1152663789 Q * lehkor Read error: Connection reset by peer 1152663789 J * lehkor ~lehkor@ns.sampo.ru 1152664096 Q * kaner Write error: connection closed 1152664102 J * kaner kaner@strace.org 1152665495 J * mire ~mire@156-166-222-85.COOL.ADSL.VLine.verat.net 1152666406 J * gerrit ~gerrit@67.160.146.170 1152666541 Q * yarihm Quit: Leaving 1152667013 J * coocoon ~coocoon@84.160.101.243 1152670807 Q * mountie Quit: LUNCK! 1152672166 J * lehkor_ ~lehkor@ns.sampo.ru 1152672166 Q * lehkor Read error: Connection reset by peer 1152678076 J * Viper0482 ~Viper0482@p54976B25.dip.t-dialin.net 1152681487 Q * Viper0482 Remote host closed the connection 1152682214 J * Milf ~Miranda@ipsio96.ipsi.fraunhofer.de 1152682224 M * Milf 'LO 1152682834 Q * anonc Remote host closed the connection 1152683322 J * meandtheshell ~markus@85-125-230-35.dynamic.xdsl-line.inode.at 1152683436 Q * Milf Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org 1152683739 Q * meandtheshell Quit: bye bye ... 1152683745 Q * Nam Remote host closed the connection 1152683977 J * Milf ~Miranda@ipsio96.ipsi.fraunhofer.de 1152684902 J * meandtheshell ~markus@85-124-232-65.work.xdsl-line.inode.at 1152685504 J * anonc ~anonc@203.26.95.33 1152685978 J * dna ~naucki@dialer-182-43.kielnet.net 1152686443 J * pisco ~pampel@80.135.134.149 1152686495 P * pisco 1152687344 Q * Aiken Ping timeout: 480 seconds 1152687443 J * ||Cobra|| ~cob@146.50.22.204 1152687813 J * pisco ~pampel@80.135.134.149 1152688800 N * otaku42_away otaku42 1152688808 Q * gerrit Ping timeout: 480 seconds 1152689618 Q * pisco Ping timeout: 480 seconds 1152689709 J * Smutje_ ~Smutje@xdsl-84-44-244-214.netcologne.de 1152689824 Q * Smutje Ping timeout: 480 seconds 1152689824 N * Smutje_ Smutje 1152690581 Q * locksy Ping timeout: 480 seconds 1152690665 J * slava ~slava@195.22.238.42 1152690687 J * pisco ~pampel@80.135.134.149 1152691648 Q * pisco Ping timeout: 480 seconds 1152691773 M * slava Hello. After building a few vservers with success, now I've got the following error: 1152691795 M * slava vshelper.init: can not determine xid of vserver 'vserver_name'; returned value was '' 1152691814 M * slava can anyone explain me wat goes wrong ? 1152692089 M * daniel_hozac your guest doesn't start any service and so the guest exits before it's even done starting. 1152692129 J * balbir ~balbir@59.145.136.1 1152692305 M * slava Hmmm. So I should enable any service for that, right ? It's not obvious. 1152692313 M * slava I'll try 1152692430 M * slava vserver vserver_name chkconfig --list 1152692441 M * slava 'vserver ... suexec' is supported for running vservers only; aborting... 1152692635 M * daniel_hozac you could just chroot to /vservers/ and run chkconfig. 1152692801 M * slava Thanks alot, it works. I'm happy now -) 1152692830 M * daniel_hozac you're welcome. 1152693552 J * schimmi ~sts@port-212-202-73-176.dynamic.qsc.de 1152695743 Q * dna Quit: Verlassend 1152696570 Q * shedi Quit: Leaving 1152697167 M * anonc daniel_hozac: i hate to ask this again - what was the final decision about how to act upon utimes() with cow-linked files? 1152697173 Q * schimmi Ping timeout: 480 seconds 1152697360 J * locksy ~locksy@mrtg.sisgroup.com.au 1152697744 M * daniel_hozac anonc: i guess there hasn't really been a final decision yet, as none of the new link breaking nor IS_IMMUTABLE fixes are in. 1152697918 M * anonc daniel_hozac: cool. So assuming that we want iunlink-marked files to behave as if they were normal writeable files (ie not to be treated as immutable) then presumably one would either cow_break_link and apply the utime() to the new file, or just ignore the utime() call and return success (probably not a good idea) 1152698810 J * dna ~naucki@dialer-187-109.kielnet.net 1152699304 M * derjohn hey! On am SMP system (2*Athlon MAP, 2 GB) I have strange problems with mem allocation ond 'gfp'. Could anyone have a look at it? http://paste.linux-vserver.org/175 1152699351 M * derjohn ah and it's a 2.6.17.3-p3-vs2.1.1-rc24-64ip-squash-drbd 1152699622 J * romke ~romke@83.16.133.162 1152699905 Q * coocoon Quit: KVIrc 3.2.0 'Realia' 1152699996 J * coocoon ~coocoon@84.160.101.243 1152700026 J * schimmi ~sts@aquila.tcs.ifi.lmu.de 1152701963 M * daniel_hozac derjohn: what is that? dmesg output? 1152701975 M * derjohn yes, a dmesg output 1152702002 M * derjohn (the machine crashed all two or three days until i got aware about the dmesg 1152702005 M * derjohn ) 1152702052 M * derjohn the tyan dual athlom mobo maybe picky when i comes to kernel stuff, i just upgraded to 2.6.17.4-rc25 and set the as limits we talk about yesterday. 1152702163 M * daniel_hozac and that crashes the box? 1152702193 M * daniel_hozac looks like a regular OOM kill to me. 1152703802 M * derjohn daniel_hozac, well I only know that i had to press reset all 2-3 days. in that case there was a ever-recurring output on the console about the OOM ... I think some process tried to allocate mem and didnt stop even OOM said "no i dont have more". maybe a problem related to dual CPU? 1152703870 J * Nam ~nam@70.78.64.62 1152704660 N * Bertl_oO Bertl 1152704664 M * Bertl morning folks! 1152704669 M * FaUl morning Bertl 1152704674 M * FaUl good to see you 1152704680 M * FaUl i've got a feature-request ;-) 1152704687 M * Bertl ah, let's hear! 1152704752 M * FaUl it would be nice if the guest-tty/ptys would be in the host devpts as well 1152704798 M * Bertl hmm, why? 1152704805 M * FaUl because this would allow to inform every user walls (think about shutdown -h +15) or things like this 1152704819 M * FaUl every user with wall s 1152704854 M * Bertl okay, that's a good argument, what about wall inside a guest, btw? 1152704899 M * Bertl I mean, does that work as expected (i.e. msg everything inside the guest?) 1152705012 M * FaUl Bertl: i think so 1152705044 M * Bertl what about having xid=1 showing/using all the pts then? 1152705049 J * lilalinux ~plasma@dslb-084-058-233-086.pools.arcor-ip.net 1152705056 M * FaUl mhh 1152705069 M * Bertl would that help with that? i.e. what about having a special 'wall' on the host for this? 1152705082 M * FaUl then you have to write special wrapper for shutdown/etc 1152705245 M * Bertl okay, what about guest security (i.e. protection against the host?) 1152705250 M * romke morning Bertl 1152705269 M * Bertl FaUl: and the other way round, i.e. keep host messages from the guest :) 1152705289 M * Bertl morning romke! 1152705332 M * FaUl Bertl: i think no guest should be able to talk to the host/other guests 1152705424 M * FaUl security: interesting question - you think about the case where host-user have the same uid as guest-user, right? 1152705510 M * Bertl that is one example, but basic information hiding is another, i.e. if there is a pts (from the guest) you can easily inject/capture 'secret' data from there (on the host) which isn't trivial when you have to enter the guest 1152705536 M * Bertl well, or if you are not allowed to enter it :) 1152705598 M * FaUl i think this isn't a case as guests can be manipulated from host-root in any way 1152705661 M * Bertl have you had a look at the latest lock and admin deltas? 1152705699 M * FaUl in fact if you are root on the host you may even load some kernel-module if you want - s o theere isn't real security - everything which seems to provide security is dangerous (as it creates wrong feeling) 1152705704 M * FaUl nope 1152705759 Q * sladen Ping timeout: 480 seconds 1152705955 J * sladen paul@193.28.45.41 1152706003 M * Bertl well, of course, you can do all that, it's like adding stack randomization or non executable text sections etc .. you can always work around it, but it makes it harder to get there ... 1152706697 M * Bertl FaUl: I think the 'proper' long time solution would be to have certain messages relayed to guests too, not sure that can be done in a proper way without modifying host userspace here 1152706738 M * daniel_hozac Bertl: what do you think about anonc's request? 1152706819 Q * lilalinux Ping timeout: 480 seconds 1152706819 M * FaUl Bertl: it seems to me to be the best if all vtys are in xid=1-devpts 1152706883 M * FaUl and replace shutdown with some programm which uses xid=1 for wall and add an extra vwall 1152706884 M * Bertl daniel_hozac: you mean cow breaking on time change? 1152706901 M * daniel_hozac Bertl: right. 1152706903 M * Bertl FaUl: I agree that this is the best solution for now ... 1152706974 M * Bertl FaUl: but would be interesting if you could bring this up on lkml too, as I see a similar (or maybe even more problematic) issue with the namespace approach in the future ... 1152707023 M * FaUl i'm not so into the namsepace-approach 1152707044 M * Bertl daniel_hozac: shouldn't be too hard, although I really doubt that it is worth the efford ... (basically we could move the break to the update/change inode path) 1152707085 M * Bertl FaUl: doesn't matter, it's quite simple, you would have a 'separate' /dev/pts space for every 'guest' and another one (separate) for the host 1152707088 A * phreak`` goes looking for Bertl's qemu mini image 1152707117 M * Bertl phreak``: http://vserver.13thfloor.at/Stuff/QEMU/ 1152707154 M * cattivik Bertl: hi boss:) 1152707163 M * phreak`` Bertl: those TEST_*.bz2 right ? 1152707174 M * Bertl hi cattivik! 1152707194 M * Bertl phreak``: yes, the public ones are 'working' images 1152707277 M * daniel_hozac Bertl: which path is that? and it should really be trivial with http://daniel.hozac.com/vserver/delta-cow-feat03.diff 1152707292 M * cattivik Bertl: Have you ever discussed about "hot-swap" migration for VServer guests? I mean live systems, from one hardware to another... 1152707321 J * lilalinux ~plasma@dslb-084-058-232-251.pools.arcor-ip.net 1152707324 M * Bertl cattivik: yes, but basically it boils down to this: 1152707348 M * Bertl you usually want to do that for two reasons: load balancing and scheduled maintainance 1152707392 M * cattivik Bertl: yep! 1152707405 M * Bertl and while you can cover the maintainance part quite fine by adding a Xen layer, the load balancing case is not really realistic, as it uses _a lot_ of resources to migrate a guest 1152707450 M * Bertl we are more leaning towards a cluster solution for Linux-VServer here 1152707464 M * Bertl (which isn't that hard to do actually :) 1152707479 M * cattivik Bertl: ah, great... 1152707496 M * Bertl everybody interested in helping there can start testing right now 1152707527 M * Bertl in this case, it would be testing the ocfs2 support (as a cluster fs is a prerequisite for that) 1152707601 M * cattivik Bertl: cool...! You said "Xen layer": I know what Xen is but why do you talk of a layer? 1152707626 M * Bertl well, you basically do a dom0 with a single domU (guest) which runs a Linux-VServer kernel 1152707657 M * Bertl as Xen 3.0 allows for a high quality live migration, you can migrate the entire VServer host in case of maintainance 1152707694 M * Bertl while you have all the benefits and resource sharing for the 'real' guests 1152707817 M * cattivik Bertl: UGH! This is true magic... I hadn't think of such a solution..! :D 1152707919 M * Bertl well, we think we do not have to reinvent the wheel over and over again, we try to focus on new inventions :) 1152707994 T * Bertl http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.{0.2,1.1}-rc26 | util-vserver-0.30.210 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1152708013 J * vrwttnmtu ~eryktyktu@82-69-161-137.dsl.in-addr.zen.co.uk 1152708030 M * Bertl derjohn: 2.0.2: only the utsname fix, 2.1.1: switch and socket changes + fix 1152708031 M * vrwttnmtu Afternoon 1152708032 M * derjohn Bertl, gotcha! Changes from rc25 to rc26? a) stable b) devel ! 1152708039 M * Bertl yes!! 1152708047 M * derjohn incredible! an answer before the question ;) 1152708055 M * Bertl welcome vrwttnmtu! 1152708064 A * vrwttnmtu waves 1152708065 M * derjohn Bertl, utsnamefix in both? 1152708081 M * daniel_hozac Bertl: no nsclean-disable? 1152708105 M * daniel_hozac Bertl: nor lock/admin for 2.1? 1152708112 M * Bertl daniel_hozac: is part of the changes with the switch 1152708126 M * Bertl the clean, not the lock/admin which requires rewrite 1152708132 M * daniel_hozac i meant for stable :) 1152708153 M * Bertl no, not yet ... 1152708171 M * daniel_hozac not yet? 1152708176 M * cattivik Bertl: wise indeed..! :] 1152708192 M * Bertl daniel_hozac: I plan to run those too through PLM now, fix up everything in a code review for stable and get that another PLM run then ... 1152708266 M * derjohn Bertl, changelog done. 1152708272 M * Bertl daniel_hozac: please double check the code yourself, if possible I like to have something ready early next week 1152708278 M * daniel_hozac vnamespace -c does still oops the kernel, right? 1152708330 M * daniel_hozac Bertl: ok, will do. 1152708332 M * Bertl I assume so .. nothing changed there but I have no problem to remove it right now, just didn't bother yet 1152708353 M * daniel_hozac ok. 1152708357 M * Bertl (as I think we will get rid of it in the code review) 1152708388 M * daniel_hozac the oops, or the function? 1152708396 M * Bertl the function :) 1152708410 M * daniel_hozac makes sense :) 1152708461 M * Bertl but maybe we should look into the oops too, might give some clues (or did you already investigate?) 1152708554 M * daniel_hozac no, i don't think i did. 1152708803 M * Bertl I love it: http://lxc.sourceforge.net/bench/ 1152708898 M * doener Bertl: any idea why the 'light' results for dbench are better than the vanilla ones? Don't know about MCR, but at least for Linux-VServer that simply doesn't make sense to me 1152709012 M * Bertl no idea, but would be interesting to investigate 1152709024 M * daniel_hozac Bertl: ah, now i remember. include/linux/list.h:__list_del won't work on the first or the last mount. 1152709066 M * Bertl daniel_hozac: aha, hmm, can we hit that case with the other pathes? 1152709085 M * daniel_hozac other paths? such as? 1152709135 M * Bertl maybe I got that one wrong, where does that del happen exactly? 1152709165 M * daniel_hozac umount_unused 1152709382 M * Bertl ah, okay, so we get rid of that with the call, tx! 1152709393 M * Bertl (with removing the cleanup cmd, I mean) 1152709393 Q * balbir Quit: Leaving 1152709667 M * daniel_hozac right. 1152709870 M * cattivik Bertl: about clustering you said: "everybody interested in helping there can start testing right now": you mean starting from where? 1152710418 M * Bertl setting up a a few nodes, testing primarily ocfs2 in connection with Linux-VServer 1152710434 Q * Milf Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org 1152710517 M * vrwttnmtu daniel_hozac, When you have a sec, can you give me a hand to work out why my v6 vserver isn't v6? :) 1152710545 M * vrwttnmtu (Or anyone that can help out really) 1152710677 M * Bertl I guess for now bonbons (not here atm) is the right person ... but doener or daniel_hozac might have a clue :) 1152710723 M * vrwttnmtu Bertl, the reason that I'm asking daniel_hozac is that I've set it up before, and got it working on other servers, but on one, using his chbind6 tool doesn't seem to apply the v6 address to the vserver 1152710856 M * Bertl i.c. k, makes sense ... 1152710899 M * vrwttnmtu Bertl, Do you know why I would get the "No support for inet6" error within the vserver? (If all was compiled with Bruno's patches) 1152710931 M * Bertl that looks more like a missing patch to me (i.e. still the ipv6 blocker in the kernel) 1152710943 M * Bertl are you _sure_ you booted the patched kernel? 1152710963 M * vrwttnmtu # uname -r 1152710963 M * vrwttnmtu 2.6.16.20-vs2.1.1-rc22IPv6 1152710992 M * Bertl okay, I have to leave now, will be back later ... 1152710995 M * vrwttnmtu OK 1152711033 N * Bertl Bertl_oO 1152711263 M * daniel_hozac vrwttnmtu: what does cat /proc/self/ninfo inside the guest say? 1152711289 M * daniel_hozac vrwttnmtu: and how are you running it? 1152711300 M * vrwttnmtu 1 sec 1152711323 M * vrwttnmtu Just V4Root, and V4Bcast, and NID 1152711330 M * daniel_hozac i believe there are instances where you'd get the "No support for inet6" if you don't have an address assigned. 1152711382 M * vrwttnmtu Thing is, I've recompiled most of my boxes now with the v6 patch, and used your tool to assign the addresses, but just on this one, it doesn't work 1152711430 M * daniel_hozac vrwttnmtu: ah right, self/ninfo is the non-working one, try /proc/virtnet/*/info 1152711450 M * daniel_hozac (from the host) 1152711472 M * vrwttnmtu ID, Info, and 0: 1152711475 M * vrwttnmtu No v6 1152711476 M * vrwttnmtu :/ 1152711495 M * daniel_hozac ok, how are you running chbind6? 1152711528 M * daniel_hozac (i guess you're not using the util-vserver patch?) 1152711529 M * vrwttnmtu /root/chbind6 -n 1234 -a -6 2001:xxxxxxx/64 1152711547 M * vrwttnmtu Which returns: IPv6: 2001:xxxxxxx/64 1152711559 M * vrwttnmtu And that address is assigned to eth0 on the host 1152711567 M * daniel_hozac that just means it parsed the address. 1152711583 M * vrwttnmtu Yeah, I tried it without the /64, and it barfed 1152711593 M * daniel_hozac yeah, it requires the prefix. 1152711620 M * daniel_hozac could you strace that for me? 1152711633 M * vrwttnmtu The only thing I can think is that on this kernel I haven't compiled in some option that it requires 1152711646 M * daniel_hozac you do have CONFIG_IPV6 enabled, right? :) 1152711651 M * vrwttnmtu Yeah :) 1152711652 M * daniel_hozac (or modularized) 1152711661 M * vrwttnmtu # ping6 www.kame.net -c 1 1152711661 M * vrwttnmtu PING www.kame.net(orange.kame.net) 56 data bytes 1152711661 M * vrwttnmtu 64 bytes from orange.kame.net: icmp_seq=1 ttl=49 time=275 ms 1152711661 M * vrwttnmtu --- www.kame.net ping statistics --- 1152711661 M * vrwttnmtu 1 packets transmitted, 1 received, 0% packet loss, time 0ms 1152711666 M * vrwttnmtu rtt min/avg/max/mdev = 275.980/275.980/275.980/0.000 ms 1152711684 M * vrwttnmtu I'll have to emerge strace first 1152711690 M * daniel_hozac ok. 1152711698 M * vrwttnmtu It's a rather minimal box. Give me 3 1152711756 M * vrwttnmtu daniel_hozac, join #ksdjhfkjdshf (for pasting - rather not put it on a paste site 1152711757 M * vrwttnmtu ) 1152712002 N * Ben_zZz Ben_ 1152712047 Q * michal` Ping timeout: 480 seconds 1152712580 J * michal` ~michal@www.rsbac.org 1152714399 J * mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com 1152714522 J * [PUPPETS]Gonzo gonzo@langweiligneutral.deswahnsinns.de 1152714563 Q * cattivik Quit: I'm gonna save Rose Tyler from the middle of the Dalek fleet, and then I'm gonna save the Earth 1152714615 J * TermUnitX ~PhAnATiC@dsl-201-129-207-251.prod-infinitum.com.mx 1152714737 Q * newz2000 Quit: Talk to you later 1152714835 J * yarihm ~yarihm@whitehead2.nine.ch 1152714977 M * [PUPPETS]Gonzo I have a question about the "reaper-fix" and strace: did it crash the whole host or in which way did the problem show up? And did the problem apply to gdb, too? 1152715035 M * daniel_hozac yes. 1152715047 J * newz2000 ~matt@12.216.147.124 1152715049 M * derjohn daniel_hozac, to all Questions? 1152715054 M * daniel_hozac pretty much :) 1152715070 M * derjohn daniel_hozac, does that mean every user can stop the host with gdb ????? 1152715093 M * daniel_hozac well, yes, IIRC. 1152715112 M * derjohn *ouch* 1152715137 M * derjohn well, we should warn everyone to upgrade to newest RC to prevent DoS ? 1152715155 M * [PUPPETS]Gonzo warn noone, as people might get to know the bug ;) 1152715177 M * [PUPPETS]Gonzo Bad news that that happened, good news that I know, what caused the crashes on my production server, bad news that I searched for the reason so long ;) 1152715232 M * daniel_hozac IIRC the bug behaved differently for different people 1152715238 M * derjohn well, I'm glad to tell you that there are chatlogs of this conversation ;) 1152715249 M * daniel_hozac for me it just froze my system solid for about a minute. 1152715252 M * FaUl which bug? have i to update all my kernels? 1152715300 M * derjohn daniel_hozac, with which RC was the bug introduced? 1152715312 M * daniel_hozac -rc23 reintroduced it. 1152715323 M * daniel_hozac we fixed it a while back. 1152715331 M * derjohn [PUPPETS]Gonzo, which rc did you use? 1152715343 M * [PUPPETS]Gonzo I used rc17 and rc24 1152715345 M * daniel_hozac -rc25 fixed it again. 1152715363 M * daniel_hozac -rc19 fixed it the first time around. 1152715364 M * FaUl DOH! 1152715368 M * FaUl -rc24 1152715368 M * [PUPPETS]Gonzo yeah 1152715390 M * [PUPPETS]Gonzo derjohn seems to be lucky for picking cool patchlevels *g* 1152715391 M * derjohn http://linux-vserver.org/ChangeLogDevelExperimental 1152715404 M * derjohn vs2.1.1-rc25 fixed it. 1152715434 M * derjohn I always take bleeding stuff, only with real food i am scary (vegetarian) :) 1152715454 M * vrwttnmtu "[PUPPETS]Gonzo warn noone, as people might get to know the bug ;)" : That's not the spirit, is it? :) Security through obscurity? 1152715460 M * [PUPPETS]Gonzo ;) 1152715478 M * [PUPPETS]Gonzo derjohn: stop chatting now, your pc needs all cpu for compiling -rc26 for me ;) 1152715493 M * vrwttnmtu Actually, one of the main problems I have with linux-vserver is that there isn't anywhere that says >= 2.1.1-rcxxxx is secure 1152715509 M * daniel_hozac vrwttnmtu: nothing is secure :) 1152715516 M * vrwttnmtu daniel_hozac, OK, known secure :) 1152715548 M * vrwttnmtu I'd like a page that I can go to that says the latest (known!) secure version of the utils, the patch, and the linux kernel 1152715562 M * daniel_hozac the latest is always the most secure. 1152715568 M * vrwttnmtu :) 1152715577 M * daniel_hozac from a "known vulnerabilities" standpoint. 1152715582 M * vrwttnmtu OK, the earliest version with no known security vulns 1152715582 M * [PUPPETS]Gonzo well, not with -rc17 and -rc23 ;) 1152715590 M * [PUPPETS]Gonzo k 1152715597 M * vrwttnmtu Bugs are one thing 1152715601 M * vrwttnmtu Security bugs are another 1152715624 M * daniel_hozac 2.1 gets new features/rewrites all the time. 1152715625 M * vrwttnmtu So rc22 is vulnerable? 1152715629 M * daniel_hozac no. 1152715666 M * daniel_hozac AFAICT, -rc9 to -rc18 and -rc23 to -rc24 are vulnerable. 1152715669 M * vrwttnmtu daniel_hozac, 2.1 might get new versions all the time, but Bombom's IPv6 patch doesn't 1152715671 M * vrwttnmtu :) 1152715705 M * daniel_hozac vrwttnmtu: i'm using it on 2.6.17.4-vs2.1.1-rc25 right now ;) 1152715730 A * derjohn presses thumbs that we'll get a release soon 1152715761 M * daniel_hozac derjohn: Bertl_oO said "PLM, code review, PLM, then..." ;) 1152715774 M * derjohn PLM? 1152715808 M * daniel_hozac OSDL's kernel compile testing thingie. 1152715819 M * daniel_hozac http://plm.osdl.org/plm-cgi/plm?module=home 1152715825 M * derjohn yeah, I know 1152715831 M * derjohn but didnt know the na,e 1152715874 M * vrwttnmtu http://linux-vserver.org/Security <-- New page 1152715926 M * daniel_hozac vrwttnmtu: i'd say 2.6.17.4 and -rc26. 1152715940 M * daniel_hozac 2.6.16.20 is 3 or 4 releases old by now. 1152715989 M * vrwttnmtu daniel_hozac, But if there aren't any security vulnerabilities in it.... 1152715994 M * daniel_hozac and i thought Gentoo was at 0.30.210-r14 :) 1152716003 M * vrwttnmtu daniel_hozac, But if there aren't any security vulnerabilities in it.... 1152716004 M * daniel_hozac vrwttnmtu: there are. that's why they released the updates :) 1152716011 M * vrwttnmtu really? 1152716021 M * vrwttnmtu There aren't any GLSA's for the utils 1152716025 M * daniel_hozac for 2.6.16, definitely. read the ChangeLogs. 1152716038 M * daniel_hozac not for the utils. those were just functionality fixes, i think. 1152716038 J * gerrit ~gerrit@67.160.146.170 1152716046 M * vrwttnmtu It really annoys me that they stopped doing kernel GLSAs 1152716060 M * vrwttnmtu It was a good method of tracking bugs 1152716070 M * vrwttnmtu daniel_hozac, Are they local root, DoS, what? 1152716078 Q * newz2000 Quit: Talk to you later 1152716144 M * daniel_hozac i don't remember, i haven't tracked 2.6.16 since .20. 1152716160 M * daniel_hozac seems to be a slice of everything, though. 1152716408 M * daniel_hozac vrwttnmtu: btw, http://daniel.hozac.com/vserver/util-vserver-0.30.210-ipv6.patch in case you weren't aware of that. 1152716472 M * vrwttnmtu What does that do, Mr Danien-san? 1152716487 Q * TermUnitX Read error: Connection reset by peer 1152716501 M * daniel_hozac IPv6 support for the utils. 1152716514 M * vrwttnmtu I guessed that :) 1152716518 M * vrwttnmtu But it all works without it 1152716526 M * daniel_hozac i.e. echo 2001::1/64 > /etc/vservers//interfaces/0/ip 1152716545 M * vrwttnmtu Aaah 1152716598 M * daniel_hozac it requires that you have chbind6 in your $PATH though. 1152716617 M * vrwttnmtu OK 1152716665 M * vrwttnmtu Can't you get those patches in the main version? Bribe Bertl or something? 1152716666 M * vrwttnmtu :) 1152716679 M * daniel_hozac Bertl_oO isn't the one maintaining the tools. 1152716707 M * vrwttnmtu Well, the main vserver patch, the tools, everything. Who does maintain the tools then? 1152716717 M * daniel_hozac Enrico. 1152716804 M * vrwttnmtu I don't think I've ever seen him speak on this channel. /me waves at Enrico 1152716816 M * daniel_hozac he hasn't been on this channel on a regular basis for months. 1152716832 J * TermUnitX ~PhAnATiC@201.129.207.251 1152716909 N * otaku42 otaku42_away 1152717468 M * daniel_hozac anonc: are you able to test the link breaking on chown/chmod/utimes stuff? (i think i got the dentry ref counting right now) 1152717621 J * Viper0482 ~Viper0482@p54976B25.dip.t-dialin.net 1152717794 Q * vrwttnmtu Quit: Leaving 1152718388 J * stefani ~stefani@tsipoor.banerian.org 1152719523 Q * sladen Quit: bye bye 1152719908 Q * TermUnitX Quit: (-(PS)-) [v5.0.r02] http://www.kalendas.net 1152720399 Q * gerrit Ping timeout: 480 seconds 1152720451 Q * ||Cobra|| Remote host closed the connection 1152721041 J * bonbons ~bonbons@83.222.39.166 1152721397 J * FuraX ~FuraX@umb-sls99-003.u-strasbg.fr 1152721852 M * Skram oy! i sitll havent started my presentation VServer! 1152722248 M * Skram Bertl / Anyone.. where is the Linux-VServer logo? 1152722379 M * daniel_hozac http://vserver.13thfloor.at/Stuff/LOGO/Linux-VServer-1.02.eps 1152722383 Q * schimmi Ping timeout: 480 seconds 1152724040 M * AndrewLee waldi: I found CONFIG_VSERVER_HARDCPU is not set in linux-image-2.6.17-1-vserver-686, any reason not set it as default for debian stock kernel? 1152724134 M * AndrewLee waldi: Without it enable, I cannot use sched_prio flag 1152724156 M * AndrewLee waldi: s/sched_prio/sched_hard/ 1152724270 J * gerrit ~gerrit@bi01p1.co.us.ibm.com 1152725019 M * waldi hmm 1152725022 M * waldi have to check 1152725049 J * schimmi ~sts@212.202.73.176 1152725239 M * waldi + depends on EXPERIMENTAL 1152725239 M * waldi + default n 1152725453 M * AndrewLee waldi: Could you make a exception on it? 1152725504 M * waldi have to think about 1152726146 M * AndrewLee waldi: cause if user choose the -vserver stock kernel on a server, most of them will need sched_hard flag. If the stock -vserver kernel doesn't support, they will still keep rebuild kernel from source. 1152726181 M * AndrewLee waldi: And that make -vserver stock kernel useless for server users. 1152726743 J * s0undt3c1 ~s0undt3ch@bl7-244-155.dsl.telepac.pt 1152727096 J * clessing ~clessing@87.160.230.71 1152727148 Q * s0undt3ch Ping timeout: 480 seconds 1152727154 N * s0undt3c1 s0undt3ch 1152727290 P * clessing 1152727702 M * h01ger to make a vserver not started by default (anymore) i just remove /etc/vservers/$name/apps/init ? 1152727729 M * daniel_hozac +/style, yes. 1152727730 J * matti_ ~matti@linux.gentoo.pl 1152727739 M * doener s/style/mark/ 1152727757 M * daniel_hozac uh, right. 1152727768 A * daniel_hozac should've learned not to watch TV and type at the same time. 1152727794 M * h01ger not s/mark/h01ger/ ? :) 1152727828 M * doener I don't think that util-vserver cares about h01ger :) 1152727903 Q * matti Ping timeout: 480 seconds 1152727903 N * matti_ matti 1152727916 M * h01ger oh well... 1152727937 A * h01ger should have learned not to do so many things at the same time. 1152728608 J * vrwttnmtu ~eryktyktu@82-69-161-137.dsl.in-addr.zen.co.uk 1152728615 M * vrwttnmtu Bonjour 1152729465 J * shedi ~siggi@130.208.221.254 1152730836 M * Skram where is the Linux-VServer LOGO 1152730855 M * daniel_hozac Skram: i told you the last time you asked. 1152730869 M * Skram daniel_hozac: I didnt see the link 1152730870 M * Skram sorry 1152730939 M * mnemoc [18:38:36] Bertl / Anyone.. where is the Linux-VServer logo? 1152730940 M * mnemoc [18:40:47] http://vserver.13thfloor.at/Stuff/LOGO/Linux-VServer-1.02.eps 1152730945 M * Skram thank you 1152731932 P * meandtheshell 1152732398 Q * shedi Quit: Leaving 1152733270 J * SiD4WiNDR luser@195.160.166.163 1152733327 Q * sid3windr Quit: In Soviet Russia, the quit messages you! 1152733337 N * SiD4WiNDR sid3windr 1152733342 J * Smutje_ ~Smutje@xdsl-87-78-2-222.netcologne.de 1152733454 Q * Smutje Ping timeout: 480 seconds 1152733454 N * Smutje_ Smutje 1152733601 P * stefani I'm Parting (the water) 1152733823 M * vrwttnmtu Quit: In Soviet Russia, the quit messages you! <-- Heh 1152733828 Q * nox Ping timeout: 480 seconds 1152733844 M * vrwttnmtu Or the messages quit you? 1152733909 Q * lehkor_ Quit: leaving 1152733975 J * matti_ ~matti@212.244.232.46 1152734011 M * vrwttnmtu daniel_hozac, If you're around, I've re-emerged gcc, binutils, and glibc, and then recompiled chbind6, and it still doesn't work :( 1152734041 M * daniel_hozac you'll have to recompile util-vserver. 1152734045 M * vrwttnmtu Aaah, OK 1152734048 M * vrwttnmtu 2 secs 1152734109 M * vrwttnmtu Love the addition of the VDIRBASE env variable. 1152734118 Q * mire Quit: Leaving 1152734129 Q * matti Ping timeout: 480 seconds 1152734129 N * matti_ matti 1152734137 M * vrwttnmtu (Maybe it was there before, and I didn't notice it, but either way) 1152734150 N * matti Guest483 1152734155 M * vrwttnmtu So the util-vserver includes a library that chbind6 uses? 1152734161 M * daniel_hozac yes. 1152734171 M * vrwttnmtu Will I need to recompile chbind6 after this? 1152734179 M * vrwttnmtu Or will it just use the new lib? 1152734180 M * daniel_hozac no, it links it dynamically. 1152734186 M * vrwttnmtu Hokay 1152734274 M * vrwttnmtu :( It still doesn't work :( 1152734337 M * vrwttnmtu I tried copying another chbind from another host, and it didn't work 1152734350 M * daniel_hozac try copying the libvserver.so.0.0.0 instead. 1152734396 M * vrwttnmtu The most likely thing I can think of is that this kernel is compiled with less stuff in it than the others 1152734405 M * vrwttnmtu For eg: PF_KEY sockets 1152734413 M * vrwttnmtu Not compiled in statically 1152734433 M * vrwttnmtu <*> The IPv6 protocol 1152734461 M * daniel_hozac that really shouldn't make the syscall fail sporadically. 1152734516 M * vrwttnmtu In my vserver options I have: Legacy Kernel API, dynamic context IDs, COW, Proc Security, Hard CPU, and nothing else 1152734582 A * vrwttnmtu doesn't get this. 1152734751 M * vrwttnmtu The util-vserver on all 3 boxes is the same 1152734755 M * vrwttnmtu version I mean 1152734768 M * daniel_hozac vrwttnmtu: get http://vserver.13thfloor.at/Experimental/SYSCALL/syscall_shiny10.h and then http://daniel.hozac.com/vserver/chbind6-shiny.c 1152734787 M * vrwttnmtu OK 1152734847 M * vrwttnmtu I assume I compile, and use that header 1152734856 M * daniel_hozac the header is used automatically. 1152734869 M * vrwttnmtu OK, so use the same compile command? 1152734874 M * daniel_hozac yeah. 1152734891 M * vrwttnmtu chbind6-shiny.c: In function `vserver': 1152734891 M * vrwttnmtu chbind6-shiny.c:30: error: `__NR_vserver' undeclared (first use in this function) 1152734909 M * daniel_hozac whoops, add a -D__NR_vserver=273 (if you're on x86). 1152734966 M * vrwttnmtu It worked! 1152734970 M * vrwttnmtu I love you! 1152734974 M * vrwttnmtu What was it? 1152734988 M * daniel_hozac that is _extremely_ odd. 1152735001 M * vrwttnmtu !!**EXREMELY**!! ? :) 1152735020 M * daniel_hozac pretty much. 1152735056 J * nox ~nox@noxlux.de 1152735066 M * daniel_hozac that should be the exact same code that is executed by the original one. 1152735089 M * vrwttnmtu # diff chbind6.c chbind6-shiny.c 1152735089 M * vrwttnmtu 15a16 1152735089 M * vrwttnmtu > #include "syscall_shiny10.h" 1152735089 M * vrwttnmtu 28a30,31 1152735089 M * vrwttnmtu > _syscall3(int, vserver, uint32_t, cmd, uint32_t, id, void *, data); 1152735090 M * vrwttnmtu > 1152735092 M * vrwttnmtu 106c109,111 1152735094 M * vrwttnmtu < vc_syscall(VCMD_net_add, nid, &addrs[addr-1]); 1152735096 M * vrwttnmtu --- 1152735098 M * vrwttnmtu > if (vserver(VCMD_net_add, nid, &addrs[addr-1]) == -1) { 1152735100 M * vrwttnmtu > fprintf(stderr, "chbind6: vc_net_add(%d): %s\n", addr-1, strerror(errno)); 1152735102 M * vrwttnmtu > } 1152735119 M * daniel_hozac do you use any odd compiler flags on that host? 1152735128 M * daniel_hozac (for emerge, i mean) 1152735132 M * vrwttnmtu CFLAGS="-O2 -march=pentium4 -fomit-frame-pointer" 1152735177 M * daniel_hozac what happens if you compile the new chbind6 with those flags? 1152735217 M * vrwttnmtu How can I remove the v6 addr? 1152735245 M * vrwttnmtu Is there a -d for chbind6 ? 1152735260 M * vrwttnmtu Or do I just remove it from the host i/f and re-add it? 1152735273 M * mnemoc vrwttnmtu: diff -u 1152735284 Q * coocoon Ping timeout: 480 seconds 1152735288 M * vrwttnmtu Diffing a binary? 1152735356 M * daniel_hozac chbind6 doesn't have a -d yet. 1152735374 M * mnemoc vrwttnmtu: no, in general... when diffing please use -u 1152735385 M * vrwttnmtu Oh :) 1152735388 M * vrwttnmtu Sorry. 1152735658 M * vrwttnmtu daniel_hozac, the shiny one works when compiled with those CFLAGS 1152735675 M * vrwttnmtu # ping6 www.kame.net 1152735675 M * vrwttnmtu PING www.kame.net(orange.kame.net) 56 data bytes 1152735675 M * vrwttnmtu 64 bytes from orange.kame.net: icmp_seq=1 ttl=49 time=276 ms 1152735675 M * vrwttnmtu --- www.kame.net ping statistics --- 1152735675 M * vrwttnmtu 1 packets transmitted, 1 received, 0% packet loss, time 0ms 1152735676 M * vrwttnmtu rtt min/avg/max/mdev = 276.116/276.116/276.116/0.000 ms 1152735682 M * vrwttnmtu Wahoo! 1152735684 M * vrwttnmtu : 1152735739 M * vrwttnmtu cat /dev/random > chbind6.c && gcc chbind6.c && ./a.out -a 2001:1/64 1152735959 M * daniel_hozac vrwttnmtu: http://daniel.hozac.com/vserver/chbind6-shiny.c chbind6 -n ... -d ... should delete addresses. 1152735961 J * coocoon ~coocoon@84.160.95.55 1152735980 M * vrwttnmtu daniel_hozac, It's OK, I added another one 1152736125 M * vrwttnmtu Well, I wonder what the difference is. 1152736471 Q * Viper0482 Quit: one day, i'll find this peer guy and then i'll reset his connection!! 1152737593 N * Ben_ Ben_zZz 1152738111 M * vrwttnmtu ./chbind6-shiny: invalid option -- d 1152738112 M * vrwttnmtu Hmm. 1152738114 M * daniel_hozac vrwttnmtu: i updated your instructions to match the new chbind6. 1152738124 M * vrwttnmtu On the IPv6 page? 1152738127 M * vrwttnmtu Wicked 1152738159 M * vrwttnmtu Apache is bound to my vserver ipv6 address, but postfix doesn't see it. 1152738163 M * vrwttnmtu I've no idea why 1152738182 M * daniel_hozac postfix has options regarding which protocols to bind. 1152738192 M * vrwttnmtu Really? 1152738197 M * vrwttnmtu Must be a new change? 1152738228 M * vrwttnmtu Master .cf? 1152738235 M * daniel_hozac main.cf IIRC. 1152738257 M * daniel_hozac inet_protocols. 1152738280 M * vrwttnmtu inet_protocols = ipv4, ipv6 (enable both IPv4 and IPv6) 1152738281 M * vrwttnmtu Yep 1152738283 M * vrwttnmtu Just found it 1152738330 M * vrwttnmtu tcp 0 0 :::25 :::* LISTEN 0 1222424 22290/master 1152738331 M * vrwttnmtu Lovely 1152738674 J * sladen paul@starsky.19inch.net 1152739328 Q * bonbons Quit: Leaving 1152739788 Q * yarihm Quit: Leaving 1152739801 J * icarus hiddenserv@tor.noreply.org 1152739898 Q * sladen Ping timeout: 480 seconds 1152739913 Q * coocoon Quit: KVIrc 3.2.0 'Realia' 1152740054 J * shedi ~siggi@130.208.221.254 1152740152 J * sladen paul@starsky.19inch.net 1152740317 J * Blissex ~Blissex@82-69-39-138.dsl.in-addr.zen.co.uk 1152740427 Q * icarus Quit: Leaving 1152740542 J * icarus hiddenserv@tor.noreply.org 1152741090 J * Aiken ~james@tooax6-122.dialup.optusnet.com.au 1152741260 Q * Guest483 Read error: Connection reset by peer 1152741312 J * matti ~matti@212.244.232.46 1152741872 Q * Blissex Remote host closed the connection 1152742005 Q * icarus Quit: Leaving 1152743889 Q * romke Remote host closed the connection 1152743922 J * matti_ ~matti@linux.gentoo.pl 1152743963 J * romke ~romke@83.16.133.162 1152743979 Q * matti Read error: Connection reset by peer 1152744799 Q * shedi Read error: Connection reset by peer 1152745032 Q * Aiken Quit: Leaving 1152745188 J * Aiken ~james@tooax6-122.dialup.optusnet.com.au 1152745677 J * shedi ~siggi@130.208.221.254 1152745740 J * mire_ ~mire@156-166-222-85.COOL.ADSL.VLine.verat.net 1152746463 Q * dna Quit: Verlassend 1152746825 Q * mire_ Quit: Leaving 1152747228 Q * vrwttnmtu Quit: Leaving