1155600017 M * Bertl doener: no, it was built with diet it seems 1155600031 M * Bertl doener: that was my first impression too, but diet is enabled 1155600049 M * doener Bertl: are we talking about the "host/guest compatibility" thread? 1155600071 M * Bertl yep 1155600074 M * doener vserver(2) syscall#: 273/glibc 1155600088 M * doener the "Use dietlibc" is probably just a "shall we try to" thing 1155600119 M * doener or this that vserver syscall line even more confusing? 1155600127 M * Bertl nah, this line actually means that the syscall was taken from glibc headers 1155600130 M * daniel_hozac no, use dietlibc: yes is pretty much equal to "prepending diet to gcc commands". 1155600144 M * doener ok 1155600217 M * daniel_hozac i can't reproduce the issue, i have several FC5 guests on an FC4 host. 1155600228 M * daniel_hozac but i'm using my own packages. 1155600420 M * Bertl okay, you mean for the tools, yes? 1155600434 M * daniel_hozac and kernel. 1155600608 M * Bertl maybe you could suggest to try that, just to see if it goes away? :) 1155600684 M * Bertl and it seems that centos 4 is broken (for the installer)? 1155600712 M * Bertl I did update a few centos definitions some time ago, maybe we should update that in util-vserver too? 1155600747 M * daniel_hozac yeah, it should be modified to be centos4 rather than centos42. 1155600836 M * daniel_hozac however the rpm-fake ("vserver fubar build -m yum is not working for me.") problem appears to be unrelated. 1155601027 M * Aiken Bertl it compiled for me 1155601039 M * ekc2 bertl: you mean regarding the idle time scheduling? ok. I'll do that 1155601328 J * ntrs__ ~ntrs@68-188-51-87.dhcp.stls.mo.charter.com 1155601328 Q * ntrs_ Read error: Connection reset by peer 1155601544 Q * schimmi Ping timeout: 480 seconds 1155601628 Q * ekc2 Remote host closed the connection 1155602061 M * Bertl Aiken: did you see anything remotely like the PLM issues? 1155602097 M * Bertl http://plm.testing.osdl.org/filter_requests/output/41689 1155602098 M * Aiken what is the PLM issue? 1155602144 J * ekc2 ~EKC@netblock-66-245-252-180.dslextreme.com 1155602338 Q * Piet Quit: :tiuQ 1155602457 M * Aiken no errors 1155602640 M * Bertl okay, so that might be a compiler issue or a configuration issue then 1155602644 M * Aiken redoing it and watching for those warnings 1155602658 M * Aiken fs/bioc.c and eventpoll.c were good 1155602682 M * Bertl daniel_hozac: that leaves us with ~500 new sparse warnings 1155602683 M * Aiken I do get the Warning: setting incorrect section attributes for .got warnings 1155602707 M * Bertl yep, but that shouldn't be fatal 1155602714 M * daniel_hozac Bertl: yeah... do your diff scripts still work with the new PLM? 1155602714 M * Aiken has not been so far 1155602725 M * Bertl daniel_hozac: I'll try ... 1155602799 M * Aiken I am still using gcc 3.3.6 1155603049 M * Aiken ipc/msg.c and sem.c compiled cleanly 1155603095 M * Bertl they changed compilers from 3.4.2 to 4.1.1 :) 1155603152 M * Aiken take an hour or so, can always through together a newer cross toolchain 1155604417 Q * DreamerC_ Quit: leaving 1155604436 J * DreamerC ~dreamerc@59-112-2-165.dynamic.hinet.net 1155604837 Q * ekc2 Ping timeout: 480 seconds 1155604996 M * Bertl daniel_hozac: uploaded a modified crosscompile and plmdiff which seems to do the job here 1155605007 M * Bertl (Experimental/PLM/*_new) 1155605034 M * daniel_hozac ok, thanks. 1155605064 M * daniel_hozac hmm, 403s. 1155605075 M * Bertl sec 1155605103 M * Bertl try again 1155605155 M * daniel_hozac works now. 1155605489 M * daniel_hozac what does "call with no type" mean? seems to report on every macro... 1155605554 M * Bertl hmm, usually that should indicate a missing prototype 1155605606 M * daniel_hozac prototyping macros doesn't work though, does it? 1155605632 M * Bertl hmm, hmm ... could work, never tried, not sure it makes sense though 1155605746 M * daniel_hozac yeah, seems very odd. i'll just assume those are false positives. 1155605754 M * Bertl http://marc2.theaimsgroup.com/?l=linux-sparse&m=110856846131147&w=2 1155605764 Q * matti Quit: 8-X 1155605802 M * Bertl so we might be in good company here :) 1155605928 M * Skram Im ba-ack :) 1155605949 M * Bertl we-l-come ba-ack! 1155606014 M * Bertl okay, I'm going to rediff against 2.6.17.8 and resubmit, so that the compilers match better 1155606049 M * Bertl (nah, won't help, baseline is using the older compilers too for 2.6.17.8 1155606088 M * Bertl *big sigh* 1155606089 M * Skram :) 1155606115 M * Bertl okay, I'm off to bed for tonight ... tx everyone! have fun! 1155606123 M * Skram Thank YOU 1155606126 N * Bertl Bertl_zZ 1155606326 M * Hurga hm. 1155606334 M * Hurga root@test:/etc/bind# host zxq.de 127.0.0.1 1155606334 M * Hurga ;; reply from unexpected source: 217.24.218.167#53, expected 127.0.0.1#53 1155606334 M * Hurga ;; connection timed out; no servers could be reached 1155606403 Q * coocoon Ping timeout: 480 seconds 1155607208 J * meandtheshell ~markus@85-124-36-203.dynamic.xdsl-line.inode.at 1155609553 Q * Hurga Remote host closed the connection 1155609775 M * Skram daniel_hozac: still around? 1155609796 M * Skram [root@hermes vservers]# cat sentien-db01/rlimits/rss.soft 1155609797 M * Skram 32768 1155609820 M * Skram [root@hermes vservers]# cat /proc/virtual/25137/limit | grep RSS 1155609820 M * Skram RSS: 2514 3063 -1 0 1155609823 M * Skram :? 1155611331 Q * Loki|muh Read error: Connection reset by peer 1155611331 Q * ntrs__ Read error: Connection reset by peer 1155611423 J * ntrs ~ntrs@68-188-51-87.dhcp.stls.mo.charter.com 1155612393 J * ekc ~ekc@netblock-66-245-252-180.dslextreme.com 1155612850 M * ekc I'm trying to setup a rock-solid iptables firewall for vserver guests. What's your favorite iptables firewall? APF/BFD? Firehol? something else? 1155612964 M * cehteh firehol 1155613126 M * ekc yeah, i was looking at firehol. but it looks like it hasn't been updated in a while 1155613375 M * cehteh prolly just because it is that good and needs no update:P 1155613403 M * cehteh well i am using it since few years and there are some updates from time to time 1155613441 M * cehteh and there are quite many users .. i think its impossible that it will become unmaintained 1155613640 M * cehteh last CVS commit is 2 months ago 1155613718 M * ekc hmm. good to know -- i was looking at the homepage. i'm a little paranoid about guests breaking out and compromising the host, and I'm not too confident about my iptables skills. i might give firehol a shot 1155613783 M * cehteh yeah firehol is easy and does the right thing ... i always call it a expert-system for firewalls .. its not just yet-another-configuration-language 1155613837 M * cehteh well a firewall wont protect you much against guests breaking out 1155613918 M * cehteh set iproots, dont forget the chroot barrier and verify that it works, be careful when bind-mounting filesystems, dont elevate guest capabilities 1155614014 Q * lilalinux Ping timeout: 480 seconds 1155614133 M * ekc how can I verify that the chroot barrier is working? 1155614164 M * ekc i know I can set it with 'setattr --barrier ' 1155614450 M * cehteh afaik there is a test-script in the utils distribution 1155614523 J * lilalinux ~plasma@dslb-084-058-200-169.pools.arcor-ip.net 1155614682 M * cehteh /tests/escaperoot 1155614863 Q * Aiken Quit: Leaving 1155614894 Q * ekc Ping timeout: 480 seconds 1155615079 J * ekc ~ekc@netblock-66-245-252-180.dslextreme.com 1155615313 J * Aiken ~james@tooax6-025.dialup.optusnet.com.au 1155615415 M * ekc cehteh: thanks for the pointer. didn't even realize those test scripts were there 1155615692 M * cehteh i think there is some make target to run some tests 1155615907 J * madvenu ~root@59.92.168.89 1155616154 P * madvenu 1155616688 J * coocoon ~coocoon@p54A06261.dip.t-dialin.net 1155618540 Q * anonc Remote host closed the connection 1155622326 J * lylix ~eric@dynamic-acs-24-154-53-234.zoominternet.net 1155623833 Q * Aiken Ping timeout: 480 seconds 1155626820 J * anonc ~anonc@staffnet.internode.com.au 1155627158 Q * ekc Ping timeout: 480 seconds 1155628013 J * dna ~naucki@p54BCEB83.dip.t-dialin.net 1155628944 J * pisc1 ~pampel@p5087856B.dip0.t-ipconnect.de 1155629227 J * bonbons ~bonbons@83.222.36.236 1155629343 Q * pisco Ping timeout: 480 seconds 1155629734 M * meebey_ anyone runs openvpn inside a vserver? 1155629759 M * meebey_ the daemon seems to fail because it can't find the device it created (I think) 1155629782 M * meebey_ SIOCSIFDSTADDR: Cannot assign requested address 1155629825 M * phedny http://linux-vserver.org/OpenVPN 1155629866 M * meebey_ uh that should be linked in WorkingPrograms and/or ProblematicPrograms 1155629875 M * meebey_ but thanks for the linkt 1155630028 M * meebey_ hm the only part that sounds important is to setup the tun device on the host and let the guest use it 1155630051 M * meebey_ thats what I expected, I am wondering though that openswan works which uses ipsec0, created from inside the vserver 1155630064 M * phedny the error you give seems to me the daemon cannot assign IP address to the device 1155630089 M * meebey_ Aug 15 10:16:12 vpn-openvpn_galilei ovpn-server[23184]: TUN/TAP device tun0 opened 1155630092 M * meebey_ Aug 15 10:16:12 vpn-openvpn_galilei ovpn-server[23184]: /sbin/ifconfig tun0 192.168.246.1 pointopoint 192.168.246.2 mtu 1500 1155630095 M * meebey_ Aug 15 10:16:12 vpn-openvpn_galilei ovpn-server[23184]: Linux ifconfig failed: shell command exited with error status: 1 1155630112 M * meebey_ it creates the tun0 device but cant assign an IP; I guess the vserver doesnt allow access to that new device 1155630114 M * phedny that confirms my idea 1155630122 M * phedny point is 1155630129 M * phedny vservers are not allowed to manage network devices 1155630139 M * phedny otherwise one could also assign any random IP to eth0 1155630141 M * meebey_ I gave it the needed CAPs 1155630156 M * meebey_ I know, I use vserver more for modularity reasons, not security 1155630214 M * meebey_ S_CAPS="CAP_NET_ADMIN CAP_SYS_ADMIN" 1155630238 M * meebey_ tun0 seems to be different then ipsec0 then 1155630247 M * meebey_ s/then/than/ 1155630291 M * phedny I don't really know 1155630313 M * meebey_ creating the device outside to use it inside seems to be a bit odd :-P 1155630321 M * meebey_ I would prefere no hacks on the host 1155630676 M * meebey_ hm the howto doesnt show any problems assigning the IP, strange 1155630696 M * phedny that might be because it is done by the host 1155630697 M * meebey_ it covers how other vservers get access to the VPN tunnnel... 1155630712 A * phedny didn't read the page by the way, only knew it existed and gave you the link 1155630713 M * meebey_ phedny: it says it runs openvpn inside the vserver 1155630733 M * meebey_ but true, maybe he forgot to mention how he created the tun0 device on the host 1155630740 M * meebey_ there is no program for that, none I know at least :) 1155630799 M * meebey_ vpn-openvpn_galilei:/# ifconfig eth0:test 192.168.0.1 up 1155630799 M * meebey_ SIOCSIFADDR: File exists 1155630799 M * meebey_ SIOCSIFFLAGS: Cannot assign requested address 1155630799 M * meebey_ SIOCSIFFLAGS: Cannot assign requested address 1155630800 M * meebey_ vpn-openvpn_galilei:/# ifconfig eth0:test 192.168.0.1 up 1155630802 M * meebey_ SIOCSIFADDR: File exists 1155630805 M * meebey_ SIOCSIFFLAGS: Cannot assign requested address 1155630807 M * meebey_ SIOCSIFFLAGS: Cannot assign requested address 1155630807 Q * meebey_ Killed (FloodServ ((FloodServ) Warning, you have triggered a network protection. Stop flooding!)) 1155630858 J * meebey meebey@booster.qnetp.net 1155630871 M * meebey oh dear OFTC is worse than lilonet, didnt know that 1155630873 M * phedny meebey: so it's up to you to do some research and fix the page ;) 1155630898 M * meebey phedny: when I got it working I will add an entry to the ProblematicPrograms page and add a link to there 1155630919 M * phedny good! 1155630954 M * meebey so I need to tell vserver somehow that I am allowed to do IP assigned in the vserver. hmmm I thought NET_ADMIN is enough 1155630965 M * meebey s/assigned/assigment/ 1155631000 M * phedny well, I'm going to let the dogs out and than visit a friend for an important discussion 1155631016 M * meebey have fun :) 1155631027 M * phedny first part is, next part won't really be so much fun 1155631329 N * Bertl_zZ Bertl_oO 1155631342 M * Bertl_oO will be around later ... 1155632713 J * Viper0482 ~Viper0482@p54977BC4.dip.t-dialin.net 1155634297 J * schimmi ~sts@port-212-202-73-176.dynamic.qsc.de 1155634693 Q * shedii Quit: Leaving 1155635414 J * cohan ~cohan@koniczek.de 1155635533 Q * cohan_ Ping timeout: 480 seconds 1155637174 Q * Viper0482 Ping timeout: 480 seconds 1155637996 J * Viper0482 ~Viper0482@p54977BC4.dip.t-dialin.net 1155638250 J * TheJim ~James@jturner.dsl.interdart.net 1155638280 M * TheJim stupid iptables! 1155638291 M * TheJim why does the util-vserver package need iptables? 1155638313 N * TheJim TheJim_gah_iptables 1155638375 M * TheJim_gah_iptables i guess everyone is asleep at the minute 1155638780 M * waldi hmm, /me wants to change the xid of processes ... 1155638921 J * Aiken ~james@tooax6-108.dialup.optusnet.com.au 1155638960 Q * TheJim_gah_iptables Read error: Connection reset by peer 1155639861 J * shedi ~siggi@213.190.108.50 1155639905 M * meebey hmpf I can't assign IPs inside a vserver 1155639922 M * meebey regardless of legacy config or normal, with CAP_NET_ADMIN 1155640336 Q * coocoon Quit: KVIrc 3.2.0 'Realia' 1155641044 J * coocoon ~coocoon@p54A06261.dip.t-dialin.net 1155641114 J * hallyn ~xa@adsl-75-21-68-95.dsl.chcgil.sbcglobal.net 1155641612 Q * Aiken Quit: Leaving 1155642190 J * pirc ~pierre@pas38-3-82-226-103-133.fbx.proxad.net 1155642216 P * pirc Kopete 0.11.3 : http://kopete.kde.org 1155643221 M * mnemoc Hollow: ping 1155644040 J * yarihm ~yarihm@84-74-17-70.dclient.hispeed.ch 1155644170 J * Lauer ~Lauer@mail.tema.de 1155644190 M * Lauer coocoon: your hints yesterday for the kernel config worked, thanks 1155644204 M * coocoon u r welcome 1155644237 M * Lauer now I just need to see why ssh fails :-) 1155644250 M * Lauer (from one problem to the next... it's been a bumpy ride) 1155644294 M * coocoon Lauer: here u will find a lot of answers http://linux-vserver.org/Documentation 1155644299 M * coocoon ;-) 1155644304 M * Lauer yeah I already know that 1155644325 M * Lauer nice, but not easy to find the answers to specific questions 1155644402 M * coocoon Lauer: what happens to ssh on ur system 1155644413 M * Lauer it fails to bind to an address and dies 1155644420 M * Lauer and ssh on the host is listening on all IPS 1155644531 P * pisc1 1155644546 M * coocoon to which adress shall the guest listen, i am asking, because of why not binding the host ssh server to the specific ip 1155644568 M * cryptronic derjohn, are you here? 1155644595 M * coocoon that is recommended to get ssh to work well on the host and in the guest 1155644637 M * Lauer hmmm weird 1155644641 M * Lauer I think that fixes it 1155644668 M * Lauer ah great 1155644702 M * Lauer coocoon: thanks for fixing me - I owe you at least one beer :-) 1155644750 M * coocoon Lauer: no problem 1155647616 M * derjohn cryptronic, yes, just came to the office 1155647666 M * meebey /* Allow interface configuration */ 1155647673 M * meebey #define CAP_NET_ADMIN 12 1155647689 M * meebey ifconfig command fails though 1155647695 M * meebey is that a bug? 1155648051 M * meebey http://paste.debian.net/10888 1155648057 M * meebey I guess that can be considered a bug 1155648088 M * meebey creating an interface and/or assign an IP to it inside the vserver will do it but only visibly for outside of the vserver 1155648623 Q * coocoon Quit: KVIrc 3.2.0 'Realia' 1155649250 Q * cehteh Quit: Terminated with extreme prejudice - dircproxy 1.0.5 1155649447 Q * yarihm Quit: This computer has gone to sleep 1155649523 Q * Lauer Ping timeout: 480 seconds 1155650014 J * ekc ~ekc@netblock-66-245-252-180.dslextreme.com 1155650027 J * cehteh foobar@cehteh.homeunix.org 1155650374 M * meebey I am now reading the source but can't see the culprit 1155650383 M * meebey net/ipv4/devinet.c that is 1155650430 M * meebey ioctl(4, SIOCSIFFLAGS, 0xbfa0ca70) = -1 EADDRNOTAVAIL (Cannot assign requested address) 1155650769 M * meebey does someone know how I can disable VXF_HIDE_NETIF? 1155650774 M * meebey seems to be default 1155650804 J * yarihm ~yarihm@84-74-17-70.dclient.hispeed.ch 1155650930 M * meebey grrr how openvpn can be used in a vserver is in the some_hints_from_john page 1155650964 M * meebey I wonder why he couldnt use the existing pages for such stuff 1155650980 M * meebey specially application dependent thing 1155650983 M * meebey +s 1155651005 M * meebey and it describes the lack of setting ip inside a vserver problem which I also came across 1155651128 J * coocoon ~coocoon@p54A061CF.dip.t-dialin.net 1155651234 Q * ekc Ping timeout: 480 seconds 1155651476 M * daniel_hozac meebey: ~hide_netif 1155651524 M * meebey daniel_hozac: thanks 1155651563 M * meebey nobody 11502 0.0 0.0 3532 952 ? Ss 16:19 0:00 /usr/sbin/openvpn --writepid /var/run/openvpn.server.pid --daemon ovpn-server --cd /etc/openvpn --config /etc/openvpn/server.conf 1155651567 M * meebey there we go! 1155651572 J * ekc ~ekc@netblock-66-245-252-180.dslextreme.com 1155651582 M * meebey IP assigment works! 1155651585 M * meebey daniel_hozac: you rock! :) 1155651606 M * meebey so after UTSL I could find the show stopper, the default VXF_HIDE_NETIF :) 1155651628 M * meebey so I can tell derjohn that he doesnt need all that tap fluff to run openvpn 1155651668 M * meebey so lemme add that to ProblematicPrograms so everything can run openvpn inside vservers 1155651678 M * derjohn meebey, hm? 1155651690 M * meebey s/everything/everyone/ 1155651712 M * derjohn what did you simplify ? 1155651726 M * meebey derjohn: echo "~hide_netif" >> /etc/vservers/myvserver/flags 1155651734 M * meebey derjohn: and openvpn works with tun out of the box 1155651749 M * daniel_hozac ... except it can't do anything from inside the guest by default. 1155651761 M * daniel_hozac it's far more secure to setup the tun on the host. 1155651764 M * derjohn meebey, how is the tun brought up? 1155651777 M * meebey derjohn: NET_ADMIN 1155651779 M * daniel_hozac (setup including IP address, etc.) 1155651829 M * meebey daniel_hozac: sure but I need modularity, host dependency destroy the whole vserver thing for me 1155651830 M * derjohn meebey, hm, a two-sided sword. This guest can even sniff then. you could even run the openvpn without a guest 1155651861 M * daniel_hozac meebey: there is not host dependency, use a pre-start script that does it. 1155651885 M * daniel_hozac derjohn: sniffing requires NET_RAW, but NET_ADMIN does give the guest the ability to down all the interfaces, for instance. 1155651891 Q * hallyn Quit: leaving 1155651955 M * derjohn NET_ADMIN doesnt imply that? ok, but at least the guest can bring up fake ips. at leat in out case, out customer rent "guests". I cannot give them NET_ADMIN. for my personal box it's ok ;) 1155651996 M * meebey derjohn: "If you add "ip addr add peer dev tun0" there is no way to map the tun0 interface into a guest, " thats not true btw 1155652016 M * meebey derjohn: echo "tun0" > /etc/vservers/myvserver/interfaces/0/ip 1155652026 M * meebey derjohn: touch /etc/vservers/myvserver/interfaces/0/nodev 1155652046 M * meebey that will bring the interface into the vserver via its device-name 1155652089 M * derjohn meebey, the "peer" problem was fixed by daniel_hozac around -rc22 or so .... 1155652173 M * derjohn and: i dont know where i wrote it, but I assume i was talking about pointtopint IP, which was really not possbile. 1155652199 M * derjohn daniel_hozac, was the peer-fix acceped? I didnt follow as I switched to transfer nets... 1155652208 M * daniel_hozac yes. 1155652241 M * derjohn daniel_hozac, and is there a way to bring it up in interfaces/0/ip? what to write in there? 1155652284 M * daniel_hozac the peer? no, util-vserver doesn't support that. 1155652306 M * daniel_hozac (IMHO it's a very special case that could just as well be done with a prepre script) 1155652378 M * derjohn meebey, and I write the wiki primarily for myself ;) If I find out stuff, I tend to forget it. I use the hints-page to look up my own braindumps and hope others find it interesting, too. But I will merge it on the new wiki with the FAW (hello Hollow :)) 1155652504 M * meebey derjohn: its just a bit frustrating to see that someone else already went the same problem path and spending worthful time to fix the same thing again 1155652560 M * daniel_hozac meebey: so why didn't you look there before you started? :) 1155652589 M * meebey derjohn: asking here and checking ProblematicPrograms was the first I did 1155652594 M * derjohn meebey, welL: there is a search function on the wiki. and the (old) openvpn page was partly incorrect for _newer_ vserver version. but there are still VS 1.y users out there ... 1155652612 M * meebey the OpenVPN page I found too btw 1155652643 N * Belu_zZz Belu 1155652660 M * derjohn meebey, well I should have added openvpn here (like parts of the bind stuff) .. But now it your duty to do it. ! :) 1155652704 M * meebey derjohn: I will the describe the other way though, but both ways should be listed 1155652715 M * meebey tun/tap initialization on host or guest 1155652757 M * daniel_hozac meebey: even with ~hide_netif, are you allowed to use the new IP address in the guest? 1155652776 M * daniel_hozac or have you already assigned that IP address in the guest configuration? 1155652796 M * meebey openvpn does the assigment 1155652806 M * daniel_hozac not to the network context. 1155652841 M * daniel_hozac ~hide_netif may let you see it, but i doubt you'll be able to use it. 1155652885 M * meebey well it did the assigment outside of the vserver 1155652900 M * daniel_hozac hmm? 1155652910 M * meebey it was visible to the host 1155652920 M * daniel_hozac as expected. 1155653038 M * meebey I will see 1155653171 M * meebey fallback will be to use the tap device approac 1155653228 M * daniel_hozac what? 1155653324 M * meebey john's approach that is 1155653762 M * derjohn meebey, i had exactly the same problems. :) Bertl_oO offered to vitualize the tun-stuff, but as my demand was low after I found out my solution, the idea was set to low prio ... maybe you can change that ;) 1155653769 Q * ekc Ping timeout: 480 seconds 1155653770 A * derjohn now away ... 1155654003 M * daniel_hozac how would virtualizing tun help? 1155654020 M * daniel_hozac (and i guess you mean isolation) 1155654870 J * ybanafa ~ybanafa@82.114.177.141 1155654926 M * daniel_hozac welcome ybanafa! 1155654944 M * ybanafa Hi All 1155655037 M * ybanafa Vserver 2.0.1 & kernel 2.6.14.3 did any one try it on amd64 ? 1155655084 M * daniel_hozac probably, why? 1155655116 M * ybanafa is there any issue on amd64? 1155655177 Q * mnemoc Ping timeout: 480 seconds 1155655178 M * daniel_hozac there shouldn't be, but i'd probably go with 2.6.17.8 and 2.0.2-rc28x just to be safe. 1155655333 M * ybanafa ok .. I'll go right now try that & post any thing here ..thanks daniel 1155655454 P * ybanafa Leaving 1155655564 J * mnemoc ~amery@kilo105.server4you.de 1155656144 J * stefani ~stefani@tsipoor.banerian.org 1155656267 Q * ntrs Quit: Leaving 1155656369 Q * Viper0482 Ping timeout: 480 seconds 1155656993 J * Viper0482 ~Viper0482@p54977DDB.dip.t-dialin.net 1155657349 Q * PowerKe Ping timeout: 480 seconds 1155657368 M * meebey openvpn runs, weee 1155657373 M * meebey I mean the tunnel works :) 1155657451 M * mnemoc what was the problem? 1155657505 Q * brc_ Ping timeout: 480 seconds 1155657552 M * meebey mnemoc: telling vserver to allow ip assignment 1155657565 M * meebey daniel_hozac: the IPs work btw 1155657595 M * meebey tap btw has the disadvantage that it transfers broadcasts 1155657600 M * meebey because its frame based 1155658085 M * derjohn meebey, what layer2 broadcasts do you expect on the the tap? I mean there are only two machines on the "tapswitch", nor? On layer3 there should no broadcast at all - except those you create yourself (assuming you run a /30 or /31 ) 1155658119 M * meebey with windows clients... *cough* 1155658304 M * derjohn meebey, oh what a pity ;) 1155658330 M * meebey the network spammers 1155658600 M * derjohn meebey, well isnt on windows some kind of virtual tap interface? I can only imagine netbios/bui stuff lurking through the interafce. Of maybe the notebook client desperately looks for it's AD master.... cant you set the tap interface to "dont bind netbiosfoo"? 1155658632 M * meebey derjohn: actually I need that netbios foo for fileserver access 1155658649 M * derjohn meebey, then it makes sense not to block it ;) 1155658652 M * meebey derjohn: and windows is loving to explore the network, I can tell stories about that... :-P 1155658679 M * meebey it looks like ask the WINS server for everykind of authority server and tries to connect them 1155658692 M * meebey s/looks// 1155658736 M * derjohn hm, doesnt WINS work (like DNS) on layer3? I.e. you set an IP for it? but anyway, my windoze time is long gone ... 1155658759 M * derjohn read: I dont know really anything about it what goes deeper into the OS 1155658819 M * derjohn I tried to use OpenVPN on Win for tunnel though a proxy. for circumventing a content filter. With moderate success. :( 1155658906 M * Hollow hello derjohn :D 1155658924 M * Hollow mnemoc: pong 1155658934 M * mnemoc Hollow: moin! 1155658947 M * Hollow moin 1155658948 M * derjohn Hollow, foobar! Q: When we move to the new wiki ... will changes on the current wiki get lost? 1155658970 M * mnemoc Hollow: did you code the sha1 hasher? 1155658992 M * Hollow derjohn: depends.. we can do however we want it, i guess it is a good idea to keep it writable for some time ... 1155658998 M * Hollow mnemoc: yes, it's probably broken 1155659011 M * mnemoc Hollow: yep, segfaults on x86_64 1155659035 M * Hollow sha1 will be replaced by a clean sha512 implementation, so be patient 1155659086 M * mnemoc Hollow: oh 1155659101 M * Hollow since sha1 is broken anyway 1155659213 M * mnemoc what about using libtomcrypt instead? 1155659228 M * mnemoc instead of self-made crypto functions 1155659248 M * Hollow yeah, i looked at many different libs, the question is: do we really want to link against another lib for just one hash function? 1155659256 M * derjohn meebey, did you measure how much broadcast traffic is generated? 1155659280 M * mnemoc Hollow: the other option is to steal the hasher :p 1155659283 M * Hollow i mean... vcds dependencies are already quite big 1155659296 M * Hollow yeah, i stole this one too, but it seems to be broken anyway ;) 1155659299 M * mnemoc Hollow: yep, it depends on hell to much things currently 1155659304 M * mnemoc Hollow: :p 1155659391 J * pisco ~pampel@p5087856B.dip0.t-ipconnect.de 1155659447 M * Hollow mnemoc: i tried to understand the algorithms in the first place.. but NFC.. then i stole it from some other lib ;) 1155659526 M * mnemoc how long do you think it will take? may i help? (i really need to start that host even if i replace the host OS again in 1 week 1155659532 M * mnemoc ) 1155659551 M * Hollow sure, patches are welcome... 1155659590 M * mnemoc ok, let see 1155659600 M * mnemoc so sha512 1155659688 A * phreak`` pokes kir & igor 1155659874 P * pisco 1155659878 M * phreak`` I really hate partly broken releases :| 1155659901 A * Hollow pats phedny 1155659903 M * Hollow argh 1155659906 M * Hollow phreak`` of course 1155659907 M * Hollow :P 1155659917 M * mnemoc completly broken releases are even better 1155659926 M * phreak`` mnemoc: yah :) 1155659927 J * ekc ~ekc@netblock-66-245-252-180.dslextreme.com 1155660372 Q * s0undt3ch Ping timeout: 480 seconds 1155660960 A * Belu is away (iŽll be back later...) 1155660960 N * Belu Belu_zZz 1155661390 Q * ekc Ping timeout: 480 seconds 1155661930 Q * shedi Quit: Leaving 1155662041 J * s0undt3ch zoirdy@bl8-3-205.dsl.telepac.pt 1155662391 M * derjohn just for curiosity: do we support MIPS CPU? Or anyone ever try? (See: http://www.heise.de/newsticker/meldung/76816 ) 1155662403 M * Wonka *rrrr* nice machine 1155662434 M * derjohn well, I could downsize some cabinets here with that babe :) 1155662608 J * brc_ bruce@201.19.161.244 1155664383 M * mnemoc Hollow: sha512 at libtomcrypt has lot of architecture dependent blocks... what about using the one on the kernel? is that posible? 1155664604 J * ybanafa ~ybanafa@198.69.12.12 1155664806 M * ybanafa is there GUI for manage vserver ? (aka : webmin .. zone ) 1155664821 Q * lilalinux Remote host closed the connection 1155664912 M * coocoon ybanafa: here www.openvcp.org 1155664913 M * mnemoc ybanafa: openvcp 1155664977 M * ybanafa thanks :) i'll give it try 1155665147 M * ybanafa is there any docs how to install new image from CD image ? .. (the net here expensive to download) 1155665324 N * Belu_zZz Belu 1155665687 M * coocoon ybanafa: which distro u r using 1155665690 J * gerrit ~kvirc@dslb-084-060-221-048.pools.arcor-ip.net 1155665737 M * ybanafa coonccon : debain Sarge 3.1 1155665856 J * ekc ~ekc@netblock-66-245-252-180.dslextreme.com 1155665931 M * ybanafa cooncoon : is there any doc for Debian Sarge 3.1 ? 1155666185 M * coocoon ybanafa: http://linux-vserver.org/Documentation under Distribution specific Howtos/ i have never done this but i think, u must create a vserver skeleton --> vserver foo build -m skeleton ... , than u can make a tarball of ur distro, without /dev folder and then extract the folder intop the /vserver/foo dir 1155666211 M * coocoon ybanafa: i mean i would do it in this way 1155666357 M * ybanafa cooncoon : thanks .. I wiil go read it & try it :) 1155666389 P * ybanafa Leaving 1155666585 Q * ekc Ping timeout: 480 seconds 1155666957 M * Hollow mnemoc: no idea, iirc these are for in kernel modules only 1155667375 J * shedi ~siggi@inferno.lhi.is 1155667444 Q * Roey Ping timeout: 480 seconds 1155667532 J * Roey ~katz@h-69-3-4-130.mclnva23.covad.net 1155668751 J * ekc ~ekc@netblock-66-245-252-180.dslextreme.com 1155669708 M * Hollow mnemoc: what about WHIRLPOOL? it is endian-independent 1155669761 M * mnemoc i would need to read about, but sure... if it's safe 1155669773 M * Hollow just found it on wikipedia.. 1155669780 M * Hollow http://paginas.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html 1155669781 M * daniel_hozac probably easier to stick to a mainline one? 1155669816 M * daniel_hozac (i.e. one which has a *sum included in coreutils) 1155669818 Q * Adrinael Quit: Maintenance 1155669864 M * Hollow daniel_hozac: well, that would be md5, sha1, and crypt, all broken 1155669909 M * daniel_hozac mine supports sha{1,224,256,384,512}. 1155669935 M * Hollow mine (5.97) doesn't 1155669946 M * daniel_hozac hmm, 5.97 here too. 1155669996 Q * stefani Remote host closed the connection 1155670001 M * Hollow maybe fedora patches? 1155670015 M * daniel_hozac not AFAICT. 1155670053 M * mnemoc oO( why mine is 5.2.1? )o 1155670065 M * Hollow bene@zeus [130] coreutils-5.97 $ grep sha256 -ir . 1155670065 M * Hollow bene@zeus [1] coreutils-5.97 $ 1155670101 J * stefani ~stefani@tsipoor.banerian.org 1155670108 P * stefani 1155670120 M * doener I have the same as daniel_hozac (on debian) 1155670131 J * rob-84x^ rob@submarine.ath.cx 1155670190 M * Hollow packages.debian.org says sha256 is from utils/hashalot 1155670204 M * meebey derjohn: its not that bad :) 1155670214 J * mef ~mef@targe.CS.Princeton.EDU 1155670218 P * mef 1155670224 M * meebey derjohn: I may want briding anyhow, windows netbios works better that way 1155670305 M * mnemoc hashalot?! LOL 1155670341 A * Hollow giggles 1155670377 M * doener Hollow: the coreutils thing is called sha256sum 1155670409 M * Hollow well, i searched for it, but p.debian.org says nothing found for sha256sum ;) 1155670424 M * mnemoc and hashalot only exist on debian :p 1155670428 M * Hollow ah.. i searched stable tree 1155670443 M * Wonka common error 1155670499 M * Hollow doener: looking at the debian diff for coreutils in the unstable tree, it seems patched in 1155670585 M * mnemoc http://www.certainkey.com/resources/hashsum.php 1155670622 M * Hollow hm, ripemd160? 1155670700 M * doener mnemoc: damn, 2fast4me ;) 1155670720 M * doener I searched on gentoo-portage.com though ;) 1155670729 M * mnemoc :D 1155670752 M * mnemoc google is much faster than your portage :p 1155670768 M * Hollow well, endianess independent would be nice, and the authour of whirlpool has one reference .c file, very easy to copy ;) 1155670781 M * doener my portage? I'm a happy debian user ;) 1155670786 M * mnemoc =) 1155670820 M * mnemoc Hollow: we could try ,-) 1155670838 M * Hollow indeed.. 1155671083 J * Adrinael adrinael@hoasb-ff09dd00-79.dhcp.inet.fi 1155671130 M * daniel_hozac Hollow: don't most specs have reference files as well? 1155671159 M * daniel_hozac IIRC last time i went library-less for algos i just copied from the MD5 and SHA1 specs. 1155671226 M * Hollow i didn't find any beside complex crypto libs 1155671566 M * mnemoc libtomcrypt is really cool, but not for just one hasher 1155671588 M * mnemoc the problem is the endianness 1155671598 M * mnemoc daniel_hozac: ---^ 1155671657 M * daniel_hozac is endianness a problem for SHA*? 1155671692 M * mnemoc on home-made implementations 1155671791 M * mnemoc this topic started because the current sha1 at libucid (used by libvserver and friends) segfault at the opteron i'm installing 1155671842 M * daniel_hozac hmm? how does endianness cause that? 1155671869 M * daniel_hozac (btw, where is lucid's svn? i expected to find it at svn.linux-vserver.org) 1155671885 Q * ekc Remote host closed the connection 1155671949 M * Hollow daniel_hozac: http://dev.croup.de/repos/lucid/trunk 1155671984 M * Hollow daniel_hozac: i don't think endianess does cause this, but endian-independent isn't bad nonetheless 1155672016 M * daniel_hozac true. 1155672095 M * mnemoc what else can be causing segfault on that arch and not on others? (sorry my ignorance of that field) 1155672130 M * daniel_hozac isn't opteron x86_64? and thus little endian, just like x86? 1155672139 M * mnemoc scored :( 1155672154 M * daniel_hozac probably it's just not 64-bit safe. 1155672164 M * mnemoc ack 1155672417 M * michal_ win/win 20 1155672486 Q * Viper0482 Remote host closed the connection 1155672495 M * michal_ ok, i've got a giant lags, but am here...more or less ;) 1155672564 M * michal_ tell me guys 1155672647 M * michal_ how do i enter from C code into some (already running) vserver? 1155672677 M * daniel_hozac define enter. 1155672689 M * daniel_hozac the context? the namespace? the chroot? the network context? 1155672748 M * michal_ exactly same result as i would do vserver enter 1155672799 M * michal_ so, in fact namespace,network context, process context 1155672848 M * daniel_hozac then it's easier to just vserver ... exec ... 1155672900 M * michal_ and you don't provide any library (system wide) 1155672900 M * michal_ so i wonder, where to start 1155672957 M * michal_ look above and read again - C language 1155672971 M * daniel_hozac execve is your friend :) 1155672984 M * michal_ i'm writing some pam module 1155673009 M * michal_ similar for pam_chroot 1155673032 M * michal_ do _not_ ask me why, a long story 1155673048 M * michal_ i'll tell you when i get better connection 1155673048 M * michal_ :) 1155673087 M * michal_ execve...ugly;) 1155673099 M * daniel_hozac not compared to the alternative. 1155673122 M * michal_ i would rather call syscalls directly 1155673123 M * daniel_hozac plus you'll have to maintain it with every new step of entering that gets added. 1155673172 M * michal_ hm 1155673191 J * ntrs ~ntrs@68-188-51-87.dhcp.stls.mo.charter.com 1155673194 M * daniel_hozac so copy what vserver ... exec ... does. 1155673213 M * michal_ from one side - not a problem... 1155673216 M * michal_ from other - extra work for me... 1155673232 M * daniel_hozac what is? 1155673334 A * Belu is away (iŽll be back later...) 1155673336 N * Belu Belu_zZz 1155673342 M * michal_ hey, ambition plays a role here also :P 1155673413 M * michal_ i'll take the manual way 1155673701 Q * gerrit Quit: KVIrc 3.2.0 'Realia' 1155674378 M * michal_ i alsa wonder - i'll "enter" from pam module, but have to end up in the right uid/gid... 1155674468 J * PowerKe ~icuser@d5153A0DA.access.telenet.be 1155674498 Q * yarihm Quit: Leaving 1155675000 Q * bonbons Quit: Leaving 1155675282 M * michal_ Bertl_oO: ping;) 1155676133 N * Bertl_oO Bertl 1155676138 M * Bertl michal_: pong! :) 1155676217 J * comfrey ~comfrey@h-64-105-215-75.sttnwaho.covad.net 1155676289 M * Bertl wb comfrey! 1155676302 J * FCOJ ~mordur@dsl-201-4.hive.is 1155676311 Q * FCOJ 1155676338 J * FCOJ ~mordur@dsl-201-4.hive.is 1155676344 M * Bertl welcome FCOJ! 1155676347 Q * FCOJ 1155676362 J * FCOJ ~mordur@dsl-201-4.hive.is 1155676440 J * matti matti@linux.gentoo.pl 1155676448 Q * FCOJ 1155676495 M * matti Bertl: Have a minute? 1155676577 M * matti Anyone alive? :-) 1155676590 M * Bertl sure 1155676601 M * matti ;] 1155676633 M * michal_ hey Bertl, long time not seen :] 1155676634 M * michal_ hey matti! 1155676727 M * michal_ Bertl, as you might noticed, i've been crashing vserver in various way recently ;) i'm curretly in process of writing small pam module, which purpose is to authenticate users (or rather - it does not authenticate, ok;) - to puyt them into spcified vservers, as in config file 1155676741 M * michal_ configso... 1155676755 M * michal_ i wonder, how do i enter into running vserver from the C code 1155676761 M * matti michal_: You can be handy as well. 1155676763 M * matti michal_: You see. 1155676770 M * michal_ (sorry about bugs, etc...giant lgas) 1155676779 M * matti michal_: I merged harry's lvs + grsec patches with latest cks. 1155676789 M * matti michal_: I am curious. 1155676794 M * michal_ so, what are the proper steps i should take...etc 1155676802 M * matti Bertl, michal_: Is VMSPLIT_3G_OPT generally good idea on smp machines with 1 and 2 GB of ram? 1155676802 M * michal_ i'm listening to you matti :) 1155676861 M * michal_ you should do whatever possible to avoid highmem matti :] 1155676873 M * matti So. 1155676877 M * michal_ second level pagestables will harm your performance 1155676888 M * matti That was I though so. 1155676890 M * matti But. 1155676891 M * michal_ and 3rd even more ;) 1155676929 M * matti How cks memory-split expose stuff. 1155676943 M * matti Will work with CONFIG_HIGHPTE? 1155676965 M * matti Is safe, to enable VMSPLIT_3G_OPT and CONFIG_HIGHPTE in the same time? 1155676982 M * michal_ i have no idea;) 1155677003 Q * Adrinael Quit: Maintenance 1155677030 M * matti Damn ;p 1155677034 M * matti Nobody knows ;p 1155677070 M * matti There's so much "black holes" in documentation. 1155677072 M * michal_ u know... 1155677072 M * michal_ michal@platinum:~/code/vserver/linux-2.6.16.27-vs2.1.1-rc22> grep CONFIG_HIGHPTE .config 1155677073 M * matti About that. 1155677075 M * michal_ michal@platinum:~/code/vserver/linux-2.6.16.27-vs2.1.1-rc22> 1155677077 M * michal_ ;) 1155677116 M * matti michal_: Well, considering help for CONFIG_HIGHPTE I can assume, that this is not so bad idea. 1155677150 M * matti "The VM uses one page table entry for each page of physical memory. For systems with a lot of RAM, this can be wasteful of precious low memory." 1155677168 M * matti So, regarding what you say about lowmem... this looks nice. 1155677170 M * matti Isn't it? 1155677202 M * michal_ that's indeed interesting... 1155677217 M * michal_ lowmem _is_ "my precious" :P 1155677233 M * michal_ maj preszyssss.;p 1155677253 Q * dna Quit: Verlassend 1155677349 M * matti ;p 1155677352 M * matti michal_: Oh. 1155677353 M * matti ;] 1155677363 M * matti michal_: You're not on #ck I assume? 1155677383 M * michal_ hm...how do i use vc_enter_namespace & co from my code? 1155677396 M * michal_ matti i was..mayby i've forgot to join 1155677403 M * matti ;-p 1155677405 M * matti Well, then. 1155677406 M * matti [23:27:13] < matti> Kuril: So, if I've 1 GB, I should use VMSPLIT_3G_OPT and CONFIG_HIGHPTE. On machine with 2 GB, should I choose VMSPLIT_2G instead of VMSPLIT_3G_OPT? 1155677409 M * matti [23:27:35] < matti> Kuril: I know, that 2nd level pagetables can lower performance... a bit. 1155677412 M * matti [23:27:53] < matti> Kuril: So, VMSPLIT_2G for 2 GB of ram will be most appropriate? 1155677415 M * matti Sorry for paste. 1155677417 M * matti ;] 1155677424 M * matti michal_: Read it please, and tell me, what you think. 1155677473 M * michal_ to be honest - Bertl is best in this game :) 1155677486 M * matti michal_: BTW, I'll release 2.6.17.8-grsec2.1.9-vs2.0.2-rc28-cks1 after testing. 1155677492 M * matti michal_: Probably little later. 1155677492 M * matti ;] 1155677497 M * michal_ i would use VMSPLIT_2G on 2 GB machine 1155677511 M * Hollow mnemoc: whirlpool is now in lucid trunk, use http://home.xnull.de/misc/whirlpool-iso-test.c to test it, should output: http://paste.linux-vserver.org/244 1155677544 M * matti Hollow: :) 1155677553 M * matti Bertl: So, what you think? 1155677558 M * matti ;] 1155677563 M * Hollow hi matti ;) 1155677573 M * matti Hollow: Also... what you think ;p 1155677574 M * matti ;p 1155677580 M * Hollow about? 1155677589 M * mnemoc Hollow: what a monster hash 1155677598 M * Hollow *g* 1155677600 M * Hollow 512 bit 1155677604 M * matti ;p 1155677670 A * michal_ loves whirlpool 1155677690 M * Hollow :) 1155677755 M * Hollow mnemoc: i tested it on a dual core opteron, worked fine as well, so i guess we take whirlpool ;) 1155677764 M * mnemoc :D 1155677895 M * mnemoc whirlpoolsum is missing now :p 1155677895 M * michal_ for what? 1155677895 M * michal_ i'm for it anyway :) 1155677901 M * michal_ michal@platinum:~> gcc -o enter /home/users/michal/code/vserver/util-vserver-0.30.210/lib/lib_libvserver_a-syscall_enternamespace.o enter.o 1155677908 J * Adrinael adrinael@hoasb-ff09dd00-79.dhcp.inet.fi 1155677911 M * michal_ let's play ;) 1155677912 M * mnemoc michal_: vxdb passwords 1155677941 M * michal_ vxdb? 1155677946 M * matti ROTFL 1155677951 M * matti #ck guys r00x 1155677953 M * matti ;p 1155677954 M * matti Hehehe. 1155677968 M * matti I almost flooded myself with precious coffee. 1155677968 M * matti ;] 1155678010 M * michal_ oh man 1155678010 M * michal_ how could youi ! ;p 1155678011 M * michal_ btw, matti 1155678011 M * michal_ i'm gona have a cat! 1155678013 M * mnemoc micah: the database of vcd 1155678028 M * mnemoc micah: sorry 1155678034 M * mnemoc michal_: the database of vcd 1155678048 M * matti michal_: Cat? Really? 1155678053 M * michal_ vcd beeing?;p 1155678059 M * matti michal_: I though, you want yo find a wife. 1155678062 M * mnemoc vserver control daemon 1155678078 M * mnemoc the replacement for utils-version 1155678080 M * mnemoc err 1155678083 M * mnemoc utils-vserver 1155678089 M * mnemoc stupid fingers 1155678098 M * matti mnemoc: You look like someone with need for coffee ;] 1155678105 A * matti hands mnemoc a cup of hot coffee. 1155678105 M * matti ;] 1155678108 J * Aiken ~james@tooax8-114.dialup.optusnet.com.au 1155678114 M * michal_ matti lol 1155678125 M * Hollow mnemoc: vcd updated as well 1155678131 M * michal_ ncool idea mnemoc. 1155678144 M * michal_ don't forget about a nice vserver library for me! 1155678144 J * mire ~mire@110-167-222-85.COOL.ADSL.VLine.Verat.NET 1155678157 M * matti michal_: You can ask Hollow about vcd. 1155678164 M * mnemoc matti: full agree 1155678176 M * matti michal_: This is his baby. 1155678179 M * matti michal_: Sort of. 1155678180 M * matti ;] 1155678186 M * matti mnemoc: ;-) 1155678190 M * Hollow michal_: libvserver is a nice vserver library ;) 1155678202 M * michal_ :] 1155678205 M * mnemoc michal_: http://svn.linux-vserver.org/viewvc.py/libvserver/trunk/ 1155678217 M * michal_ matti cat is a _lot_ better than a girl/wife :] 1155678229 M * Hollow mnemoc: you're even fast than me switching to konqueror looking up this url :p 1155678231 M * michal_ hollow,lol 1155678232 A * matti is about to establish Coffe Aid Center. 1155678250 M * michal_ will i be able to use it for just entering a vserver from my code? 1155678251 M * matti For every geeks and so on... ;-) 1155678257 M * matti s/Coffe/Coffee/ 1155678275 M * Hollow michal_: yep, it is just a library with all vsever syscalls 1155678280 M * mnemoc Hollow: :D 1155678290 M * Hollow so, you can do vx_enter_namespace, vx_migrate, nx_migrate chroot etc, to get in 1155678300 M * matti michal_: I though so... that's why I've three cats ;p 1155678312 M * michal_ i might use it for my project... 1155678313 M * matti michal_: What lucky I am ;p 1155678331 M * michal_ ;p 1155678343 M * matti michal_: BTW, remember my problem with permission denied and pax? 1155678346 M * michal_ fiona is a small cat now 1155678357 M * matti michal_: This was because of broken glic in gentoo. 1155678369 M * matti michal_: solar helped me with fixing this. 1155678397 M * michal_ lol 1155678397 M * michal_ man 1155678398 M * michal_ stop with that gentoo toy 1155678403 M * Hollow michal_: as a sample how to get in: http://svn.linux-vserver.org/viewvc.py/vcd/trunk/src/vcc/login.c?revision=316&view=markup after xmlrpc_DECREF is the enter procedure 1155678404 M * matti michal_: Oh, go to hell ;p 1155678425 A * Hollow pats larry the cow 1155678431 M * matti LOL 1155678435 M * matti Hollow: ;] 1155678438 M * Hollow :) 1155678470 M * michal_ :] 1155678490 M * matti s/glic/glibc/ 1155678491 M * matti ;] 1155678497 M * matti Uh, k. 1155678552 M * matti I am off to testing 2.6.17.8-grsec2.1.9-vs2.0.2-rc28-cks1 ;] 1155678558 M * michal_ matti, should we set some kind of vservers-cats-clug?;p 1155678559 M * michal_ y 1155678559 M * michal_ club 1155678559 M * michal_ VserverUsersCatsClub 1155678559 M * michal_ VUCC 1155678560 M * Hollow jee 1155678578 M * matti michal_: Thanks for the hint about vmsplit. 1155678604 M * matti michal_: Ineed we should. 1155678617 M * michal_ everything for you ;) 1155678629 M * matti michal_: Will be like some sunday school ;p 1155678651 M * matti ;p 1155678656 M * michal_ lol 1155678706 M * matti k, guys. 1155678709 M * matti Back to testing ;] 1155678712 M * matti Have a good one! 1155678713 M * matti ;] 1155678736 M * matti michal_: Pssyt... don't over-feed your cat... it might explode ;p 1155678737 M * matti ;p 1155678766 M * michal_ cya 1155678766 M * michal_ lol 1155678780 M * michal_ hey, it was cruel ;) 1155678787 M * matti ;-p 1155678791 M * matti Bite me ;p 1155678792 M * matti ;p 1155678797 M * matti ;-) 1155678811 Q * matti Quit: 8-X 1155679041 M * Bertl as you smart folks probably figured, I got disconnected .. back now ... reading up 1155679167 M * michal_ holl 1155679174 M * Bertl okay, besides a little chit-chat, I found the enter question, is that right? 1155679197 M * michal_ hollow 1155679212 M * Hollow <- 1155679214 M * michal_ bertl...yes - but i think i will use hollow's library 1155679214 M * michal_ it looks cool 1155679228 M * Bertl ah, excellent, was going to suggest that too 1155679246 M * Bertl otherwise you can rip of whatever code you need from vcmd 1155679253 M * michal_ michal@platinum:~/code/vserver> LANG=C svn co http://svn.linux-vserver.org/libvserver/trunk 1155679256 M * michal_ svn: PROPFIND request failed on '/libvserver/trunk' 1155679258 M * michal_ svn: PROPFIND of '/libvserver/trunk': 405 Method Not Allowed (http://svn.linux-vserver.org) 1155679269 M * Hollow use svn.linux-vserver.oef/svn/ 1155679273 M * Hollow org 1155679283 M * michal_ so i see it is officially blesed ibrary 1155679283 M * michal_ makes me happy :] 1155679292 M * Bertl but oef sounds more interesting :) 1155679329 M * michal_ definitely;) 1155679496 M * michal_ ok. now on to svn co taht lib on my precious gprs connection :] 1155679510 M * Hollow sounds like fun ;) 1155679563 M * michal_ i have put Yagi anntenna on top of this house 1155679563 M * michal_ to have better signal 1155679576 M * michal_ so it quite works:] 1155679576 Q * Johnnie Read error: Connection reset by peer 1155679683 M * michal_ or mayby Hollow you could tar me newest version? 1155679699 M * michal_ i think svn is going to timeout finally 1155679715 M * Hollow michal_: yep, i could do, have to do a configure.ac cleanup, just one sec 1155679750 M * michal_ thx 1155679915 M * michal_ ok...it's going on :] 1155680027 M * Hollow michal_: http://home.xnull.de/misc/libvserver-2.0_pre20060816.tar.bz2 1155680075 M * Hollow you probably want to use the (just introduced) --disable-tools 1155680117 M * daniel_hozac michal_: FYI, util-vserver has a libvserver as well. 1155680337 Q * mire Quit: Leaving 1155680694 N * Nam Nam-brb 1155680739 J * nammie ~nam@S0106001195551ff0.va.shawcable.net 1155680795 N * nammie Nam 1155680909 Q * Snow-Man Ping timeout: 480 seconds 1155680921 M * michal_ michal@platinum:~> gcc -o enter enter.c -lvserver 1155680921 M * michal_ /tmp/ccKc7HNX.o: In function `main': 1155680921 M * michal_ enter.c:(.text+0x90): undefined reference to `chroot_secure_chdir' 1155680924 M * michal_ hollow? 1155681046 M * michal_ some extra library? 1155681072 M * mnemoc michal_: lucid 1155681092 M * michal_ where do i get it? 1155681097 M * mnemoc http://dev.croup.de/repos/lucid/trunk 1155681177 M * daniel_hozac libvserver doesn't link against lucid? 1155681180 Q * Nam-brb Ping timeout: 480 seconds 1155681239 M * michal_ does not look so 1155681359 M * michal_ lucid looks like a usefull library... 1155681367 M * michal_ of many handy functions 1155681690 M * michal_ cool 1155681695 M * michal_ my enter.c works now :] 1155681791 M * Bertl congrats! 1155681803 J * Johnnie ~john@dynamic-acs-24-154-53-237.zoominternet.net 1155681816 M * michal_ thx :) 1155681825 M * Bertl welcome Johnnie! LTNS! 1155681825 M * michal_ credit mostly goes to libvserver :) 1155681838 M * michal_ now making this pam module will be trivial 1155681859 M * Bertl I guess that was the idea behind that :) 1155681947 M * Bertl michal_: once 2.0.2 is out and we work on 2.1.x and head towards 2.2.x we should definitely have a longer talk about rsbac/pax, what do you think? 1155681968 M * Johnnie Hey Bertl, thanks. ;) 1155681983 M * michal_ Bertl: definitely i'm towards it 1155682001 M * michal_ a lot of interesting posibilities out there 1155682132 Q * mnemoc Ping timeout: 480 seconds 1155682148 M * daniel_hozac Hollow: i guess you won't be having compatibility stuff in libvserver? 1155682270 M * daniel_hozac Hollow, michal_: hmm, that libvserver doesn't build for me. 1155682297 M * daniel_hozac syscall.c:34: error: conflicting types for 'sys_clone' 1155682298 M * daniel_hozac vserver.h:63: error: previous declaration of 'sys_clone' was here 1155682422 M * michal_ works here like a charm... 1155682521 M * daniel_hozac Hollow: and does _syscall5 avoid all of the sparc/s390 oddities? 1155682611 J * mnemoc ~amery@kilo105.server4you.de 1155682624 Q * comfrey Ping timeout: 480 seconds 1155682738 Q * PowerKe Quit: Oops, wrong button 1155683026 M * michal_ ok 1155683069 M * michal_ Bertl: so, i'm talking to you from sarge vserver, but have entered there 'cause user michal is configured to be put there by pam :P 1155683081 M * michal_ now only to clean it, etc... 1155683102 M * michal_ it's ugly pam_chroot -> pam_vserver 5 minutes hack 1155683196 M * michal_ thank you guys, heading to sleep now...have to wake up in 4 hours. have a good rest of 1155683200 M * michal_ cya:) 1155683872 M * Bertl k, cya! 1155684114 M * Bertl gee, those ABIT folks really frightened me :) 1155684154 M * Bertl (they have a bright _red_ led to show that +5V is present :) 1155684178 M * Bertl of course I turned off power immediately ... 1155684180 M * Johnnie My heavens, what's come over them? 1155684907 Q * ag- Quit: BRB 1155684908 M * Bertl no idea, had to double check with the manual _and_ measure the +5V standby (it's fine and within limits :) to convince myself that this is fine :) 1155684935 J * ag- ag@caladan.roxor.cx 1155685047 M * Johnnie Glad it works. ;) 1155685054 M * Johnnie We can't have you not doing vserver production. 1155685057 M * Johnnie haha 1155685230 M * Bertl yeah, well, you might laugh, but I'm actually trying to get a new 'real' test machine working 1155685251 M * Bertl test machines have become scarce over the last year 1155685646 M * Bertl okay, off to bed now ... have a nice one everyone! cya! 1155685651 N * Bertl Bertl_zZ 1155685652 M * Skram Peace, Bertl_zZ 1155685664 M * Johnnie G'night, Bertl_zZ. 1155685694 M * Wonka piece!