1158192796 Q * serving Ping timeout: 480 seconds 1158198188 J * Piet hiddenserv@tor.noreply.org 1158198997 Q * Piet Ping timeout: 480 seconds 1158199520 J * serving ~serving@86.108.105.39 1158200315 J * Aiken_ ~james@tooax6-203.dialup.optusnet.com.au 1158200463 Q * derjohn2 hydrogen.oftc.net quasar.oftc.net 1158200463 Q * nayco hydrogen.oftc.net quasar.oftc.net 1158200463 Q * cehteh hydrogen.oftc.net quasar.oftc.net 1158200463 Q * starlein hydrogen.oftc.net quasar.oftc.net 1158200463 Q * derjohn hydrogen.oftc.net quasar.oftc.net 1158200463 Q * ebiederm hydrogen.oftc.net quasar.oftc.net 1158200463 Q * lylix hydrogen.oftc.net quasar.oftc.net 1158200463 Q * transacid hydrogen.oftc.net quasar.oftc.net 1158200463 Q * nebuchadnezzar hydrogen.oftc.net quasar.oftc.net 1158200463 Q * MooingLemur hydrogen.oftc.net quasar.oftc.net 1158200463 Q * cryptronic hydrogen.oftc.net quasar.oftc.net 1158200463 Q * phreak`` hydrogen.oftc.net quasar.oftc.net 1158200463 Q * tanjix hydrogen.oftc.net quasar.oftc.net 1158200467 Q * somegeek hydrogen.oftc.net neutron.oftc.net 1158200467 Q * blizz hydrogen.oftc.net neutron.oftc.net 1158200467 Q * mountie hydrogen.oftc.net neutron.oftc.net 1158200467 Q * glut hydrogen.oftc.net neutron.oftc.net 1158200467 Q * Roey hydrogen.oftc.net neutron.oftc.net 1158200467 Q * mnemoc hydrogen.oftc.net neutron.oftc.net 1158200467 Q * s0undt3ch hydrogen.oftc.net neutron.oftc.net 1158200467 Q * Adrinael hydrogen.oftc.net neutron.oftc.net 1158200467 Q * phedny hydrogen.oftc.net neutron.oftc.net 1158200467 Q * sid3windr hydrogen.oftc.net neutron.oftc.net 1158200467 Q * virtuoso hydrogen.oftc.net neutron.oftc.net 1158200467 Q * mcp hydrogen.oftc.net neutron.oftc.net 1158200467 Q * kaner charon.oftc.net venus.oftc.net 1158200467 Q * fosco charon.oftc.net venus.oftc.net 1158200467 Q * Hunger charon.oftc.net venus.oftc.net 1158200467 Q * weasel charon.oftc.net venus.oftc.net 1158200527 J * kaner kaner@strace.org 1158200527 J * fosco fosco@konoha.devnullteam.org 1158200527 J * weasel weasel@weasel.noc.oftc.net 1158200527 J * Hunger Hunger.hu@Hunger.hu 1158200540 J * somegeek hiddenserv@tor.noreply.org 1158200540 J * s0undt3ch ~s0undt3ch@bl7-245-72.dsl.telepac.pt 1158200540 J * mnemoc ~amery@kilo105.server4you.de 1158200540 J * Adrinael adrinael@hoasb-ff0edd00-43.dhcp.inet.fi 1158200540 J * mcp ~hightower@wolk-project.de 1158200540 J * Roey ~katz@h-69-3-4-130.mclnva23.covad.net 1158200540 J * glut glut@no.suid.pl 1158200540 J * virtuoso ~s0t0na@shisha.spb.ru 1158200540 J * sid3windr luser@bastard-operator.from-hell.be 1158200540 J * mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com 1158200540 J * phedny ~mark@volcano.p-bierman.nl 1158200540 J * blizz ~blizz@evilhackerdu.de 1158200541 M * Bertl hmm ... big splitting :) 1158200557 J * derjohn2 ~aj@dslb-084-058-198-091.pools.arcor-ip.net 1158200557 J * nayco ~nayco@proxy2.laroche.univ-nantes.fr 1158200557 J * cehteh ~ct@cehteh.homeunix.org 1158200557 J * starlein star@fo0bar.de 1158200557 J * derjohn ~derjohn@80.69.37.19 1158200557 J * lylix ~eric@dynamic-acs-24-154-53-234.zoominternet.net 1158200557 J * ebiederm ~eric@ebiederm.dsl.xmission.com 1158200557 J * transacid ~transacid@transacid.de 1158200557 J * nebuchadnezzar ~nebu@zion.asgardr.info 1158200557 J * MooingLemur ~troy@shells200.pinchaser.com 1158200557 J * cryptronic crypt@mail.openvcp.org 1158200557 J * tanjix ~tanjix@office.star-hosting.de 1158200557 J * phreak`` ~phreak``@140.211.166.183 1158200642 Q * Aiken Ping timeout: 480 seconds 1158200720 M * morfoh Bertl: right you are :) 1158201887 J * ensc_ ~irc-ensc@p54B4D5FC.dip.t-dialin.net 1158201946 N * ensc_ Guest400 1158201999 Q * ensc Ping timeout: 480 seconds 1158203127 Q * Loki|muh Read error: Connection reset by peer 1158203504 J * Loki|muh loki@satanix.de 1158204191 Q * Nam Read error: Connection reset by peer 1158205026 J * _node node@c-69-143-148-254.hsd1.md.comcast.net 1158206376 J * Piet hiddenserv@tor.noreply.org 1158207222 Q * _node Ping timeout: 480 seconds 1158207234 J * _node node@c-69-143-148-254.hsd1.md.comcast.net 1158208236 M * Bertl okay, I'm off to bed for today ... have a good one everyone! 1158208242 N * Bertl Bertl_zZ 1158208320 Q * Loki|muh Read error: Connection reset by peer 1158208428 M * Skram Peace, Bertl_zZ 1158208488 J * Loki|muh loki@satanix.de 1158209561 M * cehteh so ... set up aide in the root-server to monitor guests, is simpler than i thought, but has still some nasty problems to circumvent .. 1158209589 M * cehteh i'll prolly write a small article on the wiki about that later 1158209755 M * Skram yeah 1158209763 M * Skram ive been doing that for a bit 1158209777 M * cehteh oh 1158209781 M * Skram there isnt much documentation on aide 1158209782 M * Skram but cool 1158209795 M * Skram just chiming in :) 1158209816 M * cehteh # cat /etc/aide/aide.vserver.conf.d/20_aide_vservers 1158209816 M * cehteh #!/bin/sh 1158209816 M * cehteh echo "@@define VSERVERS $(echo -n '('; for i in $(ls /vservers); do echo -n "|vservers/$i/"; done; echo ')')" 1158209844 M * Skram oh, i am just running it on the main server 1158209852 M * Skram *root 1158209852 M * cehteh you know the debian method driving aide/constructing the config? :) 1158209856 M * Skram nope 1158209862 M * Skram <-- gentoo and centos hosts 1158209863 M * cehteh ah ok 1158209905 M * cehteh well debian provides a exentsive conf.d/ directory method which autogenerates the configuration 1158209923 M * Skram i see 1158209925 M * cehteh so you can throw small config snippets into it 1158209929 M * Skram i dont think aide is even in portage 1158209941 M * Skram I remember compiling it from source 1158209982 M * cehteh # cat /etc/aide/aide.vserver.conf.d/31_aide_gpg 1158209988 M * cehteh /@@{VSERVERS}root/.gnupg/random_seed$ VarFile 1158210010 M * cehteh see the idea .. the first snippet defines a list of vservers 1158210029 M * cehteh and then the configuation snippets use it 1158210033 M * Skram yeah 1158210035 M * Skram cool 1158210073 M * cehteh well, now running it and lets see if my server can stand the load 1158210096 M * cehteh reduces the hashes to sha1+md160 .. should be enough 1158210191 M * Skram cool 1158210241 M * cehteh mhm does aide recompute the checksums on each run .. guess yes or? 1158210265 M * cehteh i mean .. it cant trust mtime/ctime for its job :P 1158211149 Q * _node Ping timeout: 480 seconds 1158213479 Q * serving Ping timeout: 480 seconds 1158214269 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net 1158214407 J * meandtheshell ~markus@85-125-230-178.dynamic.xdsl-line.inode.at 1158216187 J * dna_ ~naucki@p54BCDAE1.dip.t-dialin.net 1158216587 J * dna___ ~naucki@p54BCDAE1.dip.t-dialin.net 1158216958 A * kir is back (gone 07:38:28) 1158216989 Q * dna_ Ping timeout: 480 seconds 1158217294 J * dna_ ~naucki@p54BCDAE1.dip.t-dialin.net 1158217635 J * id23 ~id@p50813FC3.dip0.t-ipconnect.de 1158217654 Q * dna___ Ping timeout: 480 seconds 1158217712 Q * Aiken_ Ping timeout: 480 seconds 1158217863 J * dna___ ~naucki@p54BCF82C.dip.t-dialin.net 1158218259 Q * dna_ Ping timeout: 480 seconds 1158219583 J * yarihm ~yarihm@whitehead2.nine.ch 1158219917 J * renihs ~penguin@83-65-34-34.arsenal.xdsl-line.inode.at 1158220199 J * serving ~serving@86.108.101.109 1158220421 J * prae ~Benjamin@5-63.206-83.static-ip.oleane.fr 1158220601 Q * michal_ Quit: REBOOT! 1158221011 J * id10111 ~id@p50813FC3.dip0.t-ipconnect.de 1158221019 P * id10111 1158221719 Q * serving Read error: Connection reset by peer 1158221802 M * Wonka has anyone played with vserver and rsbac? 1158221949 M * daniel_hozac michal IIRC. 1158222542 M * Wonka any results? 1158222576 M * daniel_hozac that i don't remember... 1158222638 J * telmich ~deadghost@cable-static-233-101.eblcom.ch 1158222639 M * telmich moin 1158222645 M * Wonka moin telmich 1158222671 M * Wonka telmich here is interested in vserver with rsbac 1158222753 M * derjohn2 are there any news about the "mysql-crashed-in-devel-rc31" bug ? 1158222787 M * derjohn2 I have mysql too that stops answering queries (after several days) 1158222989 M * renihs hmm can i have xorg-x11 AND xgl both installed or are there any conflicts? 1158223018 M * daniel_hozac isn't xgl an X extension? 1158223034 M * daniel_hozac derjohn2: no, not yet AFAIK. 1158223052 M * daniel_hozac Wonka, telmich: i guess you'll have to wait for michal to join ;) 1158223053 M * Wonka renihs: afaik, xgl needs a running xserver, at the moment. 1158223078 M * Wonka renihs: so there would be problems with xgl alone :) 1158223093 M * renihs Wonka, so i can have "both" and start without exension too? 1158223094 M * renihs hmm 1158223102 M * Wonka yes 1158223125 M * renihs mkay, then i need to add it 1158223548 M * renihs now i only need to modify my scripts to launch xgl when nvidia is detected, normal x when something else 1158223554 M * renihs thats easy :) 1158223730 M * derjohn2 daniel_hozac, thx. i'll switch back to stable on that machine i think. 1158223730 M * renihs ups 1158223733 M * renihs i was in the wrong channel 1158223735 M * renihs lol 1158223740 M * renihs and i still got an answer 1158223743 M * renihs thanks :) 1158223946 M * daniel_hozac derjohn2: didn't it require some features to be enabled? i don't remember the details. :( 1158224063 M * Wonka renihs: :) 1158224212 J * lilalinux ~plasma@dslb-084-058-204-202.pools.arcor-ip.net 1158224248 M * renihs Wonka, now i have to add it to my livedvd, i hope it doesnt mess around with my working x environment :) 1158224260 M * renihs but i need todo alot scripting as it seems :( 1158224847 Q * micah Ping timeout: 480 seconds 1158225523 J * zkbrsnie ~zkbrsnie@83-64-146-226.klosterneuburg.xdsl-line.inode.at 1158226204 Q * shedi Quit: Leaving 1158227016 J * sezuan matthias@agamemnon.ipv6.scheff32.de 1158227024 M * sezuan good morning. 1158227220 M * renihs morning 1158227563 M * nayco hello, all ! 1158228457 M * daniel_hozac hey. 1158229032 M * sid3windr is there a way to find out the hostname of the system the vserver is running on? 1158229097 M * daniel_hozac there shouldn't be, why? 1158229161 M * sid3windr yeah, I actually agree there shouldn't be ;) but on some things I'd like stuff to report "vserver x running on machine y" 1158229170 M * Loki|muh sometimes this would be very nice ;) 1158229185 M * sid3windr I'd actually put it in the sysLocation field in my snmpd ;) 1158229187 M * Loki|muh where the fuck did i put this vserver on... 1158229189 M * Loki|muh ;) 1158229205 M * sid3windr I only have 6 servers so not a big search 1158229216 M * sid3windr but cosmetically it would be nice if I don't have to update it when I move one ;) 1158229256 M * Loki|muh you can check it via the mac adress *g* 1158229432 M * sid3windr myuh, but not really automatically;) 1158229440 M * Loki|muh hehe 1158229615 Q * zkbrsnie 1158229724 M * morfoh hi * 1158229768 M * Loki|muh hi m*h 1158229851 M * daniel_hozac sid3windr: add a post-start script that does hostname > $1/running-on? 1158229881 M * sid3windr good point 1158229885 M * sid3windr thanks! :) 1158229910 Q * prae Quit: Quitte 1158229953 M * sezuan I've a little problem: 1158229953 M * sezuan getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0 1158229954 M * sezuan setrlimit(RLIMIT_STACK, {rlim_cur=2044*1024, rlim_max=RLIM_INFINITY}) = 1158229968 M * sezuan after that, the program gonna be killed. 1158229999 Q * cdrx Ping timeout: 480 seconds 1158230069 M * sezuan Can I allow that command? 1158230095 M * daniel_hozac that command should succeed. 1158230105 M * sezuan hm. 1158230106 M * daniel_hozac it's just lowering the limit. 1158230164 M * daniel_hozac your process may already be over the limit though. 1158230172 M * daniel_hozac RLIMIT_STACK 1158230172 M * daniel_hozac The maximum size of the process stack, in bytes. Upon reaching this limit, a SIGSEGV signal is generated. To handle this 1158230175 M * daniel_hozac signal, a process must employ an alternate signal stack (sigaltstack(2)). 1158230321 M * sezuan you're right. 1158230492 M * sezuan interessting. It's not the rlimit, the application tries to bind the host ip. 1158230629 M * derjohn off-topic question: does anyone have experience with vmware esx ? 1158231085 M * renihs not really, since it only runs of NAS/iscsi :) 1158231128 M * harry bilbo:~# vserver limbak start 1158231128 M * harry ERROR: trying to add VLAN #94 to IF -:eth2:- error: Invalid argument 1158231131 M * harry why do i get this? 1158231147 M * harry eth2.94 allready exists 1158231178 M * waldi use nodev if you want to use existing interfaces 1158231199 M * daniel_hozac and novlandev to get it to not create the VLAN. 1158231202 M * harry the interface exists... there is no ip defined 1158231219 M * harry if i let it create vlan, it doesn't work :S 1158231231 M * daniel_hozac why not? 1158231250 M * harry bilbo:~# vserver limbak start 1158231250 M * harry ERROR: trying to add VLAN #94 to IF -:eth2:- error: Invalid argument 1158231250 M * harry Cannot find device "eth2.94" 1158231250 M * harry SIOCGIFFLAGS: No such device 1158231250 M * harry Cannot find device "eth2.94" 1158231252 M * harry Cannot find device "eth2.94" 1158231268 M * harry that's when no eth2.x or eth2 is enabled at boot 1158231275 M * harry when i just start vserver 1158231284 M * harry unless off course, i have to do stuff to make vlans work 1158231315 M * harry i have: echo eth2.94 > dev 1158231379 M * derjohn renihs, what kind of " runs that thing? Do they snip a mechanism to create snapshots? And ftp/rysnc to backup those images? 1158231501 M * daniel_hozac harry: do you get anything in dmesg? 1158231511 A * harry is rebooting now... 1158231522 M * harry well... not me off course, but the server ;) 1158231542 M * renihs derjohn, it uses vmfs which has snapshot functionality 1158231578 M * renihs SX Server 3.0 can only be storing virtual machines on NAS and iSCSI. iSCSI LUNs, like Fibre Channel LUNs, can be formatted with the VMware file system(VMFS) 1158231580 M * renihs :) 1158231608 M * harry hmm... collegues beggin to go to lunch... so i'll be back :) 1158231615 M * harry tnx for the novlandev info :) 1158231617 P * abi >>Homeland Security Advisory System<<; Current Terror-Alert Status: SEVERE (Severe Risk of Terrorist Attacks) 1158232095 Q * Piet Quit: :tiuQ 1158233419 J * ay ay@false.linpro.no 1158233489 M * ay Hi. I've just migrated a 2.4 based vserver-farm to a 2.6 vserver farm.. And I am having troubles with 127.0.0.1 1158233514 M * daniel_hozac what sort of troubles? 1158233516 M * ay Is there any docs on this? has support for 127.0.0.1 disapaired? 1158233530 M * ay Well 2.6-series does not seem to support it? 1158233531 M * ay Or? 1158233537 M * daniel_hozac support what? 1158233542 M * renihs lo 1158233543 M * renihs :) 1158233550 M * ay Binding to it.. 1158233558 M * daniel_hozac binding to it should work fine. 1158233566 M * daniel_hozac it's rewritten to the guest's first IP address. 1158233592 M * ay Under the hood? 1158233633 M * daniel_hozac hmm? netstat will report the guest's first IP address, as will getsockname. 1158233644 M * daniel_hozac what exactly is your problem? 1158233674 M * ay Well. Some services has the bad habit of wanting to talk over 127.0.0.1 no matter what.. And they are not allowed to bind to 127.0.0.1.. 1158233685 M * ay Might just be me misconfiguration something. 1158233690 M * daniel_hozac have you assigned 127.0.0.1 to your guests? 1158233709 M * ay Nope. 1158233711 M * daniel_hozac good. 1158233818 M * ay using the debian/ubuntu newvserver tools and stuff. localhost should "just work"? Or do you need to set it up specicly? 1158233831 M * daniel_hozac uh, you really shouldn't use newvserver. 1158233870 M * ay Done it manualy with vserver build ...bla.bla. dbootstrap etc also. 1158233874 M * ay What's the alternative? 1158233910 M * daniel_hozac vserver ... build should make it just work. what version are you using? 1158233997 M * daniel_hozac (it doesn't have to do anything to make it work though. it should all be the default behaviour) 1158234027 M * ay kernel 2.6.15-vs2.0.1.3 1158234036 M * daniel_hozac umm, why such an old version? 1158234057 M * ay vserver 0.30.204 -- manages the state of vservers 1158234077 M * ay Well. It's been a while :-) 1158234145 M * daniel_hozac like 7 months? 1158234209 M * ay But should 1158234211 M * ay vserver v-test build -m debootstrap --hostname v-test \ 1158234211 M * ay --interface eth0:80.232.36.93/27 — -d sarge — \ 1158234212 M * ay --exclude="sparc-utils,dhcp-client,lilo,makedev,pcmcia-cs,ppp,pppconfig,pppoe,pppoeconf,setserial,syslinux,fdutils,libpcap0,iptables,pciutils" 1158234232 M * ay Give me a nice vserver _with_ 127.0.0.1 with no extra configuration? 1158234256 M * daniel_hozac if by _with_ 127.0.0.1 you mean the rewriting behaviour, yes. 1158234279 M * ay should ip and ifconfig show a fake 127.0.0.1 1158234348 M * daniel_hozac no. 1158234370 M * daniel_hozac an isolated per-guest loopback is still experimental. 1158234460 M * ay But can a program on the guest bind to let's say port 1234 on the _ip_ 127.0.0.1 (and not the name localhost - which can be pointet to real ip in /etc/hosts) 1158234522 M * daniel_hozac yes, and it will be rewritten to the first IP address of the guest. 1158234603 M * ay Hm. Ok. What happends if you say bind *:1234 and it binds to fake-127.0.0.1 and say 80.90.100.123.. Will there be any magic or will it say (port allready in use) because it's acctually the same address.. 1158234696 M * daniel_hozac *:1234 is also rewritten to the guest's first IP address. 1158234708 M * daniel_hozac unless the guest has many IP addresses, in which case it will stay as 1158234711 M * daniel_hozac *:1234 1158234832 M * ay Hm. 1158235225 M * ay Is the vserver-tools package in sync with the kernel-patch, even if it's 7 months old. 1158235261 M * ay And should i _really_ upgrade to a newer version (of kernelpatch? Of Vserver-tools? Of both?) 1158235448 M * daniel_hozac i'd upgrade both, but i guess that's just me. 1158235534 Q * derjohn2 Ping timeout: 480 seconds 1158235548 J * derjohn2 ~aj@dslb-084-058-254-138.pools.arcor-ip.net 1158235630 M * daniel_hozac and the tools are very backwards compatible. 1158235646 M * harry back! 1158235654 J * prae ~Benjamin@5-63.206-83.static-ip.oleane.fr 1158235676 M * ay But are they version-wise in sync? 1158235682 M * daniel_hozac what do you mean? 1158235705 M * ay Is vserver 2.0.1.3 and vserver-tools 0.30.204 is "sync" 1158235710 M * ay s/is/in/ 1158235731 M * ay Meaning, compatible, doing the right stuff etc. 1158235735 M * daniel_hozac yes. 1158235752 M * ay Maybe except 127.0.0.1 stuff. 1158235763 M * daniel_hozac that's purely a kernel thing. 1158235778 M * ay But the rewriting has worked all along, right? It's not been broken and fixed or something? 1158235783 M * daniel_hozac util-vserver will work with pretty much any kernel since 1.2. 1158235797 M * daniel_hozac it's been improved, but i don't think it was ever broken. 1158235935 M * harry daniel_hozac: have a bit of time for the vlan stuff? 1158235949 M * daniel_hozac sure, not that i know it very well. 1158235951 M * harry i now removed ALL eth0, eth2 and eth3 config from my std debian install 1158235960 M * harry so i'm booting the machine now... 1158235968 M * harry only 1 vserver is defined, limbak 1158235970 M * harry hostname: bilbo 1158235977 M * harry (just scetching the situation ;)) 1158235987 M * harry vlan 94 and 95 are on eth2 1158235988 J * s0undt3ch_ ~s0undt3ch@bl7-254-160.dsl.telepac.pt 1158235994 M * harry 49 and 164 are on eth0 1158235997 Q * s0undt3ch Read error: Connection reset by peer 1158235998 M * harry (irrelevant ;)) 1158236000 N * s0undt3ch_ s0undt3ch 1158236038 M * harry bilbo:~# cat /usr/local/etc/vservers/limbak/interfaces/0/* 1158236038 M * harry eth2.94 1158236038 M * harry 134.58.241.36 1158236038 M * harry 24d 1158236044 M * harry whoops 1158236048 M * harry anyway: prefix is 24 ;) 1158236063 M * harry should that do the trick? 1158236071 M * harry putting vlan 94 on eth2 1158236079 M * harry and setting the ip etc...? 1158236085 M * harry or do i forget something 1158236087 M * daniel_hozac yep. 1158236119 M * harry what do i forget? 1158236128 M * harry or: it does the trick/should do the trick :)) 1158236211 M * daniel_hozac it should do the trick ;) 1158236225 M * harry bilbo:~# vserver limbak start 1158236225 M * harry ERROR: trying to add VLAN #94 to IF -:eth2:- error: Invalid argument 1158236225 M * harry Cannot find device "eth2.94" 1158236225 M * harry SIOCGIFFLAGS: No such device 1158236225 M * harry Cannot find device "eth2.94" 1158236227 M * harry Cannot find device "eth2.94" 1158236230 M * harry again... 1158236267 M * daniel_hozac did you get anything in dmesg this time? 1158236273 M * harry nothing 1158236280 M * harry (nothing special, besides the mounts etc... 1158236289 M * harry process `syslogd' is using obsolete setsockopt SO_BSDCOMPAT 1158236299 M * harry that maybe...b ut that's just syslog ;) 1158236341 M * daniel_hozac eth2 does exist, right? 1158236354 M * harry eth2 Link encap:Ethernet HWaddr 00:0D:56:6F:7A:38 1158236365 M * harry vconfig add eth2 94 works fine 1158236367 M * daniel_hozac is it up? 1158236378 M * harry hmm... no it isn't 1158236408 M * harry only eth1 is up (ssh'ing through that one ;)) 1158236439 M * harry wiiiiiiii... if i just do ifconfig eth2 up 1158236442 M * harry it does the trick :) 1158236449 M * daniel_hozac there you go. 1158236694 M * harry tnx a lot :) 1158236709 M * daniel_hozac not that i did much of anything, but you're welcome :) 1158236745 M * harry i thought vserver will bring eth2 up for that automagically :) 1158236865 M * harry wiiiiii... per vserver routing etc... it is all ... easy! 1158236873 M * harry vlan definitions 1158236877 M * harry all magic! all goooooooooood ;) 1158236959 M * sid3windr note to self: harry = weirdo 1158236972 A * sid3windr hides behind his monitor 1158237140 M * daniel_hozac lol 1158237536 A * harry never agressive... 1158237542 A * harry too boneidle 1158237560 M * harry that's why i allways carry a REALLY sharp knife... takes less effort ;) 1158238653 M * ay Hm. I have another issue, one of my vserver has no disk, according to "df" "df /" works. 1158238656 J * shedi ~siggi@dsl-149-109-85.hive.is 1158238660 M * ay the other ones work. 1158238670 M * ay Filesystem 1K-blocks Used Available Use% Mounted on 1158238670 M * ay - 10321208 7414860 2382060 76% / 1158238682 M * ay that's with df / 1158238704 M * daniel_hozac empty /etc/mtab? 1158238723 M * ay intern:/# cat /etc/mtab 1158238723 M * ay proc /proc proc rw 0 0 1158238723 M * ay devpts /dev/pts devpts rw,gid=5,mode=620 0 0 1158238728 M * ay Only these two.. 1158238735 M * ay Not the acctuall filesystem. 1158238762 M * daniel_hozac does that guest mess with /etc/mtab while booting? 1158238820 M * ay Not sure. It's a sarge install. I'll check. 1158238828 M * ay Used newvserver *koff* 1158238852 M * ay Is newvserver a thing of the past, and should neverever be used? 1158238907 M * daniel_hozac i don't know, it (used to?) create legacy guests. 1158238935 M * ay Now everybody uses vserver build? 1158238941 M * ay Or images? 1158238946 M * daniel_hozac yes :) 1158238957 M * daniel_hozac (vserver build now supports images;)) 1158238982 M * ay Eh. tar xjvf? 1158239001 M * daniel_hozac what? 1158239002 M * ay http://mirrors.sandino.net/vserver/images/ <- These look good. 1158239028 M * ay daniel_hozac: vserver build supports images? Does it only tar xjvf the image, or does it do something fancy? 1158239059 M * daniel_hozac it does gzip/bzip2 -dc | tar/cpio/restore as appropriate. 1158239121 M * ay But no magic afterwards? You still have to stuff under /etc... 1158239287 M * daniel_hozac sure, it's not a mind reader. 1158242741 J * cdrx ~legoater@242.32.96-84.rev.gaoland.net 1158242753 M * phreak`` daniel_hozac: hrm, what patches are now applied to the svn of util-vserver ? 1158242927 Q * id23 Ping timeout: 480 seconds 1158243539 J * id23 ~id@p508121E6.dip0.t-ipconnect.de 1158245283 Q * duckx Quit: Client exiting 1158245359 Q * Snow-Man Ping timeout: 480 seconds 1158246319 Q * renihs Remote host closed the connection 1158246478 M * derjohn daniel_hozac, you told me that nforce4 runs fine on your syste, currently I have a 2.6.17-2 (debian) which fails on install with a 0x50 error. did you make any similar observations? 1158247539 M * doener derjohn: no problems here, running debian. started with etch, switched to sid a month or two later 1158247555 J * stefani ~stefani@208.99.202.100 1158247572 M * doener if I believe the timestamps in /etc, I installed it around january 1158247623 M * doener ah, /home says march, so I'd rather trust that one ;) 1158247646 N * Bertl_zZ Bertl 1158247650 M * doener morning Bertl 1158247653 M * Bertl morning folks! 1158248002 Q * yarihm Quit: Leaving 1158248011 M * harry heya 1158248014 M * harry biiiiiiiiiig q :) 1158248023 M * harry is there, in .defaults/scripts/bleh.sh 1158248033 M * harry a way to get VPS-name? 1158248049 M * harry i want to put a script in there that will account for EVERY vps 1158248059 M * harry but i need some config info of that vps 1158248339 J * h01ger ~holger@socket.layer-acht.org 1158248343 M * h01ger hi 1158248375 M * harry nobody ? 1158248376 M * Bertl hey h01ger! 1158248405 M * Bertl harry: check vserver-info, but the _name_ is the primary key for userspace 1158248423 M * harry ? 1158248430 M * h01ger i just created a vserver with debootstrap, removed the root filesystem and replaced it with the root filesystem of a previously real machine. now i get "An error occured while executing the vserver startup sequence;" when starting, but the vserver runs without problems. when is this message displayed? 1158248437 M * h01ger hi Bertl :) 1158248443 M * Bertl have to reboot .. brb 1158248450 M * h01ger enjoy :) 1158248455 M * harry i don't get it 1158248486 M * harry in /etc/vservers/.defaults/scripts/pre-start , i want to start my vps-specific routing 1158248509 M * harry but, therefor i need the ip address of the vps 1158248557 M * harry so... i need the name, so i can "cat /etc/vservers//interfaces/0/ip" 1158248568 M * harry but... how do i get that ? 1158248850 M * harry daniel_hozac: you there? 1158248864 M * harry novlandev 1158248864 M * harry When this file exists, the steps which setup and destroy a VLAN interface will be skipped. This flag should be set when a VLAN interface is used by multiple vservers or by the host. 1158248870 M * harry i found this... 1158248906 M * harry does that mean that, when i use the same vlans for different vps'es, and i stop 1 of them, it will take down the vlan??? 1158248930 M * harry won't it do some basic checks on that??? 1158248946 M * harry like: are there other ip addresses/routes over this vlan... etc? 1158248983 M * harry hmm... everyone seems dead 1158249370 M * harry everyone is silent... am i such a hard one? 1158249398 J * Snow-Man ~sfrost@kenobi.snowman.net 1158249506 M * daniel_hozac harry: no, it won't do any such checks. if you tell it to remove/create it, it will. 1158249577 M * daniel_hozac phreak``: umm, http://people.linux-vserver.org/~dhozac/p/uv/ + initenv + a CentOS/RHEL 4.4 RPM build issue fixed, at least :) 1158249663 M * daniel_hozac h01ger: when the command to start the guest returns non-zero. 1158249678 M * harry i never said: remove it 1158249680 M * harry :) 1158249692 Q * stefani Ping timeout: 480 seconds 1158249693 M * harry create it if it's used, delete it if it's unused 1158249728 M * daniel_hozac well, the tools just don't do that. 1158249731 M * h01ger daniel_hozac, and when does it return non-zero? :) 1158249739 M * h01ger (when something fails.. what?) 1158249757 M * daniel_hozac h01ger: that depends on your distribution, init style, etc. 1158249806 M * h01ger hmmm 1158249809 M * derjohn doener, thx. here it foos, it migh have to do with "[patch 31/37] dm: Fix deadlock under high i/o load in raid1 setup.". I'm stuck. 1158249818 A * harry dislikes the way that works... 1158249825 M * harry but... i guess i'll have to live with that 1158249850 M * daniel_hozac harry: if something's created when a guest is started, i fully expect it to be removed when it's stopped. 1158249854 M * daniel_hozac unless told explicitly otherwise. 1158249871 M * daniel_hozac works that way with the contexts, namespace, IP address, etc. 1158249915 M * daniel_hozac derjohn: well, i've had some occasional lock-ups during high load (like building two kernels simultaneously). 1158249931 J * bonbons ~bonbons@83.222.36.111 1158249933 M * harry this makes it sound like: if you use a vlan for 1 server, you are not allowed to use it by any other 1158249944 M * Bertl back now ... 1158249952 M * daniel_hozac harry: sure you are, but then you don't want any of the guests to create it nor remove it. 1158249964 M * daniel_hozac harry: i.e. touch novlandev. 1158249971 M * harry because: enabling it twice works perfectly, but disabling it once is enough 1158249974 M * daniel_hozac wb Bertl! 1158249980 M * harry it should have a used counter 1158249982 M * harry or so 1158249985 M * harry wb Bertl 1158250019 M * harry and is there a way to get the VPS name in a certain variable in a pre-start script? 1158250053 M * harry like: using: IF=`cat /usr/local/etc/vservers/limbak/interfaces/0/dev` 1158250063 M * harry but off course, that, i'll have to make for each vps 1158250071 M * Bertl have you checked the environment? 1158250075 M * harry if i could find a $VPSNAME or so? 1158250083 M * harry how do i do that ? 1158250092 M * Bertl 'set' ? 1158250150 M * daniel_hozac harry: the flower page says the script gets 3 parameters, the configuration directory, the name, and the action. 1158250183 A * harry checks his flowerpage... 1158250195 M * daniel_hozac hmm, no, it's not on there... 1158250209 M * daniel_hozac it is in the XML though :) 1158250213 M * harry didn't think so :) 1158250270 M * harry hehe 1158250331 M * harry argv1 is pre-start 1158250332 M * harry argv2 is stdserver 1158250332 M * harry argv3 is 1158250332 M * harry argv4 is 1158250343 M * daniel_hozac hmm. so the docs are incorrect too .) 1158250345 M * harry so it's not really configdir, name, action.. 1158250365 M * harry but... i've got what i need :) 1158250371 M * harry name :) 1158250563 M * harry wiiiiiiiii... i did it1 1158250652 M * Bertl I guess your 'i' key is stuck and the shift is broken :) 1158250733 M * daniel_hozac phreak``: i've also fixed vlogin (only when linked against glibc) and vcontext-uid (2.4 kernel). 1158250734 M * Bertl (or is this supposed to be 13375p34k?) 1158250773 M * harry can i put a default novlandev somewhere? 1158250792 M * harry Bertl: it's a silly exclamation of joy :) 1158250832 M * daniel_hozac no. 1158250840 M * harry hmmm... too bad 1158250881 M * harry gandalf:/usr/local/etc/vservers# for i in *; do > $i/interfaces/0/novlandev; done 1158250886 M * harry that one fixed it ;) 1158250960 M * ay daniel_hozac: You said vserver could use images now. man vserver referes to the manpage of vserver-build (8) .. I can't seem to find that 1158250987 M * daniel_hozac ay: "now" in this instance means svn, i guess i was a bit premature in promoting it :) 1158251004 M * ay Hehe. 1158251010 M * Bertl daniel_hozac: imho the novlandev should become a default and a 'vlandev' would be appropriate (maybe even replacing dev) 1158251011 M * daniel_hozac (or Gentoo packages) 1158251053 M * ay Anyway, man-pages for vserver-build seems to be missing in lates stable source of util-vserver.. 1158251070 M * daniel_hozac i don't know if there ever was a man page. 1158251078 M * daniel_hozac or if it was just removed due to inaccuracies. 1158251096 M * daniel_hozac vserver - build --help should tell you all you need to know though. 1158251161 M * daniel_hozac Bertl: replacing dev would be tricky, but i guess a vlandev would be possible... 1158251209 M * harry pffffft... /me totally stressie 1158251228 M * harry major upgrades/changes on our primary vserver machine! 1158251563 Q * shedi Quit: Leaving 1158251593 M * Bertl harry: stable or devel kernel? 1158252012 M * derjohn Bertl, any updates about the mysql-in-devel stuff? I have a mysql here stats stops answering queries, but the mysql "shell" is reachable. May that be the same symptom? 1158252347 N * nokoya _nokoya 1158252358 N * _nokoya nokoya 1158252754 M * harry Bertl: stable :) 1158252762 M * harry Linux gandalf 2.6.17.11-grsec2.1.9-vs2.0.2 #2 SMP Thu Sep 14 16:25:43 CEST 2006 i686 GNU/Linux 1158252771 M * harry works like a charm 1158252778 M * morfoh harry: :) 1158252811 M * harry completely rewrote advanced routing 1158252819 M * harry now advanced routing is done automatically 1158252829 M * harry only thing you need: dev, ip, prefix 1158252844 M * harry it calculates the network/gateway and sets up advanced routing for that host 1158252856 M * harry vlan defs are set at boot in /etc/networking/interfaces 1158252858 M * morfoh harry: I already noticed that I might should update to the vs2.0.2-grsec2.1.9 in our vserver package 1158252870 M * morfoh ;) 1158252886 M * harry morfoh: we've got 4 vserver servers running here.. 1158252898 M * harry and many more virtual machines off course :) 1158252902 M * harry megacool stuff :) 1158252907 M * morfoh harry: yep :) 1158252908 M * daniel_hozac you're two kernel releases behind ;) 1158252922 M * Roey hey 1158252933 M * Roey hmm. 1158252942 M * Roey anyone know of vserver causing consoles to crash 1158252943 M * Roey ? 1158252946 M * Roey tty consoles? 1158252946 M * harry daniel_hozac: who cares... they're quite useless 1158252949 M * Roey I can ssh into the box 1158252952 M * harry who uses dm for raid1 anyway :) 1158252956 M * Roey but I can't do anything from its console. 1158252962 M * morfoh harry: I like grsec quite a lot but somehow I don't feel that comfortable with the style of grsec development style 1158252977 M * morfoh but this is a different topic 1158252981 M * harry morfoh: i do... at least like this, you KNOW who writes the code :) 1158252991 M * harry i know spender and pax "team" a bit, so.. :) 1158253006 M * morfoh harry: ok ... good to know :) 1158253008 M * harry wrote some fixes for grsec too, so... :) 1158253011 P * h01ger have fun & cu 1158253023 M * morfoh harry: cool ... that I know who I can bother :) 1158253042 M * harry hehe... i don't know the internals very well... i understand most of them 1158253077 M * morfoh harry: I was just jokin' ... but it's good to have someone around here dealing with vservers on grsec 1158253081 M * harry anyway, i'm waiting for a new grsec release now... since there is a pax bug fixed in the binary loader or so... i don't remember :) 1158253120 M * harry fixed in some kernel version, but also fixed in pax a long time ago... now the pax "team" is working on it... as soon as they release a new version, i'll reintegrate 1158253133 M * harry i think my patch applies pretty clean to 17.12 btw :) 1158253139 M * harry but now... i'm off! 1158253143 M * morfoh harry: cu :) 1158253145 M * harry my business here is don :) 1158253147 M * harry done 1158253156 M * harry i've done well... /me pats self 1158253165 M * harry pets... 1158253319 Q * prae Quit: Quitte 1158253483 M * daniel_hozac Hollow: http://people.linux-vserver.org/~dhozac/p/uv/experimental/vshelper.patch how does it look? i'll test it a bit before committing. 1158253699 M * Bertl Hollow, daniel_hozac, doener: what do you think of an 2.6.17.13 'update' release? 1158253765 M * daniel_hozac just an update? 1158253799 M * Bertl well, including all fixes and cleanups of course, for 2.0.2 and 2.1.1 1158253811 M * daniel_hozac right, sounds good to me. 1158254477 M * derjohn Bertl, ping?!?! What was the behavior of the mysql-doesnt-work stuff? 1158254562 Q * lilalinux Remote host closed the connection 1158254648 J * lilalinux ~plasma@dslb-084-058-204-202.pools.arcor-ip.net 1158254738 Q * lilalinux Remote host closed the connection 1158254947 M * Bertl derjohn: it is supposed to be fixed in the upcoming 2.1.1 release 1158254961 M * Bertl derjohn: but I have no test results from ntrs yet 1158255014 J * lilalinux ~plasma@dslb-084-058-204-202.pools.arcor-ip.net 1158255035 M * Bertl s/test results/confirmation/ 1158255054 M * derjohn Bertl, what is the behavior? I have a mysql that stops answering queries, but you can fire "select * bla".. but without any results. 1158255066 M * derjohn Bertl, is that the same ? 1158255080 M * derjohn Bertl, when is 2.1.1 planned ? 1158255081 M * Bertl yes, that looks like it, although it was reported as 'locked tables' 1158255095 M * daniel_hozac Bertl: hmm, where is that delta? 1158255108 M * Bertl the new rc should be up in a few minutes including delta 1158255115 M * daniel_hozac ok, thanks. 1158255213 M * derjohn Bertl, hey, cool! That counts for devel, too? 1158255225 M * derjohn and 2.0.x.y ? 1158255231 M * Bertl this is basically the devel change: 1158255235 M * Bertl http://vserver.13thfloor.at/Stuff/delta-rc31.3.diff 1158255257 M * daniel_hozac ah, ok. 1158255344 M * Bertl derjohn: jep 2.0.2.1 :) 1158255389 M * derjohn Bertl, well, I'll think i'll wait for the release then. But for the locked mysql, I think i step "back" top stable. Or are the chances good that you and nt* spotted the source of the problem? 1158255438 M * Bertl IMHO it should be fixed (or at least equal to stable in behaviour) 1158255442 M * derjohn the problem occurs in mycase on: 2.6.16.14-p3-vs2.1.1-rc19-squash-drbd 1158255462 M * derjohn Bertl, and would other apps also lock? or only mysql ? 1158255471 M * Bertl would be interesting to test with 'just' this patch 1158255497 M * Bertl basically timers are affected as far as I can tell 1158255504 M * derjohn Well the problem is that is sometimes needs 10-14 days until it "locks" 1158255522 M * derjohn so testing might be difficult. 1158255537 M * Bertl i.c. 1158255572 M * Bertl well, I guess we have to wait for feedback from the community (especially ntrs) then 1158255619 M * Bertl I never saw this issues on my servers, so I didn't even know they existed :) 1158255713 Q * bonbons Quit: Leaving 1158255817 Q * lilalinux Remote host closed the connection 1158255862 M * phreak`` daniel_hozac: so util-vserver has now everything we had in our patch-tarball :) + some additional patches 1158255893 M * daniel_hozac phreak``: no, i think you have a few patches i haven't merged. 1158255909 M * Bertl daniel_hozac: will there be a new release soon? 1158255930 M * phreak`` daniel_hozac: ok, will look at it then :) 1158255933 M * daniel_hozac Bertl: i really want to fix the vshelper sync issues first, but after that, i don't see why not. 1158255950 J * coregrl ~comune@host11-44.pool8256.interbusiness.it 1158255952 M * coregrl hello 1158255966 M * daniel_hozac phreak``: remove traditional syscall, testsuite-fix, clone, and shell completion. 1158255981 M * daniel_hozac welcome coregrl! 1158256006 M * coregrl I'm trying to install vserver but i've a problem with pppoe, I mean my root server uses ppp0 interface to connect to internet, I tried to use the same interface with vserver but I can't access outside 1158256010 M * coregrl any hint? 1158256031 M * daniel_hozac what IP address did you give the guest? 1158256048 M * coregrl daniel_hozac: 192.168.100.1 1158256069 Q * cdrx Ping timeout: 480 seconds 1158256072 M * daniel_hozac are you NATing that to your public IP address? 1158256079 M * coregrl I've to set the same of the external pppoe interface? 1158256087 M * coregrl nope 1158256097 M * daniel_hozac no, but you have to NAT it to be able to access the internet. 1158256136 M * coregrl I c 1158256356 M * daniel_hozac phreak``: oh, and gentoo-tools and sharedportage (i don't know how i missed those the first time...). 1158256524 J * jkl ~eric@intvpn-dhcp-27.colorado.edu 1158256582 M * jkl i moved my vserver container behind a dd-wrt firewall (the container used to have a public address) and now my contexts are not accessible from the internet 1158256585 M * jkl :( 1158256670 M * daniel_hozac did you open holes through the firewall? 1158256695 M * jkl yeah, other port forwards are fine 1158256705 M * jkl ie, ssh to the container is fine 1158256713 M * jkl but imap to a context does not work 1158256714 M * daniel_hozac container == guest? 1158256723 M * jkl imap to a container from the local net is fine 1158256738 M * jkl container == host, context == guest 1158256761 M * daniel_hozac that's very confusing... container is what a context is called in the mainline discussions, IIRC :) 1158256787 M * jkl sorry, ill use better terms then 1158256798 M * daniel_hozac is the firewall running on the host? 1158256804 M * Bertl yeah, let's use 'host' and 'guest' for now :) 1158256826 M * Bertl and what does a tcpdump show on the host? 1158256827 M * jkl host is behnid a dd-wrt firewall 1158256850 M * daniel_hozac so the host does not have a public IP address? 1158256866 M * jkl no, the host does not have a public address 1158256936 M * jkl tcpdump shows some output that looks kind of strange 1158256951 M * Bertl maybe you could upload to paste.linux-vserver.org? 1158256988 M * jkl ok 1158257030 M * jkl it's up there 1158257073 M * jkl looks like it's replying to the router 1158257088 M * jkl not to the host on the outside 1158257094 M * Bertl who is 10.0.1.1 ? 1158257101 M * jkl the dd-wrt router 1158257107 M * jkl and the default gw 1158257108 M * phreak`` daniel_hozac: hrm, the template stuff is also in trunk/ ? 1158257118 M * daniel_hozac phreak``: yes. 1158257143 M * phreak`` daniel_hozac: ah, r2304 :) 1158257147 M * Bertl jkl: nah, but there is traffic between the router and host too 1158257159 M * jkl ok 1158257168 M * Bertl jkl: the 'answer' would come after that dump :) 1158257199 M * Bertl but it looks like the host doesn't know how to answer to that .. maybe a missing default route? 1158257201 M * jkl so you need more output 1158257209 M * phreak`` daniel_hozac: thus, you're merge is giving me this patchlist: http://www.rafb.net/paste/results/MnHuIj86.html 1158257232 M * Bertl what does for example ping -c 1 -I 10.0.1.15 www.google.com give? 1158257248 M * Bertl try to capture the traffic with tcpdump -vvnei eth0 icmp 1158257267 M * jkl hm ,i've got the right default route 1158257287 M * jkl where should i run the ping from, the guest? 1158257292 M * daniel_hozac phreak``: so you'll readd the traditional syscall, and remove clone? 1158257300 M * Bertl jkl: no, on the host 1158257388 M * jkl it's pasted 1158257418 M * phreak`` daniel_hozac: clone isn't even on the list, right ? (or am I misunderstanding you?) 1158257419 J * lilalinux ~plasma@dslb-084-058-204-202.pools.arcor-ip.net 1158257443 M * Bertl jkl: okay, looks fine so far, now let's test with the host ip, i.e.: 1158257445 M * daniel_hozac phreak``: right, that's my point. you had it in -r18 :) 1158257464 M * Bertl ping -c 1 -I 10.0.1.1 www.google.com 1158257468 M * phreak`` daniel_hozac: we're talking about 005_all_remove-traditional-syscall.patch and 205_all_clone.patch ? 1158257479 M * daniel_hozac yes. 1158257519 Q * somegeek Remote host closed the connection 1158257535 M * jkl i ran both the ping and dump from the host last time 1158257537 J * shedi ~siggi@inferno.lhi.is 1158257548 M * phreak`` daniel_hozac: then I'll need to check them again, since I got some rejects on those. I just removed everything that gave me an reject ;) 1158257563 M * Bertl jkl: yeah, that's okay, but with the 'guest' ip, right? 1158257583 M * jkl yes 1158257584 M * daniel_hozac phreak``: heh, well, they're not merged. 1158257597 M * Bertl jkl: okay, now try with the host ip, just to make sure 1158257598 M * jkl this next ping i have to run from the router i assume 1158257609 M * Bertl nope, host again 1158257617 J * somegeek hiddenserv@tor.noreply.org 1158257620 M * jkl can't assing the address 10.0.1.1 1158257626 M * jkl *assign 1158257650 M * Bertl host == physical machine, guest == virtual private server ... are we using the same terminology? 1158257667 M * jkl yes 1158257683 M * Bertl okay, what ip has the host? I probably got the gateway 1158257687 M * jkl i think i understand what you want 1158257690 Q * coregrl Quit: Lost terminal 1158257706 M * jkl yeah, host has 10.0.1.10 but u did not know that! 1158257719 M * Bertl okay, my fault, try with that then 1158257750 M * jkl it's ok, pasted 1158257823 M * Bertl okay, now back to the imap, is is supposed to hit the guest at 10.0.1.15, right? 1158257880 M * phreak`` daniel_hozac: hrm, looks like you applied a part of the remove_traditional_syscall patch (as the AH_BOTTOM([ thing is gone) 1158257891 M * daniel_hozac phreak``: hmm? 1158257905 M * phreak`` daniel_hozac: or ensc removed it, not sure .. 1158257912 M * phreak`` also the config.h.in is gone 1158257921 M * jkl yeah, 10.0.1.15 is where imap is running 1158257933 M * daniel_hozac phreak``: did you run autoreconf -fi? 1158257937 M * jkl from a winxp box at 10.0.1.5 imap responds fine 1158257938 M * phreak`` daniel_hozac: nope 1158257946 M * phreak`` daniel_hozac: just plain sources. 1158257946 M * daniel_hozac phreak``: the AH_BOTTOM is present here. 1158257956 M * Bertl jkl: could it be that the fw is doing some kind of double masquerading? 1158257973 M * phreak`` daniel_hozac: in the m4/ensc_syscall.m4 (where it used to be) ? 1158257978 M * phreak`` (at least not here :) 1158257978 M * daniel_hozac phreak``: yeah. 1158257989 M * jkl i have a feeling that could be the problem 1158257992 M * Bertl jkl: let's try with telnet 143 from the internet side 1158258007 M * daniel_hozac phreak``: http://svn.linux-vserver.org/viewvc.py/util-vserver/trunk/m4/ensc_syscall.m4?revision=2283&view=markup 1158258009 M * Bertl and capture all on port 143 as well as icmp (with tcpdump) 1158258011 M * jkl you want dump info from the router 1158258027 M * Bertl router and host dumps would be nice 1158258035 M * jkl ok hold on a sec 1158258072 M * phreak`` daniel_hozac: where did that come from ? I'm 1000000 percent sure, that wasn't there a second ago :O 1158258104 M * daniel_hozac phreak``: well, i haven't touched it :) 1158258111 M * jkl how do you combine both tcp port 143 and icmp for tcpdump expression? 1158258115 Q * shedi Quit: Leaving 1158258188 M * Bertl should work with 'or' 1158258217 M * Bertl icmp or port 143 1158258390 M * jkl Bertl: k, its up there 1158258399 M * jkl i saw some 'unreachable' messages 1158258480 M * Bertl hmm, hmm, the dump shows a lot of unrelated packets, are you sure you had the icmp or port filter active? 1158258540 M * Bertl and another thing, is the router accessing the imap port too somehow? 1158258544 M * daniel_hozac phreak``: what is the reason you remove the traditional syscall? 1158258590 M * jkl yes the router can get to imap just fine 1158258595 M * Bertl jkl: unreachable is a good indication that something is wrong 1158258603 M * jkl heh, yeah] 1158258607 Q * rob-84x^ Ping timeout: 480 seconds 1158258614 M * Bertl i.e. either a port does not allow to connect, or a network is not reachable 1158258658 M * phreak`` daniel_hozac: k, thats what left of our ~30 patches (http://dev.croup.de/proj/gentoo-vps/browser/util-vserver/patches/0.30.211-r0). thanks to you! 1158258667 M * jkl this is the tcpdump cmd: tcpdump -n -vvnei vlan1 icmp or port 143 1158258681 M * Bertl jkl: already the first line of the router dump contains neither icmp nor port 143, or? 1158258723 J * rob-84x^ rob@submarine.ath.cx 1158258732 M * Bertl it contains udp traffic from port 50099 to 41957 1158258800 M * Bertl ah, no, it's an icmp unreachable 1158258823 M * jkl heh, yes that is all BT crap 1158258864 M * Bertl what are the ips used there, like 67.190.143.73, do they sound familiar? 1158259006 M * jkl i can filter by the IP i'm coming from right now (i happen to be sitting somwhere else completely) 1158259032 M * Bertl okay, guess that would simplify things 1158259034 M * jkl but yeah the 67* is the router's pub adddr 1158259135 Q * id23 Ping timeout: 480 seconds 1158259341 M * Bertl hmm, that port 41597 pops up over and over again, always as reply to a connect 1158259356 M * Bertl *41957 actually 1158259380 M * jkl thats what BT should be listening on 1158259432 M * Bertl okay so that is coincidence? 1158259453 M * jkl yes, absolutely 1158259470 M * jkl there is a *lot* of BT traffic to another host on the net 1158259473 M * daniel_hozac phreak``, Bertl: so what do you think about http://people.linux-vserver.org/~dhozac/p/uv/experimental/vshelper.patch ? it seems to work. 1158259536 M * jkl what bothers me is that other DNAT rules are working fine, but DNAT rules to the guest aren't working 1158259577 M * Bertl okay, let's try with ssh (as example) 1158259593 M * Bertl you probably have an sshd running inside the guest? 1158259623 M * jkl nope, but i can fire one up 1158259663 M * Bertl okay, make sure to restrict the host's sshd to host ips, or use a different port than default 1158259759 M * jkl ok it's running on port 24 1158259795 M * Bertl good, now let's map that with a simple -j DNAT rule on the router 1158259815 M * jkl i'll do it manually and not through the gui 1158259824 M * Bertl even better :) 1158259836 Q * lilalinux Remote host closed the connection 1158259871 M * phreak`` daniel_hozac: hrm, is $sync_dir some sort of global var (haven't checked the sources yet) ? 1158259901 M * Hollow daniel_hozac: looks good to me :) 1158259904 J * lilalinux ~plasma@dslb-084-058-204-202.pools.arcor-ip.net 1158259905 M * daniel_hozac phreak``: hmm, it's local'ized before it's used, right? 1158259936 M * phreak`` daniel_hozac: yeah, but nowhere (at least in your patch is something assigned to sync_dir itself, right ? 1158259941 M * Bertl daniel_hozac: guest stop synchronization? 1158259958 M * phreak`` ah, wait *g* 1158259959 M * daniel_hozac Bertl: right. 1158259964 M * Hollow phreak``: nice to see all those patches removed :) 1158259970 M * phreak`` Hollow: yeah ;) 1158259975 M * daniel_hozac phreak``: it's passed to initStopSync which should set it. 1158259990 M * phreak`` daniel_hozac: found it just a second ago :) 1158259992 M * Hollow phreak``: btw, with the new mkrelease scripts, -r0 should not be needed anymore 1158260032 M * phreak`` Hollow: one time you're telling me "don't forget -r0", the other time is "just leave the -r0 out" ... ;) 1158260058 M * Hollow well, ${PVR} does not contain -r0, and that is what we use in all ebuilds now 1158260076 M * Hollow i explained each scheme in the mkrelease script 1158260093 M * jkl Bertl: hmm, no difference 1158260129 M * phreak`` Hollow: `svn up' :) 1158260194 M * Bertl jkl: could you now try the same with a host ip? 1158260229 M * jkl so bind the ssh server in the guest to the host IP? 1158260235 M * Bertl jkl: I would suspect a filter rule which blocks guest ip replies 1158260248 M * Bertl jkl: no, just on the host, maybe with a chroot() 1158260403 M * jkl a filter on the host? or the router? 1158260433 M * Bertl could be both, my preference would be host 1158260520 M * jkl there is no firewall on the host currently 1158260524 M * jkl to simplify this 1158260567 Q * meandtheshell Quit: bye bye ... 1158260579 M * jkl connecting to an ssh daemon on the host over dnat works fine 1158260610 M * Bertl then it must be the router which seems to consider the host ip 'special' 1158260643 M * Bertl check for rules which apply for host but not guest and vice versa 1158260926 M * jkl i plumbed up a virtual interface on the host attached ssh to it on port 24 and wrote a dnat rule for it, and it worked 1158260960 M * Bertl well, the guest uses the same interface and ip 1158260973 M * Bertl it is highly unlikely that it will not work there too 1158260993 M * jkl crap my battery is about to die 1158261008 M * jkl i'll come back later after i've done some more testing 1158261025 M * Bertl okay, np, feel free to idle around 1158261030 M * jkl thanks for the pointers, you've always been a great resource 1158261046 M * Bertl you're weclome! 1158261058 P * jkl 1158261242 J * Nei ~ailin@userv2.informatik.uni-leipzig.de 1158261250 M * Bertl welcome Nei! 1158261301 M * Nei hi~ can someone explain to me how to unify/hashify vservers? the FAQ speaks of a command "ln -0s /vservers/.hash /etc/vservers/.defaults/apps/vunify/hash/root" 1158261316 M * Nei but my ln doesn't have the -0 option, where do I get one that has it? 1158261355 M * daniel_hozac i wondered that myself. 1158261363 M * daniel_hozac you don't need the -0 option though. 1158261384 M * Nei so just follow the faq instruction but omit the '0', then? 1158261411 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net 1158261422 M * daniel_hozac yep. 1158261430 M * Nei ok thanks 1158261442 M * Nei and what is this concept of 'base' server - totally irrelevant? 1158261451 M * Nei or if not, how do I specify which one is the base 1158261464 M * daniel_hozac reference servers aren't used with hashification. 1158261496 M * Bertl but you can keep one for reference nevertheless :) 1158261570 M * Nei and I would periodically run vserver .. hashify to save space? 1158261588 M * Bertl yup, either that or after specific updates 1158261599 M * daniel_hozac and find /vservers/.hash -links 1 -print0 | xargs -0 rm -f 1158261599 J * micah ~micah@micah.riseup.net 1158261608 M * Bertl welcome micah! 1158261641 M * Nei that would rid me of unused files I assume 1158261655 M * Nei ok thanks for the explanations 1158261685 M * Nei has anyone done sort of a "ssh proxy" by chance? 1158261718 M * Nei what I mean is, I want to throw users into the vserver with no way out when they log in via ssh 1158261733 M * daniel_hozac why aren't they logging in to the guests directly then? 1158261754 M * Bertl probably single ip issues 1158261755 M * Nei I was thinking of setting up vservers on a private network not directly accessible via internet 1158261782 M * Bertl ssh cannot be proxied in a secure way, that kind of defeats the concept 1158261788 M * Nei yea basically have run everything on a single ip without starting funny things like non default ssh ports 1158261798 M * daniel_hozac wasn't there someone working a pam_vserver? 1158261800 M * Bertl but you can do ssh guest accounts on the host, which put you into the guest 1158261811 M * daniel_hozac +on 1158261817 M * Nei yes I was intending the latter 1158261846 M * Nei setting their /etc/passwd shell to some wrapper that inevitably ends up in the vserver 1158261891 M * Nei I'm not quite sure what the right approach is though, install openssh on the vservers and have the wrapper script do something like ssh vserver ? 1158261906 M * Bertl it is possible, we have a 'trampoline' script for that, but IMHO that only lowers security 1158261926 M * daniel_hozac http://vserver.13thfloor.at/Stuff/SCRIPT/trampoline.sh 1158261978 M * Bertl probably the safest approach is to have ssh ports 100xx for the guests, and use that to access them directly 1158262029 M * Nei mhm ok thanks again 1158262177 M * Bertl np 1158262269 M * Bertl okay, here we go: 1158262274 M * Bertl http://vserver.13thfloor.at/Experimental/patch-2.6.17.13-vs2.0.2.1.diff 1158262280 M * Bertl http://vserver.13thfloor.at/Experimental/patch-2.6.17.13-vs2.1.1-rc33.diff 1158262307 T * Bertl http://linux-vserver.org/ <- new and shiny | latest stable 2.02.1, 1.2.10, 1.2.11-rc1, devel 2.1.0, exp 2.1.1-rc33, stable+grsec 2.0.2 | util-vserver-0.30.210 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1158262671 J * stefani ~stefani@tsipoor.banerian.org 1158262677 Q * stefani 1158262692 J * stefani ~stefani@tsipoor.banerian.org 1158262708 Q * lilalinux Remote host closed the connection 1158262800 M * daniel_hozac Bertl: hmm, what's the cond_resched in close_files about? 1158262868 M * Bertl hmm, yeah, not 100% sure about that, it was suggested some time ago, and as we got some reports regarding soft watchdog kicking in, I did add it 1158262896 M * Bertl it was rejected by andrew because his system didn't boot with it, but I could not trigger those issues 1158262951 M * daniel_hozac sounds dangerous... 1158263505 J * Blissex ~Blissex@82-69-39-138.dsl.in-addr.zen.co.uk 1158263635 M * Bertl daniel_hozac: well, I don't see how it could hang a system actually, but yeah, maybe we remove it pretty soon :) 1158264684 J * yarihm ~yarihm@84-75-123-221.dclient.hispeed.ch 1158264864 J * shedi ~siggi@inferno.lhi.is 1158264970 J * FireEgl ~FireEgl@Sebastian.Atlantica.US 1158265402 J * fluor- ~fluor@tanneries.squat.net 1158265462 M * Bertl wb Blissex! yarihm! shedi! FireEgl! welcome fluor-! 1158266173 Q * mire_ Quit: Leaving 1158266651 M * daniel_hozac Bertl: yeah, i don't see how that would happen either. 1158266716 M * Bertl the freeing up file handles can keep a cpu busy for a long time 1158266729 M * Bertl especially with _many_ file handles and a high overall system load 1158267113 M * daniel_hozac Bertl: uh, what happened to dm_blk_open in -rc33? 1158267125 M * daniel_hozac it's the old version of the function.. 1158267166 M * daniel_hozac dm-ioctl seems to have the same problem. 1158267183 M * Bertl oops, let me check 1158267226 J * kir_home tis-fd5b04@213.152.157.70 1158267484 Q * Nei Quit: Disconnecting 1158267717 M * Bertl daniel_hozac: right, don't know how that got in there ... fixing it right now 1158268037 M * daniel_hozac Bertl: any particular reason the cond_resched() is only in stable? 1158268096 Q * kir_home Quit: Ухожу я от вас 1158268154 M * Bertl daniel_hozac: same reason because the dm stuff is only partially there :/ 1158268199 M * daniel_hozac heh, ok. 1158268329 Q * dna___ Quit: Verlassend 1158268503 J * Aiken ~james@tooax6-061.dialup.optusnet.com.au 1158268510 M * Bertl welcome Aiken! 1158268529 M * Aiken hi 1158268762 M * Bertl daniel_hozac: how about this one: http://vserver.13thfloor.at/Experimental/patch-2.6.17.13-vs2.1.1-rc34.diff 1158269433 J * DreamerC_ ~dreamerc@59-115-50-81.dynamic.hinet.net 1158269800 Q * DreamerC Ping timeout: 480 seconds 1158271019 M * Bertl okay folks, pretty tired right now ... so I'm off to bed ... maybe back later ... 1158271026 N * Bertl Bertl_zZ 1158271089 M * morfoh sleep well Bertl_zZ :) 1158271196 Q * matti Ping timeout: 480 seconds 1158271326 M * harry anyone here? 1158271343 M * harry how do you select "elect another ip to be primary" in linux kernel? 1158271397 M * harry ?sysctl -w net.ipv4.conf.all.promote_secondaries=1 1158271400 M * harry nevermind! :) 1158271403 M * harry google :) 1158271476 Q * fluor- hydrogen.oftc.net kinetic.oftc.net 1158271476 Q * bubulak hydrogen.oftc.net kinetic.oftc.net 1158271476 Q * MrX hydrogen.oftc.net kinetic.oftc.net 1158271476 Q * Vudumen hydrogen.oftc.net kinetic.oftc.net 1158271476 Q * ||Cobra|| hydrogen.oftc.net kinetic.oftc.net 1158271476 Q * Skram hydrogen.oftc.net kinetic.oftc.net 1158271476 Q * cirrus hydrogen.oftc.net kinetic.oftc.net 1158271476 Q * gdm hydrogen.oftc.net kinetic.oftc.net 1158271476 Q * nokoya hydrogen.oftc.net kinetic.oftc.net 1158271518 J * fluor- ~fluor@tanneries.squat.net 1158271518 J * bubulak ~bubulak@whisky.pendo.sk 1158271518 J * MrX ~urk@219.95.2.216 1158271518 J * Vudumen ~vudumen@perverz.hu 1158271518 J * cirrus cirrus@duempel.org 1158271518 J * ||Cobra|| ~cob@146.50.22.204 1158271518 J * Skram ~Mark@hermes.sentiensystems.com 1158271518 J * gdm ~gdm@www.iteration.org 1158271518 J * nokoya ~young@hi-230-82.tm.net.org.my 1158271544 J * matti matti@linux.gentoo.pl 1158271553 J * id23 ~id@p508121E6.dip0.t-ipconnect.de 1158272487 J * spq_ ~spq@dslb-084-063-008-095.pools.arcor-ip.net 1158272546 Q * yarihm Quit: Leaving 1158272547 M * spq_ hi, i have a problem with my vservers, those started with the lagacy init method cant reboot: shutdown: /dev/initctl: No such file or directory 1158273281 M * derjohn spq_, vserver version? desito? 1158273380 M * spq_ ah 1158273438 M * spq_ stable 1158273474 M * spq_ 2.6.17.11-grsec2.1.9-vs2.0.2 1158273492 M * spq_ vserver 0.30.210 1158273500 M * derjohn legacy init? you mean "plain" init ? 1158273506 M * spq_ hm 1158273518 M * derjohn or legacy config-style ? 1158273548 M * spq_ no, not plain 1158273556 M * Skram I just ordered pizza online. Technology these days! 1158273559 M * spq_ no, directory config style 1158273575 M * spq_ and no apps/init/style file 1158273587 M * spq_ i thought not-plain means leagcy 1158273639 M * derjohn spq_, if you didnt define it, it will be sysv style. the vserver tools bring up the daemons. 1158273660 M * spq_ yea then its sysv stle 1158273666 M * derjohn (the origina init of the guest is not started) 1158273684 M * derjohn mind that the process may stop ob failing init scripts. 1158273687 M * spq_ and with plain it is? 1158273734 M * spq_ is plain better? 1158273855 P * stefani I'm Parting (the water) 1158274322 M * derjohn nom but plain uses the dirstos original "init" 1158274871 M * spq_ isnt this better? 1158274904 M * spq_ andwhat can i do against the initctrl problem? (with the sysv config) 1158274904 M * derjohn spq_, i use plain only with very legacy and gentoo. 1158274945 M * derjohn spq_, initctl is not needed by< the system. a "reboot -f" forces reboot, which is fine. 1158274948 M * spq_ im using it with gentoo and suse 1158274958 M * derjohn then you need plain. 1158274971 M * spq_ but the users will use shutdown now -h or similar 1158275015 M * spq_ and reboot -f stops the system, it doesnt reboot 1158275046 M * derjohn there was an init style "gentoo", but this was merged with plain. sop use plain. 1158275077 J * _node node@c-69-143-148-254.hsd1.md.comcast.net 1158275084 M * derjohn the reboot behavior is a question of configuration, but I forget how ;) 1158275122 M * spq_ where can i find information about how to fix alle the reboot, halt etc problems? 1158275148 M * spq_ ah 1158275153 M * spq_ german? 1158275180 M * derjohn si, but this channel is english ;) 1158275196 M * spq_ hm, okay 1158275224 M * derjohn linux-vserver.org -> search for reboot bla. I dunno as I never changed it. daniel_hozac shoudl know. I think it may be a compile time flag. 1158275272 M * spq_ ah ok 1158275367 M * doener spq_: reboot -f in a vserver is _not_ a hard shutdown. 1158275419 M * doener spq_: "reboot" uses /dev/initctl to contact the init process, which switches to runlevel 6. All programs are stopped and finally "reboot -f" does the hard shutdown 1158275458 M * doener but in a vserver, the hard shutdown/reboot is captured in the kernel and a userspace helper is started which restarts the vserver (like "vserver foo restart") 1158276092 Q * sladen Ping timeout: 480 seconds 1158276333 J * sladen paul@starsky.19inch.net 1158276590 M * derjohn doener, restart? or halt? I remeber this being a issue here some time ago 1158276647 J * Piet hiddenserv@tor.noreply.org 1158276698 M * doener derjohn: it should restart (or at least stop/start) on reboot -f, but yeah, I also remember some buggy version where that didn't work correctly all the time. But wasn't that like almost a year ago? 1158276771 M * derjohn in spq_ case the guest halted instead of rebooot. 1158276784 M * derjohn but as the seems to be vanuished .... 1158276794 M * derjohn we do not have to care ;) 1158276814 M * doener I interpreted that in a different way ;) 1158277137 Q * spq_ Ping timeout: 480 seconds 1158277269 Q * Blissex Read error: Connection reset by peer 1158277291 Q * nokoya hydrogen.oftc.net kinetic.oftc.net 1158277291 Q * gdm hydrogen.oftc.net kinetic.oftc.net 1158277291 Q * Skram hydrogen.oftc.net kinetic.oftc.net 1158277291 Q * ||Cobra|| hydrogen.oftc.net kinetic.oftc.net 1158277291 Q * cirrus hydrogen.oftc.net kinetic.oftc.net 1158277291 Q * Vudumen hydrogen.oftc.net kinetic.oftc.net 1158277291 Q * bubulak hydrogen.oftc.net kinetic.oftc.net 1158277291 Q * fluor- hydrogen.oftc.net kinetic.oftc.net 1158277291 Q * MrX hydrogen.oftc.net kinetic.oftc.net 1158277368 J * fluor- ~fluor@tanneries.squat.net 1158277368 J * bubulak ~bubulak@whisky.pendo.sk 1158277368 J * MrX ~urk@219.95.2.216 1158277368 J * Vudumen ~vudumen@perverz.hu 1158277368 J * cirrus cirrus@duempel.org 1158277368 J * ||Cobra|| ~cob@146.50.22.204 1158277368 J * Skram ~Mark@hermes.sentiensystems.com 1158277368 J * gdm ~gdm@www.iteration.org 1158277368 J * nokoya ~young@hi-230-82.tm.net.org.my 1158277423 J * spq__ ~spq@dslb-084-063-008-106.pools.arcor-ip.net 1158277430 Q * id23 Ping timeout: 480 seconds 1158277923 Q * DreamerC_ Quit: leaving 1158277940 J * DreamerC ~dreamerc@59-115-50-81.dynamic.hinet.net