1153094984 Q * schimmi Ping timeout: 480 seconds 1153095516 M * Bertl okay, off to bed for tonight ... back tomorrow! have a good one everyone, cya! 1153095522 N * Bertl Bertl_zZ 1153095570 Q * coocoon Ping timeout: 480 seconds 1153095637 Q * lilo2 Remote host closed the connection 1153095684 J * lilo2 hiddenserv@tor.noreply.org 1153095904 J * hacim ~micah@ool-44c0fccd.dyn.optonline.net 1153095982 J * click click@ti511110a080-0835.bb.online.no 1153095998 Q * jkl Ping timeout: 480 seconds 1153096008 M * hacim I'm having a weird error starting my vservers on this new machine: setrlimit(RLIMIT_NOFILE) failed: Operation not permitted 1153096028 M * daniel_hozac what's giving you that? 1153096057 M * hacim vserver start 1153096069 M * daniel_hozac i meant what in that process. 1153096081 M * daniel_hozac is it the utils? or something inside the guest? 1153096119 M * daniel_hozac i'm guessing on the latter. 1153096122 J * sladen paul@starsky.19inch.net 1153096133 M * hacim yeah, I think so, but its odd because I wasn't getting it before 1153096146 M * hacim same tools, same patch on this machine 1153096155 M * daniel_hozac same guest? 1153096166 M * hacim yes, I just migrated them from another host that was having hardware problems 1153096180 M * hacim that looks like exim doing that 1153096194 M * hacim the other odd thing of note is that none of the mysql processes are able to start because they can't get at localhost 1153096196 M * daniel_hozac did you migrate the configs as well? 1153096199 M * hacim yes 1153096293 M * daniel_hozac so it looks like exim is trying to raise that limit. 1153096303 M * hacim yeah, which I dont mind its not able to do 1153096334 M * hacim however, its odd, because on the other machine it doesn't print that error 1153096352 M * daniel_hozac probably because there are other limits on that machine. 1153096382 M * hacim I guess it doesn't really need to be fixed, but I'm more concerned about the mysql localhost issue 1153096392 M * hacim as none of the guests can start mysql because they cannot contact localhost 1153096429 M * hacim but on the other machine they can, I clearly have something different here 1153096435 M * daniel_hozac did you change their IP addresses? 1153096444 M * hacim no, configs are exactly the same 1153096459 M * hacim straight rsync 1153096462 M * daniel_hozac do you have localhost pointing at the IP address in /etc/hosts? 1153096484 M * hacim daniel_hozac: localhost pointing at the public IP in the host's /etc/hosts? 1153096503 M * daniel_hozac in the guests'. 1153096530 M * daniel_hozac or is it 127.0.0.1? 1153096586 M * hacim i've just tried both 1153096589 M * hacim and neither worked 1153096650 M * daniel_hozac so if you listen (like with nc) on 0.0.0.0 x in a guest, you can't connect to it? 1153096718 M * hacim like nc -l 0.0.0.0 8080 1153096730 M * daniel_hozac right. 1153096736 M * hacim and then connect also with netcat? 1153096743 M * daniel_hozac yes. 1153096748 M * hacim to localhost? 1153096785 M * daniel_hozac yep. 1153096795 M * hacim right, I get connection refused 1153096818 M * daniel_hozac but nc worked? 1153096836 M * daniel_hozac are you sure you're not using nodev but don't have the addresses assigned yet? 1153096872 M * hacim I do: nc -l 0.0.0.0 8080 1153096880 M * hacim and then nc localhost 8080, and get a connection refused 1153096926 M * daniel_hozac and if you replace localhost with 127.0.0.1, or the real IP address? 1153096959 M * hacim also connection refused... odd 1153096964 M * hacim but I can ssh to the vserver no problem 1153096979 M * daniel_hozac are you sure it's not running on the old host still? 1153097009 M * hacim oh, odd, netcat opened a different port than 8080 1153097055 M * hacim I must be invoking netcat wrong 1153097068 M * daniel_hozac i think it depends on your version. 1153097070 M * hacim nc -l 0.0.0.0 8080 ; but I see a port opened on 54510 instead of 8080 1153097082 M * daniel_hozac try nc -p 8080 -l 0.0.0.0 1153097105 M * hacim yeah taht works, the man page in this version is wrong :) 1153097142 M * hacim when netcat is working, I can get to localhost and 127.0.0.1 and the public IP 1153097168 M * daniel_hozac ok, good. 1153097199 M * daniel_hozac so when mysql is running, is it listening on any port? 1153097227 M * hacim I can't get it to start 1153097261 M * daniel_hozac ? why not? 1153097277 M * hacim huh, according to the syslog 1153097284 M * hacim Warning: setrlimit couldn't increase number of open files to m 1153097284 M * hacim ore than 50 (request: 510) 1153097296 M * hacim InnoDB: Fatal error: cannot allocate 8404992 bytes of memory with malloc! Total allocated memory 1153097299 M * hacim by InnoDB 6320384 bytes. Operating system errno: 12 1153097302 M * hacim Cannot continue operation! 1153097307 M * hacim Check if you should increase the swap file or 1153097326 M * hacim seems similar to the error I was experiencing on starting of vservers... 1153097336 M * daniel_hozac looks like your guests are seriously limited in resources. 1153097344 M * hacim hmm 1153097358 M * hacim there are no limits set in /etc/vservers 1153097371 M * daniel_hozac what about ulimit? 1153097380 M * daniel_hozac or is your system actually out of RAM? 1153097390 M * hacim no, it has 2gigs available 1153097395 M * hacim and quite a bit of swap available too 1153097409 M * hacim I haven't set any limits with ulimit 1153097428 M * daniel_hozac so ulimit -a shows "unlimited" for everything? 1153097437 M * hacim no, thats odd 1153097453 M * hacim ah 1153097458 A * hacim hits head with hand 1153097476 M * hacim I DID set limits 1153097515 M * hacim in /etc/security/limits.conf 1153097544 M * hacim thats the problem, duh 1153098030 J * karih ~kari@dsl-214-44.hive.is 1153098158 M * karih hi, I am very interested in linux virtual servers and I've been browsing your site and I don't find anything about "checkpointing" or "live merging" (as it is called in the OpenVZ wiki page). Can anyone tell me if this is possible with Linux-Vserver or if not, how well it works with OpenVZ? 1153098220 M * daniel_hozac you'll probably get better answers about OpenVZ in a channel dedicated to it, such as #openvz at freenode. 1153098249 M * karih well yes, I was just wondering if this was available with linux-vserver 1153098259 M * daniel_hozac Linux-VServer does not support checkpointing or live migration. 1153098268 M * karih ok 1153098294 M * karih do you think that will change in near future? 1153098321 M * daniel_hozac no, we prefer not to reimplement the wheels. you can use an Xen layer for that. 1153098421 M * matti daniel_hozac: :) 1153098425 M * karih hmm ok 1153098448 M * karih well thanks for that clarification 1153098477 A * matti just finished writing letter to Santa Claus about vserver 2.0.2 :-) 1153098660 M * daniel_hozac karih: http://irc.13thfloor.at/LOG/2006-07/LOG_2006-07-12.txt has the official response, around 1152707324 1153098804 M * karih hmm ok nice 1153098813 M * karih so how about that cluster solution? :) 1153098928 M * karih I'm more entertaining myself then anything else, but I was trying (at least in my mind, since I don't own the hardware) to do a hi uptime system, where I could basicly unplug a computer and another one would take over without losing the ftp client that was downloading 1153098933 Q * Greek0 Server closed connection 1153098945 J * Greek0 ~greek0@85.255.145.201 1153098953 M * karih any idea how this might be implemented? 1153099037 M * karih I was thinking of a system of maybe 3+ computers where everyone would run some sort of virtual server that runs on remote filesystem and when the other computers would notice the first one went down (with heartbeat, or something similar) they would magically take over 1153099096 M * karih any tips in the right direction? 1153099124 M * karih or is this a very far fetched dream? 1153101457 M * karih well, thanks anyway for the help 1153101459 P * karih 1153102728 J * jkl eric@c-71-56-216-223.hsd1.co.comcast.net 1153110423 Q * Pazzo Quit: . 1153110647 Q * meandtheshell Quit: bye bye ... 1153113769 J * cris ~cris@seattle.gii.net 1153114131 J * cskarby ~cs@195.1.31.69 1153114141 P * cskarby 1153114454 M * Wonka nice idea... 1153114470 M * Wonka several boxen, mosix on them, ... 1153116849 J * dna ~naucki@dialer-139-65.kielnet.net 1153117967 M * Skram : ) 1153118179 M * Wonka and on that mosix, vservers 1153118199 M * Wonka storage on something like raid, distributed over the boxen 1153118215 M * Wonka so one can just pull one or two out without los 1153118216 M * Wonka s 1153118272 N * otaku42_away otaku42 1153118592 Q * Aiken Quit: Leaving 1153118758 J * Aiken ~james@tooax6-127.dialup.optusnet.com.au 1153118864 Q * abi Server closed connection 1153118866 J * abi ~abi@enz.schiach.de 1153119254 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl 1153119966 J * schimmi ~sts@port-212-202-73-176.dynamic.qsc.de 1153120808 J * Viper0482 ~Viper0482@p54977325.dip.t-dialin.net 1153121201 J * anonc ~anonc@staffnet.internode.com.au 1153121737 T * * http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.{0.2,1.1}-rc26 | util-vserver-0.30.210 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1153121737 T * Bertl - 1153121913 Q * lilo2 Remote host closed the connection 1153122287 Q * Greek0 Ping timeout: 480 seconds 1153122664 J * lilo2 hiddenserv@tor.noreply.org 1153122789 Q * schimmi Ping timeout: 480 seconds 1153123571 J * pisco ~pampel@p50878ABD.dip0.t-ipconnect.de 1153123617 M * meebey Version check and ipsec on-path [OK] 1153123617 M * meebey Linux Openswan U2.4.5/K2.6.16-2-vserver-686 (netkey) 1153123617 M * meebey Checking for IPsec support in kernel [OK] 1153123623 M * meebey weee, that sounds promising :) 1153123639 M * meebey openswan in vserver on 2.6 kernel with builtin ipsec support 1153123739 Q * pusling Ping timeout: 480 seconds 1153123799 J * Greek0 ~greek0@85.255.145.201 1153123870 J * pagano ~pagano@131.154.5.20 1153125117 J * schimmi ~sts@aquila.tcs.ifi.lmu.de 1153125299 Q * michal` Ping timeout: 480 seconds 1153125600 J * michal` ~michal@www.rsbac.org 1153126191 M * meebey the redundancy in /etc/vservers/*/ is a bit annoying 1153126213 M * meebey like vdir, uts, flags 1153126288 M * waldi this is redundant? 1153126349 M * meebey vdir is set in .defaults 1153126386 M * meebey all vservers have the same flags (lock) in my setup 1153126420 M * Hollow some "strange" users might have different flags O.o 1153126421 M * waldi no, vdir can be overwriten by each vserver 1153126455 M * meebey override is all ok, but why not use the default in the first place? 1153126462 M * meebey galilei:/etc/vservers# vserver vpn start 1153126462 M * meebey /usr/sbin/vserver: line 583: pushd: /etc/vservers/vpn/vdir: No such file or directory 1153126484 M * meebey in the old config I didnt need to specify that path for each vserver 1153126642 Q * shedi Quit: Leaving 1153126711 Q * weasel Write error: connection closed 1153126714 J * pisc1 ~pampel@p5087A781.dip0.t-ipconnect.de 1153126719 J * weasel weasel@asteria.debian.or.at 1153127052 Q * pisco Ping timeout: 480 seconds 1153127449 M * meebey /etc/vservers/foo/interfaces/lan/dev = eth0 with existing /etc/vservers/foo/interfaces/lan/nodev also doesnt work as expected 1153127471 M * meebey it still wants an IP address, with is again redundant, since I just want to assing an exsiting device to the vserver 1153127474 M * Hollow well, you can't specify dev and nodev at the same time 1153127485 M * meebey so how does it know which dev? 1153127495 M * Hollow it doesn't, you need to specify an IP adress 1153127502 M * meebey hmpf evil 1153127507 M * Hollow at least with nodev 1153127511 M * meebey fun with dynamic IPs 1153127519 M * Hollow which means that util-vserver does not care if the interface/ip is confgured 1153127534 M * Hollow it just sets the ip in the network context 1153127545 M * Hollow without nodev, it will setup the ip for you using "ip addr" 1153127551 M * meebey the old config was able to use the existing IP of an device by using the device name 1153127559 M * meebey so this new config supports less 1153127613 M * Hollow this "new" config is old like ages btw.. 1153127624 M * matti Hollow: :-) 1153127632 M * meebey it still has not the same feature support though 1153127635 M * matti Hollow: How is going? 1153127636 M * meebey so its still new to me 1153127637 M * Hollow i'm still astonished how many people refer to it as "new" 1153127664 M * meebey if it would support the things I need, I would have used it earlier alerady 1153127683 M * Hollow well, i don't say it is good ;) 1153127688 M * meebey having ADSL lines is now a major pain with vserver then 1153127691 M * Hollow it's just not new 1153127716 M * Hollow but i don't know if your problem is easily solvable with util-vserver 1153127725 M * meebey the ppp0 device has a dynamic IP 1153127726 M * Hollow maybe you can write a script? 1153127736 M * meebey with the old conf supported this 1153127748 M * meebey sure I can write hacks around util-vserver 1153127754 M * meebey but thats ugly 1153127777 M * Hollow you just add a hack to a hack.. 1153127779 M * Hollow *scnr* 1153127793 M * Hollow matti: good so far 1153127795 M * Hollow sorry for delay 1153127796 M * Hollow :p 1153127816 M * Hollow i'm looking at sqlite3 api, and it makes me sick 1153127927 M * matti Hollow: I saw, that the vserver things in gentoo cvs are marked dead... why? 1153127977 M * Hollow hu? 1153127983 M * Hollow you mean rc kernels? 1153128033 M * matti I saw this in profile directory. 1153128096 M * Hollow depends.. if you refer to vserver/{amd64,x86} or default-linux/{amd64,x86}/2005.1/vserver profiles, they now reside in default-linux/{amd64,x86}/vserver 1153128108 M * matti Oh, that's why. 1153128112 M * matti :) 1153128115 M * matti Uff... 1153128123 M * matti I feel better now ;p 1153128125 M * matti Much better. 1153128125 M * matti ;p 1153128136 M * Hollow the former is not standard conform, and the latter is too much bloat, we don't need a profile for each 200x.y release 1153128150 M * Hollow so we finally moved it to the third one 1153128155 M * matti :) 1153128164 M * matti And how big changes are going? 1153128173 M * Hollow just the location changed 1153128209 M * matti :) 1153128213 M * Hollow and i think we fixed an udev bug meanwhile, but probably you didn't see this bug, some special case ugliness 1153128227 M * matti Hm... 1153128232 M * matti I use static dev. 1153128234 M * matti :) 1153128246 Q * weasel Write error: connection closed 1153128251 J * weasel weasel@asteria.debian.or.at 1153128266 M * Hollow yeah, but there was a dependency problem which pulled in udev from an eclass with virtuals and things.. it took quite some while to find this bug ;) 1153128290 M * matti Hehe. 1153128331 M * matti So, I am happy to hear that it is fixed now :) Even if I didn't noticed anything ;p 1153128334 M * matti :) 1153128337 M * Hollow heh 1153128338 M * waldi udev in a verser? 1153128353 M * matti Hollow: Oh cheer up :) 1153128356 M * matti Hollow: Want some coffee? 1153128363 M * Hollow sure :) 1153128367 M * matti Oh, cool. 1153128373 A * matti hands Hollow a cup of hot coffee. 1153128375 M * Hollow trying to find that udev bug, but bugzie is so slooow 1153128377 M * matti Hollow: Milk? 1153128383 A * waldi wants so cpu time ... 1153128385 M * Hollow yup 1153128409 A * matti hans waldi some free cpu time... :0 1153128420 A * matti hands Hollow milk for coffee. 1153128422 M * matti :> 1153128436 M * matti s/hans/hands/ 1153128449 M * Hollow here we go: 1153128449 M * Hollow if (rc != SQLITE_OK || sqlite3_step(dbr) != SQLITE_ROW) 1153128450 M * Hollow xid = 0; 1153128450 M * Hollow 1153128451 M * Hollow darr 1153128454 M * Hollow https://bugs.gentoo.org/show_bug.cgi?id=105616 1153128463 M * Hollow too fast c&p :P 1153128474 M * Hollow matti: thanks :) 1153128481 M * matti Uh, I need to replace SATA with SCSI... SATA is so screwed... IO sucks... 1153128488 M * matti Hollow: :) 1153128525 M * Hollow it took about 6 months to fix it lol 1153128535 M * matti lol 1153128536 M * matti :) 1153128555 M * matti Better 6 month than never ;p 1153128619 M * waldi matti: 4 15krpm scsi disks on an U320 controller ... 1153128730 M * matti waldi: And? :) 1153128865 M * Hollow mnemoc: around? 1153128879 M * waldi matti: gives good io 1153128913 A * sid3windr sighs @ 2.6 release rate 1153128927 M * sid3windr anyone know of averse effects of 2.6.17.4's overzealous proc security patch? 1153128943 M * sid3windr as in, should I reboot my machine AGAIN because I have updated to 2.6.17.4 ? 1153128950 J * shedi ~siggi@213.190.108.50 1153128953 M * sid3windr I see chkrootkit chokes on some proc stuff, but are there other stuff broken? :) 1153128966 M * matti waldi: Yes, I know :) 1153128995 M * waldi sid3windr: .5 is know to have some bad sideeffects 1153129013 M * sid3windr I mean .5 indeed 1153129021 M * sid3windr bad sideeffects like what? :/ 1153129063 M * matti waldi: I've 4 SATA 250 GB in raid 1+0, but io is still not very good. 1153129085 M * sid3windr maybe I should wait for 2.6.18.22 which should be out in a week anyway. 1153129138 M * waldi whats that? 1153129209 M * phreak`` sid3windr: eh ? .18 isn't even out :P 1153129218 M * phreak`` (as in 2.6.18 ...) 1153129220 M * sid3windr nope 1153129224 M * sid3windr but it sure will be :> 1153129240 M * phreak`` don't think so :) 1153129242 M * sid3windr ahwell :/ 1153129272 M * sid3windr I wonder what it actually kills 1153129278 M * sid3windr that chmod 0000 1153129309 M * waldi not only a chmod, it sets also the node type to 0 1153129372 M * anonc matti: http://www.ussg.iu.edu/hypermail/linux/kernel/0607.2/0022.html 1153129399 M * anonc matti: not to say that sata is all that flash anyway 1153129435 M * sid3windr hmm 1153129613 M * matti anonc: Well, I don't have a problem with throughput, but only with latency and access time and probably this is because SATA are not so good as SCSI can be for multiple simultaneous read or write access across whole raid matrix :) 1153129627 M * matti anonc: But, relax, I'll replace this with SCSI ASAP :) 1153129669 M * anonc matti: yep - its just plain bad - however - if you prefer speed to capacity - try benchmarking the drives when only using the outer cylinders 1153129700 M * matti Yes, I am aware of this :) 1153129702 M * matti Also ;p 1153129710 M * anonc software or hardware raid? 1153129736 M * matti Software. 1153129749 M * matti With SCSI I plan to use hardware support. 1153129789 M * meebey seems like .defaults/apps/vprocunhide/files completly replaces the default one 1153129804 M * meebey is that on purpose? 1153129813 M * anonc if using software raid make sure to align the fs with the stripe size (-E stride=XX) 1153129832 M * meebey I added 2 entries for openswan and now it cant read /proc/uptime 1153129881 M * anonc it spreads the inode bitmaps acorss the disks properly 1153129989 J * cdrx ~legoater@wm402rot.66.ADSL.NetSurf.Net 1153130087 M * matti anonc: Oh. 1153130099 M * matti anonc: I never use this :) 1153130106 M * matti anonc: Thanks for hint :) 1153130551 T * * http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.{0.2,1.1}-rc26 | util-vserver-0.30.210 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1153130551 T * Bertl - 1153130554 M * sid3windr I ssh'd in and killed that process, and it went on ;) 1153130558 M * sid3windr but that shouldn't be the way to go ;) 1153130770 Q * schimmi Ping timeout: 480 seconds 1153130781 M * anonc matti: also try to align filesystem blocks with the cylinder boundaries (or is that sectors - never can remember) 1153131395 M * daniel_hozac derjohn: that should never wait longer than 5 minutes. 1153132431 M * meebey vserver is not mounting /sys automaticly? 1153132610 M * meebey Rebooting... /usr/sbin/vserver: line 85: 15455 Killed "${NICE_CMD[@]}" ${USE_VNAMESPACE:+$_VNAMESPACE --enter "$S_CONTEXT" -- } $_VCONTEXT $SILENT_OPT --migrate --chroot --xid "$S_CONTEXT" -- "${INITCMD_STOP[@]}" 1153132912 T * * http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.{0.2,1.1}-rc26 | util-vserver-0.30.210 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1153132912 T * Bertl - 1153133042 M * meebey vserver vpn start will cause ipsec to not start correctly, vserver vpn enter and then /etc/init.d/ipsec start works, eh? 1153133103 M * daniel_hozac incorrect PATH? 1153133115 M * meebey the script sets the PATH 1153133122 M * derjohn daniel_hozac, can I make the boot process more verbose? my 'hang' creates output in /tmpm but the output ist mostl only ".." .. 1153133123 M * meebey PATH="${IPSEC_SBINDIR}":/sbin:/usr/sbin:/usr/bin:/bin:/usr/bin 1153133123 M * meebey export PATH 1153133129 M * weeble Hey all. Anyone seen this yet? http://seclists.org/lists/fulldisclosure/2006/Jul/0312.html 1153133150 M * daniel_hozac weeble: yes, doesn't work in guests. 1153133154 M * weeble Hurrah 1153133155 M * weeble :) 1153133158 M * doener fixed in 2.6.17.5, doesn't work in vservers 1153133171 M * daniel_hozac and then really fixed in .6 :) 1153133184 M * weeble Is that just the current version of the code, or could it be modified to work with a vserver kernel? 1153133198 M * daniel_hozac derjohn: can't you reproduce it with vserver ... start once the box is booted? 1153133202 M * doener nah, that's just a fix to make NetworkManager(?) happy... it's still a hackish fix 1153133220 Q * cdrx Ping timeout: 480 seconds 1153133239 M * doener someone already posted a "real fix" to lkml, implementing setattr for procfs, IIRC it prevents chmod completely 1153133264 M * derjohn daniel_hozac, currently: yes. it hangs at the same point. i use xfs on lvm with bindmounts, so a have the strange feeling there maybe something wrong with the locking at all .... 1153133280 M * waldi doener: i don't even can imagin, why chmod is allowed without proper setup in the inode 1153133315 M * daniel_hozac derjohn: so that should make it easier, though i'm not sure you'll get anything more out of it. 1153133332 M * doener waldi: I know almost nothing about the vfs layer, so I can't really comment on that 1153133384 M * daniel_hozac vserver --debug ... start, for instance. 1153133384 M * derjohn there is a --debug flag ? cool, never mentioned it since now ;) 1153133384 M * daniel_hozac anonc: btw, did you want to test the COW break on utimes? 1153133384 M * mnemoc Hollow: pong 1153133402 M * Hollow mnemoc: i started sqlite hacking, looks good so far ;) 1153133402 M * anonc daniel_hozac: i'm happy to do so 1153133410 M * mnemoc Hollow: great! :) 1153133472 M * daniel_hozac anonc: http://daniel.hozac.com/vserver/delta-cow-feat03.diff 1153133529 M * anonc daniel_hozac: another thing I've come across is should a "is this a hardlink?" call on a cow-linked file return that instead a normal file? (eg sendmail with its "secure" mode on will refuse to pipe through a program if that program is a hardlink) 1153133568 M * derjohn daniel_hozac, ++ /usr/bin/mkfifo -m600 /tmp/vserver-lock.FO6113 -> ++ /usr/lib/util-vserver/lockfile /var/lock/vserver.etcvserverstailor.startup /tmp/vserver-lock.FO6113 -> ++ /bin/grep -q true /tmp/vserver-lock.FO6113 1153133583 M * derjohn so: it doesnt get the "true" ever .... 1153133614 M * anonc fs/namei.c: In function `cow_break_link': 1153133614 M * anonc fs/namei.c:2670: warning: unused variable `dentry' 1153133616 M * daniel_hozac derjohn: very odd... i guess locking could be broken. 1153133648 M * derjohn hm, daniel_hozac my stomach tells me so, too ... 1153133676 M * daniel_hozac anonc: you mean we should fake nlink to 1 on COW files? 1153133977 T * * http://linux-vserver.org/ | latest stable 2.01, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.{0.2,1.1}-rc26 | util-vserver-0.30.210 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1153133977 T * Bertl - 1153134032 M * daniel_hozac sid3windr: or monkey should be monkeys :) 1153134285 M * sid3windr true :> 1153134285 Q * schimmi2 Ping timeout: 480 seconds 1153134285 Q * mugwump_ Read error: Connection reset by peer 1153134285 J * mugwump ~samv@watts.utsl.gen.nz 1153134285 Q * ssm Ping timeout: 480 seconds 1153134285 M * phreak`` sid3windr: you are absolutly right :P 1153134391 M * Hollow phreak``: we should really remove that baselayout 1.13 ebuild from the overlay btw 1153134406 M * Hollow because it is not masked in the main tree 1153134414 M * Hollow or do overlay p.masks work now? 1153134506 M * phreak`` Hollow: they do (at least the last time I tried) 1153134522 M * anonc daniel_hozac: the utimes patch seems to work for my package install test (breaks the link) 1153134548 M * Hollow phreak``: then we should at least mask it 1153134560 M * Hollow because i accidently updated to it some days ago ;) 1153134564 M * Hollow on my host 1153134598 M * phreak`` daniel_hozac: I don't posses any personality disorder (i.e. splitted personality) as in monkeys ... *g* 1153134601 M * phreak`` Hollow: ok 1153134613 M * phreak`` Hollow: nearly happended here today *g* 1153134632 M * Hollow yeah.. please mask it 1153134642 M * phreak`` Hollow: ok 1153134849 M * daniel_hozac anonc: great! 1153134863 M * phreak`` Hollow: done 1153134888 M * Hollow thx 1153134944 M * daniel_hozac anonc: how about chmod/chown? 1153134949 M * anonc mmm - just a sec 1153134987 M * daniel_hozac phreak``: if you're was correct, we would be the monkeys ;) 1153135035 M * phreak`` daniel_hozac: nah, its your .. :) my english still sucks (and that was yesterday morning 6am when I wrote that sig) 1153135061 M * anonc daniel_hozac: chmod and chown seem to work too. 1153135076 M * daniel_hozac anonc: great, same here. thanks. 1153135102 M * anonc daniel_hozac: will these break on atime changes too? 1153135107 M * daniel_hozac anonc: no. 1153135123 M * daniel_hozac touching atime uses a different path. that's already allowed on immutable files. 1153135158 M * anonc daniel_hozac: that's handy (otherwise backups would explode disk usage) 1153135171 M * daniel_hozac indeed :) 1153135187 M * daniel_hozac wouldn't make much sense to break links on atime changes either, IMHO. 1153135203 N * Bertl_zZ Bertl 1153135209 M * Bertl morning folks! 1153135212 M * Hollow morning Bertl 1153135213 M * daniel_hozac morning! 1153135222 M * phreak`` heya Bertl! 1153135889 M * daniel_hozac Bertl: i'm growing increasingly certain that the cow_break_link(path.dentry, pathname) in open_namei is incorrect. IIUC path would not even be initialized at that point. 1153135974 Q * [PUPPETS]Gonzo Ping timeout: 480 seconds 1153135981 M * daniel_hozac only reason it works is because cow_break_link doesn't really care about the dentry argument, it's just used in a vxdprintk. 1153136152 M * Bertl daniel_hozac: ad atime, I totally agree here 1153136183 M * matti Bertl: :)))))))))))))))))))))) 1153136198 M * Bertl matti: :] 1153136206 M * matti What's up? 1153136238 M * Bertl daniel_hozac: regarding cow break as without your modifications, I'm not sure atm 1153136297 M * Bertl daniel_hozac: IIRC, I used that info to print debug stuff when I tested, and it 'looked' quite initialized to me :) 1153136317 M * Bertl (of course, that is almost a year ago now) 1153136370 M * daniel_hozac but in open_namei, the only time path will be initialized by the time we reach ok: is if the file was opened with O_CREAT. 1153136398 M * daniel_hozac if it's just O_WRONLY, we'll jump almost directly to ok: (line 1664) 1153136524 M * daniel_hozac i guess it is quite common to use O_CREAT|O_WRONLY|O_TRUNC though. 1153136526 M * Bertl well, I'm not looking at the code right now, so that is just what I remember: there are actually two pathes involved 1153136547 M * Bertl one, which is the directory path, where the file/whatever is to be accessed/created 1153136565 M * Bertl and another one, which is the filename itself 1153136574 M * matti What version is currently stable to use (if I need something more than old 2.01?). 1153136584 M * daniel_hozac 2.0.2-rc26? 1153136587 M * matti Maybe 2.0.2? 1153136595 M * daniel_hozac Bertl: in cow_break_link or open_namei? 1153136623 M * Bertl give me a minute to look at the code ... 1153136696 M * matti daniel_hozac: It is good for production usage? :) I think about replacing 2.01 now... due to latest vuln in kernels... I plan a big update. 1153136739 M * Bertl matti: it's very likely to be released without functional change as 2.0.2 1153136747 M * daniel_hozac matti: sure. the version number alone should speak for the stability :) (26 rcs is bound to find most of the bugs) 1153136783 M * matti I see :) 1153136797 M * matti Thanks for advice Bertl and daniel_hozac :) 1153136893 M * daniel_hozac Bertl: the reason i ask is because i think with my changes the dentry ref. counting will be incorrect there, primarily because path.dentry is never dput'ed before jumping to restart. 1153137257 J * lilalinux ~plasma@dslb-084-058-207-206.pools.arcor-ip.net 1153137443 J * [PUPPETS]Gonzo gonzo@langweiligneutral.deswahnsinns.de 1153137608 M * Bertl daniel_hozac: okay, in the call to cow_break_link() path.dentry has to be defined 1153137694 M * Bertl so let's see what branches lead there and which one ensures/defines it 1153137757 M * Bertl indeed, we can get there from: 1153137763 M * Bertl if (!(flag & O_CREAT)) 1153137773 M * Bertl and have it uninitialized 1153137838 M * Bertl btw, why don't we use the nd for that? 1153137918 M * daniel_hozac that's what i was thinking. 1153137986 M * Bertl yes, I think that should be nd.dentry 1153138020 M * Bertl actually nd->dentry, no? 1153138041 M * daniel_hozac yeah. 1153138089 M * Bertl okay, care to prepare and test a patch? 1153138182 M * daniel_hozac though as i said, the dentry isn't really used in cow_break_link. do we really need to have the dentry address in cow_break_link's debugging output? 1153138224 M * daniel_hozac (and if so, couldn't we just move the vxdprintk to after we've looked it up?) 1153138347 M * Bertl it was valuable debug information to see that the looked up and the 'original' are the same 1153138365 Q * pisc1 Remote host closed the connection 1153138368 M * Bertl but I'm fine to remove the dentry argument completely, from function and debug 1153138389 M * daniel_hozac i don't see where we print the old_dentry? 1153138399 M * daniel_hozac (i.e. the looked up one) 1153138415 J * pisco ~pampel@p5087A781.dip0.t-ipconnect.de 1153138449 Q * hacim Quit: leaving 1153138451 M * Bertl daniel_hozac: it got removed in the first cleanup I guess 1153138457 M * daniel_hozac ah, ok. 1153138471 M * Bertl that's why I do not consider it really relevant today 1153138511 J * micah elijah@micah.riseup.net 1153138532 M * Bertl so simplifying cow_break_link() to 'just' pathname (which is a really unfortunate result of a missing 'copy inode' vfs functionality :) seems fine right now 1153138620 M * daniel_hozac like http://daniel.hozac.com/vserver/delta-cow-clean01.diff then? 1153138768 J * sezuan matthias@agamemnon.ipv6.scheff32.de 1153138786 M * Bertl daniel_hozac: yup, looks fine, when it compiles, it should work too :) 1153138795 M * Bertl welcome micah! sezuan! 1153138803 M * daniel_hozac rebooting now. 1153138845 M * sezuan Hi! I want to use the daemon-tools in vserver context. it seems that inittab behaves different (read: it doesn not work here :-)). 1153138861 M * daniel_hozac you need to use the plain initstyle so you get an init inside the guest. 1153138864 M * sezuan has it something to do with the /etc/vservers//apps/init/style? 1153138896 M * sezuan ok. are there any security related disadvantages? 1153138898 M * daniel_hozac yep, echo plain > /etc/vservers/.../apps/init/style should do it. 1153138965 M * daniel_hozac Bertl: works fine, as expected :) 1153139009 M * sezuan it works. nice. 1153139225 Q * pisco Quit: Download Gaim: http://gaim.sourceforge.net/ 1153139243 M * meebey http://paste.debian.net/9184 1153139246 M * meebey I dont understand that 1153139316 M * meebey starting the daemon with sysvinit via vserver vpn start is causing openswan to exit/die, but starting it inside the vserver works 1153139346 M * meebey the syslog shows the pluto entries with no exit logging though 1153139353 J * maharaja maharaja@ip52.ipax.at 1153139359 M * maharaja hi there 1153139363 M * meebey its like its getting killed or dissappears 1153139367 J * pisco ~pampel@p5087A781.dip0.t-ipconnect.de 1153139372 M * maharaja oha, the chan has grown since my last visit :) 1153139383 M * waldi meebey: strace? 1153139401 M * meebey waldi: I will modify the start script, good idea 1153139415 M * meebey waldi: or just strace vserver call? 1153139419 M * Bertl maharaja: wb, means that you haven't been here for a long time! :) 1153139437 M * waldi meebey: no, you have to modify the start script 1153139447 M * meebey k 1153139448 M * waldi meebey: strace over context borders does not work 1153139453 M * meebey waldi: :) 1153139462 M * Bertl okay, I'm off for now, but I'll be back later .. cya and tx@all! 1153139469 N * Bertl Bertl_oO 1153139471 M * meebey http://paste.debian.net/9185 1153139473 M * waldi yeah, bertltime 1153139478 M * meebey stopping the vpn vserver also doesnt sound good 1153139486 M * meebey but I have no idea why it happens just for that vserver 1153139496 M * meebey maybe related to the start problem? 1153139536 M * daniel_hozac you haven't cleaned up the initscripts. 1153139578 M * meebey not needed, the typical shutdown commands just fail 1153139594 M * maharaja Bertl_oO: indeed :) 1153139603 M * daniel_hozac so then, what doesn't sound good? 1153139605 N * maharaja maja 1153139612 M * meebey daniel_hozac: the killed line 1153139616 M * meebey daniel_hozac: I never had that one before 1153139623 M * meebey when I used 2.4 kernel 1153139639 M * meebey it sounds like something from the util-vserver scripts got killed 1153139659 M * daniel_hozac no, the command to stop the guest got killed. 1153139674 M * daniel_hozac i.e. /etc/init.d/rc 0 1153139710 M * meebey it has CAP_SYS_ADMIN 1153139731 M * meebey wondering why it didnt happen with 2.4 1153139754 M * meebey so something from inside the vserver kills the shutdown scripts of vserver? 1153140145 J * baggins_ baggins@kenny.mimuw.edu.pl 1153140145 Q * baggins Read error: Connection reset by peer 1153140329 M * meebey hm interesting 1153140345 M * meebey vserver vpn exec /etc/init.d/ipsec start also causes to not start openswan correclt 1153140348 M * meebey correctly 1153140582 Q * FireEgl Quit: Bye... 1153141011 J * mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com 1153141297 Q * cris Ping timeout: 480 seconds 1153141305 J * meandtheshell ~markus@85-124-36-208.dynamic.xdsl-line.inode.at 1153141771 J * gerrit ~gerrit@OTWAON23-1177993857.sdsl.bell.ca 1153142010 M * meebey /etc/init.d/util-vserver: line 26: [: too many arguments 1153142018 M * meebey sounds like I have to many vservers ;) 1153142086 M * meebey hm, its a if [ -f *.conf ]; to check if there is any conf file 1153142423 M * meebey ok its the tools that cause the problem 1153142434 M * meebey in legacy config it starts fine with vserver vpn start 1153142438 J * cdrx ~legoater@OTWAON23-1178069239.sdsl.bell.ca 1153142442 M * mnemoc if [ -f *.conf ]; is not legal 1153142453 M * meebey mnemoc: I know a script bug, but I patched that one 1153142525 M * meebey also that "killed" line doesnt happen in legacy config 1153142552 A * meebey doesn't get why the current config hates him so much 1153142614 Q * gerrit Ping timeout: 480 seconds 1153142906 Q * Aiken Quit: Leaving 1153142995 Q * cdrx Ping timeout: 480 seconds 1153143619 J * gerrit ~gerrit@Ottawa-HSE-ppp244618.sympatico.ca 1153143887 M * daniel_hozac legacy config implies legacy utils. you don't use anything even resembling the same code path. 1153144876 M * maja did any1 of you do clustering with vservers? 1153147359 Q * gerrit Ping timeout: 480 seconds 1153147516 Q * Radiance Quit: changing servers 1153147538 J * Radiance ffd4df2ed0@halt.1984world.eu 1153148131 J * ataraxis ~ataraxis@p3E9E7432.dip.t-dialin.net 1153148212 M * ataraxis Hi, i searched through the docs and couldn't find infos about garanteed cpu/mem allocation. Any pointers? 1153148290 N * Ben_zZz Ben_ 1153148476 M * doener ataraxis: the only thing I know of is the "skip idle time" (or sth. like that) kernel configuration option. If you then limit all your guest so that they together can use up to 100% cpu time, you have a guarantee that they will be able to get that time, but the "idle time skip" allows them to exceed their limit if there are no other processes requesting cpu time 1153148487 Q * ||Cobra|| Remote host closed the connection 1153148519 M * doener (from the top of my head, I don't know any details about that and it's available in recent 2.1.1-rcX versions only) 1153148594 M * ataraxis ah, okay, what about memory? 1153148645 J * xabo ~xabo@45.80-202-58.nextgentel.com 1153148651 P * xabo 1153148683 M * doener probably similar, adjust limits so that they don't exceed the available memory, but I'm even less sure about that... 1153148814 Q * MrX Ping timeout: 480 seconds 1153149384 J * stefani ~stefani@tsipoor.banerian.org 1153149678 J * cdrx ~legoater@OTWAON23-1177993857.sdsl.bell.ca 1153150123 Q * ataraxis Quit: 1153150548 J * gerrit ~gerrit@OTWAON23-1177993857.sdsl.bell.ca 1153150708 N * otaku42 otaku42_away 1153151365 Q * lilo2 Remote host closed the connection 1153151523 J * lilo2 hiddenserv@tor.noreply.org 1153151632 Q * meandtheshell helium.oftc.net oxygen.oftc.net 1153151632 Q * baggins_ helium.oftc.net oxygen.oftc.net 1153151632 Q * sladen helium.oftc.net oxygen.oftc.net 1153151632 Q * michal` helium.oftc.net oxygen.oftc.net 1153151632 Q * pagano helium.oftc.net oxygen.oftc.net 1153151632 Q * Viper0482 helium.oftc.net oxygen.oftc.net 1153151632 Q * dna helium.oftc.net oxygen.oftc.net 1153151632 Q * matti helium.oftc.net oxygen.oftc.net 1153151632 Q * ekc helium.oftc.net oxygen.oftc.net 1153151632 Q * insomnia1 helium.oftc.net oxygen.oftc.net 1153151632 Q * FaUl helium.oftc.net oxygen.oftc.net 1153151632 Q * phreak`` helium.oftc.net oxygen.oftc.net 1153151632 Q * Vudumen helium.oftc.net oxygen.oftc.net 1153151632 Q * duckx helium.oftc.net oxygen.oftc.net 1153151632 Q * TheSeer helium.oftc.net oxygen.oftc.net 1153151632 Q * Curus helium.oftc.net oxygen.oftc.net 1153151632 Q * Zaki helium.oftc.net oxygen.oftc.net 1153151632 Q * kir helium.oftc.net oxygen.oftc.net 1153151651 Q * weasel helium.oftc.net nobelium.oftc.net 1153151723 J * meandtheshell ~markus@85-124-36-208.dynamic.xdsl-line.inode.at 1153151723 J * baggins_ baggins@kenny.mimuw.edu.pl 1153151723 J * sladen paul@starsky.19inch.net 1153151723 J * michal` ~michal@www.rsbac.org 1153151723 J * pagano ~pagano@131.154.5.20 1153151723 J * Viper0482 ~Viper0482@p54977325.dip.t-dialin.net 1153151723 J * dna ~naucki@dialer-139-65.kielnet.net 1153151723 J * matti matti@linux.gentoo.pl 1153151723 J * ekc ekc@netblock-66-245-252-180.dslextreme.com 1153151723 J * insomnia1 ~insomniac@slackware.it 1153151723 J * FaUl immo@shell.chaostreff-dortmund.de 1153151723 J * phreak`` ~phreak``@140.211.166.183 1153151723 J * Vudumen e94ff97507@perverz.hu 1153151723 J * duckx ~Duck@tox.dyndns.org 1153151723 J * TheSeer ~theseer@border.office.salesemotion.net 1153151723 J * Curus ~Curus@kbhn-vbrg-sr0-vl209-213-185-8-10.perspektivbredband.net 1153151723 J * kir ~kir@swsoft-mipt-nat.sw.ru 1153151723 J * Zaki ~Zaki@88.213.18.70 1153151727 Q * phreak`` Read error: Operation timed out 1153151730 Q * dna Read error: Connection reset by peer 1153151755 J * dna ~naucki@dialer-139-65.kielnet.net 1153151798 Q * sezuan Killed (oxygen.oftc.net (Nick collision (new))) 1153151798 J * sezuan matthias@agamemnon.ipv6.scheff32.de 1153151798 J * weasel weasel@weasel.noc.oftc.net 1153151803 J * phreak`` ~phreak``@140.211.166.183 1153151839 Q * Johan_ Remote host closed the connection 1153151876 J * Johan ~finger@lounge.datux.nl 1153152204 Q * kaner Remote host closed the connection 1153152205 J * kaner kaner@strace.org 1153152810 J * bonbons ~bonbons@83.222.39.166 1153153230 Q * cdrx Ping timeout: 480 seconds 1153153644 J * weaselTM weasel@asteria.debian.or.at 1153153732 Q * weasel Killed (weaselTM (moo)) 1153153734 N * weaselTM weasel 1153154367 Q * gerrit Ping timeout: 480 seconds 1153154484 Q * romke Quit: leaving 1153154486 J * cdrx ~legoater@OTWAON23-1178069239.sdsl.bell.ca 1153154947 M * Hollow mnemoc: libdbi is gone :) 1153155023 M * mnemoc oh, that was faaaast 1153155029 M * mnemoc :) 1153155036 M * mnemoc congratulations ,-) 1153155165 N * Ben_ Ben_zZz 1153155292 Q * cdrx Ping timeout: 480 seconds 1153155476 N * Ben_zZz Ben_ 1153155754 J * pusling ~pusling@cpe.atm4-0-7285.0x50c44806.boanxx19.customer.tele.dk 1153155935 M * Hollow mnemoc: thanks :) the first test run looked good too, so it is worth a try ;) 1153155970 M * mnemoc *g* ... minute 1153156070 M * Hollow another todo for this week is locking.. there is nearly no locking at all currently.. only the sqlite internal locking/transactions 1153156074 M * Hollow not good (tm) 1153156117 M * daniel_hozac hehe. 1153156130 M * Hollow :) 1153156480 M * daniel_hozac Bertl_oO: http://daniel.hozac.com/vserver/delta-cow-feat04.diff it seems to work quite fine, and i'm pretty sure the ref counting isn't screwed up. 1153157481 J * GuNeR ~Guner@88.246.17.18 1153157488 P * GuNeR 1153157689 J * BNC|Karmek ~nichts@i538749C8.versanet.de 1153157731 M * BNC|Karmek hello there :) 1153157909 M * BNC|Karmek I tried to set up a vserver and am experiencing a problem. Does somebody have a minute help me? 1153157924 J * b0ing ~address@201.64.81.102 1153157927 M * BNC|Karmek I am running Debian 3.1 as Hostsystem 1153157940 M * daniel_hozac what's the problem? 1153157944 J * kir_home ~kir@OTWAON23-1178069239.sdsl.bell.ca 1153157948 J * gerrit ~gerrit@OTWAON23-1177993857.sdsl.bell.ca 1153157952 P * pisco 1153158005 M * BNC|Karmek i've tried to install the host vserver enviroment using apt-get install kernel-patch-vserver util-vserver vserver-debiantools 1153158027 Q * shedi Quit: Leaving 1153158035 M * BNC|Karmek worked fine, had some problems while booting first but i solved that problem. The kernel did not load :) 1153158039 M * daniel_hozac you're probably better off without vserver-debiantools. 1153158092 M * BNC|Karmek It's my first try so i don't really know why it is better not to use it. May you explain it to me? 1153158120 M * daniel_hozac (and IIRC there are binary kernels at backports.org) 1153158146 M * BNC|Karmek the kernel works fine for now. But i still can't set up a server 1153158161 M * daniel_hozac why not? 1153158183 M * daniel_hozac vserver-debiantools have caused several problems in the past. i'm not aware of the current status though. 1153158226 M * BNC|Karmek "Must be run from the host server (security context 0) on a "vserver/ctx-patch" enabled kernel" 1153158254 M * BNC|Karmek thats all i get when trying to to use newvserver 1153158272 M * daniel_hozac as i said, vserver-debiantools have caused problems :) 1153158283 M * daniel_hozac could you paste the output from http://vserver.13thfloor.at/Stuff/SCRIPT/testme.sh at paste.linux-vserver.org? 1153158313 M * BNC|Karmek sure 1153158347 M * BNC|Karmek just a sec, need to login at this computer. Got my Console at my 2nd PC :) 1153158421 J * yarihm ~yarihm@84-74-17-70.dclient.hispeed.ch 1153158437 Q * gerrit Ping timeout: 480 seconds 1153158628 M * BNC|Karmek http://paste.linux-vserver.org/190 1153158662 M * daniel_hozac you aren't running a vserver kernel. 1153158689 M * BNC|Karmek hmmmmm 1153158694 Q * kir_home Ping timeout: 480 seconds 1153158713 M * BNC|Karmek so installing kernel-patch-vserver via apt-get isn't enough ?¿? 1153158754 M * daniel_hozac i have no idea. i assume you'll have to apply it somehow. 1153158755 M * mnemoc .oO( loooong time without seeing someone using colors on irc )o 1153158854 M * BNC|Karmek i am sorry, i really should remove this script... but i allways forget to because my IRC visits are rather rare 1153158869 A * doener .oO( is there a +c on OFTC? ) 1153158901 M * BNC|Karmek 2.6.15-1-686 is my Kernel version 1153158997 M * BNC|Karmek do you know a page where i can find a fitting kernel for debian 3.1 with vserver support? 1153159026 M * FaUl doener: i guess +b would work also ;-) 1153159167 J * gerrit ~gerrit@OTWAON23-1177993857.sdsl.bell.ca 1153159207 M * daniel_hozac BNC|Karmek: as i said, backports.org has some. 1153159227 M * BNC|Karmek thank you, i'll have a look 1153159451 J * cdrx ~legoater@OTWAON23-1177993857.sdsl.bell.ca 1153159713 Q * lilalinux Remote host closed the connection 1153159906 J * vrwttnmtu ~eryktyktu@82-69-161-137.dsl.in-addr.zen.co.uk 1153160172 Q * cdrx Ping timeout: 480 seconds 1153160391 J * kir_home ~kir@216.208.38.107 1153160850 J * cdrx ~legoater@cmr-208-97-126-250.cr.net.cable.rogers.com 1153160893 M * kir_home cdrx, ah-ha, here you are :) 1153161162 M * cdrx kir_home, still awake ? 1153161209 M * BNC|Karmek daniel_hozac are you still there? 1153161210 M * kir_home cdrx, yup as I don't have to listen to lengthy talks from the major sponsors ;) 1153161689 M * daniel_hozac BNC|Karmek: sure. 1153161852 M * BNC|Karmek hmmmmm i guess i solved it for myself. I am doing my first own Kernel compilation :o 1153161893 M * BNC|Karmek maybe i am lucky today *smile* 1153161968 M * BNC|Karmek is there still much to go wron while taking my old kernels configuration? 1153161976 J * legoater_ ~legoater@OTWAON23-1177993857.sdsl.bell.ca 1153161977 Q * legoater_ Quit: 1153162447 J * Term_ ~PhAnATiC@201.135.163.67 1153162659 J * prae ~benjamin@82.226.30.230 1153163156 M * BNC|Karmek how long does such a kernel compilation take? 1153163860 M * daniel_hozac depends on the kernel, especially how you configured it. 1153163876 M * BNC|Karmek hmmmmm to large, i guess :D 1153163881 M * daniel_hozac and obviously on your hardware. 1153163893 M * BNC|Karmek but it works, i booted it with my new kernel 1153163903 M * BNC|Karmek i am surprised :) 1153163917 Q * Term_ Quit: (-(PS)-) [v5.0.r02] http://www.kalendas.net 1153163924 M * daniel_hozac congrats. 1153163931 M * BNC|Karmek your testscript tells me succeeded 1153163942 Q * cdrx Ping timeout: 480 seconds 1153163975 M * BNC|Karmek so hopefully it works now. Guess i need to compile a smaller kenel later because my one is 15MB large but nevertheless it works 1153163995 M * Hollow mnemoc: did you link vserver-utils statically? 1153164039 Q * Viper0482 Quit: one day, i'll find this peer guy and then i'll reset his connection!! 1153164053 M * BNC|Karmek hmmmmm is newvserver a command of vserver-debiantools ?¿? 1153164067 M * daniel_hozac yes. 1153164068 M * mnemoc not yet built :( .... /me spank his p2 1153164089 M * Hollow well, i have still problems 1153164096 M * BNC|Karmek i removed it, as you recommended 1153164106 M * Hollow i get lots of undefined reference 1153164107 M * BNC|Karmek so haow to install a vserver then? 1153164132 M * daniel_hozac http://linux-vserver.org/alpha+util-vserver 1153164132 N * Bertl_oO Bertl 1153164135 M * mnemoc Hollow: r303? 1153164139 M * Bertl evening folks! 1153164142 M * BNC|Karmek thank you 1153164146 M * mnemoc wb master Bertl 1153164148 M * Hollow mnemoc: yep 1153164160 M * Hollow hey Bertl! any news? 1153164161 Q * duckx Quit: Client exiting 1153164214 M * Bertl Hollow: not really, but to answer your real question, no I didn't get to adding the interfaces yet :) 1153164239 M * Hollow :p 1153164308 M * Hollow mnemoc: i used LDFLAGS="-all-static" but it seems to not resolve all -l flags to .a libraries 1153164345 M * daniel_hozac Hollow: isn't that what -static is for? what does -all-static do differently? 1153164366 M * Hollow well, somehow libtool removes -static from gccs command line 1153164368 M * Hollow dunno why 1153164377 M * daniel_hozac ah yes, libtool. 1153164392 M * daniel_hozac everyone's favorite hate object. 1153164417 A * Hollow sighs and wonders why --disable-shared does only work for libraries 1153164430 M * daniel_hozac hmm? 1153164467 M * Hollow if you pass --disable-shared to configure, libtool will skip shared libraries, but it will still link libraries specified with -l dynamically 1153164481 M * Hollow s/skip/skip building/ 1153164489 M * daniel_hozac of course, --disable-shared is just what libtool produces. 1153164491 J * duckx ~Duck@tox.dyndns.org 1153164506 M * Hollow well, libtool does the linking of executables as well.. 1153164506 J * tatiane ~tatiane@201009042013.user.veloxzone.com.br 1153164545 M * daniel_hozac well, it at least does its thing on the arguments you want to pass to ld. 1153164559 M * daniel_hozac can't you use something like -Wl,-static to get around libtool? 1153164603 M * Hollow won't work, libtool replaces -l flags to *.so pathnames, and ld will bail out with -static and .so libs on the command line 1153164622 M * daniel_hozac really? wow, libtool is worse than i remembered. 1153164627 M * Hollow heh 1153164642 M * daniel_hozac replacing -lx with x.so is just plain evil. 1153164650 M * Hollow libtool will only replace the -l flags with .a libs if you specify -all-static it seems 1153164675 M * daniel_hozac ah, so it's a libtool thing. that's why none of my gcc/ld man pages had it. 1153164691 M * Hollow even the libtool man page doesn't have it 1153164700 M * Hollow but libtool --help --mode=link shows it 1153164865 M * Hollow daniel_hozac: to be exact, libtool will only replace -l flags, if it is a libtool library 1153164879 Q * gerrit Ping timeout: 480 seconds 1153164881 M * daniel_hozac ah, so rm -f /usr/lib/*.la /lib/*.la :) 1153164886 M * Hollow http://paste.linux-vserver.org/191 1153164980 M * daniel_hozac that's really weird, why isn't it finding the libcurl symbols? 1153164989 M * Hollow nfc 1153164999 M * Hollow it works with shared, so the order should be right 1153165017 Q * tatiane Quit: Fui embora 1153165057 M * daniel_hozac well, shared delays the real are-all-symbols-present check until runtime. 1153165138 M * Hollow bene@zeus [2L] build $ nm /usr/lib/debug/usr/lib/libcurl.so.3.0.0.debug | grep curl_easy_setopt 1153165138 M * Hollow 00024dd0 T curl_easy_setopt 1153165144 J * cdrx ~legoater@OTWAON23-1177993857.sdsl.bell.ca 1153165167 M * mnemoc Hollow: on recient gcc's the order of the -l is very important to find the symbols 1153165183 M * Hollow yeah, i know.. but why does it work with shared then? 1153165194 M * mnemoc good question :( 1153165209 M * Hollow also, the -lcurl -lssl etc is what xmlrpc-c-config returns 1153165241 M * Hollow so, maybe it needs to be patched then.. 1153165261 M * daniel_hozac if you compile everything manually, does it work? 1153165271 M * daniel_hozac i.e. without libtool's "help". 1153165279 M * Hollow uh 1153165291 M * Hollow sounds like i don't like trying it ;) 1153165308 M * Hollow although 1153165310 J * romke ~romke@procyon.romke.net 1153165319 M * Hollow i could just remove the exe and use the old object files from automake 1153165323 M * Hollow let's try 1153165345 M * daniel_hozac technically you wouldn't even need object files, just *.c should do it too. 1153165458 J * gerrit ~gerrit@Ottawa-HSE-ppp3651422.sympatico.ca 1153165476 M * Hollow wth 1153165484 M * Hollow -lcrypto still requires -ldl 1153165509 M * BNC|Karmek is a second IP Adress absolutely nessessary for a vserver? 1153165520 M * daniel_hozac no. 1153165520 M * Hollow if you shuffle curl, ssl, crypto dl, and zlib to the end of the command line ti works with some warnings 1153165535 Q * vrwttnmtu Remote host closed the connection 1153165546 M * BNC|Karmek so what to set as IP while installing teh vserver? My hosts ip? 1153165561 M * daniel_hozac if you want them to share it. 1153165585 M * Hollow mnemoc: did you plan to link it with diet, btw? 1153165611 M * BNC|Karmek allright, i've tried it but during the installation my host cut the network connection :( 1153165611 M * mnemoc uclibc first 1153165625 M * Hollow ok, way better choice :) 1153165644 M * mnemoc but uclibc's netlink on x86_64 is broken :( 1153165658 M * Bertl Hollow: how good is uclibc support on 'other' archs? 1153165677 M * Hollow dunno 1153165709 M * Hollow but, in comparision to diet, pretty much everything is a good choice :p 1153165715 M * mnemoc *G* 1153165734 M * mnemoc more considering how is fefe currently :'( 1153165743 M * Bertl well, we already fixed diet for almost all archs 1153165760 M * Bertl I do not consider it a good idea to do the same for uclibc :) 1153165772 M * Hollow there is still no gcc 4.1 fix for the execve problem 1153165783 M * Hollow and i cannot imagine it's util-vservers fault 1153165788 M * daniel_hozac hmm? 1153165797 M * Bertl hmm? 1153165802 M * Hollow exec-ulimit: execve: blah foo 1153165816 M * daniel_hozac gcc-4.1.1-1.fc5 and no problems here, AFAIK. 1153165825 M * daniel_hozac reproducible how? 1153165841 M * Hollow well, diet with gcc 4.1.1 cuases this bug 1153165842 M * mnemoc Hollow: your 'enviroment' can be broken 1153165852 M * Hollow after switching back to 3.4.6 it works 1153165867 M * daniel_hozac dietlibc-0.30-1.fc5 1153165879 J * brc__ bruce@20151171050.user.veloxzone.com.br 1153165891 M * Hollow i can reproduce it if you like 1153165907 Q * brc_ Ping timeout: 480 seconds 1153165914 M * Hollow maybe we can fix it now and for all ;) 1153165915 M * BNC|Karmek Okay did a mistake now it woked 1153165918 M * BNC|Karmek worked 1153165958 M * BNC|Karmek sshd needs to be bind to another port now, right? 1153165999 M * daniel_hozac if you want them both to be accessible :) 1153166021 M * BNC|Karmek :D 1153166035 M * daniel_hozac Hollow: would be interesting, as i don't see it here. 1153166084 M * daniel_hozac and i'd prefer not seeing it at a later time either :) 1153166138 M * BNC|Karmek whats about mapping subdomains to ports? 1153166139 M * Hollow daniel_hozac: http://paste.linux-vserver.org/192 1153166191 M * Hollow well, you should pass /bin/cat 1153166194 M * Hollow but result is the same 1153166200 M * Hollow except that the error message fits ;) 1153166203 M * daniel_hozac works fine here. 1153166223 M * Hollow the right one here: http://paste.linux-vserver.org/193 1153166240 M * daniel_hozac EFAULT looks better. 1153166259 Q * gerrit Ping timeout: 480 seconds 1153166261 P * b0ing 1153166289 M * Hollow the strange thing is, that every other Eexecve works, only this in exec-ulimit causes trouble 1153166307 M * daniel_hozac objdump -d? 1153166348 M * daniel_hozac and what CFLAGS are you using? 1153166378 M * Hollow hm, i have to recompile without stripping first.. 1153166411 M * Hollow -march=opteron -O2 -pipe 1153166431 M * Hollow maybe this is a x86_64 issue.. 1153166455 M * daniel_hozac works fine on x86_64 too. 1153166507 M * mnemoc Hollow: does uclibc/iproute2 works for you on x86_64 ? 1153166509 M * daniel_hozac compiled with -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic 1153166529 M * Hollow objdump: http://paste.linux-vserver.org/194 1153166580 M * daniel_hozac is it just me or does the pastebin overwrite empty lines with the next line that has text in it? 1153166585 J * gerrit ~gerrit@OTWAON23-1178069239.sdsl.bell.ca 1153166597 M * Hollow looks fine here 1153166651 M * mnemoc Hollow: :'( i get overrun 1153166666 M * mnemoc Hollow: what version of uclibc? 1153166669 M * kir_home daniel_hozac, same here 1153166678 M * kir_home daniel_hozac, firefox/1.5.smth 1153166679 M * Hollow mnemoc: don't have one installed 1153166686 J * coocoon ~coocoon@p54A05882.dip.t-dialin.net 1153166689 M * daniel_hozac mozilla 1.7.something here. 1153166699 M * mnemoc Hollow: ok :( 1153166699 M * Hollow kir_home, daniel_hozac: konqueror here 1153166729 M * Hollow mnemoc: where does it happen? 1153166762 M * mnemoc let me look for a sanbox... 1153166797 M * mnemoc $ ./sbin/ip addr 1153166797 M * mnemoc OVERRUN: Bad address 1153166842 M * mnemoc http://www.rafb.net/paste/results/jhHORA85.html <--- uclibc/iproute2 1153166867 M * kir_home daniel_hozac, looks like it ignores empty
  • element, probably need to place emtpy
    pair inside that
  • 1153166880 M * mnemoc http://www.rafb.net/paste/results/MqUGgE18.html <--- dietlibc/iproute2 1153166885 M * daniel_hozac Hollow: you're running the pastebin, right? 1153166893 M * Hollow yep, i will take a look 1153166898 M * daniel_hozac thanks. 1153166935 M * BNC|Karmek can you help me setting up the the sshd? I installed openssh via apt-get and changed the port but the server refuses my connection 1153166940 M * Hollow maybe you should just stick to glibc ;) 1153166958 M * mnemoc BNC|Karmek: be sure it's not bind to 0 on the host 1153166984 M * BNC|Karmek host=server or Vserver? 1153166987 M * mnemoc Hollow: currently i'm injecting the dietlibc based into the uclibc based env :p 1153167010 M * mnemoc BNC|Karmek: host: xid=0, guest: xid!=0 1153167028 M * Hollow xid > 1 1153167030 M * Hollow :P 1153167034 M * mnemoc Hollow: :) 1153167045 M * mnemoc i was assuming uint16_t :p 1153167063 M * BNC|Karmek Thanks 1153167064 M * Hollow sure, but xid = 1 is not really a guest 1153167065 M * daniel_hozac xid 1 still isn't a guest :) 1153167078 M * mnemoc what is xid 1? 1153167084 M * Hollow the watch context 1153167092 M * Hollow you can see processes from all contexts there 1153167098 M * Hollow this is what vps uses 1153167105 M * mnemoc oh, a voyeurist context :p 1153167108 M * Hollow indeed 1153167109 M * Hollow heh 1153167119 M * BNC|Karmek ssh on host is Host * 1153167120 M * BNC|Karmek :P 1153167129 M * mnemoc BNC|Karmek: solve that first 1153167167 M * BNC|Karmek how to do that? I guess entering my IP won't solve the problem because my test vserver and host use the same ip 1153167171 M * daniel_hozac Hollow: i think i need to read up on x86_64... 1153167183 M * BNC|Karmek may i enter ip:port? 1153167208 M * daniel_hozac Hollow: could you recompile exec-ulimit with -save-temps and paste the .s? 1153167213 M * mnemoc BNC|Karmek: using internal ip-s for the guests 1153167273 N * Ben_ Ben_zZz 1153167274 M * BNC|Karmek are they still accessible from outside then? 1153167282 Q * gerrit Ping timeout: 480 seconds 1153167311 M * mnemoc BNC|Karmek: you can NAT using different ports or use a 'proxy' 1153167346 M * BNC|Karmek oh okay seems to get a bit more difficult as I thought :) 1153167347 M * mnemoc BNC|Karmek: i use 2200 + (XID - 4000) 1153167367 M * Hollow daniel_hozac: sec.. 1153167371 M * BNC|Karmek i am not sure what you mean with XID sorry 1153167371 M * mnemoc as ports to NAT to XID:22 1153167379 M * mnemoc the id of the guest 1153167386 M * mnemoc context id 1153167501 M * mnemoc and i use 192.168.x.(xid-4000) as guest's ips, with x per host 1153167598 M * mnemoc but that's just me :p 1153167611 M * BNC|Karmek and then you translate the ports to your internal ips? 1153167629 M * mnemoc yep, dnat-ing them 1153167657 M * BNC|Karmek is there another way? I never worked with nat before 1153167823 M * mnemoc Hollow: the 'static uclibc' build of my vserver host distribution still building the linux kernel :'( 1153167946 M * mnemoc Hollow: but the dynamic one went good 1153168078 M * BNC|Karmek mnemoc: are you sure you mean .(xid-4000)? 1153168107 M * mnemoc i use xid>4000 for each host 1153168107 M * Hollow daniel_hozac: does http://paste.linux-vserver.org/198 look ok for you now? 1153168111 M * BNC|Karmek my vserver runs at xid 49152 1153168118 M * BNC|Karmek oh okay 1153168129 M * mnemoc i prefer to have them fixed 1153168143 M * daniel_hozac as should you. 1153168145 M * BNC|Karmek do they change sometimes? 1153168152 M * daniel_hozac Hollow: indeed, thanks. 1153168366 M * mnemoc BNC|Karmek: if they are dynamic, everytime you start the guest 1153168394 M * Hollow daniel_hozac: http://paste.linux-vserver.org/199 1153168455 M * BNC|Karmek oh, thats bad 1153168470 M * BNC|Karmek guess i need to fix them then as well 1153168507 J * gerrit ~gerrit@OTWAON23-1177993857.sdsl.bell.ca 1153168533 M * daniel_hozac Hollow: hmm, does the linking stage generate a .s? 1153168590 M * Hollow the only .s for exec-ulimit i have.. i have added -save-temps to CFLAGS? 1153168601 M * daniel_hozac yeah, i figured linking wouldn't generate one. 1153168624 M * Hollow but i have two .s files for most the programs 1153168647 M * Hollow ah, pic and non pic for libs i guess 1153168716 M * Bertl BNC|Karmek: btw, you should avoid dynamic context ids, as they are deprecated and will be removed in the near future 1153168763 M * mnemoc .oO( good to know )o 1153168764 M * Bertl BNC|Karmek: fortunately this can be fixed quite easily, just add a context entry (2-49151) to your config 1153168774 M * BNC|Karmek at the moment i try to find out how to make them static :) 1153168790 M * mnemoc read the weed page 1153168811 M * Hollow Bertl: apropos dynamic context ids, vserver-utils handles xid completely transparent to the user, and assigns them dynamically on guest creation 1153168813 M * Bertl echo 1000 >/etc/vservers//context 1153168822 M * Bertl after you stopped the guest :) 1153168853 M * BNC|Karmek Bertl: why not 1-XXXXX? 1153168860 M * Bertl Hollow: good, that's the proper way to do 'dynamic' contexts 1153168904 M * daniel_hozac BNC|Karmek: because 0 and 1 are special, 0 is the host and 1 is the watch context. 1153168913 M * Bertl BNC|Karmek: 1 is already used for the spectator context, and 49152-65535 is reserved (at least for now) for the dynamic ones 1153168991 M * BNC|Karmek Thanks 1153169002 Q * gerrit Ping timeout: 480 seconds 1153169044 Q * bonbons Quit: Leaving 1153169062 M * BNC|Karmek so setting a XID below 49152 will stop the dynamic generation 1153169124 M * Hollow daniel_hozac: do you get any hint from the assembly? 1153169138 M * Hollow i'm not such an assembly expert :) 1153169182 M * daniel_hozac Hollow: i wish... me neither. 1153169268 J * FireEgl Atlantica@Atlantica.Tcldrop.Com 1153169269 M * daniel_hozac Hollow: i guess the address to environ is incorrect. 1153169339 M * daniel_hozac Bertl: any ideas? 1153169417 M * Bertl what was the url? 1153169435 M * Hollow http://paste.linux-vserver.org/199 1153169447 Q * cdrx Ping timeout: 480 seconds 1153169462 M * Hollow also these: http://paste.linux-vserver.org/194 http://paste.linux-vserver.org/193 1153169579 M * BNC|Karmek Okay now i have a static XID, Thanks again. Now i'll try to change the vservers ip and maybe i'll find a good NAT howto later 1153169996 M * mnemoc and howto disable the colors on your irc client 1153170010 M * Bertl yeah, good idea :9 1153170037 A * daniel_hozac has disabled colors in his IRC client instead ;) 1153170046 A * Hollow nods 1153170047 M * Hollow :D 1153170150 M * Bertl 194 is way too much code, and it uses some glibc, no? 1153170183 M * Bertl 199 does not call eceve right? 1153170192 M * daniel_hozac it's execv. 1153170199 M * Bertl so what am I looking at, and what do we try to fix :) 1153170218 M * daniel_hozac 194 includes dietlibc functions as well. 1153170249 M * daniel_hozac execv seems to pass an incorrect address as environ to execve. 1153170250 M * Hollow 194 is a static binary against dietlibc 1153170295 M * Bertl hmm, looking at line 405, I'm not so sure :) 1153170322 J * cdrx ~legoater@OTWAON23-1178069239.sdsl.bell.ca 1153170392 M * Hollow dietlibc produces these __you_tried_to_link_a_dietlibc_object_against_glibc 1153170418 M * Bertl in a static binary? 1153170471 M * Hollow dunno.. i just got them once when i tried to link a diet object against glibc 1153170488 M * mnemoc use the diet wrapper 1153170502 M * Hollow mnemoc: sure.. but these symbols prevent it nevertheless if you do not 1153170523 M * mnemoc yuck, libpng failed, so rrdtool will fail and vserver-utils will not even try to be built :'( 1153170969 M * daniel_hozac Hollow: what happens if you replace Eexecv(...) with execve(..., environ)? 1153171007 M * Hollow where should i get environ from? 1153171021 M * daniel_hozac extern char **environ; 1153171028 M * Hollow ok, sec.. 1153171030 M * Bertl Hollow: are we positive that we do not face some hardened, -fomit-frame-pointer -fpic -fPIC issue here (i.e. read gentoo specifica) 1153171068 M * Hollow no hardened, and no omit-fp, pic.. have to look 1153171110 M * Hollow there is no PIC in diet compilation 1153171126 M * Hollow and we do not change util-vservers behaviour on that 1153171136 M * Hollow i.e. libtool does all things 1153171438 M * Hollow daniel_hozac: no change 1153171471 M * Bertl could you use gdb to step to the location where the syscall happens 1153171481 M * Bertl and dump the registers for me, please? 1153171511 M * mnemoc Hollow: http://www.rafb.net/paste/results/jFel3q46.html :( 1153171539 M * Hollow Bertl: any special debugging cflags i need for this? 1153171552 M * Bertl -g -O2 would be suggested 1153171782 J * gerrit ~gerrit@OTWAON23-1177993857.sdsl.bell.ca 1153171793 Q * cdrx Read error: Connection reset by peer 1153171904 J * Aiken ~james@tooax6-052.dialup.optusnet.com.au 1153171910 M * Hollow hm.. 1153171910 J * cdrx ~legoater@OTWAON23-1178069239.sdsl.bell.ca 1153171920 M * Hollow how do dump registers in gdb? 1153171938 Q * prae Quit: Pwet 1153172352 M * Hollow Bertl: http://paste.linux-vserver.org/200 1153172582 M * Bertl and the syscall is execve, yes? 1153172591 M * Hollow yep 1153172602 Q * gerrit Ping timeout: 480 seconds 1153172834 M * BNC|Karmek mnemoc are you still there? 1153172860 M * Bertl Hollow, daniel_hozac: rcx seems to point to a code location 1153172877 M * Bertl rcx 0x400616 1153172895 M * Hollow unified_syscall+3 moves it there from r10 1153172900 M * Bertl but rcx is moved into r10, which is the last argument to execve (according to the kernel) 1153172906 M * mnemoc BNC|Karmek: mostly 1153172907 M * Hollow or into.. 1153172910 J * gerrit ~gerrit@OTWAON23-1177993857.sdsl.bell.ca 1153172915 M * Bertl asmlinkage long sys_execve(char *name, char **argv, char **envp, struct pt_regs regs); 1153172947 M * Bertl imho the regs argument points into a code area 1153172966 M * BNC|Karmek do you know a good tutorial for nat? Never worked with it before and i would like to map the ports to my internal ip as you suggested 1153172990 M * Hollow so i need to find out why a code location is in rcx? 1153173037 M * coocoon BNC|Karmek: try this is no tutorial but maybe it will help fast http://deb.riseup.net/vserver/old-stuff/networking/ 1153173048 Q * dna Quit: Verlassend 1153173052 Q * cdrx Ping timeout: 480 seconds 1153173062 M * mnemoc BNC|Karmek: http://www.netfilter.org/documentation/index.html .... but coocoon's may get results faster :) 1153173103 M * Bertl Hollow: especially as x86 doesn't have that argument 1153173106 M * BNC|Karmek thanks, i'll have a look at those pages 1153173123 M * Bertl and instead seems to do something even stranger :) 1153173134 M * BNC|Karmek may take some time :)As you allready recorgnized, english is not my main language ;) 1153173408 M * mnemoc is anyone here native english speaker? 1153173410 M * Hollow Bertl: http://paste.linux-vserver.org/201 1153173438 M * Hollow execve begins at line 176 1153173446 M * derjohn is that normal behavior? # cat /usr/lib/util-vserver/lockfile: EL44gghhhQåtdYæQDPVQ£pÂ1öÂ9rüuø:ÿtÿ uòzü=hè*PèôQRPèðÄ 1153173467 M * Hollow derjohn: well, what do you expect when you print a binary? 1153173480 M * derjohn lockfile is a binary? 1153173484 M * Hollow yup 1153173491 M * BNC|Karmek coocoon: if i use iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d ! 192.168.0.0/24 -j SNAT --to-source how do i add ports there? 1153173519 M * coocoon BNC|Karmek: mom 1153173572 M * Hollow Bertl: do i get this right, that rcx is completely different? 1153173578 M * Bertl Hollow: what's in line x86_64/unified.S:18 ? 1153173580 M * mnemoc BNC|Karmek: -A PREROUTING -d 1.2.3.4 -i eth0 -p tcp -m tcp --dport 2204 -j DNAT --to-destination 192.168.20.4:22 1153173617 M * coocoon --> iptables -t nat -A PREROUTING -p tcp --destination-port 3000 -j DNAT --to-destination 192.168.0.33:80 1153173619 Q * kir_home Ping timeout: 480 seconds 1153173647 M * mnemoc coocoon: for http you should consider pound ,-) 1153173648 M * Hollow Bertl: jbe .Lnoerror 1153173651 M * Hollow on line 18 1153173651 M * Bertl Hollow: better let's upload your dietlibc x86_64/unified.S, just to make sre 1153173659 M * coocoon mnemoc: urs is shorter ;-) 1153173662 M * Bertl *sure 1153173670 M * BNC|Karmek both for the same use :) 1153173689 M * Hollow Bertl: http://paste.linux-vserver.org/202 1153173705 M * Bertl tx 1153173750 M * Bertl so the tcx change happens before the _unified_syscall :( 1153173756 M * Bertl *rcx 1153173799 M * Hollow but in paste 201 rcx does never contain a code address, right? 1153173805 M * Bertl do you ahve the file which does execve? 1153173817 M * Bertl it does, the first one actually 1153173832 M * Hollow ah, in r10 1153173838 M * Bertl Old value = 4195862 1153173841 M * Hollow file as in binary? 1153173857 M * Bertl nah, the dietlibc code (source) for execve 1153173971 M * Hollow Bertl: http://paste.linux-vserver.org/203 1153174115 M * Bertl hrmpf, could you try with dietlibc 0.30 (from the tar) I'll download the source code for that one 1153174148 M * Hollow this is dietlibc-0.30 1153174164 M * Bertl no gentoo patches or so? 1153174168 M * BNC|Karmek oh damn :("FATAL: Module ip_tables not found." 1153174188 M * Hollow hmm.. not sure.. i'll try vanilla 1153174402 J * cdrx ~legoater@OTWAON23-1177993857.sdsl.bell.ca 1153174493 M * Hollow i cannot even get it compiled with vanilla 1153174504 M * Hollow /usr/lib/gcc/x86_64-pc-linux-gnu/4.1.1/../../../../x86_64-pc-linux-gnu/bin/ld: /opt/diet/lib-x86_64/libc.a(__getcwd.o): relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC 1153174504 M * Hollow /opt/diet/lib-x86_64/libc.a: could not read symbols: Bad value 1153174528 M * Bertl did you install the libs? 1153174530 M * mnemoc are you using -shared ? 1153174566 M * Hollow yes, i installed the vanilla diet to /opt/diet 1153174631 M * Bertl looks like you are trying to produce pic code (shared libs) but shared is disabled for diet 1153174717 M * Hollow ah i forogt that util-vserver uses glibc and dietlibc code 1153174724 M * Hollow so CC="diet gcc" ./configure breaks it 1153174735 M * Hollow but diet in path and autodetect works now 1153174749 Q * sladen Ping timeout: 480 seconds 1153174760 J * sladen paul@starsky.19inch.net 1153174769 M * Hollow ok, what do you need now? 1153174808 M * Bertl first check f that gives you the same issue 1153174821 M * Hollow it does 1153174831 M * Bertl good! 1153174955 M * Bertl could you disasm the glibc execve call for me (on x86_64)? 1153175036 M * Hollow http://paste.linux-vserver.org/204 1153175130 M * Bertl ah, ahmm, well, that's __execve, I'm more interested in the execve exported to userspace 1153175176 M * Bertl i.e. where the arguments are loaded/adjusted 1153175180 M * Hollow hm, i just extracted it from libc.a 1153175224 M * Bertl check for calls or jumps to __execve 1153175264 M * Bertl or try a static glibc binary which does execve 1153175347 J * kir_home ~kir@OTWAON23-1178069239.sdsl.bell.ca 1153175359 M * Bertl wb kir_home! 1153175577 Q * cdrx Ping timeout: 480 seconds 1153175656 M * Hollow Bertl: there is only __execve in the static bin too 1153175697 Q * gerrit Ping timeout: 480 seconds 1153175711 M * Hollow and in main i have: 1153175714 M * Hollow callq 40ce50 <__execve> 1153175938 M * Bertl okay, then show me the main() in disasm 1153175967 M * Bertl (as it has to load the registers :) 1153175998 M * Hollow http://paste.linux-vserver.org/205 1153176127 Q * kir_home Ping timeout: 480 seconds 1153176128 M * Hollow may this be caused because execve is inline code? 1153176133 P * stefani I'm Parting (the water) 1153176274 J * pulsar ~pulsar@host90-67.pool8249.interbusiness.it 1153176293 M * Bertl well, glibc doesn't load the register (r10) at all 1153176323 M * Bertl so either it already _has_ some proper value, or it just works by accident, or I'm missing something important :) 1153176394 M * Bertl ah, yes, there is an entry stub in the kernel, how nice 1153176427 M * Bertl and this is very likely to mess up the dietlibc call 1153176497 M * Hollow we're getting somewhere .. :) 1153176807 M * Bertl hmm, hmm, there are two bugs here, not sure they are related 1153176845 M * Hollow the really strange thing is that execve in other programs works as expected 1153176857 M * Hollow i.e other diet/util-vserver programs 1153176884 M * Bertl yes, probably by chance ... we'll see 1153176977 J * Karmek ~nichts@i53874E82.versanet.de 1153176981 M * Karmek does anybody know where to get a ip_tables module for kernel 2.6.17.4? 1153177030 M * Bertl enable iptable and xtables in the kernel config? 1153177077 M * Karmek thats taking again about 30 minutes to compile and i just wanted to test something =) 1153177103 M * Bertl why? 386er with 120Mhz? 1153177111 Q * Aiken Quit: Leaving 1153177135 M * Karmek Nope i guess it is because i don't know enough to optimize my kernel config... 1153177159 M * Bertl well, I assume you _have_ built a kernel recently, yes? 1153177179 M * Karmek Yes 1153177185 M * Bertl if you have the kernel build tree, just change the config and call 'make' 1153177203 M * Bertl the kernel will only rebuild what needs to be changed 1153177211 M * Karmek thats right but last time this process took about 30 min on a Opteron 148... 1153177217 M * Bertl everything else will stay as is 1153177233 M * Karmek oh 1153177258 M * Bertl just avoid make clean and friends 1153177260 M * Hollow what about make -j3 on an opteron? ;) 1153177281 M * Karmek -j3 says nothing to me sorry 1153177286 M * Bertl if it has two cores, why not :) 1153177288 M * Hollow parallel builds 1153177315 M * Karmek i used this tutorial: http://www.howtoforge.com/forums/showthread.php?t=21 and am not sure how to install the kernel "manually" :) 1153177318 Q * duckx Quit: Client exiting 1153177344 Q * BNC|Karmek Ping timeout: 480 seconds 1153177363 J * Aiken ~james@tooax6-052.dialup.optusnet.com.au 1153177385 M * Hollow Bertl: i'm off to bed in a few minutes, have to get up early.. do you need anything else for now? 1153177424 Q * pulsar Quit: Leaving 1153177476 M * Bertl Hollow: I found something interesting, maybe you can clarify 1153177492 M * Bertl daniel_hozac: stillwith us? 1153177541 J * mire ~mire@249-166-222-85.COOL.ADSL.VLine.Verat.NET 1153177555 M * Karmek can't i just download ip_tables module somewhere and load it with insmod ?¿? 1153177570 M * Hollow Bertl: sure 1153177593 M * Bertl nah, seems to be a false alarm, probably I'm too tired too 1153177622 M * Bertl Karmek: if you have somebod who compiled that module exactly for your kernel, of course :) 1153177667 M * Bertl Hollow: let#s check tomorrow ... have a good night 1153177675 M * Hollow indeed, night! 1153177750 M * Karmek hmmmmm thats rather unlikely :D 1153178029 M * Karmek Okay seems that i need to make a break... I left my root PW untouched and now my provider has database problems and i can not access my root pw :/ 1153178073 M * Bertl time for a break as it seems :) 1153178125 M * Karmek so what to do after "make" the kernel? 1153178168 M * Bertl usually, you do 'make install_modules' then 'make install' and if necessary (i.e. if you need modules for the initrd) mkinitrd ... 1153178226 M * Karmek okay Thanks 1153178278 M * mnemoc please remove the colors :( 1153178322 M * Karmek thats scripted in my stupd irc client and can't be shut off until i install a blanc mirc 1153178343 M * mnemoc mirc? isn't that for windows? 1153178359 M * mnemoc no more comments 1153178524 M * Bertl Karmek: irssi is for example a nice client, xchat if you prefer graphical clients 1153178573 M * coocoon Karmek: u r using debian right why not looking at this side http://deb.riseup.net/ there is everything u need (debian) for vserer and kernel stuff 1153178587 M * coocoon *vserver 1153178631 M * coocoon Karmek: everything u need for information i mean 1153178682 M * Karmek i've tried to install the vserver with apt before and that did not work, so i decided to compile the kernel for myself. I hope i'll learn something today while doing that 1153178933 M * Bertl that's not such a bad idea, IMHO :) 1153178976 M * Karmek well but it was not intended that i rape your eyes with my clients colours while asking for help :D 1153179083 M * Bertl good to hear :) 1153179085 M * Karmek where can i find iptables in menuconfig? 1153179093 M * romke Karmek: you just provoking some of us to make use of /ignore :P 1153179110 M * Karmek though under networking but i can't find it there 1153179116 M * Bertl if you do 'make menuconfig' myou should be able to use '/' to search for stuff 1153179117 M * Karmek i am sorry romke 1153179126 M * romke wrr ;) 1153179255 M * romke Karmek: Networking ---> Networking options ---> Network packet filtering (replaces ipchains) 1153179280 M * Karmek great 1153179442 M * Karmek Netfilter Xtables support then, right? 1153179459 J * s0undt3c1 ~s0undt3ch@bl7-247-150.dsl.telepac.pt 1153179485 M * Bertl Karmek: yeah, just do not thank him :) 1153179515 M * Karmek because of the blue colour then? :o 1153179537 M * Bertl precisely :) 1153179549 M * Karmek okay *smile* 1153179576 M * Karmek are there general things i can remove from the kernel in order to make it smaller? drivers.. etc? 1153179601 M * Bertl usually all drivers you do not need 1153179624 M * Bertl i.e. if they are compiled as modules, check with lsmod _what_ you are using right now, and get rid of the rest 1153179660 M * Karmek soundcard drivers can be removed, right? 1153179713 M * Bertl if you don't use a sound card, of course :) 1153179747 M * Karmek i don't think that my provider needs music from my server in their buildings 1153179765 M * romke lol 1153179788 M * Bertl but you might want entropy from the microphone listening to the ventilation system (for example :) 1153179821 M * romke Karmek: leave sound card drivers, you can "sound-sniff" what is going on at server room :P 1153179824 M * Karmek i would like to write r-o-f-l now but i think you are going to kill me then... 1153179887 Q * s0undt3ch Ping timeout: 480 seconds 1153179893 M * romke hehe 1153179896 N * s0undt3c1 s0undt3ch 1153180040 M * Karmek okay kernel is building. What was it again with -j3? :) 1153180088 J * shedi ~siggi@inferno.lhi.is 1153180089 M * Bertl basically -jN specifies how many concurrent threads are running 1153180128 M * Bertl so if you have, let's say, a dual core HT cpu, you have roughly 4 active virtual cpus 1153180135 M * Bertl and thus specifying something like -j4 or -j5 makes sense 1153180205 M * Karmek well but my opteron 148 should be single core, if i remember correct 1153180230 M * Bertl yes, so it will not make a difference 1153180237 M * Karmek so No time benefit for me :/ 1153180299 M * Bertl None at all :) 1153180408 M * romke Karmek: good practice says to set -jN N to number of cpu's (virtual) + 1 1153180409 M * Karmek great, with black textcolour you can really strike me Back =)I have an black background 1153180429 M * Bertl Karmek: thought so :) 1153180472 M * Karmek using -j2 on a 64 Bit Singlecore Hardware won't increase performance, would it? 1153180485 M * Bertl not really 1153180494 M * romke Karmek: might a little, but not much 1153180518 J * kir_home ~kir@OTWAON23-1178069239.sdsl.bell.ca 1153180518 M * Karmek Okay i won't stop the compilation for that 1153180555 M * Bertl you can basically stop anytime, the kernel build system will continue where it left of 1153180601 M * Karmek even with make-kpkg? 1153180626 M * Bertl I don't nuse make-kpkg :) 1153180657 M * Karmek I gues i won't as well if i could 1153180682 M * daniel_hozac Bertl: did you figure it out? 1153180712 M * Bertl daniel_hozac: nah, basically left it for tomorrow 1153180739 M * daniel_hozac ok.