1150677847 J * _coocoon_ ~coocoon@84.160.90.65
1150677852 M * _coocoon_ morning
1150679257 J * DarthVader ~Aniken@203.177.212.163
1150679995 M * Nam when changing NB_IPV4ROOT to a larger number, is their any potential problems, performance issues or anything like that, related to having either, just the high number, or having a high number of ip addresses
1150680054 M * daniel_hozac your performance will obviously decrease as you increase the number of IP addresses.
1150680090 M * Nam just by having more ips... or by the traffic associated with those ips?
1150680176 M * daniel_hozac you should really make sure you order the IPs so that the most used are at the beginning, and the least used are at the end.
1150680189 Q * DarthVader Ping timeout: 480 seconds
1150680267 M * Nam what exactly would cause the problems? with each aditional ip address, does a vserver have performance issue, or is it just based on the traffic or what... because i won't know which ip's are high or lower in use until a while after they've been in use
1150680271 M * Nam this is for a hosting company
1150680274 N * Bertl_zZ Bertl
1150680286 M * Nam wb Bertl
1150680286 M * Bertl ah, that was refreshing ...
1150680291 M * Nam good nap?
1150680302 M * Bertl yup, definitely
1150680442 M * Nam like, for instance, say you have 100 ips, and as an example, ip address 5, and ip address number 195 use the same amount of traffic... would cause more of a performance problem?... from my experiance on a regular linux system you can have as many ip's as you want pretty much, with next to 0 difference in performance
1150680446 M * Nam at liest from my experiance
1150680504 M * Nam for customers wanting to run a HTTPS site, it requires an IP address for each HTTPS site, so, if on one system there at 500 customers, and a couple of them have a bunch of HTTPS sites, that adds up over time
1150680573 M * daniel_hozac well, the algorithm goes through the list of IP addresses and checks each one, in order.
1150680602 M * daniel_hozac so there would be a pretty significant penalty for the 195th address.
1150680626 M * Bertl Nam: you have to look at it from the linux-box + routing perspective
1150680643 M * Bertl basically there are three 'scenarios'
1150680661 M * Bertl - single linux box (no routing, everything is accepted)
1150680688 M * Bertl - a router, ips are checked and directed to different boxes
1150680715 M * Bertl - single box with N guests, i decides about destination
1150680722 M * Bertl s/i/ip
1150680752 M * Bertl so currently linux-vserver is behaving like a single/native box with one ip
1150680770 M * Bertl and it is behaving like a bad router in the >16 ip case
1150680803 M * Bertl in general, the performance/penalty will be between a single box and a router + box
1150680832 M * Bertl we are currently redesigning the matching algorithms to make them something like O(log(n))
1150680842 J * DarthVader ~Aniken@203.177.212.163
1150680922 M * Bertl wb DarthVader!
1150681012 M * Nam so... it would be better to have a gateway with all the IPs, which then route through NAT to the internal vserver system which just each vserver has an ip like 192.168.2.2/255.255.0.0-192.168.20.254/255.255.0.0 or something like that... each vserver getting a new ip in sequance, and then it only responds to the one IP, but it's actually getting routed the traffic from which ever IP's on the external?
1150681048 M * Bertl well, depends on your PoV
1150681079 M * Bertl let's assume I just look at the vserver host
1150681103 M * Bertl then having a single ip for each guest there is the best setup your can get
1150681111 M * Bertl (best as in fastest)
1150681140 M * Nam so... NAT is the fastest choice, with routing from the gateway to each of the IPs?
1150681174 M * Bertl over all, probably not, unless you NAT gateway performs that with zero overhead
1150681181 M * Bertl *your
1150681224 M * Nam well... really the only other solution would mean that the server with the vserver kernel would have all the ips, and each vserver would get which ones are requested by the users on that vserver
1150681276 M * Nam and according to you, that would cause performance issues the more IPs that are used right?
1150681298 M * Bertl let me ask the question: why does HTTPS for customers automatically lead to many IPs for each guest?
1150681320 M * Nam with HTTP you can share one IP for every site, but for HTTPS, it doesn't work the same
1150681332 M * DarthVader hi Bertl..
1150681333 M * Nam HTTPS sites work by IP/Port
1150681339 M * Bertl yes, I'm aware of that design flaw
1150681376 M * Bertl still doesn't answer my question, are you assuming that each customer has 100 HTTP sites?
1150681387 M * Nam ok... which then means that if any users on a vserver want to run a HTTP site, i either have to assign ports for each site... a bad workaround, or make users have to lease an IP for each of the sites
1150681417 M * Nam if a customer had 100 HTTP sites, that would be fine
1150681433 M * Nam but for every HTTPS site, it either needs an IP, or a Port
1150681465 M * Nam IP is obviously the better choice, so links arn't https://site.com:####/
1150681467 M * Bertl okay, so you put, let's say 50 guests on a linux box, with more than 100 https sites per guest?
1150681493 M * Bertl that will be 5000 https sites total
1150681497 M * daniel_hozac Nam: your gateway could be doing IP -> port translations.
1150681533 M * Bertl obviously I'm missing something, I would understand it if you would direct all https sites to one guest
1150681556 M * Nam no, as my example... lets says there are 500 users within a guest vserver... say only 10 of them have https sites, but each has 10 http sites... that's 100 https sites.. and that could be a small customer base
1150681560 M * Nam it could get way more then that
1150681580 M * Nam each vserver is in effect a set of users under the branding of a reseller
1150681588 M * Nam so, each has their own user base
1150681608 M * Bertl well, in this case we have 10 max 11 IPs no?
1150681615 M * Bertl (for each guest)
1150681646 M * Nam in that instant, no, it would be 100
1150681653 M * Nam 10 users with 10 HTTPS sites
1150681675 M * Nam 100 ip's, one for each HTTP site, if they want it responding to a domain without the :PORT addition
1150681715 M * Bertl how many such guests would you put on a single server?
1150681747 M * Nam depends... i'll be build in my own load system which will distribute it across multiple system if a vserver pulls to much load
1150681772 M * Bertl 2, 5, 10, 100?
1150681800 M * Bertl and more important, how to control which user has which IP?
1150681821 M * Bertl or are they allowed to use IPs from other users on the same guest?
1150681827 M * Nam depends on the system, we are planning on getting a quad opteron dual core with like 16 gb of ram, once the load gets to high, we'll get another, and migrate some of the vservers over to that system
1150681832 M * Nam equalize the load
1150681900 M * Nam this will be built into a server farm with a fiber backbone eventually
1150681930 M * Bertl okay, so be it, what about the access control question?
1150681950 M * Nam ?
1150681951 M * Bertl i.e. you have 100+ ips assigned to a guest, with 100 users
1150681967 M * Bertl how do you control which user has what ips available?
1150682004 M * Nam no one has access to the console, and it's all controlled through a control panel interface which is custom writen
1150682018 M * Bertl how many web servers will be running there?
1150682040 M * Bertl one per guest? several? a single one for all guests?
1150682042 M * Nam on a guest vserver?
1150682049 M * Nam one per guest
1150682093 M * Bertl and the 'users' basically only have an account to upload stuff, yes
1150682114 M * Bertl and everything administrative is done via the web frontend
1150682117 M * Nam ftp/ftps/web based file manager
1150682125 M * Nam yup
1150682138 M * Nam like a cpanel system, but much more advanced
1150682149 M * Bertl and guest root is _alwys_ controlled by you? or by somebody else?
1150682213 M * Nam controlled by the interface, which I manage, but customers use customer interfaces to get tasks accomplished
1150682220 M * Nam like adding a new ip to their account and what not
1150682239 M * Nam my tools configure all the config files and everything what that is needed
1150682309 M * Bertl okay, in this case, I'd skip the network restriction completely
1150682339 M * Bertl just let every guest bind to _all_ addresses and do the restrictions via your web/ftp/whatever server
1150682375 M * Nam then that causes a problem with ports
1150682449 M * Bertl why?
1150682543 M * Nam well, currently I have some software setup to bind to * for each software, so that any new ip's assigned to the vserver are automatically picked up, only some software requires specifc IP's to be known about, like apache for the HTTPS sites... this would mean a lot of configuration changes and coding changes
1150682604 M * Bertl okay, so you are trading design advantages against performance, that's fine for me :)
1150682673 M * Bertl if you reserve ip spaces per guest, you probably can get the checks and the performance
1150682703 M * Bertl a check for an entire network will soon be as fast as for a single ip
1150682710 M * Nam hmm.... if you assign all ip's, doesn't cause the performance problems, but if you specify each one individually, it does?
1150682735 M * Bertl all ips = single ip (IP_ANY)
1150682751 M * Bertl no need to check anything there
1150682778 M * Bertl 100 ips distributed across networks mean 100 checks
1150682806 M * Nam can you set up multiple ip address for a single entry? so eth0 has how ever many ip's you assigned through the ip addr command?
1150682809 M * Bertl 100 ips in a /24 network (with the rest unassigned) -> single network check
1150682846 M * Bertl no idea what you mean with 'single entry'
1150682886 M * Nam /etc/vservers/<vserver-name>/interfaces/0/ having listed multiple ips for the listed device
1150682917 M * daniel_hozac interfaces don't matter at all.
1150682922 M * daniel_hozac it's all IP-based.
1150682925 M * Nam before i used the old config, with old method of ip's, eth0:1+ ... the new way is using ip addr to add multiple ip address to eth0
1150682979 M * Nam ah
1150682989 M * Bertl it's a different way to write things, but the in kernel code is the same
1150683038 M * Bertl btw, the NAT stuff doesn't work with https either (just for the record)
1150683067 M * Nam ah
1150683080 M * Nam damn https, it causes all the problem
1150683080 M * Nam s
1150683111 M * Nam guess i have to modify each module to reconfigure software to do each IP individually
1150683122 M * Nam and have all assigned to each vserver
1150683224 M * Bertl as I said, a viable alternative would be to assign ranges
1150683232 M * Bertl for example:
1150683252 M * Bertl have a class C network broken down into /28 nets
1150683272 M * Bertl then ahve a guest running for each subnet
1150683284 M * Bertl (still using the /24 network)
1150683309 M * Bertl when you want to add a new https site, just look for a guest with an unused ip
1150683322 M * Bertl put that user there and assign that ip on the host
1150683330 M * Bertl (the guest already can use it)
1150683343 M * Nam that wouldn't work in my setup
1150683350 M * Bertl why?
1150683402 M * Nam i can't move users from guest vserver to guest vserver
1150683469 M * Nam actually, i can think of a bunch of reasons, setting it to all ip's would be less work
1150683508 M * Nam how do you set a guest vserver to all ips?
1150683527 M * daniel_hozac 0.0.0.0 as the first IP address.
1150683534 M * Nam k
1150683537 M * Bertl (make it the only one :)
1150683562 M * Bertl btw, I haven't thought about the overhead a socket with 100 ips has
1150683589 M * Bertl might as well be that the guest restriction is less overhead (even for 100 single ips)
1150683610 M * Nam ?
1150683633 A * Nam has been drinking beer most of the day
1150683646 M * Bertl well, if you have 100 listen directives in apache, I'm not sure how that affects the apache performance
1150683663 M * Bertl after all the socket has to do something similar than we do
1150683674 M * Nam ah, right
1150683687 M * Bertl IMHO this area desperately needs some performance testing :)
1150683689 M * daniel_hozac don't you just have Listen *:80 and Listen *:443?
1150683693 M * Nam which would bring back to the same problem
1150683742 M * Nam that wouldn't work unless your assigning each IP individually to the vserver, because if your listening on *, you go and run another vserver which is listening on *, you have a conflict
1150683758 M * Bertl yep
1150683769 M * Nam i had that issues when i tried to do with ssh/sendmail
1150683797 M * Bertl so the performance questions (which need to be answered) are:
1150683800 M * Nam from that point on, i started assigning each ip to the IPROOT= entry
1150683838 M * Bertl - how much different is a bind to a single ip/any from a binding to let's say 256 ips?
1150683845 J * f_ ~f_@83-215-237-1.seek.stat.salzburg-online.at
1150683869 M * Bertl - how much overhead has a (reasonably) fast ip check for 256 ips? (O(log))
1150683872 J * aphetadus ~joaopaulo@200-161-120-193.dsl.telesp.net.br
1150683885 M * Bertl wb aphetadus! f_!
1150683885 Q * f_ Quit: 
1150683907 M * aphetadus ow, thank Bertl
1150683919 M * Nam yes, good questions Bertl
1150683935 J * Aiken_ ~james@tooax7-187.dialup.optusnet.com.au
1150684006 M * Nam if apache, or other services handle the sockets the same way, it would probably be better to have vserver doing it globally for all ips, then to have each application/service doing it for each thing it needs
1150684012 M * Nam at liest, i would think in theory
1150684017 M * Aiken_ I am confused, why couldn't each guest bind to *:80 ?
1150684051 M * Aiken_ or *:443
1150684052 M * Bertl hey Aiken_!
1150684055 M * Nam can't have more then one bind to the port
1150684057 M * Aiken_ hello
1150684062 M * Nam try and run two sessions of ssh
1150684063 M * Bertl the question/scenarios are like this:
1150684067 M * Nam they will conflict
1150684079 M * Nam because one ssh sessions binds the port
1150684081 M * Bertl A) we have a linux box, without any vserver patch
1150684085 M * Aiken_ Nam are the multiple instances of apache in the same guest or different guests?
1150684099 M * Nam wouldn't matter
1150684107 M * Nam and they where in seperate when i did the tests
1150684107 M * Bertl - there are two instances of, let's say apache, each binding to 256 ips
1150684122 M * Aiken_ guest A can bind to *:80 and guest B can bind to *:80 without conflict
1150684136 M * Bertl and B) we have a linux-vserver box with 2 guests, each assigned 256 IPs
1150684146 M * Nam as long as guest b doesn't bind to the same ip addresses
1150684152 M * Bertl - one instance of apache in each guest, binding to ANY
1150684158 M * Aiken_ so are the guests being given the same ip?
1150684172 M * Nam otherwise, how does a connection know which application responds?
1150684192 M * Nam the synario we where talking about is binding every guest to *
1150684208 M * Bertl the A) scenarion can be converted to A') a Linux-VServer system with two guests allowing any IP for each guest
1150684219 M * Bertl *scenario
1150684289 Q * Aiken Ping timeout: 480 seconds
1150684314 M * Nam hey Bertl, i noticed that you log the channels, and store the logs... how are you logging it all... through your irc client?
1150684329 M * Aiken_ so guests can have the same ip in this scenario?
1150684337 M * Bertl Nam: nope, it's a bot
1150684347 M * Nam are you just logging to a file?
1150684357 M * Aiken_ only reason I can see for bind * not working
1150684366 M * Aiken_ http://irc.13thfloor.at/LOG/2006-06/
1150684384 M * Nam yes, we already covered that Aiken, binding all the guest vservers to *
1150684425 M * Aiken_ still confused, you have guests with the same ip?
1150684429 M * Nam we've been discussing this for like over an hour now
1150684509 M * Nam Bertl: you might like this solution then... I'm using it currently, there is a script for eggdrop which will log everything to mysql
1150684519 M * Nam then you can search and pull results as you need
1150684561 M * Nam http://www.tclscript.com/cgi-bin/dbs.cgi?get=mysqlegglog.tcl
1150684564 M * Bertl Nam: the bot is doing fine for my purpose and google is good at searching stuff there :)
1150684574 M * Nam ah
1150684616 M * Bertl but thanks for the suggestion
1150684657 M * Nam np, i just started using it, since it's so easy, and quick to search, i though i'd suggest it
1150684829 M * aphetadus hey guys, a little question..  How the processes are isolated from each other, in fact? I saw in the sources that an entry were added to the task_struct in include/linux/sched.h to indentify what context the process belongs to, but I didn't understand yet how the processes inside a context see only the other processes inside the same context. Can anyone help me on this, or give pointers to any document on it.
1150684830 M * aphetadus ?
1150684873 M * Bertl well, everytime a process 'looks' for another process, the 'ids' are compared
1150684889 M * Bertl a mismatch means that they do not see eachother (basically)
1150684921 M * aphetadus ok, so in fact, the processes see all process in the system and they just "ignores" it?
1150684953 M * Bertl no, they just 'see' what is in the same 'context'
1150684980 M * Bertl (as seeing involves finding a process by e.g. pid, and in this case pid,xid)
1150684982 M * aphetadus where this comparison is made?
1150685003 M * Bertl in several places, depending on the kind of 'seeing'
1150685048 M * Bertl but most checks boil down to find_task_with_pid()
1150685060 M * aphetadus for example, how ps does this?
1150685072 M * Bertl ps looks into the procfs
1150685092 M * Bertl the procfs itself has a readdir function which returns a list of processes
1150685115 M * Bertl this list is 'reduced' to the processes in the same context
1150685189 M * aphetadus hum, ok
1150685391 M * aphetadus where in the sources can I find more on this? I made a  'grep -R find_task_with_pid' and received nothing in return  =(
1150685455 M * Bertl check this out:
1150685457 M * Bertl http://vserver.13thfloor.at/Experimental/split-2.6.16-rc4-vs2.1.1-rcX/
1150685508 M * Bertl e.g. the vpid or the isolation
1150685532 M * aphetadus I'm doing a junior research (undergrad project) in the university on how improve network security with vserver, and I need to understant exactly how the processes are isolated from each other
1150685552 M * Bertl then you _will_ have to study the source :)
1150685598 M * aphetadus yeah, I know...
1150685673 A * doener .oO( ah yeah... back then... IceTi... ) ;)
1150685692 M * Bertl but the more general view on the isolation process is this:
1150685715 M * Bertl userspace gets _everything_ it sees and handles from the kernel
1150685739 M * Bertl i.e. if you access a file or send a signal to a process or something, you do this _via_ the kernel
1150685761 M * Bertl those interfaces (between userspace and kernel) are isolated and to some degree virtualized
1150685826 Q * _coocoon_ Quit: KVIrc 3.2.0 'Realia'
1150685837 M * Bertl okay, I'm finally tired now ... so I'm off to bed ... back later today ...
1150685849 M * Bertl have a good one everyone .. cya!
1150685855 M * Nam g-night Bertl
1150685856 M * aphetadus ok, thanks for the help Bertl
1150685856 N * Bertl Bertl_zZ
1150685877 A * Nam gives Bertl a gold star for all the help he gives people
1150687094 Q * DarthVader Ping timeout: 480 seconds
1150689979 P * aphetadus 
1150691207 Q * lonewolff Remote host closed the connection
1150691209 J * lonewolff ~lonewolff@adleman.lonewolff.info
1150692240 Q * Aiken_ Remote host closed the connection
1150692672 J * Aiken ~james@tooax7-187.dialup.optusnet.com.au
1150692790 M * Aiken vxW: !!! limit: f7f8f048[LOCKS,10] = -2 on exit.
1150692800 M * Aiken 2.6.17-vs2.1.1-rc23.2
1150692839 M * Aiken this is on x86
1150692872 M * Aiken the DENTRY line is still non zero like it was when I was testing an rc of 2.6.17 on my alpha
1150692895 M * Aiken but the LOCKS line was not giving funny values then but is now
1150693477 Q * Aiken Remote host closed the connection
1150693606 J * Aiken ~james@tooax7-187.dialup.optusnet.com.au
1150694886 J * dna ~naucki@dialer-157-160.kielnet.net
1150695158 J * lipeng ~pli1@pdfwpr01.pd.intel.com
1150695296 Q * dna Quit: Verlassend
1150695495 P * lipeng 
1150695681 J * f_ ~f_@83-215-237-1.seek.stat.salzburg-online.at
1150695717 J * DarthVader ~Aniken@203.177.212.163
1150696511 M * matti Hm...
1150696557 M * matti Anyone have vs2.01 for 2.6.17?
1150696559 M * matti :)
1150696747 Q * f_ Quit: This computer has gone to sleep
1150696772 J * zkbrsnie ~zkbrsnie@83.64.146.226
1150696877 J * f_ ~f_@83-215-237-2.seek.stat.salzburg-online.at
1150697811 J * AndrewLee ~andrew@tnlug.linux.org.tw
1150698144 J * gerrit ~gerrit@67.160.146.170
1150698154 Q * DarthVader Ping timeout: 480 seconds
1150698282 N * otaku42_away otaku42
1150699110 M * tokkee matti: Why don't you use vs2.0.2?
1150699154 J * _coocoon_ ~coocoon@84.160.111.229
1150699165 M * _coocoon_ morning
1150699733 M * matti tokkee: Is stable enough?
1150700128 M * tokkee matti: I'd say so...
1150700155 M * tokkee matti: I'm using it on a production server and didn't have any problems so far.
1150700525 M * matti ;-)
1150701444 Q * Aiken Ping timeout: 480 seconds
1150701535 J * ||Cobra|| ~cob@146.50.22.204
1150702206 J * Aiken ~james@tooax8-236.dialup.optusnet.com.au
1150703606 Q * ||Cobra|| Remote host closed the connection
1150703809 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl
1150704765 M * trippeh Bertl_zZ: 2.0.2-rc23.2, works so far
1150705404 J * DarthVader ~Aniken@203.177.212.163
1150705893 Q * pflanze Quit: [x]chat
1150706404 Q * cmatei Ping timeout: 480 seconds
1150706465 J * cmatei ~cmatei@home-307461.b.astral.ro
1150707130 J * id23 ~id@p50813C68.dip0.t-ipconnect.de
1150707136 M * id23 hi #vserver
1150707216 Q * DarthVader Quit: Leaving
1150709054 Q * f_ Quit: This computer has gone to sleep
1150709306 J * f_ ~f_@83-215-237-1.seek.stat.salzburg-online.at
1150709718 J * DarthVader ~Aniken@203.177.212.163
1150711293 Q * shedi Quit: Leaving
1150711904 J * jhaig ~jhaig@mantis.office.netline.net.uk
1150712082 M * tokkee Hi id23 ;-)
1150712115 M * jhaig After installing a vserver kernel on CentOS iptables doesn't work any more.  Do I need to install an updated iptables package?
1150712460 M * cehteh iptables should only work from the root server
1150712480 M * cehteh if not, you doing something wrong .. or it is a bug
1150712486 Q * Loki|muh Remote host closed the connection
1150712601 M * jhaig Well, it doesn't.  All I have done is patched the kernel, recompiled and rebooted.  iptables -L returns an error.
1150712601 Q * f_ Read error: Connection reset by peer
1150712628 M * cehteh what error?
1150712653 M * jhaig iptables v1.2.11: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
1150712672 M * cehteh mhm
1150712698 M * jhaig Then it has "Perhaps iptables or your kernel needs to be upgraded."
1150712723 M * id23 do you use a monolithic kernel ?
1150712727 M * cehteh you used the exact same kernel sans the vserver patch before .. with the same config?
1150712787 M * cehteh maybe your new kernel is missing iptables support? what does 'modprobe iptable_filter' tell you?
1150712812 M * id23 jhaig, try cehteh tip
1150712813 M * jhaig id23: I just took the kernel from kernel.org (linked from the vserver web page) and patched it.  I made a couple of changes to the vserver config and then recompiled.
1150712855 M * jhaig Hmmm, module not found.  I thought iptables was a standard feature these days.
1150712855 M * id23 did you do a make menuconfig or xconfig
1150712861 M * jhaig make menuconfig
1150712868 M * cehteh jhaig: likely you forgot to enable iptables :)
1150712885 M * cehteh standard does not mean it is enabled
1150712887 M * id23 or the filters of iptables
1150712905 M * cehteh better get the config from the kernel you used before as base
1150712912 M * id23 jhaig, which disto do you use ?
1150712917 M * jhaig If I search in menuconfig for 'iptables' I get a couple of results (one for v4 and one for v6) but if I follow them down they don't exist.
1150712920 M * jhaig CentOS
1150712935 M * cehteh jhaig: iptable has quite a much modules
1150712960 M * cehteh start from Centos normal config
1150712994 M * jhaig The search result has "Symbol: IP_NF_IPTABLES [=n]" but .config doesn't seem to have this symbol anywhere.
1150713004 M * cehteh thats the best way not to fuck it ip .. enable things you want (as module) and only disable things you really kno that you will never ever need them with the kernel
1150713021 M * jhaig OK, I'll try that, but the CentOS how to on the web site recommended not doing this as some things (eg SELinux) mess up vserver.
1150713034 J * f_ ~f_@83-215-237-1.seek.stat.salzburg-online.at
1150713041 M * cehteh SElinux & Vserver are not easy to get right
1150713063 M * cehteh you likely dont need selinux anyways
1150713093 M * jhaig No I don't need it.  I normally disable it.
1150713128 M * cehteh well its easy ti fuck a kernel up when you disable things accidentally ... or build things you need at boot time as module
1150713141 J * Loki|muh loki@213.133.125.66
1150713144 A * cehteh once did that with the ide disk stuff accidentally :)
1150713299 M * jhaig OK, it is building now.  However, I'm a bit concerned about taking a config file from a 2.6.9 kernel and using it with 2.6.16.  Is this OK to do?  Does it use sensible defaults for any extra features?
1150713356 M * Loki|muh hmmm try make oldconfig
1150713367 M * Loki|muh and you will be asked about every new config option ;)
1150713376 M * jhaig Well, it is working so far.  If it fails I'll try that.
1150713731 M * cehteh did someone already tried vserver on .17? 
1150713736 A * cehteh needs an update :P
1150713773 M * Loki|muh yeah, just a few moments ago ;)
1150713827 M * cehteh heh ok
1150714634 M * jhaig Are there any benefits of the .17 kernel over the .16 kernel with respect to vserver?
1150714672 M * jhaig Ie, should I, as someone trying out vserver, use it.
1150714728 M * cehteh nope
1150714757 M * cehteh for stability/production you certainly want .16
1150714783 M * mnemoc .14 :p
1150714860 M * waldi no
1150714882 M * waldi jhaig: .17 contains a lot of changes
1150714894 M * waldi you have to know if you need them
1150714895 M * mnemoc changes = new bugs
1150714912 A * cehteh has .14 .. but i want to check for the new suspend interface and the ipw2200 update
1150714929 M * jhaig mnemoc: I'm glad to see your confidence in the kernel developer.  ;-)
1150714940 M * cehteh the .16 is widely considered as long tim stability kernel ... .17 introduced a lot new changes
1150714945 M * mnemoc jhaig: :D
1150715000 M * jhaig Would there be major problems if I took the CentOS kernel source, version 2.6.9, and tried to patch vserver into it?
1150715024 M * jhaig ... or is the patch specific to a kernel version?
1150715119 M * daniel_hozac jhaig: there's a reason noone has done that yet ;)
1150715485 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net
1150716094 M * jhaig OK, I've taken the config file from the CentOS kernel and built a patched 2.6.16 kernel with it.  iptables still doesn't work.  I'm still getting the error "iptables v1.2.11: can't initialize iptables table `filter': iptables who? (do you need to insmod?)"
1150716155 M * jhaig And 'modprobe iptables-filter' returns "FATAL: Module iptable_filter not found."
1150716175 M * daniel_hozac wasn't iptables overhauled in 2.6.16? with most of the CONFIG_ settings changing names?
1150716182 M * daniel_hozac s/iptables/netfilter/
1150716209 M * jhaig Maybe, but I was getting the same problem when I was using the .config file that came with the kernel.
1150716231 M * jhaig But if that is the case I may follow mnemoc and try the .14 kernel instead.
1150716240 M * daniel_hozac well, that's a pretty random .config IMHO.
1150716259 M * daniel_hozac or you could just actually configure your kernel ;)
1150716520 J * cryo ~say@psoft.user.matrix.farlep.net
1150717064 M * id23 delta-jfs-feat01.diff is this the new extended attributes patch for jfs ?
1150717077 M * id23 i get some rejects
1150717102 M * daniel_hozac on what?
1150717131 M * id23 1 out of 1 hunk ignored -- saving rejects to file fs/jfs/Makefile.rej
1150717135 M * id23 2 out of 2 hunks ignored -- saving rejects to file fs/jfs/file.c.rej
1150717142 M * id23 1 out of 1 hunk ignored -- saving rejects to file fs/jfs/inode.c.rej
1150717143 M * daniel_hozac i meant, what are you applying it to?
1150717147 Q * Aiken Quit: Leaving
1150717154 M * id23 2.6.17
1150717168 M * id23 vs2.0.2-rc23.2
1150717174 M * daniel_hozac that one already includes it.
1150717188 M * id23 i see - thanx
1150717287 M * daniel_hozac is anyone already running 2.6.17?
1150717403 A * Wonka 
1150717413 M * Wonka (but not with vserver :( )
1150717428 M * cehteh Loki|muh with vserver...
1150717434 M * cehteh be my test-bunnies :)
1150717440 M * matti ;p
1150717446 M * daniel_hozac Bertl_zZ: looks like we lost delta-flock-fix01 in the 2.6.17 ports.
1150717461 M * matti cehteh: Errr... I'd prefer "not tested on animals" ;p
1150717462 M * matti He he.
1150717469 Q * cdrx Quit: Leaving
1150717886 Q * DarthVader Ping timeout: 480 seconds
1150718165 M * derjohn hiho ... does anyone have a >rc13 patch for a 2.6.15 ?
1150718196 M * harry not me, sry
1150718310 M * derjohn the differneces between 2.6.15 and .16 are huge, AFAIR, or?
1150718336 M * harry well... not really
1150718345 M * harry 2.6.14-2.6.15 was pretty big
1150718351 M * harry not so sure about 2.6.15-2.6.16
1150718397 M * daniel_hozac 6 vs. 5.1 MiB compressed.
1150718400 M * derjohn hm, i want to patch the ubuntu 6.06 kernel .. it's 2.6.15 based and runs on my dual opteron tyan board well, what 2.6.16 vanilla and 2.6.17 dont do
1150718422 M * harry ah... same config?
1150718427 M * harry no conflicts in config?
1150718436 M * harry no weird ubuntu specific patches?
1150718447 M * derjohn the sata_sil is f...d on the recent kernels
1150718463 A * harry likes linux kernels less and less :(
1150718464 M * derjohn and: ACPI: unable to load system description tables
1150718484 A * harry even thinking about moving to bsd sometimes!!! (but then i slap myself back to reality)
1150718497 M * derjohn well, daniel_hozac could we convince you to port linux-vserver to bsd or hurd kernels?
1150718512 A * derjohn LARTs himself
1150718548 M * daniel_hozac haha.
1150718665 J * DreamerC_ ~dreamerc@59.112.26.30
1150718665 M * derjohn hm, maybe -mm2 is a worth a try (acpi ....)
1150718684 M * cehteh doh .. fuse has stange bugs :P
1150718695 M * cehteh (sshfs actually)
1150718711 M * daniel_hozac how so?
1150718749 M * cehteh copying a write protected file creates a empty write-protected file and then fails with 'permission-denied' :)
1150718764 M * daniel_hozac hehe.
1150718790 M * derjohn well, i will take the rc13 then ... daniel_hozac: is there a delta patch for the ccaps masquerading which i could (try to) apply to rc13 ?
1150718851 Q * DreamerC Ping timeout: 480 seconds
1150718853 M * daniel_hozac delta-capbset-{feat,fix}01, delta-mbcap-{feat,fix}01
1150718879 M * daniel_hozac and then delta-vxcapable-fix01.
1150719111 A * Hollow abitur
1150719120 M * Hollow :D
1150719197 M * Loki|muh congrats
1150719204 M * Loki|muh party on! ;)
1150719236 M * daniel_hozac congrats indeed.
1150719277 M * derjohn Hollow, co0Ol! 
1150719310 M * _coocoon_ hollow: congrats
1150719315 M * Hollow thanks :)
1150719325 M * Hollow average 3,3
1150719334 M * derjohn Hollow, now you are grown up and thus can change the distro to something more adult, like fedora or debian ! *g*
1150719350 A * Hollow giggles
1150719350 M * derjohn 3.3 ? Bavaria is hard ....
1150719361 M * Hollow well, i didn't do much
1150719364 M * daniel_hozac Fedora as an adult distro... that's a kind of weird comparison.
1150719428 M * derjohn daniel_hozac: redhat ep. linux? that for the grandfathers then ;)
1150719466 M * derjohn daniel_hozac, besides that is was <joke> </joke> :)
1150719488 M * daniel_hozac :)
1150719507 A * derjohn will delta-hatset-diff-bahing now ("I am afraid")
1150719552 J * yarihm ~yarihm@vpn-global-dhcp1-248.ethz.ch
1150720526 A * harry thinks a renaming of the vserver patches would be a nice thing...
1150720531 M * harry instead of patch...dif
1150720537 M * harry vserver-bleh.diff
1150720663 A * daniel_hozac names them linux-2.6-vserver-2.0.patch and linux-2.6-vserver-2.1.patch :)
1150720694 M * matti :p
1150720718 M * Hollow <- s/patch-(.*).diff/$1.patch/
1150720720 M * Hollow ;)
1150720768 M * matti ;p
1150720771 M * matti :>
1150720828 M * harry Hollow: sure it's not s/<bleh>/\1.patch/  ?
1150720863 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net
1150720896 M * Hollow harry: to be exact their name in gentoo is 4410_vs2.1.1-rc23.patch
1150720943 M * harry gentoo... "shiver"
1150721259 Q * yarihm Quit: Leaving
1150721999 J * yarihm ~yarihm@vpn-global-dhcp1-150.ethz.ch
1150722074 Q * f_ Quit: This computer has gone to sleep
1150722476 M * derjohn daniel_hozac, what is delta-vxcapable-fix01a.diff   <-- a is better than !a ?
1150722478 J * DarthVader ~Aniken@203.177.212.163
1150723063 M * daniel_hozac derjohn: a is for stable.
1150723082 M * derjohn aaaaaaaaaaaaaah :)
1150723088 M * derjohn stAble :)
1150723095 M * daniel_hozac exactly :)
1150723191 M * Hollow i thought developmAnt
1150723195 M * Hollow ;)
1150723300 M * derjohn argh! even with futt 50, one hunks fails: 1 out of 1 hunk FAILED -- saving rejects to file include/asm-i386/page.h.rej
1150723435 M * derjohn s/futt/fuzz/
1150723437 M * derjohn *lol*
1150723478 J * doener_ ~doener@i5387EB3D.versanet.de
1150723512 Q * sid3windr Ping timeout: 480 seconds
1150723579 Q * doener Ping timeout: 480 seconds
1150723655 J * f_ ~f_@83-215-237-1.seek.stat.salzburg-online.at
1150723807 J * Milf ~Miranda@ipsio448.ipsi.fraunhofer.de
1150723897 N * DreamerC_ DreamerC
1150723979 N * Bertl_zZ Bertl
1150723987 M * derjohn wb Bertl !
1150724157 Q * doener_ Ping timeout: 480 seconds
1150724209 M * id23 Hi Bertl 
1150724317 M * id23 2.6.17-vs2.0.2-rc23.2 - is it normal that i cannot choose jfs - extended attributes in menuconfig ? Is it enabeled by default using the patch ...rc-23.2 ?
1150724338 M * matti Bertl: Hello.
1150724685 M * derjohn in 2.6.15-23 ubuntu the  delta-mbcap-feat01.diff patch fails at one hunk. the line 'if (cap_raised(current->cap_effective, cap))' does not exist in the ubuntu kernel source. around the line there stuff from set_one_prio and nice values ... did the kernel change of did i miss a needed delta? i put delta-capbset-feat01.diff, delta-capbset-fix01.diff, delta-mbcap-feat01.diff, delta-mbcap-fix01.diff, delta-vxcapable-fix01.diff onto patch-2.6.15.6-vs2.1.1-rc13.
1150724685 M * derjohn diff)... vx_* is never in the vanilla sources, nor?
1150724750 Q * DarthVader Quit: Leaving
1150724796 J * DarthVader ~Aniken@203.177.212.163
1150725077 J * sid3windr luser@bastard-operator.from-hell.be
1150725646 M * derjohn Bertl, daniel_hozac : http://paste.linux-vserver.org/104 <-- i tried to resolve the asm-reject myself, by 'puzzeling'. could one of you check if this look sane???
1150725761 M * derjohn changes begin at about line 14 ...
1150726004 M * Bertl so, network seems to be working now :)
1150726063 M * Bertl id23: we should not change that
1150726150 M * Bertl id23: there is no extended attr option in 2.6.17 (for jfs) it seems 
1150726158 M * id23 ok suggestion ? - i saw vaious patches from you going into .17 but i did now saw the jfs ext. attr. - so i tried fist 
1150726169 M * id23 your experimental jfs patch from yesterday
1150726175 M * id23 but i got some rejects
1150726203 M * Bertl hmm? experimental jfs patch? what are you talking about?
1150726229 M * id23 http://vserver.13thfloor.at/Experimental/delta-jfs-feat01.diff
1150726323 M * Bertl ah, tat was included in 23.2
1150726332 M * Bertl *that
1150726365 M * Bertl it basically syncs stable with devel regarding jfs
1150726369 M * id23 ok - i saw some jfs_logmgr.o jfs_txnmgr.o jfs_uniupr.o \
1150726369 M * id23 +    resize.o xattr.o ioctl.o so i guessed this the the riht one
1150726478 M * Bertl did you encounter any issues with jfs and 23.2?
1150726495 M * Bertl (passed all my tests here)
1150726566 M * id23 i did not start the compile yet - because i wanted to know first where i can add the jfs ext.attr. patch you mentioned some time ago
1150726624 M * Bertl derjohn: kernel did change from .15 to .16
1150726644 M * Bertl derjohn: asm reject?
1150726668 M * id23 http://vserver.13thfloor.at/Devel/PAT-2.1.1/delta-jfsattr-feat01.diff - i think this one
1150726682 M * Bertl id23: it was included, no need to add it
1150726700 M * id23 ah i see
1150726708 M * id23 then i will start the compile run :)
1150726719 M * Bertl mainline included the base patch, and stable has the barrier/iunlink support now
1150726753 M * id23 but i did not get a extra config option in menuconfig - like for ext2/3
1150726765 M * id23 that confused me
1150726818 M * Bertl what probably confused you (and me too) is that you are talking about extended attributes
1150726834 M * Bertl while you probably mean ext2/3 attributes (or inode attributes)
1150726853 M * Bertl AFAIK there is no extended attributes support for jfs (yet)
1150726860 M * id23 ah ok
1150726866 M * id23 my fault then
1150726876 M * id23 thanx for the input
1150726891 M * Bertl also, you do not need to enable extended attributes for ext2 to make ext2 attributes work
1150726968 M * id23 good to know - i am still learning
1150727098 M * derjohn Bertl, ubuntu uses 2.6.15 but has lots of stuff backported. so patch-2.6.15.6-vs2.1.1-rc13.diff fails on the ubuntu kernel on include/asm-i386/page.h.rej even with fuzz 50.
1150727130 M * derjohn Bertl, and: delta-mbcap-feat01.diff fails on kernel/sys.c
1150727148 M * derjohn Bertl, the asm part i tried to resolve now (see: pastebin)
1150727209 M * Bertl derjohn: well, you probably have/should to port rc22.3 then, no?
1150727210 M * derjohn with the kernel/sys.c im am stuck ... nothing looks similar ! I think i may have missed a a delta patch that is needed for delta-mbcap-feat01.dif to apply?
1150727214 M * Bertl -to
1150727249 M * derjohn Bertl, if you try to apply that, there are sooooooo many failed hunks, that I wont be able to do that.
1150727271 M * Bertl well, then they have not backported important changes
1150727275 M * derjohn Bertl, I jusr grabbed my K&R from the shelf again, but ....
1150727299 J * case__ ~wget@ACB461D4.ipt.aol.com
1150727302 M * Bertl why not stay with vanilla for now and use the debian kernel tomorrow (or the day after)
1150727308 M * derjohn Bertl, at least its the _only_ kernel that boots fine on the tyan dual opteron with sata_sil :)
1150727312 M * Bertl welcome case__!
1150727326 M * case__ hiu
1150727342 M * Bertl derjohn: I'm pretty sure 2.6.17 will boot there too
1150727354 M * derjohn Bertl, 2.6.16 and 2.6.17 vanilla dont boot clean on the machine. the mobo is avail since jan 2004 - and linux does not run on it. doobar.
1150727361 M * derjohn 2.6.17 doesnt boot
1150727379 M * Bertl I suspect a misconfiguration on your side
1150727385 M * derjohn there are stanfe "tried to set xfermode" errors and the disks dont show up in /dev/sdx
1150727410 M * derjohn Bertl, ubuntu kernel booted put of the box ....
1150727419 M * derjohn s/put/out/
1150727434 M * Bertl I really doubt that ubuntu does sata_sil development :)
1150727449 M * Bertl (development not fed back to mainline :)
1150727488 M * derjohn Bertl, they do lots of ACPI changes .... and the fixes sata_stuff hang around for a longer time ...
1150727540 M * Bertl acpi changes have to be done in the bios ...
1150727548 M * derjohn Bertl, not to mainline. hm. jeff g. does the sata stuff ... he decides what goes in. ubuntu simply applied useful patches i think.
1150727589 M * Bertl and I think ubuntu accidentially got the options right, you fail to adjust properly on 2.6.17 :)
1150727600 M * derjohn e.g. the via vt8251 (4 port sata) exists for 2 years now, openbsd supports them for 1.5 years, with linux the support appeared in 2.6.17 !
1150727612 M * derjohn Bertl, you mean .config options?
1150727626 M * Bertl either that or boot (commandline) options
1150727648 M * derjohn with 2.6.17 on the machine: ACPI: unable to load system description tables
1150727658 M * Bertl but if you upload the ubuntu boot log and the 2.6.17 bootlog, I can check
1150727674 M * derjohn if i disable ACPI in the BIOS, get comes up, but terribly slow ...
1150727687 M * derjohn the dmesg? or .config?
1150727704 M * Bertl dmesg
1150727722 M * derjohn http://paste.linux-vserver.org/105
1150727751 M * derjohn ahh .. no vserver patch applied yet.
1150727790 M * Bertl and the 2.6.17 one please
1150727821 M * derjohn oh ... i will have to boot then ... so ii have to disbale ACPI ... is this OK, too?
1150727824 M * Bertl your machine has a broken bios it seems
1150727834 M * Bertl derjohn: no, I want the 'failing' one
1150727835 M * derjohn :) Tyan 2881
1150727923 M * derjohn the failing one? well, it get never to the command prompt
1150727931 M * derjohn where to get the log from?
1150727937 M * Bertl from the remote console
1150727943 M * derjohn i also may try a tyan beta bios
1150727953 M * Bertl what bios version do you have?
1150727961 M * derjohn 09/2005
1150727965 M * Bertl current seems to be 206r
1150727974 M * derjohn yes, thats the beta one
1150727979 M * derjohn i dont have that
1150727994 M * derjohn do you know that kind of machine? :)
1150728035 M * derjohn (you even run such a boxen?)
1150728235 Q * ||Cobra|| Read error: Connection reset by peer
1150728294 A * derjohn burns bootable cd with bios on it ....
1150728316 M * Bertl derjohn: no, not really, why?
1150728350 M * derjohn because you knew the current bios revision ;) but you googled ..
1150728360 Q * DarthVader Quit: Leaving
1150728463 Q * yarihm Quit: This computer has gone to sleep
1150728499 M * Bertl derjohn: yup :)
1150728630 M * Bertl derjohn: this board should support console redirection via serial, please attach a serial cable and  get this working :)
1150728808 J * DarthVader ~Aniken@203.177.212.163
1150728839 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl
1150728869 M * derjohn Bertl, yes, I know it does. but before i create more work, i'll try the beta bios. if the problem persists , i will attach this ancient serial technology 
1150729291 J * nobody0 ~nimeni0@tor-irc.dnsbl.oftc.net
1150729577 M * derjohn Bertl, 2.6.17 boots now (hooray!, but the sata disk run pretty slow (3 of the 4 disk with 20meg/sec ond with 54meg/sec)
1150729622 M * derjohn btw: the bios upgraded the sil's BIOS from 5.0.x to 5.2.x (what makes me think that sillicon image is bullshit, at least it was in former times)
1150729710 J * Piet ~piet@delta365.server4you.de
1150729752 M * Piet Hi!
1150729762 M * Piet I demand a greeting Bertl ;-)
1150729780 M * Piet script broken?
1150729841 M * Piet anyway, I've got a pretty lame question: when runnign find on the guest as root, it gives me "/proc/1/fd: Permission denied". How should I work around it? The guest doen't need to access the fd.
1150729855 M * derjohn wb Piet !
1150729869 M * Piet derjohn: hehe, thanks
1150729896 M * derjohn Piet, what kind of hardware is that "floppy" you are referring to :) ?
1150729913 Q * ||Cobra|| Remote host closed the connection
1150729961 M * Piet derjohn: you mean, it's actually not a floppy?
1150729965 M * derjohn Piet, PID 1 is the init process, which is only a "fake" in the guest
1150729974 M * Piet oops
1150729981 M * derjohn Piet, nom just kidding about ancient technology :)
1150729986 J * Viper0482 ~Viper0482@p549757BD.dip.t-dialin.net
1150730042 M * Piet derjohn: hmm, ok, now i'm even more confused. Does 'fd' stand for 'floppy drive'?
1150730054 M * Piet that is, in this case?
1150730054 M * derjohn Piet, nevertheless it looks odd, i agree. someone should maybe look into the proc-space v12n ... but what the matter witth the permission? does it hurt?
1150730081 M * derjohn Piet, no, i think file descriptor or so.
1150730094 M * Piet it hurts in that this error is returned everytime tiger, a debian system hardening tool, is run on the guest system
1150730118 M * Piet v12n=virtualization?
1150730149 M * derjohn yip. i invented that abbreviation :) but ... i seemsn to work ... maybe be domain v12n.de will be worthy someday ;)
1150730166 M * Piet :)
1150730188 M * Piet the same error is also returned when running updatedb, a logical consequence of running find / ...
1150730203 M * derjohn teach me tiger :)
1150730228 M * Piet both tiger and updatedb are run by cron regularly, so it's oretty annying as you get these emails saying nothing but
1150730237 M * Piet /proc/1/fd: Permission denied
1150730251 M * Piet which would be funny if it happened just once
1150730257 M * Bertl derjohn: let's see the bootup log
1150730264 M * Piet but it doesn't
1150730278 M * derjohn well, maybe should put that fd stuff in the "spectator context" (context ID 1) .... but i am not a light in this stuff. try vprochundiging from the host or so.
1150730307 M * Bertl Piet: something in your guest tries to contact init, but you have no real init
1150730320 M * derjohn errrr: "vprocunhiding" -> check wiki
1150730335 M * Bertl Piet: your options are: fix the apps which try to contact init
1150730344 M * Bertl Piet: or start a real init inside
1150730354 Q * DarthVader Quit: Leaving
1150730367 M * derjohn Piet, to Bertl listen you should, young yedi ;)
1150730371 M * Piet Bertl: you think 'find' tries to contact init?
1150730389 M * Piet derjohn: listen i will, master yoda.
1150730394 M * Bertl Piet: no, find just checks your /procfs too (misconfiguration in update config
1150730404 M * derjohn der_johnda :)
1150730421 M * Bertl Piet: i.e. you probably want to add /proc to the prune pathes for update
1150730454 M * Bertl something like this is (usually) default
1150730456 M * Bertl PRUNEPATHS="/proc,/tmp,/var/tmp,/usr/tmp,/net,/afs"
1150730498 M * Piet PRUNEPATHS="/tmp /usr/tmp /var/tmp /afs /amd /alex /var/spool /sfs /media"
1150730507 M * Piet so proc is missing
1150730527 M * Piet /net, too
1150730543 M * Piet but i guess that's not really neccessary in my case
1150730543 M * Bertl well, /proc is the one causing your issues in this case :)
1150730563 M * Milf derjohn: Obi John Kenobi
1150730565 M * Piet ok, but this will only fix updatedb, not tigerrc
1150730573 M * Piet i'll look into that myself first, though
1150730577 M * Piet thanks a lot so far
1150730578 M * Bertl no ide what tigerrc/tigger does?
1150730581 M * derjohn Milf, s/Kenobi/Knobi/ :)
1150730592 Q * _coocoon_ Quit: KVIrc 3.2.0 'Realia'
1150730600 M * Piet http://packages.debian.org/tiiger
1150730626 M * Milf Bertl: I've updated to 2.4.16.20-rc22. Now how do I disable localhost rewriting?
1150730627 M * Piet http://packages.debian.org/tiger   <<< one 'i' only, sorry
1150730643 M * Bertl Milf: why not 2.6.17-rc23.2?
1150730663 M * Milf 'cause that was probably released AFTER I upgraded :)
1150730685 M * Milf 'cause I didn't find rc23.2 on the main webpage
1150730701 A * Milf likes stable
1150730703 M * derjohn Bertl, http://paste.linux-vserver.org/106 <--- this is the 2.6.17 vanilla with the beta bios.
1150730704 M * Bertl shame on derjohn then :)
1150730752 M * derjohn Milf, 2.4 ??
1150730765 M * Bertl derjohn: look, now you'e got ACPI data too!
1150730766 M * Milf Oh, excuse me, it's 2.6.16.20-rc22
1150730780 M * derjohn Bertl, shame? Changelogs? 
1150730789 A * derjohn has bad conscience
1150730812 M * Bertl Milf: well, rc24 will be out pretty soon
1150730822 M * derjohn Bertl, yes, besides the bootlogo (famebuffer) is comes uo nicely but, very slow disks.
1150730827 M * Bertl Milf: but anyways, it's an option in devel
1150730832 M * derjohn Bertl, huh? rc24 ?
1150730870 M * derjohn Bertl, then i will drive the boxen to the computing centre now and wait for rc24 before a make a new kernel series ;)
1150730873 M * Milf Bertl: Why didn't you tell me before? Can't do with devel on a production server.
1150730878 Q * f_ Quit: This computer has gone to sleep
1150730899 M * Bertl Milf: should be in later stable too
1150730919 M * Milf Bertl: Which one?
1150730919 M * derjohn Milf, whats with the localhost rewriting? how can we en/disbale it?
1150730927 M * Bertl derjohn: you should check/enable experimental and add the 'other' sil options
1150730943 M * Milf derjohn: That's what I want to know from Bertl
1150730978 M * derjohn i mean, at runtime ... is it per guest?
1150730994 M * Bertl VSERVER_REMAP_SADDR
1150731004 M * Bertl it's a kernle compile time option
1150731006 M * derjohn complile time Milf ;)
1150731019 M * Milf Hmmm, starting at which revision?
1150731047 M * derjohn cannot find in rc23
1150731050 M * Milf I think I better go with assigning localhost to that particular VServer guest. What's the security implication on that?
1150731053 M * derjohn (menuconfig)
1150731078 P * case__ 
1150731123 M * Bertl linux-2.6.17-vs2.0.2-rc23.1
1150731134 M * Bertl linux-2.6.16.16-vs2.1.1-rc20
1150731142 M * Milf Available on your website?
1150731153 M * derjohn Bertl, i only see CONFIG_SCSI_SATA_SIL24. is there something elese?
1150731180 M * Bertl IIRC, there are raid and other SATA personalities
1150731215 M * Bertl Milf: as usual, rcs are in http://vserver.13thfloor.at/Experimental
1150731235 M * Milf Bertl: Where do I find these patches? 13thfllor.at lists 2.6.14.3-vs2.01 as latest stable release.
1150731236 M * Bertl (in chronological order)
1150731266 M * Milf Aha.
1150731271 M * Loki|muh Bertl: was is the difference between the 2.0.2 and 2.1.1 tree?
1150731287 M * Bertl 2.1.x is the development branch (more features)
1150731355 M * Loki|muh and 2.0.2 is experimental?
1150731369 M * Milf Ok, for the sake of seeing if this might be a solution, I'll try that approach.
1150731396 M * derjohn Loki|muh, stable has less features than devel. BOTH exist in a experimental branch , called "-rc.."
1150731398 J * id_ ~id@p5081262A.dip0.t-ipconnect.de
1150731417 M * Bertl Loki|muh: no, 2.0.x is stable
1150731434 M * Loki|muh ah okay *confused* ;)
1150731437 M * Bertl I agree that the 'Experimental' is a little misleading
1150731443 M * Bertl but it has tradition :)
1150731461 M * Milf Yes, oh Benevolent Dictator :)
1150731485 M * Bertl http://linux-vserver.org/Release+FAQ
1150731499 N * otaku42 otaku42_away
1150731535 M * derjohn Milf, i feel a strong distrubance in the force. Emperor Bertlatine ... admits misleading thoughts :)
1150731599 M * Bertl well, although two letter acronyms are _very_ ambigous, -rc has tradition in computer science branches to stand for 'ridiculous count'^W'release candidate' :)
1150731601 M * Milf derjohn: Was it as Millions compiled and suddenly stopped with compiler error?
1150731657 A * Bertl  *bzzzt* *Milf* 
1150731814 M * Bertl Milf: are you okay? :)
1150731842 Q * id23 Ping timeout: 480 seconds
1150731951 M * Milf Ahm, forgive me Father, for I don't know what I'm doing?
1150732515 A * Milf has gotta go.
1150732536 M * Viper0482 hi
1150732543 M * Bertl Milf: k, cya
1150732608 Q * Milf Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org
1150732629 M * Viper0482 is it possible to upgrade form fc4 to fc5 kernel without losing the vserver-utils?
1150732668 M * Viper0482 or should i do a complete newinstall the hostserver in fc5?
1150732743 M * Bertl no idea regarding fedora core, but you could simply install a 2.6.17 vanilla kernel
1150732798 M * Viper0482 ok thank you will try that the next few days
1150733072 Q * Viper0482 Quit: one day, i'll find this peer guy and then i'll reset his connection!!
1150733118 J * f_ ~f_@83-215-237-1.seek.stat.salzburg-online.at
1150733163 Q * f_ Quit: 
1150733393 J * f_ ~f_@83-215-237-1.seek.stat.salzburg-online.at
1150733953 Q * nobody0 Quit: 
1150734279 J * yarihm ~yarihm@krichel.math.ethz.ch
1150734862 M * Bertl okay, off for dinner now .. back shortly
1150734866 N * Bertl Bertl_oO
1150735571 Q * nebuchadnezzar Read error: Connection reset by peer
1150735942 J * nebuchadnezzar ~nebu@82.233.222.74
1150736334 J * Viper0482 ~Viper0482@p5496F3FD.dip.t-dialin.net
1150737066 N * Bertl_oO Bertl
1150737069 M * Bertl back now
1150737095 M * tokkee Hey, wb Bertl ;-)
1150737306 Q * gerrit Ping timeout: 480 seconds
1150737432 Q * yarihm Quit: Leaving
1150737482 M * tokkee Bertl: How are your plans for 2.0.2.final btw.?
1150737631 M * Bertl in what regard?
1150737673 M * id_ 2.6.17-vs2.0.2-rc23.2 runs fine with jfs & medium load
1150737716 M * tokkee Bertl: Well, on LinuxTag you were talking about releasing 2.0.2 soon ;-)
1150737719 Q * nebuchadnezzar Quit: ERC Version 5.1.2 $Revision: 1.796.2.4 $ (IRC client for Emacs)
1150737733 M * Bertl yeah, it got delayed ...
1150737799 M * tokkee I don't really care about running an -rc, however it might be some good advertisement to have stable releases more frequently.
1150737832 M * id_ bertls -rc´s are rock stable ;) 
1150737851 M * Bertl yes, probably we should do _more_ stable releases, I agree
1150737917 M * tokkee id_: I never doubted that.
1150737931 J * bonbons ~bonbons@83.222.39.166
1150737950 M * Bertl welcome bonbons!
1150737967 M * bonbons Hi Bertl!
1150737971 J * brc_ bruce@20151211244.user.veloxzone.com.br
1150738204 N * sars sarnold
1150738284 Q * Viper0482 Quit: bin raus, 
1150739823 J * _coocoon_ ~coocoon@p54A05B53.dip.t-dialin.net
1150739836 M * _coocoon_ hello
1150739951 M * daniel_hozac hi
1150740016 J * mkhl ~mkhl@200-153-181-203.dsl.telesp.net.br
1150740966 J * gerrit ~gerrit@bi01p1.co.us.ibm.com
1150741045 M * Bertl hey _coocoon_! daniel_hozac!
1150741050 M * Bertl wb mkhl! gerrit!
1150741101 M * _coocoon_ hey bertl
1150741133 M * daniel_hozac Bertl: btw, did you see Aiken's and my message yesterday? about delta-flock-fix01 missing in -rc23?
1150741146 M * dhansen Bertl: Are you happy with the way the r/o bind mounts patches are taking shape?
1150741188 M * Bertl daniel_hozac: no, but interesting, both branches and what about 23.2?
1150741203 M * daniel_hozac yep, all of them lack it.
1150741224 M * Bertl dhansen: yeah, pretty much ... you just have to fix the issues viro pointed out
1150741252 M * daniel_hozac Bertl: and http://daniel.hozac.com/vserver/delta-infiniband-fix03.diff
1150741284 M * dhansen Bertl: I sent response patches.  I think they fix the most recent comments
1150741304 M * Bertl daniel_hozac: did you update the first hunk?
1150741325 M * Bertl ah, i.c.
1150741345 J * nebuchadnezzar ~nebu@zion.asgardr.info
1150741357 M * Bertl wb nebuchadnezzar!
1150741362 M * nebuchadnezzar hi
1150741626 Q * kir Quit: Leaving
1150742045 J * lilalinux ~plasma@dslb-084-058-207-093.pools.arcor-ip.net
1150742085 M * Bertl brb
1150742095 N * Bertl Bertl_oO
1150742225 N * Bertl_oO Bertl
1150742589 Q * mcp Ping timeout: 480 seconds
1150743168 M * _coocoon_ ciao
1150743172 Q * _coocoon_ Quit: KVIrc 3.2.0 'Realia'
1150743297 M * Bertl dhansen: yes, I agree with the reasoning for the superblock flags
1150743326 M * Bertl dhansen: we always want to check both ...
1150743397 M * dhansen Bertl: good.  It might be a nice idea to move the sb check into mnt_may_write() at some point, but that can certainly be a separate set of patches
1150743433 M * Bertl well, I think that would not be possible, because of the cases you mentioned
1150743448 M * Bertl an emergency remount e.g. can happen anytime
1150743471 M * dhansen true, but it can also happen _just_ after the current sb check
1150743495 M * dhansen so, the current 'double check' shrinks such a window, but does not eliminate it
1150743507 M * Bertl yes, but there is a huge difference between waiting for the next 'may' and the next test/access
1150743522 M * Bertl just think about ongoing writes
1150743565 M * dhansen I thought ongoing writes were only checked by generic_write_checks()
1150743600 M * dhansen Most (if not all) of the may_*() calls should already be under a mnt_may_write()
1150743617 M * Bertl hmm, good point
1150743625 M * Bertl well, it can wait IMHO
1150743742 M * Bertl i.e. optimizations for a later point ...
1150743827 M * dhansen yup, certainly
1150743928 M * Bertl anyway, good work, I was thinking about a new sys_mount() to handle the flag changes on mount, what do you think about that?
1150743983 M * Bertl i.e. for doing a complete rbind with ro,noatime, etc
1150744007 M * Bertl (because handling that with remount and move is probably very ugly)
1150744012 M * bonbons Bertl: if you do that, also support cross-namespace mounting!
1150744029 M * dhansen Seems a little silly, especially since userspace can do it just fine today
1150744046 M * dhansen Do you really not like the idea of the tmp directory and the move?
1150744055 M * Bertl dhansen: definitely not
1150744081 M * Bertl dhansen: just take the --rbind case, how to do that (in a sane way) in userspace?
1150744124 M * dhansen yeah, that is a good point
1150744159 M * Bertl I think something which has an 'add' and 'remove' set would be the best solution
1150744178 M * Bertl i.e. you specify the flags twice, once to add some of them, a second time to get them removed
1150744197 M * Bertl (and of course, that applies to the entire (r)bind)
1150744290 M * dhansen what is the desired behavior with --rbind mounts and -o remount?
1150744298 M * gdm w/i1
1150744304 M * gdm whoops, sorry ;-)
1150744492 M * id_ cya
1150744521 M * Bertl dhansen: I don't think that rbind and remount will work together
1150744521 Q * id_ Quit: Leaving
1150744537 M * Bertl bonbons: define croos-namespace mounts
1150744608 M * bonbons bind-mount from one namespace to the other one, or mount /dev/hdaX namespace2:/mnt/afs (e.g. for when there is no appropriate device file in namespace2)
1150744633 M * bonbons like mounting from host to guests
1150744657 M * Bertl well, the first problem here is 'how to identify the namespace'
1150744664 M * dhansen Bertl: this is probably a good viro question
1150744683 M * Bertl and the general question 'why would you want to do that at all'
1150744701 M * Bertl i.e. why not mount it _inside_ the other namespace
1150744728 M * bonbons especially for bind mounts that's not possible
1150744733 M * Bertl bonbons: in the current setup, we have the devices inside the guest spaces
1150744761 M * Bertl bonbons: and bind mounts work fine inside the guest namespace too
1150744761 M * bonbons I mount /dev/hdaX in host, and the want to put a subdir of it into a running guest
1150744779 M * Bertl then just _also_ mount /dev/hdaX in the guest
1150744794 M * Bertl and bind mount the subdir wherever you need it
1150744805 M * Bertl s/guest/guest namespace/
1150744806 M * bonbons but you can't do that mount most filesystems twice
1150744832 M * Bertl hmm?
1150744835 M * bonbons or did something change in the latest kernel related to that?
1150744891 M * Bertl so what you actually want is the ability to 'punch' a mount from host to guest, yes?
1150744911 M * Bertl i.e. to duplicate the vfs stuff from the host into the guest
1150744922 Q * f_ Quit: This computer has gone to sleep
1150744942 M * bonbons if you call it that way, but on a per-mount base, not just the plain tree
1150744986 M * Bertl yep, I guess that will be solved (in mainline) soon
1150745010 M * Bertl well, as soon as namespaces are accessible/assignable
1150745049 M * bonbons currently there is that propagating mount thingy, will it build on top of that?
1150745083 M * Bertl I'd think so ...
1150745690 J * mcp ~hightower@wolk-project.de
1150745703 M * Bertl welcome mcp! LTNS!
1150746800 J * shedi ~siggi@inferno.lhi.is
1150747385 Q * cdrx Ping timeout: 481 seconds
1150747466 Q * zkbrsnie Quit: 
1150747719 J * Viper0482 ~Viper0482@p5496E101.dip.t-dialin.net
1150747936 Q * Viper0482 Quit: 
1150748689 Q * bonbons Quit: Leaving
1150748717 J * Viper0482 ~Viper0482@p5496E101.dip.t-dialin.net
1150749025 J * f_ ~f_@83-215-237-1.seek.stat.salzburg-online.at
1150749055 Q * f_ Quit: 
1150749055 J * DoomStar DoomStar@ppp85-140-217-203.pppoe.mtu-net.ru
1150749211 M * DoomStar Hello
1150749225 M * Bertl welcome DoomStar!
1150749257 M * DoomStar I have a little problem.. I'm sorry. I visit you only if i hav a problem ^(
1150749283 M * Bertl well, we are used to folks having 'problems' :)
1150749313 M * DoomStar So... I use Linux 2.6.16-vs2.1.1-rc21-gentoo
1150749334 M * DoomStar Everything works fine, but mysql...
1150749334 Q * Viper0482 Remote host closed the connection
1150749361 M * DoomStar it work some periud of time under load of 5 easy requests per second
1150749386 M * Bertl but?
1150749394 M * DoomStar and then it stops responding. it accepts connections, but doesnt repond on them
1150749432 M * DoomStar thet happend in one virtual server
1150749439 M * Bertl maybe some (rate?) limit on mysql?
1150749473 M * phreak`` DoomStar: already tried _rc21-r3 ?
1150749509 M * daniel_hozac or rc23?
1150749511 M * DoomStar in another vps another problem. Mysql accepts connections, answers but doesnt work with queryes - just hang. Show processlist shows a lot of LOCKED tables
1150749532 M * phreak`` daniel_hozac: or even that :)
1150749544 M * DoomStar <Bertl> maybe some (rate?) limit on mysql? --- I tryed to set unlimeted all ulimti settings
1150749565 M * DoomStar I tryed rc21 only
1150749595 M * Bertl or what about rc24 :)
1150749609 T * Bertl http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.{0.2,1.1}-rc24 | util-vserver-0.30.210 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;)
1150749610 M * phreak`` DoomStar: but be aware, they are only _rc ebuilds are moved to the overlay (thats http://overlays.gentoo.org/proj/vps/browser/sys-kernel/vserver-sources)
1150749615 M * daniel_hozac hehe.
1150749617 M * DoomStar mysql@host124 / $ ulimit -a
1150749617 M * phreak`` Bertl: heh, you're fast :)
1150749617 M * DoomStar core file size          (blocks, -c) 0
1150749617 M * DoomStar data seg size           (kbytes, -d) unlimited
1150749617 M * DoomStar file size               (blocks, -f) unlimited
1150749617 M * DoomStar pending signals                 (-i) 16379
1150749619 M * DoomStar max locked memory       (kbytes, -l) 2097151
1150749619 M * DoomStar max memory size         (kbytes, -m) unlimited
1150749621 M * DoomStar open files                      (-n) 64000
1150749621 M * DoomStar pipe size            (512 bytes, -p) 8
1150749623 M * DoomStar POSIX message queues     (bytes, -q) 819200
1150749623 M * DoomStar stack size              (kbytes, -s) 10240
1150749625 M * DoomStar cpu time               (seconds, -t) unlimited
1150749625 M * DoomStar max user processes              (-u) 16379
1150749627 M * DoomStar virtual memory          (kbytes, -v) unlimited
1150749627 M * DoomStar file locks                      (-x) unlimited
1150749669 M * DoomStar Did you see here people with the same "mysql" problem ?
1150749691 M * daniel_hozac not that i can remember.
1150749732 M * DoomStar other VPSs works fine, but there is no load on them
1150749739 M * Bertl DoomStar: I have mysql running on linux-vserver.org (granted an older kernel) but it runs quite fine
1150749767 M * daniel_hozac if you're locking all the tables, the fact that it stops responding to queries isn't very unexpected though.
1150749799 M * Radiance i wonder, any big gain upgrading from 2.6.16 to 2.6.17 ? :)
1150749817 M * daniel_hozac you get to upgrade your vserver version two rcs :)
1150749825 M * DoomStar But i didn't lock tables... mysql did. I eaven started mysql with --skip-locks key
1150749906 M * DoomStar I think that I should try stable version of vservers...
1150749951 M * Nam i'm running mysql in a vserver as well, no problems... i haven't tested on the new kernel though
1150750036 M * Nam i'll be updating my production system soon to the latest version though, if it breaks i'm gonna be pissed, but i doubt that will hapen
1150750039 M * Bertl DoomStar: I'm more suspecting the application which accesses mysql
1150750062 M * Nam yea, i have a feeling it's not the VPS, but it's something else
1150750122 J * ddlp ~niko@dsl081-142-022.chi1.dsl.speakeasy.net
1150750131 M * Bertl welcome ddlp!
1150750161 M * daniel_hozac Bertl: just flock and infiniband from rc23 to rc24?
1150750271 M * Bertl nope, I removed the spit changes too
1150750274 M * Bertl *split
1150750311 M * daniel_hozac and the PHYSICAL_START->__PHYSICAL_START changes?
1150750330 M * DoomStar can i patch 2.6.17 kernel with 2.01 vserver ?
1150750340 M * daniel_hozac or the other way around... i'm not sure how to read the patch.
1150750350 M * daniel_hozac DoomStar: no.
1150750379 M * DoomStar and even 2.6.16?
1150750409 M * Bertl daniel_hozac: yeah, I consider that part of the split stuff
1150750424 M * daniel_hozac well, the page.h still isn't reverted.
1150750437 M * Bertl did I miss that one?
1150750461 M * daniel_hozac the interdiff doesn't contain it, at least.
1150750479 M * Bertl yup, you're right ... my fault, let me fix that up in place
1150750603 M * Bertl okay, done
1150751120 M * Radiance hiya BertI
1150751142 M * Radiance any one used yet the 2.6.17 kernel with vserver patch(stable) ? 
1150751155 M * phreak`` Bertl: commited, and that was my last action for today. Good night everyone
1150751234 Q * lilalinux Ping timeout: 480 seconds
1150751296 M * DoomStar Bertl, they said that 2.6.17 can't work with stable (
1150751319 M * Bertl well, you asked for 2.0.1, right?
1150751332 M * Bertl it should work fine with 2.0.2-rc24
1150751344 M * DoomStar I have SATA driver that works on 2.6.16 and higher... 
1150751433 M * DoomStar I'll try 2.0.2
1150751611 M * Radiance btw, i see on the site only rc23 ... so i should use rc24 with a 2.6.17 kernel ?
1150751633 M * DoomStar use http://vserver.13thfloor.at/Experimental/patch-2.6.17-vs2.0.2-rc24.diff
1150751670 M * Radiance but isn't that "experimental" ? hehe
1150751708 M * DoomStar yea (
1150751719 M * Bertl nap attack .. back later (probably)
1150751727 N * Bertl Bertl_zZ
1150751734 M * Radiance cause on the site it says "stable sources" 
1150751734 M * DoomStar 2.01 is not experemental only (
1150751737 M * Radiance so i'm a bit confused
1150751827 M * Radiance BertI, g'night mate :)
1150751836 J * Aiken ~james@tooax6-147.dialup.optusnet.com.au
1150751941 J * lilalinux ~plasma@dslb-084-058-224-118.pools.arcor-ip.net
1150754376 M * daniel_hozac experimental isn't really true. it's an rc for stable, so it has pretty much the same quality as a stable release.
1150754641 M * Loki|muh is there a changelog for rc24? There is no entry in the wiki :(
1150754943 J * dna ~naucki@dialer-178-107.kielnet.net
1150755456 Q * dna Quit: Verlassend
1150756062 Q * shedi Quit: Leaving
1150756751 Q * jkl Ping timeout: 480 seconds
1150757248 M * Radiance daniel_hozac, ok thanks, i'll keep it on the 2.6.16.20 kernel for now hehe
1150759476 J * shuri ~shuri@64.235.209.226
1150760135 Q * mkhl Quit: 
1150760177 J * mire ~mire@206-166-222-85.COOL.ADSL.VLine.Verat.NET