1150071235 Q * sezuan Ping timeout: 480 seconds
1150071827 Q * lilalinux Remote host closed the connection
1150075150 Q * lilo2 Ping timeout: 480 seconds
1150075757 J * lilo2 ~0710AAD4@tor-irc.dnsbl.oftc.net
1150079654 J * yelifu ~hongdanst@202.38.114.129
1150082174 J * Aiken_ ~james@tooax6-060.dialup.optusnet.com.au
1150082517 Q * Aiken Ping timeout: 480 seconds
1150083303 J * lilo2_ ~0710AAD4@tor-irc.dnsbl.oftc.net
1150083385 Q * lilo2 Ping timeout: 480 seconds
1150084120 Q * yelifu Ping timeout: 480 seconds
1150086100 Q * sladen Ping timeout: 480 seconds
1150086399 J * sladen paul@starsky.19inch.net
1150088450 J * _coocoon_ ~coocoon@p54A06855.dip.t-dialin.net
1150088458 M * _coocoon_ morning
1150088534 M * cehteh moin
1150088998 Q * _coocoon_ Ping timeout: 480 seconds
1150089577 J * _coocoon_ ~coocoon@p54A067B2.dip.t-dialin.net
1150091180 J * zkbrsnie ~zkbrsnie@83-64-146-226.klosterneuburg.xdsl-line.inode.at
1150091215 J * sezuan matthias@2a01:b0:10d8:0:213:8fff:fe01:f96f
1150091230 Q * _coocoon_ Quit: KVIrc 3.2.0 'Realia'
1150091714 J * yelifu ~hongdanst@202.38.114.129
1150091917 Q * zkbrsnie Quit: 
1150091955 J * zkbrsnie ~zkbrsnie@83-64-146-226.klosterneuburg.xdsl-line.inode.at
1150092094 J * f_ ~f_@83-215-237-2.seek.stat.salzburg-online.at
1150092624 N * otaku42_away otaku42
1150093868 N * lilo2_ lilo2
1150093946 Q * yelifu Quit: 
1150094646 J * Milf ~Miranda@ipsio109.ipsi.fraunhofer.de
1150094658 M * Milf Good early morning
1150096422 J * ||Cobra|| ~cob@146.50.22.204
1150097242 J * dna ~naucki@dialer-189-135.kielnet.net
1150097528 J * Zaki ~Zaki@212.118.97.205
1150097759 J * cdrx ~legoater@cimai.net4.nerim.net
1150098625 J * _coocoon_ ~coocoon@84.160.103.178
1150098631 M * _coocoon_ hello
1150099382 Q * Aiken_ Ping timeout: 480 seconds
1150102241 J * Viper0482 ~Viper0482@p54976BB4.dip.t-dialin.net
1150103460 Q * click Ping timeout: 480 seconds
1150103523 J * click click@ti511110a080-0750.bb.online.no
1150103814 Q * cdrx Read error: Operation timed out
1150103969 J * sepp ~|Rogue@port-212-202-71-10.dynamic.qsc.de
1150103971 M * sepp hi
1150104027 Q * sezuan Remote host closed the connection
1150104046 M * sepp are there any know problems with the newest vserver+grsec patch regarding the sleep function ?
1150104394 J * dlezcano ~dlezcano@62.212.121.89
1150104664 Q * shedi Quit: Leaving
1150105242 Q * f_ Quit: This computer has gone to sleep
1150105367 J * f_ ~f_@83-215-237-1.seek.stat.salzburg-online.at
1150105496 J * sezuan matthias@2a01:b0:10d8:0:213:8fff:fe01:f96f
1150106153 M * _Kara mornin
1150106212 A * Milf hums that Cat Stevens tune.
1150107186 J * gypsymauro ~Io@217.57.11.103
1150107192 M * gypsymauro hello
1150107212 M * gypsymauro someone has succesfully installed vserver on ubuntu dapper?
1150107224 M * gypsymauro I can't apply the patch it fails
1150107300 M * Milf You can't apply which patch to what? The VServer patch to Ubuntu Kernel sources?
1150107349 M * Milf Have you read https://wiki.ubuntu.com/VServer?
1150107363 M * gypsymauro Milf: there is a package for ubuntu that includes the vserver patch to manage it in the debian way (make-kpkg)
1150107427 M * gypsymauro Milf: of course but I prefer to build it myself
1150107475 M * Milf gypsymauro: Can't help you with that. Sorry. I've got Debian or Ubuntu only a Guests.
1150107526 M * Milf Don't know if your approach will work. With my latest SuSE host, I took vanilla sources, applied the patch and used a SuSE .config file
1150107546 M * Milf Would that work for you?
1150107938 Q * sezuan Remote host closed the connection
1150108425 M * gypsymauro Milf: I'll try
1150108538 M * Milf Otherwise you'll just have to wait until the people in the know wake up :)
1150108876 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net
1150108971 J * shedi ~siggi@213.190.108.50
1150109837 Q * michal` Ping timeout: 480 seconds
1150110108 J * yang ~yang@213.157.253.172
1150110143 M * yang I am trying to setup gentoo guest on a host running debian, where could i get infos about the procedure?
1150110258 M * _coocoon_ yang:http://www.gentoo.org/doc/en/vserver-howto.xml http://dev.croup.de/proj/gentoo-vps http://linux-vserver.org/GentooGuestHowto
1150110283 M * yang _coocoon_: thanks
1150110307 M * _coocoon_ yang: the last link isn't good anymore do not know why 
1150110309 J * michal` ~michal@www.rsbac.org
1150110310 M * yang http://linux-vserver.org/GentooGuestHowto - oopüs
1150110449 M * yang it should be reverted to previous edit
1150110497 M * _coocoon_ yes
1150110594 M * yang _coocoon_: i guess this http://linux-vserver.org/GentooGuestHowto?version=9  explains how gentoo guest is made from a gentoo host
1150110601 M * yang and i have a debian host...
1150110639 M * michal` dbootstrap it than
1150110667 M * _coocoon_ yang: ok u r right u need a stage from gentoo
1150110674 M * _coocoon_ moment i will have a look to find
1150110675 M * _coocoon_ ti
1150110700 M * yang michal`: yes, should i follow the instructions in the http://www.5dollarwhitebox.org/wiki/index.php/Howtos_Linux-Vserver_Debian_Sarge
1150110791 M * michal` if util-vserver from debian are decent ones - it looks sane
1150110798 M * yang michal`: but in the howto it explains about -m debootstrap -- -d <DEBIAN_DISTRO>
1150110821 M * yang it doesnt explain how to add another distro guest
1150110847 M * _coocoon_ yang. u need to create a skeleton then extract the gentoo stage there and then follow the instructions on the  http://linux-vserver.org/GentooGuestHowto?version=9  
1150110856 M * _coocoon_ to get the guest to work
1150110878 J * sezuan matthias@2a01:b0:10d8:0:213:8fff:fe01:f96f
1150110888 M * yang create a skeleton?
1150110964 M * yang it sounds complicated
1150110975 M * mnemoc just the first time
1150111063 M * yang _coocoon_: i think that http://linux-vserver.org/GentooGuestHowto?version=9  isn't a valid procedure for doing it from debian... ?
1150111121 M * _coocoon_ yang: which system u have?
1150111156 M * yang edit the following files in /etc/init.d and add "exit 0" to the top: --- there are files inside which don't reside in debian
1150111170 M * yang _coocoon_: I am having debian on host
1150111184 M * _coocoon_ yang: which system architecture
1150111193 M * yang i386
1150111255 M * _coocoon_ these instructions are for thre extracted stage in the before created skeleton
1150111273 M * _coocoon_ yang:  look here are the stages http://gentoo.inode.at/experimental/x86/vserver/
1150111304 M * _Kara yang: have u already created a skeleton vserver?
1150111309 M * yang yes
1150111318 M * _Kara k
1150111319 M * _coocoon_ skelteon: vserver foo build -m skeleton .... -----> vserver foo build --help
1150111321 M * yang I have a running host and i have a few debian guests running
1150111362 M * yang _coocoon_: so i need to grab http://gentoo.inode.at/experimental/x86/vserver/stage3-x86-20060317.tar.bz2
1150111375 M * _coocoon_ yang: i have done it ;-)
1150111417 M * _coocoon_ yang: then create a skeleton and tar xjvf stage3-x86-20060317.tar.bz2 -C /vservers/foo
1150111424 M * yang ok
1150111449 M * _coocoon_ yang: and then follow the instructions for the gentoo guest only
1150111458 M * yang ok
1150111467 M * _coocoon_ yang: good luck
1150111506 M * yang I would prefer debootstrap installation if it's available...
1150111607 M * _coocoon_ yang: debootsrap is for debian distros
1150111616 M * _coocoon_ yang: or ubuntu
1150111628 M * yang ok...
1150111632 M * abi theres also rpmstrap for rpm based distributions.
1150112307 M * Adrinael rpmstrap for some reason sounds like something you use in a certain room in your home. Not that I'm telling which one.
1150113827 Q * brc Ping timeout: 480 seconds
1150113831 M * derjohn daniel_hozac, doener awake? before I begin to complile a rc22 kernel, is there already a rc23 in sight? (daniel's peer addr patch? more?)
1150114142 Q * Snow-Man Ping timeout: 480 seconds
1150114193 Q * gypsymauro Quit: leaving
1150114332 J * Snow-Man ~sfrost@kenobi.snowman.net
1150114548 J * brc bruce@20151226218.user.veloxzone.com.br
1150114703 J * Brio ~Brio@pool-70-16-99-242.port.east.verizon.net
1150114880 M * Brio is anyone home!?
1150114887 M * mnemoc .oO
1150114894 M * Brio sorry
1150114963 Q * Brio Quit: Brio
1150115025 M * doener interesting reaction ;)
1150115188 M * sid3windr :p
1150115398 M * mnemoc o_O
1150115402 M * mnemoc what did i say? :(
1150115523 M * sid3windr .oO :p
1150115538 J * pagano ~pagano@131.154.5.20
1150115548 M * pagano hi *
1150115557 Q * brc Quit: BitchX: coming soon to a theatre near you!
1150115585 J * brc bruce@20151226218.user.veloxzone.com.br
1150116081 Q * mnemoc Quit: Reconnecting
1150116092 J * mnemoc ~amery@216.241.24.10
1150118011 Q * _coocoon_ Ping timeout: 480 seconds
1150118689 J * _coocoon_ ~coocoon@84.160.109.86
1150118980 J * lilalinux ~plasma@dslb-084-058-194-107.pools.arcor-ip.net
1150119580 N * Bertl_zZ Bertl
1150119584 M * Bertl morning folks!
1150119591 M * _coocoon_ bertl: hello
1150119600 M * Bertl hey _coocoon_!
1150119601 M * yang Bertl: hello
1150119642 M * yang _coocoon_: ok, i created skeleton for gentoo, and i moved the stage3 tarball into /var/lib/vservers/gentoo, what i should do now?
1150119752 M * _coocoon_ yang: have u extracted it
1150119758 M * yang yes
1150119772 M * Milf Hey it's Bertltime :)
1150119807 M * _coocoon_ yang: now u must follow the instructions set "exit 0" in some files
1150119819 M * yang ok
1150119937 Q * Zaki Ping timeout: 480 seconds
1150120024 M * yang _coocoon_: modifying according to  http://linux-vserver.org/GentooGuestHowto?version=9
1150120080 M * yang Bertl: maybe you could revert this document to previous edit, it has been abused
1150120098 M * Bertl okay, will do so
1150120158 M * _coocoon_ yang: better is the document from the gentoo side
1150120291 M * _coocoon_ yang: sorry u r right
1150120341 M * _coocoon_ yang: be sure that is in the guest /vservers/foo/etc or /vservers/foo/sbin/rc
1150120352 M * yang _coocoon_: well, with this exit 0 settings i hope i wont spoil something ...
1150120365 M * _coocoon_ u have the tarball
1150120383 M * _coocoon_ yang: if anything went wrong extract it again ;-)
1150120405 M * yang well i am modifiing the rc file in /var/lib/vservers/gentoo/sbin
1150120420 M * _coocoon_ yang: ok if u have the files there right
1150120443 M * yang and the rest in /var/lib/vservers/gentoo/etc/init.d
1150120481 M * _coocoon_ yang: right
1150120681 J * Zaki ~Zaki@212.118.98.53
1150121072 M * Bertl welcome Zaki!
1150121110 M * Zaki thanks Bertl :)
1150121316 M * yang _coocoon_: it fails to start... http://pastebin.com/704333
1150121401 M * daniel_hozac yang: did you set it to init style plain?
1150121406 M * Bertl yang: okay, cleaned up a few other pages too :)
1150121427 M * yang init style plain ?
1150121442 M * daniel_hozac yang: echo plain > /etc/vservers/.../apps/init/style
1150121451 M * yang i didn't edit this section = Replace STARTCMD=
1150121452 M * daniel_hozac or --initstyle plain on vserver ... build.
1150121494 M * daniel_hozac you really shouldn't...
1150121577 M * yang ok works now, thank you !
1150121700 J * nayco ~root@proxy2.laroche.univ-nantes.fr
1150121709 M * nayco Hello, all !
1150122039 M * Bertl welcome nayco!
1150122557 Q * Zaki Ping timeout: 480 seconds
1150122603 M * Milf Anyone who has a few minutes and some bandwidth to spare have fun with this nightmare: http://fun.drno.de/movies/serverraum.avi
1150123082 M * nayco Hello, Bertl !
1150123095 M * nayco Have you seen my mail on the mailing list ?
1150123132 M * abi m
1150123135 M * abi Milf: ouch
1150123214 M * sepp does anyone have an idea why my sendmail queue runner inside an vserver at some point stops checking the queue ? some similar things happens to another daemon written in perl ...
1150123377 M * doener Milf: water cooling! :)
1150123456 M * nayco Milf: Oh my God, these poor admins :-O
1150123535 J * Zaki ~Zaki@212.118.100.33
1150123572 Q * brc Ping timeout: 480 seconds
1150123677 M * Milf Yep, I'd be interested to know which had to leave the company first: The guy who planned that building or the head of IT :)
1150123785 Q * lilo2 Remote host closed the connection
1150123821 M * nayco Ok, so, anyone has tried the Mandriva util-vserver packages ?
1150123822 Q * michal` Ping timeout: 480 seconds
1150123825 J * lilo2 ~0710AAD4@tor-irc.dnsbl.oftc.net
1150123873 Q * _coocoon_ Quit: KVIrc 3.2.0 'Realia'
1150124045 M * Bertl nayco: which one?
1150124079 M * nayco Ok, wait...
1150124211 M * nayco Bertl: Well, this one is still relevant : 
1150124221 M * nayco http://list.linux-vserver.org/archive/vserver/msg12930.html
1150124234 M * nayco Because the last one is not yet archived
1150124263 M * doener Bertl: hm, did you really create that funny page or is the wiki ml service broken?
1150124270 J * michal` ~michal@www.rsbac.org
1150124287 M * Bertl doener: no, I did create it for a minute :)
1150124299 M * doener ok :)
1150124315 M * Bertl wb michal`!
1150124365 M * nayco Bertl: In fact, the util-vserver-*-0.30.210-2mdk rpms seem to be broken dependence-wise (At least here on my amd64 host machine)
1150124371 M * doener and could you remove the brackets around the url in those mails? makes it easier to copy them when they are alone on their line
1150124415 M * Bertl nayco: hmm, maybe I should upload the newer ones then
1150124436 M * Bertl nayco: but it might well be that the dependancy is far-off as I use a patched up 8.2 Mandrake
1150124514 M * nayco Bertl: OMG, still this 8.2 :-O ;-) ? You are too strong for me, I couldn't do this :P
1150124528 M * nayco Bertl: Ok, so you have newer rpms ready ?
1150124639 Q * Zaki Remote host closed the connection
1150124712 M * Bertl http://vserver.13thfloor.at/Stuff/MANDRAKE/
1150124727 M * Bertl nayco: try the -4mdk
1150124764 M * nayco Thanks, I'm having a look
1150124774 M * Bertl you're welcome!
1150125021 J * meandtheshell ~markus@85-124-174-140.dynamic.xdsl-line.inode.at
1150125048 M * nayco Bertl: :'-( same thing...
1150125068 M * nayco Is it beacause I run X86_64 ??
1150125089 M * Bertl did you recompile the source?
1150125118 M * nayco Nope.
1150125125 M * nayco Should Itry ?
1150125138 M * Bertl then do: rpm --rebuild util-vserver-0.30.210-4mdk.src.rpm
1150125144 J * samuel ~samuel@jupe.quebectelephone.com
1150125155 M * Bertl if you are on a different arch, you should _always_ recompile
1150125162 M * samuel hi
1150125162 M * Bertl welcome samuel!
1150125167 M * nayco Bertl: Ok, back in a couple of... Well, I'll see ;-)
1150125315 M * samuel hey, anyone here is at o'reilly where2.0?
1150125415 Q * sezuan Remote host closed the connection
1150125548 M * Bertl samuel: hmm? what's that?
1150125560 M * mnemoc sounds like an event :p
1150125601 M * Bertl indeed!
1150125684 Q * Milf Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org
1150125833 Q * doener Remote host closed the connection
1150126030 M * samuel mapping/local conference
1150126032 M * samuel http://conferences.oreillynet.com/where2006/
1150126158 Q * ||Cobra|| Remote host closed the connection
1150126461 M * nayco Oh my God, this new server is a rocket :-o ! (*compiling util-vservers*)
1150126488 J * sezuan matthias@2a01:b0:10d8:0:213:8fff:fe01:f96f
1150126620 M * mnemoc do you think util-vserver is ready for 'production' enviroments? (with the last 2.0.2-rc22 patch)
1150126794 J * Brio ~Brio@pool-70-16-99-242.port.east.verizon.net
1150126797 M * Brio hello
1150126810 M * Brio #tmk
1150126854 P * Brio 
1150126941 M * Bertl hmm, short visit :)
1150126949 M * nayco Bertl: Thanks a lot, it was easier than expected. Now, I gonna write a mail to the list to tell the solution and talk about my last host/kernel patch version
1150126972 M * Bertl good! please mention that the rpms actually work when recompiled
1150126989 N * otaku42 otaku42_away
1150127607 J * doener ~doener@i5387E348.versanet.de
1150127713 M * nayco Bertl: Oh, dear, I forgot to mention it ! But anyway, testme.sh tells it... ;-)
1150127736 M * nayco Bertl: Do I have to set manually the chroot barrier, or do the rpm installation do it ?
1150127823 Q * daniel_hozac Ping timeout: 480 seconds
1150127909 M * nayco Bertl: Ok, I must leave, I'll look at the answer in the IRC logs ;-)
1150127911 Q * nayco Quit: leaving
1150128983 M * phreak`` morning everyone :) especially Bertl!
1150128998 M * Bertl morning phreak``!
1150129015 Q * lilo2 Remote host closed the connection
1150129051 M * matti Bertl: I assume, that vserver host/guest will not handle > 128 IPs?
1150129063 M * phreak`` Bertl: got a small question about your future plan (well something of that). What's your short-term plan for the 2.0.2/2.1.1 release ?! :)
1150129076 J * lilo2 ~0710AAD4@tor-irc.dnsbl.oftc.net
1150129089 M * derjohn matti, 16 by default, but patching kernel and utils is one line each.
1150129092 M * matti Bertl: You told me once about some strange issues with network and lot numer of IPs.
1150129139 M * derjohn matti, i use 64 ip in a guest without any probs. Bertl is concerned about the speed I think (slow linear lookups)
1150129141 M * phreak`` matti: afair (and from the ML) >128 are adding more overhead to the kernel
1150129152 M * matti derjohn: Hm, there was a performance drawbacks?
1150129164 M * matti I see.
1150129164 M * derjohn matti, s/was/is/
1150129170 M * matti ;/
1150129188 M * matti So, only NG Net solves this problem?
1150129191 M * derjohn matti, on my particular host i dont 'feed' any drawback ....
1150129191 M * matti One for all?
1150129206 M * matti derjohn: I need to use /24 per-guest ;]
1150129208 M * derjohn matti, yes, somewhen in 2008 maybe :/
1150129210 M * matti derjohn: On 100 Mbps likn.
1150129214 M * matti s/likn/link/
1150129225 M * matti derjohn: Damn...
1150129234 Q * sezuan Remote host closed the connection
1150129237 M * matti :)
1150129251 M * derjohn matti, IMVHO simply change the define of "IPV4_ROOT 16" to 256 ....
1150129263 M * matti Yeah...
1150129267 M * derjohn 100 Mbit lickin' sounds great ;)
1150129289 M * matti Yh.
1150129292 M * matti Probably :)
1150129295 M * derjohn matti, be aware to patch the utils, too or it wont we able to bring the IPs up :)
1150129304 M * matti Hehe. I see.
1150129304 M * matti ;]
1150129331 J * sezuan matthias@2a01:b0:10d8:0:213:8fff:fe01:f96f
1150129403 M * matti Thanks for the hint :)
1150129457 M * derjohn matti, de nada ... (/me simply hopes Bertl will have a pity and implement a hashed lookup + rise the max numebers by defauklt :))
1150129467 M * matti Hehehe.
1150129471 M * matti I hope so...
1150129480 M * matti For us... Poor users...
1150129481 M * matti ;p
1150129482 M * matti :P
1150129495 M * matti :)
1150129584 M * Bertl derjohn: well, sure, didn't you say something about a test setup on your side?
1150129620 M * derjohn Bertl, a test setup for what? openssi? openvpn? oder 'max IP' ?
1150129648 J * bonbons ~bonbons@83.222.39.166
1150129652 M * derjohn *lol* s/oder/or/ :)
1150129681 M * Bertl derjohn: all of those actually :)
1150129705 M * matti Bertl: :))))))))))))))
1150129706 M * derjohn Bertl, differnt boxen?
1150129715 M * derjohn different?
1150129734 M * Bertl derjohn: well, you need two boxes to test networking I guess
1150129736 M * derjohn Bertl, both Linuxtag Boxen are still running and eating power ....
1150129747 M * Bertl but of course, they all can be shared for all the tests, no?
1150129799 M * derjohn Bertl, yes, np ... I wanted to bake a rc22 kernel and try openssi ... but meanwhile it got hot in .de and /me wanted to enjoy the few warm days here ;)
1150129821 M * derjohn is there a rc23 in sight? peer-adress patch?
1150129859 M * Bertl yep, in sight :)
1150129888 M * derjohn so, I same my power and wait for rc23 ... ?
1150129912 M * derjohn (BTW: and rc23 is a realively hight number .... )
1150129916 M * derjohn *high
1150129920 M * Bertl hmm, no, your job is to create a test setup ...
1150129940 M * Bertl e.g. for testing 1 vs 2 vs 16 vs 256 IPs performance
1150129965 M * Bertl once we have that I can give you a patch to try/test with
1150129976 M * derjohn test setup: i'll make a rc22 kernel ... one with # = 16 ohne with # = 256 and compare speeds ... i will interkonnect them with 100 meg?
1150129985 M * matti Bertl: So, you advice to do not rist with such overhead?
1150129992 M * matti s/rist/risk/
1150129996 M * Bertl derjohn: e.g. also test with 1 and 2 ips
1150130003 M * derjohn matti, Bertl != brave :)
1150130012 M * matti derjohn: But VERY wise.
1150130016 M * matti derjohn: Ant that I love 
1150130017 M * derjohn Bertl, but two differnt kernels ... nor?
1150130020 M * matti derjohn: Him for ;p
1150130023 M * Bertl matti: if it works for you, it's fine
1150130030 M * Bertl derjohn: no, same kernel, different guests
1150130040 M * matti Bertl: I cannot say I just search for some solution.
1150130043 M * derjohn Bertl, you mean one with # = 256 ?
1150130070 M * Bertl derjohn: well, yes, you can test #16 vs #256 too, but I do not expect overhead in eprformance there
1150130073 M * derjohn Bertl, will the overhead rise with the numer of IP the guest is actually using or with the changing of the define?
1150130088 M * Bertl derjohn: the define will 'just' waste memory
1150130097 M * Bertl well, and lead to some cache misses
1150130106 M * derjohn ahh ... then why dont we rise the define at all? (if ot does not have negative impact on single Ip setups ....)
1150130113 M * derjohn k
1150130129 M * matti Well, calm down.
1150130137 M * derjohn will compile ... you know .. after-sports ... have to leave in a couple of mins ;)
1150130169 M * Bertl because I hate to forcibly change a value to something I do not consider appropriate .)
1150130170 M * derjohn matti, hm? no .. no problem here, just discussing ;) ( Bertl ? ) 
1150130177 M * matti derjohn: I know ;p
1150130193 M * derjohn Bertl, OK, you'll get the test-setup !!!
1150130210 M * Bertl derjohn: matti probably just wanted to say something, as he originally asked the question :)
1150130227 M * matti Emm... ;p
1150130253 M * derjohn Bertl, no really ... the question dates back several month when I started using vserver ;) *g*
1150130269 M * Bertl derjohn: no, really it is _much_ older :)
1150130270 M * matti Hmmm...
1150130291 M * Bertl derjohn: it basically came up since vs1.0 :)
1150130298 M * derjohn Bertl, damn, so I'm not the technology driver I thought I am ;)
1150130299 M * matti Bertl: romke have some concept, to use many little vservers per customer.
1150130320 M * matti Bertl: I try to find a solution for that - keeping in mind this overhead issue.
1150130347 M * matti Bertl: And we just recived /22 PI class from RIPE.
1150130370 M * matti Bertl: So, he is so exited... and he want to move each cusromer to his own IP address.
1150130417 M * matti Bertl: We use vserver widely and I just wonder, what will happen after that, etc.
1150130437 J * romke ~romke@83.16.133.162
1150130441 M * romke hi all
1150130448 M * matti Oh.
1150130449 M * matti ;]
1150130451 M * matti Hehehe.
1150130465 A * matti shots romke with some paper ball across the room in work place ;p
1150130471 M * romke :P
1150130472 M * Bertl hey romke!
1150130476 M * romke Bertl: hi
1150130483 M * romke matti: au
1150130489 M * matti romke: Gatcha ;p
1150130491 M * matti ;]
1150130568 M * matti romke: I need more coffee, give me a minute... want some?
1150130576 M * matti Anyone want some coffee?
1150130581 M * matti Bertl maybe?
1150130581 M * matti ;]
1150130590 M * Bertl matti: sure always :]
1150130711 A * matti hands to Bertl cup of coffee.
1150130724 M * matti Bertl: Enjoy - milk as usual?
1150130725 M * matti ;]
1150130760 M * matti romke: OK, we need (you mostly ;p) to tell Bertl, what we want to do... so ya now... ;p ekhm... ;p
1150130781 M * Bertl ah, please save it for later, I'm off for dinner right now :)
1150130789 M * matti Oh.
1150130790 M * Bertl (but will be back shortly)
1150130798 M * matti Enjoy dinner then ;)
1150130802 N * Bertl Bertl_oO
1150130877 N * nokoya nokoyaz
1150130901 N * nokoyaz nokoya
1150131096 Q * shedi Ping timeout: 480 seconds
1150131290 M * michal` matti: i need some definitely ;)
1150132296 J * daniel_hozac ~daniel@c-2d1472d5.010-230-73746f22.cust.bredbandsbolaget.se
1150133212 Q * DreamerC Quit: leaving
1150133713 N * Bertl_oO Bertl
1150133918 M * starlein is there any way to spoof some other cpuinfo to guest's procfs (with vprocunhide)?
1150133966 M * Bertl hmm, what kind of cpu info?
1150133973 M * Bertl (and no, by default no)
1150134207 Q * s0undt3c1 Ping timeout: 480 seconds
1150134472 J * s0undt3ch ~s0undt3ch@85.240.244.178
1150134553 Q * dlezcano Quit: Leaving
1150134705 J * doener_ ~doener@i5387F9F9.versanet.de
1150134923 N * sars sarnold
1150135117 Q * doener Ping timeout: 480 seconds
1150135430 M * starlein did just imagine to make guests "looking faster" than they are really :D
1150135444 M * Bertl you could try with a --bind mount :)
1150135444 M * starlein I thought that vprocunhide already is doing that kind of job
1150135448 M * starlein heh
1150135466 M * Bertl nah, as the name says, it (un)hides stuff without alteration
1150135485 M * starlein thats same work like patching procps utils :)
1150135491 M * starlein ok
1150135510 M * starlein thanks anyway 
1150135559 M * Bertl np
1150135955 M * ray6 oh, yes, CPU faking... was thinking about that for xen, too :) Make a celeron 1000 look like a quad-xeon :)
1150136155 M * Bertl yeah, make that a kernel patch with random load distribution across all cpus
1150136169 M * Bertl (to make it look more real)
1150136178 M * Bertl and then sell it as hardware upgrade :)
1150136275 M * starlein heh good idea
1150136290 Q * mnemoc Quit: leaving
1150137050 J * DreamerC ~dreamerc@59.112.10.216
1150137114 J * mnemoc ~amery@kilo105.server4you.de
1150137328 M * Bertl ray6: btw, what does the guest kernel show regarding bogomips (compared ot the host/dom0 kernel)?
1150137878 Q * lilalinux Remote host closed the connection
1150137982 M * ray6 Bertl: hm, much less than the host on my real life machines. Most probably depending on the hosts load during guest startup
1150138010 M * Bertl interesting ...
1150138011 M * ray6 the dom0 kernel shows about the same as the host normally
1150138061 M * ray6 But that's a singe cpu host. Could try it on my new dualcore P4 with assigning one CPU to dom0 and the other to a domU
1150138106 M * ray6 Bertl: on my real-life host all domU start up simultaniously, so I guess the host is quite busy while the bogomips test is run
1150138131 M * Bertl maybe you could start a single domU and check that one?
1150138143 M * Bertl (when you get around, of course)
1150138209 M * ray6 will try on the dualcore P4. Setting up some tests there in the moment anyway, I want to test how much SATA-II+NCQ brings for handling load peaks in multiple domUs
1150138280 M * ray6 Bertl: but I assume when a domain starts up while nothing else is working it should be about the same as the dom0
1150138333 M * ray6 the bogomips test is a simple something-loop with no syscalls or anything as I understand it, so there's no reason for it to be different in dom0 and domU except for load
1150138349 M * Bertl yes, that's what I'd expect
1150139218 M * yang is this normal, that when I start gentoo guest, i dont get any messages...like Starting system log deamon etc.
1150139278 M * Bertl yes, as gentoo is not using sysv, the sysv startup does not work
1150139420 M * yang also i dont know if my vserver was configured well, becouse i only did "skeleton", i didn't do vserver-new --hostname --interface...
1150139444 M * Bertl well, you can change all the settings in the config afterwards
1150139456 M * Bertl of course, it's often simpler to do it with the tools
1150139463 M * yang which file?
1150139476 M * Bertl /etc/vservers/<name>
1150139517 M * yang well i added all the IPs into interfaces
1150139545 M * yang but don't know where default is specified, also sshd complained to accept new connections
1150139566 M * Bertl did you restrict the host shhd?
1150139569 M * Bertl *sshd
1150139723 M * yang ok, it seems that sshd wasn't started
1150139764 Q * sezuan Remote host closed the connection
1150139861 J * sezuan matthias@2a01:b0:10d8:0:213:8fff:fe01:f96f
1150139945 Q * derjohn2 Ping timeout: 480 seconds
1150139946 J * derjohn2 ~aj@dslb-084-059-005-220.pools.arcor-ip.net
1150140106 Q * cdrx Quit: Leaving
1150140767 Q * starlein Ping timeout: 480 seconds
1150141652 Q * FireEgl Quit: Bye...
1150142584 Q * zkbrsnie Quit: 
1150143088 J * Zaki ~Zaki@212.118.100.33
1150143097 J * DreamerC_ ~dreamerc@59.112.4.9
1150143104 M * Bertl welcome Zaki!
1150143147 Q * michal` Ping timeout: 480 seconds
1150143346 Q * bonbons Quit: Leaving
1150143461 Q * DreamerC Ping timeout: 480 seconds
1150143486 J * michal` ~michal@www.rsbac.org
1150144251 J * s0undt3c1 ~s0undt3ch@85.241.3.155
1150144515 J * brc bruce@20151201208.user.veloxzone.com.br
1150144517 Q * Viper0482 Quit: bin raus, 
1150144666 Q * s0undt3ch Ping timeout: 480 seconds
1150144880 Q * brc Quit: No windows for this server
1150144886 J * brc bruce@20151201208.user.veloxzone.com.br
1150145132 Q * f_ Quit: This computer has gone to sleep
1150145986 J * xt ~xt@207-119-239-202.dyn.centurytel.net
1150145993 M * Bertl welcome xt!
1150146021 M * xt hello
1150146158 P * xt 
1150146862 N * insomnia1 insomniac
1150147306 Q * sezuan Remote host closed the connection
1150147310 J * sezuan matthias@2a01:b0:10d8:0:213:8fff:fe01:f96f
1150147414 J * f_ ~f_@83-215-237-1.seek.stat.salzburg-online.at
1150147973 Q * dna Quit: Verlassend
1150148169 Q * sezuan Remote host closed the connection
1150148507 Q * f_ Quit: This computer has gone to sleep
1150148515 M * Bertl ah, making progress with ocfs2, the folks from oracle seem very cooperative ...
1150148587 M * doener_ heh, I just read that one a few hours ago: http://www.tmcnet.com/usubmit/2006/06/12/1677418.htm ... seems to fit ;)
1150148731 M * Bertl yeah, okay, now that I got the ocfs2 stuff out, what about a little networking discussion? doener_? daniel_hozac?
1150148753 M * doener_ I'm busy right now, maybe in a few hours
1150148786 M * Bertl okay, 2am? 3am?
1150148866 M * doener_ 2am should be fine I guess
1150149454 J * sezuan matthias@2a01:b0:10d8:0:213:8fff:fe01:f96f
1150150277 M * waldi Bertl: does it support mmap in the meantime?
1150150291 M * Bertl ocfs2? or what?
1150150302 M * waldi yes
1150150320 M * Bertl well, I was working on 2.6.16.20, so probably no change to what you already know
1150150617 Q * sezuan Remote host closed the connection
1150150701 M * derjohn Bertl, came just back. begin compile later ... so expect the kernel ready tomorrow
1150150714 M * Bertl k
1150150721 M * derjohn btw: telnet ascii-wm.net 2006 <--- for the text-based geek and WM fan ;)
1150150733 M * waldi hmm, how long do you need to build a kernel?
1150150742 M * Bertl ah, as I'm not very fond of soccer ... 
1150150804 M * mnemoc cat < /dev/tcp/ascii-wm.net/2006
1150150808 M * mnemoc :)
1150150826 M * mnemoc telnet... what is that? :p
1150150928 M * derjohn mnemoc, it's netcat for wimps ;)
1150150936 M * mnemoc :D
1150151004 M * derjohn Bertl, well, but there are many happy ppl and parties around here during and after the games in .de ;)
1150151233 M * derjohn waldi, since I think are are not compatible in dealing with each other, I wont answer. But anyway thanks for bringing vserver to the Debian kernel, that helped the projects lots to grow.
1150151260 M * waldi derjohn: ?
1150151522 M * derjohn waldi, /me's questions being ignored by you all the time - no matter if here or #debian-kernel. 
1150151726 M * Bertl derjohn: well, at least you now know that you are not on /ignore :)
1150151770 M * waldi you only tried it two times with the same question which is some sort of sore spot in the current handling
1150152037 M * Bertl 'sore spots' in current (debian) 'handling'?
1150152058 M * waldi yes
1150152186 M * derjohn waldi, probably to a 'one-liner' to start the build process/apply the vserver patches. and: a simple readme would help lots .. i man not only for /me. (mind. §4) ..
1150152197 M * derjohn s/to//
1150152232 M * waldi derjohn: /usr/src/patches/$version/apply/debian 2.6.16-14 i386_vserver
1150152298 M * derjohn waldi, thx for the information!
1150152474 M * derjohn waldi, a new vserver patch will only be integrated, if the release a new stable? especially the capability 'masking' is a feature that was lacking last time i tried the debian kernels, i.e. make e.g. bind9 and pureftpd run without patches in a guest. 
1150152527 M * waldi derjohn: we try to update if with each release, maybe you want to try the snapshots
1150152541 M * daniel_hozac derjohn: that's a devel only feature for now.
1150152582 M * Bertl just wondered if debian 'backported# that
1150152590 M * derjohn daniel_hozac, time to declare it as stable as is a) makes no probs b) saved lots of work (client patches)
1150152631 M * Bertl hmm, has anybody verified that?
1150152637 M * derjohn daniel_hozac, Bertl : and backport it to vserver stable rc23 .. any reasons why not?
1150152639 M * daniel_hozac have you used it in a real environment? made sure it doesn't cause _any_ problems?
1150152677 M * Bertl yes, it would be especially interesting with apps which actully try to use the cap system (i.e. use libcap and such)
1150152684 M * Bertl *actually
1150152686 M * derjohn daniel_hozac, well, I can report it works here ... :) [I would have to check if on i386 or amd64]
1150152709 A * waldi wants a working capability system first: it is not possible to provide any caps over an exec call
1150152710 M * Bertl ah, yes and at least x86/x86_64 and x86 on x86_64
1150152721 M * derjohn Bertl, I use pureftp and bind9 (both more or less a requirement by ISPMan)
1150152723 M * daniel_hozac it passed my testing as well, but that doesn't really mean much :)
1150152737 J * fs fs@213.178.77.98
1150152744 M * Bertl welcome fs!
1150152753 M * Bertl waldi: hmm? you can :)
1150152766 M * waldi Bertl: i did not get it working
1150152774 M * fs hello :)
1150152778 M * waldi Bertl: and the code looks like "not possible"
1150152797 M * waldi hi fs
1150152809 M * derjohn Bertl, you can test on the textboxen tomorrow. My kernels need about 1:30 or so to complile on that machine. (I dont check that time, let it run over n8)
1150152847 M * Bertl waldi: you need CAP_SETPCAP and 'grant' the cap to the 'child'
1150152932 M * waldi Bertl: ua
1150152940 M * Bertl waldi: but the idea behind the exec 'adjusting' the caps is that it is not a good idea to pass on root caps to non-suid root execs
1150152976 M * waldi Bertl: why? the inherit set is designed for that work
1150152989 M * Bertl inherit yes, exec no
1150153015 M * waldi hmm?
1150153037 M * waldi the inherit set is preserved during exec, but without anything set in the permitted set it is rather useless
1150153064 M * Bertl if the executable is suid-root, it should be applied
1150153077 M * waldi it gets any caps back
1150153097 M * Bertl hmm, no, they should actually be masked, IIRC
1150153099 M * waldi no
1150153103 M * waldi i tested it
1150153119 M * waldi i was only able to remove them from the effective set, not from the permitted
1150153163 M * Bertl well, effective without the SETPCAP should suffice now?
1150153170 M * Bertl s/now/no/
1150153183 M * waldi no
1150153480 Q * mnemoc Quit: leaving
1150153494 J * mnemoc ~amery@kilo105.server4you.de
1150153921 M * waldi Bertl: $ ls -al /dev/pts/23
1150153921 M * waldi crw--w---- 1 bastian tty 136, 23 Jun 12 23:01 /dev/pts/23
1150153925 M * waldi $ cat /dev/pts/23
1150153925 M * waldi cat: /dev/pts/23: Permission denied
1150153933 M * waldi $ id
1150153933 M * waldi uid=1000(bastian) gid=1000 groups=1000,2001,4000,50001
1150153950 M * waldi i don't think this is correct, is it?
1150153956 M * Bertl lsxid /dev/pts/23
1150154079 M * waldi vc_get_iattr(): Operation not permitted
1150154079 M * waldi !!ERR!!               /dev/pts/23
1150154095 M * Bertl you are not xid=0 or xid=1 I presume?
1150154103 M * waldi i have a chroot within a vserver
1150154107 M * waldi yes
1150154133 M * Bertl I'd assume /dev/pts/23 belongs to the host context (xid=0)
1150154140 M * waldi                devel  /dev/pts/23
1150154144 M * Bertl it was probably allocated _before_ you entered the guest
1150154152 M * waldi no, it belongs to the correct guest
1150154158 M * doener_ hm, would it be visible then?
1150154175 M * Bertl doener_: hmm, good point
1150154190 M * Bertl waldi: is that devpts?
1150154193 Q * mnemoc Quit: leaving
1150154194 M * waldi but yes
1150154205 J * mnemoc ~amery@kilo105.server4you.de
1150154212 M * doener_ Bertl: ah, hiding is broken again it seems
1150154220 M * waldi doener_: no
1150154225 M * waldi it work correct
1150154241 M * waldi but the pts is not usable within a chroot in a vserver
1150154245 M * waldi s/pts/pty/
1150154251 M * doener_ no, using the full path, you can see all ptys, you just get a -EPERM on access
1150154264 M * waldi i get EACCESS
1150154315 M * doener_ ehrm, right
1150154337 M * Bertl doener_: IIRC, we decided that we hide it in the readdir, but do the perm stuff in the access case, to identify such 'wrong' access
1150154421 M * doener_ Bertl: ok, must have missed that then, IIRC we also "fixed" it once
1150154540 M * Bertl let me check the 'current' state :)
1150155175 M * Bertl yep, we do only access checks and filtering for the dir
1150155215 M * Bertl but it would be simple to 'special case' the guest case and return -ENOENT there 
1150155250 M * Bertl although I do not see any good reason, but, adding VX_WATCH there might be a good idea :)
1150155268 M * Bertl (in devpts_permission, that is)
1150155271 M * waldi Bertl: i think you don't understand the problem. the pty is not accessible within the vserver which created them
1150155301 M * Bertl waldi: hmm, how was it created?
1150155311 M * waldi sleep 100 < /dev/ptmx
1150155321 M * Bertl inside the guest?
1150155323 M * waldi yes
1150155329 M * waldi inside a chroot within the guest
1150155340 M * waldi (i need chroots for the debian autobuilder)
1150155342 M * Bertl let me check that ...
1150155438 M * waldi bastian@devel:~$ sudo chroot /srv/chroot/sid-amd64 cat /dev/pts/23
1150155438 M * waldi cat: /dev/pts/23: Permission denied
1150155438 M * waldi bastian@devel:~$ sudo cat /dev/pts/23  
1150155438 M * waldi cat: /dev/pts/23: Input/output error
1150155508 M * Bertl hmm, well, works here with or without chroot
1150155519 M * Bertl how did the devpts get into the chroot?
1150155552 M * Bertl (I mean inside a guest)
1150155617 M * waldi bah, nodev
1150155628 M * waldi fuck
1150155633 M * Bertl lol
1150155639 M * Bertl *sorry*
1150155671 M * doener_ :)
1150155693 M * Bertl which brings me to the question, should be exempt such filesystems (proc/ptsfs) from the nodev?
1150155711 M * waldi i don't know what this restriction gains anyway
1150155726 M * waldi you can always overwrite it
1150155730 M * Bertl yes?
1150155740 M * Bertl how so?
1150155758 M * Bertl (this would be a security flaw)
1150155763 M * waldi lets check
1150155795 Q * sladen Ping timeout: 480 seconds
1150155805 M * waldi why is it a security flaw to bindmount something within the guest?
1150155833 M * Bertl bind mount is special, and would be fine without any changes
1150155850 M * waldi i only use bindmounts
1150155967 M * Bertl if we do not see a good reason why we should apply nodev to proc, devpts and bind mounts, we could make that less restrictive
1150155996 M * Bertl (which might help your build chroot :)
1150156007 M * waldi exactly
1150156019 M * Bertl so patches are welcome (for review :)
1150156082 J * sladen paul@starsky.19inch.net
1150156088 M * Bertl wb sladen!
1150156117 M * Bertl .o( which reminds me to check paul's probably _very_ outdated wish list :)
1150156375 M * Bertl jup, very outdated ...
1150156383 M * anonc morning bertl
1150156389 M * Bertl hey anonc!
1150156460 M * anonc Bertl: did you have any luck with the immutable directory crash bug?
1150156481 M * Bertl well, of course it is fixed by now :)
1150156495 M * anonc delta-cow-fix?
1150156501 M * Bertl yep
1150156579 M * anonc in a unified vserver situation, presumably directories should be marked as neither iunlink nor immutable?
1150156594 M * Bertl precisely, they should be left as-is
1150156725 M * waldi Bertl: where do I find this flags override?
1150156741 M * anonc can you think of any situation where a directory should be marked iunlink? if not should the setattr tool prevent marking them as such?