dna_ Ping timeout: 480 seconds 1148581202 N * Bertl Bertl_oO 1148581202 M * Skram peace, Bertl_oO 1148581481 J * zeng ~guest@p54A97A86.dip.t-dialin.net 1148581488 M * Skram zeng: 1148581488 M * Skram 13:19 < Bertl> when zeng shows up, here is his patch for testing: http://vserver.13thfloor.at/Experimental/delta-zeng01.diff 1148581492 M * Skram 13:19 < Bertl> I'm off for dinner now .. back later :) 1148581504 M * zeng hi Skram... 1148581506 M * zeng thx 1148581548 M * Skram No Problemo 1148581612 M * derjohn zeng, extended helo ! :) 1148581876 M * zeng brb 1148581896 Q * zeng Quit: ... und tschüß 1148581920 J * zeng ~sef@p54A97A86.dip.t-dialin.net 1148581928 M * zeng back again.. 1148581930 M * zeng hi all 1148581933 M * Skram Heya 1148582544 J * dna_ ~naucki@p54BCEAED.dip.t-dialin.net 1148582616 Q * dna Ping timeout: 480 seconds 1148583345 J * dna ~naucki@p54BCEAED.dip.t-dialin.net 1148583791 Q * dna_ Ping timeout: 480 seconds 1148583955 J * dna_ ~naucki@p54BCEAED.dip.t-dialin.net 1148584241 Q * dna Ping timeout: 480 seconds 1148584395 Q * s0undt3ch Read error: Connection reset by peer 1148584474 J * shedi ~siggi@inferno.lhi.is 1148584527 P * Roey Leaving 1148584751 J * pbryan ~pbryan@S010600095baae0ff.vf.shawcable.net 1148584768 M * pbryan Anyone play with Linux-VServer + LUKS? 1148584947 M * mnemoc it's on my todo (dm-crypt) :) 1148585262 M * pbryan I'm trying to establish the merits of having a vserver instance's root password == the encryption key for the encrypted volume for the vserver instance. 1148585424 M * FaUl luks? 1148585463 M * pbryan Yes. 1148585470 M * pbryan s/encryption key/passphrase/ 1148585473 M * FaUl what is luks? 1148585489 M * FaUl ah, ic 1148585494 M * pbryan http://luks.endorphin.org/ 1148585511 M * FaUl ah, im using loopaes so far 1148586038 M * pbryan Yeah, I used to use loopaes too. Nice thing about LUKS is that you can change/add passphrase without having to decrypt/re-encrypt device. 1148586109 M * Wonka i have a system decrypting a gpg-encrypted file with the keys... 1148586122 M * FaUl you may do this as well with loopaes ;-) 1148586144 M * pbryan Yeah, the level of indirection GPG is a nice solution, isn't it. 1148586158 M * Wonka why use loopaes, dm-crypt is in vanilla 1148586233 M * FaUl Wonka: i personally use loopaes because it looks much less obscure ;-) 1148587411 J * s0undt3ch ~s0undt3ch@bl8-2-3.dsl.telepac.pt 1148589514 M * ray6 FaUL: dm-crypt has LUKS which has a few advantages... not just more passphrases per key, also passphrases can be hased with lots of iterations which makes them basically un-bruteforcable 1148589549 M * ray6 and this is one of the biggest weaknesses of todays crypto-filesystems, nobody can handle ultra-long passphrases in everyday use 1148589718 M * FaUl ray6: mh, i'm currently trying to implement something to need at least two people to mount a filesystem on a server but i'm not quite sure howto. - looks like loopaes is the most flexible way of encrypting 1148589723 M * FaUl hey ray btw :-) 1148590491 Q * dna_ Ping timeout: 480 seconds 1148590608 J * dna ~naucki@p54BCEAED.dip.t-dialin.net 1148591081 Q * FireEgl Quit: Bye... 1148591244 M * bonbons Bertl_oO: Update to IPv6 patch: now has also restriction on src IPv6 address for TCP/UDP 1148591342 Q * doener_ Quit: leaving 1148591475 M * zeng Bertl_oO: kernel outputs, please have a look at 13thfloor.at/~zeng/misc/Xorg.tgz 1148591500 M * zeng bye all... 1148591537 P * zeng Leaving 1148592231 J * Aiken ~james@tooax8-178.dialup.optusnet.com.au 1148592720 Q * dna Quit: Verlassend 1148592933 P * pbryan 1148593232 Q * mire Remote host closed the connection 1148593564 Q * SunBug Quit: Verlassend 1148593640 Q * alexx|ikse Read error: Connection reset by peer 1148595113 Q * bonbons Quit: Leaving 1148595306 J * bonbons ~bonbons@83.222.38.81 1148595807 J * Methos ~mjoconr@hacker.pineview.net 1148597021 M * FaUl does tun-devices work in vserver? am i able to allow a process to attach to a tun-device? 1148597182 M * bonbons FaUl: some people have used tun-devices inside guest, you will have to raise context's capabilities (probably CAP_NETADMIN and maybe others) for it to work 1148597231 M * FaUl bonbons: i don't want to configure a tun-device. just to allow a process to attach to a (pre-configured) tun-device 1148597327 M * bonbons FaUl: then best is to just try out! Just make sure the "attach" point is visble inside guest (I never tried it yet so I can't tell you more) 1148597600 M * FaUl ok, i'll try 1148597718 M * bonbons godd luck, I'm off for now 1148597733 M * FaUl cya 1148597798 Q * bonbons Quit: Leaving 1148597857 M * mugwump for encrypted filesystems with vserver I normally use GPG to symmetrically encrypt a keyfile... I wonder what luks adds over that 1148597904 M * mugwump It's quite nice how you then don't have to worry about physical compromises taking away secrets... 1148598592 J * doener ~doener@i5387C8E2.versanet.de 1148600590 Q * doener Quit: leaving 1148600615 M * FaUl fsck 1148600641 M * FaUl looks like vserver tunnel stop removed the ip-address from the host-server (or chrashed it elswhere) 1148600663 M * FaUl that means i've to go to the server tommorow, because the remote-insight-card isn't here right now 1148600724 Q * Methos Quit: Methos 1148600970 Q * stefani Quit: I Quit!