1158537804 Q * yarihm Quit: Leaving
1158541772 Q * Nei Quit: +
1158546772 J * Aiken_ ~james@203.164.233.92
1158546772 Q * Aiken Read error: Connection reset by peer
1158546836 J * Snow-Man ~sfrost@kenobi.snowman.net
1158547485 J * ensc_ ~irc-ensc@84.180.216.128
1158547542 N * ensc_ Guest1084
1158547595 Q * ensc Ping timeout: 480 seconds
1158547859 Q * FireEgl Read error: Connection reset by peer
1158547870 M * marl anyone still around?
1158548092 M * Bertl yup
1158548142 M * marl im geting a problem with the newvserver script, ive created 2 vservers so far, first with vserver and second with newvserver
1158548170 M * Bertl newvserver is not part of the mainline tools, as far as I know ... are you using debian?
1158548181 M * marl now anytime i try to create another guest with newvserver i get errors about directorys already existing :(
1158548188 M * marl ubuntu
1158548216 M * Bertl okay, then the ubuntu maintainers are the ones to ask (or debian maintainers)
1158548231 M * marl ok thanks, jsut thought id try here first :)
1158548247 M * marl ill just go back to the standard way of doing it :)
1158548254 M * Bertl np, it probably just doesn't add the --force argument and/or cleanup the old ones
1158548310 M * marl this is on a new name, thats the wired bit, it starts creating the guest, then comes back with the directory exists, but its just created it!
1158548355 M * Bertl maybe it tries to do something else, no idea, you might go through the script with 'bash -x' if it is a bash/shell script
1158549065 Q * AjAx- Quit: quitting time 
1158549299 M * _node hah, i just saw the great flower page
1158549303 M * _node is that a marijuana leaf?
1158549366 M * cehteh heh
1158549374 M * cehteh what else :P
1158549390 M * _node sweet ;p
1158549549 J * GMoney ~GMoney@tor-irc.dnsbl.oftc.net
1158549557 M * Bertl welcome GMoney!
1158549572 M * GMoney hello Bertl
1158549576 M * GMoney thanks :)
1158549632 M * GMoney bot ?
1158549644 M * Bertl yeah, now let's get on with it :)
1158549655 M * cehteh hehe .. morning Bertl 
1158549668 M * GMoney lol
1158549713 M * Bertl cehteh: an a good one 2u2 ...
1158549733 M * GMoney high on life or what?
1158549809 M * Bertl always, what brings you here? any questions? or just visiting?
1158549829 M * GMoney interested in vserver
1158549839 M * Bertl excellent! right place! :)
1158549846 M * GMoney might look at setting it up but not sure if I got nuff ram only 512
1158549860 M * Bertl how many guests do you plan to install?
1158549865 M * GMoney freeware open source right?
1158549867 M * cehteh do i have to add a new interface for broadcasts / dhcpd or can i attach the broadcast address to an existing interface alias?
1158549876 M * Bertl GMoney: precisely, beer and speach :)
1158549885 M * GMoney nice
1158549890 M * cehteh (multiple lines in /etc/vserver/foo/interfaces/ip)
1158549903 M * GMoney guests im not sure what you mean there?
1158549910 M * Bertl cehteh: nope separate entry is required (for now)
1158549916 M * GMoney how many os ?
1158549926 M * Bertl GMoney: guest is the virtual private server you install
1158549936 M * GMoney ok just 1 then
1158549941 M * Bertl GMoney: the real machine is called 'host' here
1158549946 M * cehteh ok
1158549951 M * GMoney for now until I can upgrade my hw
1158549988 M * GMoney im looking at setting up aes on boot drive
1158549988 M * Bertl GMoney: so you should be able to put roughly 5-10 guests on such a machine, depending on the tasks/apps inside, but one is certainly fine too :)
1158550010 M * Bertl aes as in crypto loop? 
1158550014 M * GMoney ye
1158550083 M * cehteh mhmpf
1158550086 M * cehteh # ifconfig eth2:luna down
1158550086 M * cehteh SIOCSIFFLAGS: Cannot assign requested address
1158550105 M * cehteh (but the interface is up)
1158550115 M * Bertl yes, that's what it says :)
1158550136 M * GMoney not good idea to setup hidden aes partition with vserver?
1158550137 M * cehteh namespace issue or what?
1158550141 M * Bertl i.e. address cannot be configured (probably because it is already there)
1158550162 M * cehteh well i want to tear down eth2:luna
1158550184 M * Bertl GMoney: hidden aes partition? well, almost all things you do with normal linux servers works fine with Linux-VServer too
1158550185 M * cehteh GMoney: against what do you want to protect the data?
1158550192 M * GMoney well on this notebook I n ot thinkin of doin it but on my server box I was
1158550214 M * cehteh GMoney: do you speak german?
1158550215 M * GMoney keep nosey people out? :)
1158550253 M * GMoney heh naa im just interested in security
1158550261 M * cehteh well theft, police-raids, instruders from the net, reisntalling another OS .. protecting your data against tampering
1158550304 M * GMoney well I am a windows user unfortunately :)
1158550306 M * cehteh GMoney: yes .. i am quite confident with such things .. and you need to thing first against what you want to protect the data
1158550356 M * GMoney I have nothing to hide no kiddie porn etc  I am just interested in how it all works is all
1158550364 M * cehteh i have written a now slightly outdated howto about laptop security, but it is in german
1158550397 M * GMoney efs
1158550403 M * cehteh GMoney: sure well .. once a lawyer asked me how he could protect his clients data against possible police investigations
1158550435 M * cehteh for myself i only protect my data against laptop-theft
1158550451 M * GMoney exactly
1158550463 M * cehteh but there are many more scenarios which require different and more complicated setups
1158550551 M * cehteh loop-aes is old .. today you use dmcrypt maybe with Luks .. and maybe storing the key on a usb-flash drive
1158550591 M * GMoney that for windows or what?
1158550598 M * GMoney I been looking at truecrypt
1158550601 M * cehteh no linux
1158550620 M * cehteh truecrypt might be fine too .. it has even more advaned crypto containers
1158550638 M * cehteh but i think it can be very slow
1158550651 M * GMoney ye the dwnside of it all :/
1158550657 M * cehteh win XP pro has filesystem level encryption
1158550658 M * GMoney but you get that :)
1158550670 M * cehteh if you trust microsoft, you can use that :)
1158550683 M * GMoney trust ms lol
1158550691 M * cehteh well you saied you use it
1158550703 M * cehteh if you dont trust them .. then use linux
1158550704 M * GMoney ye I do I should look at using linux
1158550712 M * GMoney but haven't got the time to learn it atm
1158550753 M * cehteh .. ok i am fixing my vserver issues
1158550764 M * GMoney cehteh:  ill bbl I gotta go make some lunch :)
1158550904 M * cehteh ah gotcha fixed :)
1158550986 M * marl is vserver-copy part of the vserver package or is it 3rd party?
1158551044 M * cehteh i am very unsure .. but afaik it was shipped with util-vserver and then removed because of some issues and maybe readded
1158551148 M * marl im using the following command line : vserver-copy -i 192.168.1.1 ldap template : to copy the guest i jsut created 'ldap' to a template guest for later use, and i keep getting : E: vserver-copy: Vserver file "/etc/vservers/ldap.conf" does not exist back :(
1158551172 M * marl its rite the file its talking about doesnt exist, but idont know why its looking htere for hte file :(
1158551239 M * cehteh yes i dont know the current state .. i usually use rsync to clone a vserver (from a stopped template)
1158551334 M * marl is htere any files within the vserver conf that need to be changed when copying a guest?
1158551341 M * marl other htan its ip addy
1158551345 M * cehteh yes
1158551379 M * marl r there any docs on copying guests?
1158551380 M * cehteh check the tree with ls -R
1158551388 M * cehteh dunno 
1158551400 M * cehteh and dont forget to change /etc/hostname
1158551401 M * Bertl marl: you mean, duplicating an existing guest?
1158551442 M * marl yup, to use it as a template
1158551455 M * Bertl well, simplest way to get that right is this:
1158551465 M * Bertl - build a guest/template to your likings
1158551489 M * Bertl - create a new 'skeleton' guest with all the config options (will be an almost empty dir)
1158551503 M * cehteh another question .. does hashify purge unused files automatically?
1158551504 M * Bertl - copy the 'template' into that dir
1158551510 M * Bertl cehteh: nope
1158551527 M * cehteh ok .. well trivial to do :)
1158551535 M * marl ah thanks Bertl
1158551551 M * Bertl marl: if you get a really recent version of the tools (read CVS/SVN), then you can use .tar and similar archives on the command line (i.e. the tools unpack them for you)
1158551579 M * Bertl marl: you can get the details for those features from daniel_hozac when he's around ...
1158551609 M * marl ok thanks, will the newer verisons of the tools work on slightly older kernel patches?
1158551613 M * cehteh find /vservers/.hash/ -type f -links 1 -exec rm {} \; .... if anyone is interested :)
1158551646 M * Bertl marl: yes, definitely, they are backwards compatible to 2.4 kernels and very old releases (just needs proper configuration at build time)
1158551658 M * marl thanks again Bertl
1158551673 M * Bertl cehteh: yep, we had that somewhere, might be on the wiki already (not sure)
1158551677 M * Bertl marl: you're welcome!
1158551881 M * cehteh eh stupid question 255.255.255.255/32 is broadcast? or /0 ? :)
1158552097 M * Bertl all ones is broadcast :)
1158552115 M * Bertl well, the _big_ broadcast ...
1158552135 M * Bertl normally if you have 10.0.0.0/16 (e.g.) then 10.0.255.255 would be the broadcast
1158552148 M * Bertl tip here: get ipcalc :)
1158552556 M * cehteh there is is a note on the wiki about CAP_NET_RAW works too .. i rather use that, this vserver is very internal and trusted
1158552601 M * cehteh have to CAP_SYS_NICE and CAP_SYS_TIME it anyways .. will be the ntpd too
1158552738 M * Bertl well, means that you will allow sniffing and forging of packets, if that is fine (calculated risk) go ahead :)
1158552972 M * cehteh heh .. yes .. that means, i can sniff myself :)
1158553009 M * cehteh maybe my wife can sniff me .. but i even doubt she knows how, nor has she an account on that vserver .. 
1158553028 M * cehteh and except for ntp traffic/dns it makes no outside connections
1158553054 M * cehteh seems the risk is manageable :)
1158553700 M * cehteh http://inventgeek.com/Projects/IonCooler/Overview.aspx .. wow thats cool
1158553724 M * Bertl yeah, was on slashdot ...
1158553881 M * cehteh yep got it from there
1158553937 M * cehteh later today the parts for karins new video editing machine should arrive .. damn again she has a much faster computer than me :P
1158553939 J * coocoon ~coocoon@p54A06AB2.dip.t-dialin.net
1158553972 M * coocoon morning
1158553998 M * Bertl aloha coocoon!
1158554018 M * Bertl i.e. I'm off to bed now ... have a good one everyone! cya tomorrow! 
1158554024 N * Bertl Bertl_zZ
1158554131 Q * Aiken_ Remote host closed the connection
1158554191 J * Aiken ~james@tooax6-092.dialup.optusnet.com.au
1158554346 J * AjAx- hiddenserv@tor.noreply.org
1158554997 Q * GMoney Quit: Leaving.
1158559193 Q * id23 Ping timeout: 480 seconds
1158559716 J * id23 ~id@p50810ADD.dip0.t-ipconnect.de
1158560449 J * dna_ ~naucki@p54BCDBC2.dip.t-dialin.net
1158561387 Q * _node Ping timeout: 480 seconds
1158562011 Q * Aiken Quit: Leaving
1158562204 J * gypsymauro ~Io@84.18.151.77
1158562236 M * gypsymauro arghh, I remember there was info on how to install dhcp3 server on a vserver guest but now I can't find that doc in new wiki server, someone can help me?
1158562367 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl
1158562622 M * gypsymauro it says: drop_privileges: could not install capabilities: Operation not permitted
1158562756 M * AjAx- is vserver linux only or where is the url for vserver windows based
1158562886 M * gypsymauro AjAx-: it's linux based
1158562939 M * coocoon AjAx-: http://wiki.linux-vserver.org/Related_Projects maybe this will help a little bit
1158563019 M * coocoon AjAx-: i think xen would be u r choice
1158563043 M * AjAx- thnx fellas
1158563194 J * derjohn2 ~aj@dslb-084-058-238-125.pools.arcor-ip.net
1158563724 J * Piet hiddenserv@tor.noreply.org
1158563844 J * mugwump_ ~samv@watts.utsl.gen.nz
1158563955 Q * mugwump Ping timeout: 480 seconds
1158564713 Q * derjohn2 Ping timeout: 480 seconds
1158564754 J * derjohn2 ~aj@dslb-084-058-225-104.pools.arcor-ip.net
1158566083 Q * derjohn2 Ping timeout: 480 seconds
1158566220 J * derjohn2 ~aj@dslb-084-058-248-138.pools.arcor-ip.net
1158566304 J * mugwump ~samv@watts.utsl.gen.nz
1158566340 Q * sezuan Remote host closed the connection
1158566343 J * sezuan matthias@agamemnon.ipv6.scheff32.de
1158566410 Q * mugwump_ Ping timeout: 480 seconds
1158566898 Q * cehteh Ping timeout: 480 seconds
1158566924 J * cehteh ~ct@217.140.77.75
1158567656 J * meandtheshell ~markus@85-124-36-53.dynamic.xdsl-line.inode.at
1158567698 Q * AjAx- Remote host closed the connection
1158567762 J * AjAx- hiddenserv@tor.noreply.org
1158567815 M * daniel_hozac gypsymauro: you need to give your guest CAP_NET_RAW.
1158567834 M * daniel_hozac gypsymauro: which also includes the ability to create _any_ packet, as well as read _any_ packet.
1158567881 Q * derjohn2 Read error: Connection reset by peer
1158567918 J * derjohn2 ~aj@dslb-084-058-218-208.pools.arcor-ip.net
1158569028 Q * derjohn Ping timeout: 480 seconds
1158569059 M * gypsymauro daniel_hozac: ok and how to do this? there is doc ?
1158569376 J * lilalinux ~plasma@dslb-084-058-216-024.pools.arcor-ip.net
1158569429 J * derjohn ~derjohn@80.69.37.19
1158569539 M * daniel_hozac gypsymauro: yes, the flower page says you should put it in /etc/vservers/.../bcapabilities.
1158569858 Q * anonc Ping timeout: 480 seconds
1158569958 Q * derjohn Ping timeout: 480 seconds
1158569968 J * derjohn ~derjohn@80.69.37.19
1158570184 Q * shedi Quit: Leaving
1158570188 Q * lilalinux Ping timeout: 480 seconds
1158570196 M * gypsymauro daniel_hozac: ty very much:)
1158570468 Q * derjohn Ping timeout: 480 seconds
1158570972 J * derjohn ~derjohn@80.69.37.19
1158571004 M * gypsymauro c u 
1158571006 Q * gypsymauro Quit: leaving
1158571113 J * _are_ ~are@stgt-d9be6552.pool.mediaWays.net
1158571119 M * _are_ hi
1158571205 Q * virtuoso Ping timeout: 480 seconds
1158571230 M * _are_ finally got access to a machine to reproduce the problem with a vserver not starting when it should mount its own root via /etc/vservers/../fstab
1158571296 M * _are_ the first error message is vlogin: openpty(): Permission denied, which I'd regard as 'normal', given I can't access my current pty from inside a vserver.
1158571396 M * _are_ however, the rest of the messages claims /etc/init.d/rc 3 failed. It works when I hardmount the root device, then start the vserver, so it looks like the code tries accessing the init, *then* mounting the filesystem it ...
1158571396 M * _are_ resides on.
1158571419 M * _are_ this worked with earlier releases/tools (somewhere tools < 210)
1158571608 Q * derjohn Ping timeout: 480 seconds
1158572281 M * daniel_hozac hmm.
1158572304 M * daniel_hozac the root-fs mount happens way before the init is started.
1158572335 M * daniel_hozac it's one of the first steps the start procedure does.
1158572423 M * daniel_hozac the openpty should be creating a new psuedo terminal, so your device nodes must have very strange permissions.
1158572434 M * daniel_hozac or the root-fs has very strange permissions.
1158572525 J * derjohn ~derjohn@80.69.37.19
1158572526 M * daniel_hozac you could add a pre-start script that just runs bash -i so you get a shell, should help with debugging it.
1158572575 M * _are_ he, guess this is about the hint i needed. I triedset -x, strace and similar things before and tried mounting manually in pre-start script
1158572601 M * daniel_hozac mounting manually in pre-start is too late, you want the root to be mounted first.
1158572624 M * _are_ yes, I know, it didn't work :->
1158572715 J * shedi ~siggi@dsl-149-109-85.hive.is
1158572749 M * _are_ to make sure: we talk about /etc/vservers/vserver-name/scripts/pre-start?
1158572811 M * daniel_hozac or any of the scripts in pre-start.d.
1158572832 M * daniel_hozac pre-start is right before it executes the giant command to start the guest.
1158573191 J * yarihm ~yarihm@84-75-123-221.dclient.hispeed.ch
1158574258 Q * derjohn2 Ping timeout: 480 seconds
1158574546 J * virtuoso ~s0t0na@80.253.205.251
1158574823 M * _are_ well, definitly not mounted
1158574865 M * daniel_hozac really? it's not at /vservers/...?
1158574868 M * _are_ at that bash -i I am not in the vserver contxt, yet, right?
1158574880 M * daniel_hozac no, but you are in the namespace.
1158574912 M * daniel_hozac the context hasn't even been created yet.
1158574923 M * daniel_hozac what does cat /proc/mounts show?
1158574976 M * _are_ he, think that's it:
1158574981 M * _are_  /dev/drbd23 / xfs rw,nodev 0 0
1158574993 M * _are_ douzbt 'nodev' is a bright flag for a root filesystem :->
1158575004 M * daniel_hozac unless you don't have /dev on it ;)
1158575074 M * daniel_hozac but yeah, you should probably put dev in there.
1158575083 J * lilalinux ~plasma@dslb-084-058-216-024.pools.arcor-ip.net
1158575086 M * _are_ done that, works now.
1158575110 M * daniel_hozac everything?
1158575128 M * _are_ so 'defaults' in /etc/fstab != 'defaults' in /etc/vservers/vserver-name/fstab
1158575134 M * daniel_hozac indeed.
1158575160 M * _are_ almost everything:
1158575163 M * _are_ # vserver mysql5.local enter
1158575163 M * _are_ No command given; use '--help' for more information.
1158575183 M * daniel_hozac hmm, do you have /bin/bash inside the guest?
1158575205 M * _are_ I have
1158575207 M * _are_ # echo /bin/bash > /etc/vservers/mysql5.local/shell
1158575209 M * _are_ helped
1158575237 M * daniel_hozac ah, right, the mount isn't visible outside.
1158575255 M * daniel_hozac that could be a problem...
1158575270 M * daniel_hozac does stopping it work?
1158575284 J * _mcp ~hightower@83.136.81.245
1158575287 Q * mcp Write error: connection closed
1158575298 N * _mcp mcp
1158575459 Q * virtuoso Remote host closed the connection
1158575478 M * _are_ # vserver mysql5.local stop
1158575478 M * _are_ No command given; use '--help' for more information.
1158575490 M * daniel_hozac as i suspected, heh.
1158575496 M * _are_ waits a bit now, so I'd say it doesn't work
1158575498 J * virtuoso ~s0t0na@80.253.205.251
1158575509 M * daniel_hozac yeah, it's broken.
1158575515 M * _are_ timeout
1158575516 N * DreamerC_ DreamerC
1158575566 M * daniel_hozac looks like we need to fix that too.
1158575613 M * _are_ ok, I am a bit lost, where to fix it, or in other words: what is wrong there at all? Does the vserver stop try and access scripts from the outside?
1158575644 M * daniel_hozac it determines (like enter) what file to execute by testing for the presence of some known files.
1158575655 M * daniel_hozac /etc/{init,rc}.d/rc, in the stop case.
1158575669 M * daniel_hozac since the mount isn't visible on the host, that won't work.
1158575707 M * daniel_hozac you should be able to do echo /etc/init.d/rc 6 > /etc/vservers/.../apps/init/cmd.stop
1158575763 M * daniel_hozac but the solution would be to enter the namespace much sooner.
1158575798 M * _are_ ok, so for the moment I have to do the quick fix till some kind person fixes util-vserver and releases 211.
1158575805 M * daniel_hozac (so the tests will work as expected)
1158575821 M * daniel_hozac right, 211 should be out RSN....
1158575831 Q * fluor Ping timeout: 480 seconds
1158575849 M * daniel_hozac i'll see how hard it would be to fix this too.
1158575902 M * _are_ # vserver mysql5.local stop
1158575902 M * _are_ vcontext: execvp("/etc/init.d/rc 6"): No such file or directory
1158575934 M * _are_ it exists inside the vserver (enter)
1158577245 M * _are_ loooks like the cmd.stop may not have parameters?
1158577318 M * _are_ if i just do /etc/init.d/rc it is found, but ofc the runlevel is missing
1158577414 J * tinjaw chaim@CPE-24-166-182-30.kc.res.rr.com
1158577444 M * tinjaw Is there were I get basic help on FreeVPS as well?
1158577450 M * _are_ ok, learning to read really helps, the parameter has to be on next line and whoops it works
1158577471 M * tinjaw I am a day 0 rookie with this VPS stuff and just trying to get to step 2.
1158577529 A * _are_ never used FreeVPS
1158577566 M * tinjaw FreeVPS based on VServer
1158577604 M * tinjaw I've got it installed (I think) and I'm trying to start up my first virtual server, but I can't find any FM in order to RTFM.
1158577627 M * tinjaw and the VServer wiki, seems to be in transition as well.
1158577682 M * tinjaw I'm working on vocabulary right now.
1158577696 M * tinjaw You have a host OS (in my case Trustix 2.2)
1158577705 M * tinjaw You then have the VServer deamon
1158577738 M * tinjaw Am I right to understand that you then "Build" a kernel and that becomes your virtual host?
1158577840 M * tinjaw what is a 'context'?
1158577865 M * _are_ as said, no FreeVPS experience at my side, with linux-vserver you have a host operating system, the one you installed from CD/network and booted initially. Then you patch the kernel and boot that kernel instead of the ...
1158577865 M * _are_ distribution kernel (unless the distribution came with vserver-patch enabled alweady) and use the vserver tools to build a vserver.
1158577886 M * tinjaw I've done that.
1158577901 M * tinjaw I now have the FreeVPS kernel running.
1158577927 M * tinjaw using VServer, how do you then instantiate a virtual server instance?
1158577971 M * _are_ after i built it with vserver myserver build, I just start it with vserver myserver start and can e.g. access it by shell using vserver myserver enter
1158577995 M * tinjaw how did you configure myserver?
1158578011 M * tinjaw is there an example or a default configuration somewhere?
1158578015 M * _are_ that are just options to vserver build
1158578049 M * tinjaw so "vserver build" is a script that you run to build a 'myserver' ?
1158578076 M * _are_ and these are basically just presets for stuff in /etc/vservers/myserver/
1158578100 M * tinjaw how did you get a /etc/vservers/myserver/ directory and its contents?
1158578334 M * tinjaw did you manually create the /etc/vservers directory?
1158578519 M * daniel_hozac _are_: ah, sorry, you need to put the 6 on the next line.
1158578610 M * _are_ tinjaw: this is done by vserver myserver build, always worked fine for me, so never created them by hand
1158578619 M * _are_ daniel_hozac: found now and it works
1158578633 M * _are_ just looking for the right place to document this stuff
1158578728 M * tinjaw _are_ : does vserver myserver build run and then return to command line for you? Or does that create a server and then you need to start up another terminal to use it?
1158578826 M * _are_ you have to add a few parameters, e.g. the build metod (I use debootstrap), IP configuration and similar. Then you run the build and afterwards you have an /etc/vservers/myserver with reasonable default and the chroot of the ...
1158578827 M * _are_ vserver with a basic linux install. The command ends here, you have to start it and enter it
1158578876 M * tinjaw _are_: where are the docs for that process so I can RTFM?
1158578927 M * _are_ uhm, erm, ohh, I found it in the wiki back then, but adding --help to the vserver command helps quite a bit
1158579098 Q * Johnnie Quit: G'bye!
1158579871 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net
1158579917 M * cdrx hi
1158580208 M * daniel_hozac tinjaw: FreeVPS forked from Linux-VServer a long time ago, the only thing they have in common now is the basic concept.
1158580302 M * tinjaw daniel_hozac: thanks
1158580345 M * tinjaw I've been playing with it for several hours, and I think I have it installed properly, but have no clue (so far) how to get the virtual servers up and running.
1158580440 M * daniel_hozac http://www.freevps.com/docs/ is probably a good place to start.
1158580513 M * _are_ well, is there any special reaosn why you use FreeVPS and not linux-vserver? E.g. some feature one has and the other hasn't?
1158580545 J * Johnnie ~jdlewis@jdlewis.org
1158580657 M * tinjaw I started about 12 hours ago researching Trustix. That lead me to Comodo. That lead me to FreeVPS and H-Sphere. Along with their free AV and Firewall.
1158580669 M * tinjaw Up to now I had never heard of VServer.
1158581045 M * Skram Welcome :)
1158581263 Q * Johnnie Remote host closed the connection
1158581621 J * fluor ~fluor@tanneries.squat.net
1158581625 M * fluor hi there
1158581676 M * daniel_hozac hello
1158581743 M * fluor I've been assigning 127.0.0.2/8 as an internal IP address to a vserver - and while I can ping/scan/connect to it from the host, it seems like I cannot reach the outside from within the vservers themselves, while it worked when using another address range - would that be impossible to use 127.0.0.X as internal IPs for vservers?
1158582077 M * fluor I get "connect: Invalid argument
1158582078 M * fluor "
1158582078 M * _are_ 127.0.0.0/8 is always localhost
1158582117 M * _are_ e.g. when you now go and connect to 127.3.65.28 it will connect you to your own box.
1158582173 M * _are_ so even if vserver allows you sending packets with 127.x.y.z as source, the target will happily answer them towards itself or just drop them as spoofed packets
1158582189 M * _are_ alternative: use an internal network and NAT
1158582202 M * _are_ if you have only 1 IP avaliable to the outside, that is
1158582211 M * fluor yes, that's it
1158582230 M * fluor I'm using NAT anyways
1158582230 J * weeble ~weeble@81.52.144.1
1158582247 M * weeble Hey all... setattr adds a barrier, but how do you remove it?
1158582257 M * fluor SNAT on packets going out of vservers through eth0, and DNAT in the other way
1158582381 M * daniel_hozac weeble: setattr :)
1158582385 M * daniel_hozac weeble: setattr --~barrier
1158582882 Q * tinjaw 
1158583428 M * weeble Merci, daniel_hozac 
1158584939 Q * Piet Ping timeout: 480 seconds
1158585049 J * Piet hiddenserv@tor.noreply.org
1158587455 M * harry anyone here?
1158587459 M * harry i have a q!
1158587459 M * phedny no
1158587468 M * phedny :p
1158587472 M * harry i want default cpu scheduling for all vps'es
1158587475 M * harry and default rlimits
1158587481 M * harry is there a way to enforce this?
1158587502 M * harry (as in: put a rlimits dir in /etc/vservers/.defaults/ , with the limits
1158587505 M * harry ?)
1158587521 M * phedny i'm afraid i don't have an a for you
1158587525 M * harry same goes for: default flags file, containing sched_prio ?
1158587533 M * harry with a default schedule file?
1158587550 M * harry phedny: np... maybe someone else can :)
1158587625 M * daniel_hozac nope.
1158587673 M * harry impossible?
1158587708 M * harry all impossible? the flags, the schedule, the rlimits dir, the as file, the rss file etc...?
1158587815 M * daniel_hozac exactly.
1158587831 M * daniel_hozac i suppose you could use symlinks to the .defaults directory though.
1158588079 M * harry bleh, then i could just as well put files in there :)
1158588093 M * harry a bit "safer" if i change something :)
1158588644 M * daniel_hozac _are_: could you test a quick hack patch for me to see if it fixes the problems?
1158588655 M * daniel_hozac (just to let me know if i'm barking up the right tree...)
1158588695 M * daniel_hozac _are_: http://people.linux-vserver.org/~dhozac/p/uv/experimental/namespace.patch
1158588787 J * marcfiu ~mef@targe.CS.Princeton.EDU
1158588853 M * doener daniel_hozac: hm, "stop" and "enter" are != "start"
1158588866 M * daniel_hozac right.
1158588895 M * daniel_hozac so?
1158588914 M * doener uhm. nevermind ;)
1158588931 P * marcfiu 
1158588960 M * daniel_hozac :)
1158589020 M * _are_ daniel_hozac: will try and check
1158589035 M * daniel_hozac _are_: remember to remove the shell and cmd.stop files (or at least move them out of the way)
1158589057 M * _are_ shell is gone already anyway
1158589410 M * _are_ daniel_hozac: works, stop and start
1158589453 M * daniel_hozac and enter?
1158589566 M * _are_ with or without the shell file set?
1158589570 M * _are_ with: works
1158589570 M * daniel_hozac without.
1158589590 M * _are_ as well
1158589591 M * daniel_hozac with would work regardless of the patch.
1158589595 M * daniel_hozac ok, thanks.
1158589613 M * _are_ guess I will declare tghis my todays most favorite patch ;)
1158590581 M * coocoon hello sorry but does anyone know where hollow is and when he will be back
1158590604 M * daniel_hozac i _think_ he is moving.
1158590609 M * coocoon oh aha
1158590619 M * daniel_hozac Bertl_zZ should know though.
1158590628 M * coocoon oh aha have thought it
1158590628 M * daniel_hozac why?
1158590647 M * coocoon daniel_hozac: because i wanted to know the state of vcd
1158590671 M * coocoon daniel_hozac: but i think u also know it ;-)
1158590726 M * daniel_hozac i think it's mostly done; unification, disk limits, and scriptlets are IIRC the biggest missing features.
1158590744 M * daniel_hozac of course, it's probably not bug-free either :)
1158590767 M * _are_ daniel_hozac: /usr/sbin/vserver: line 85: 16195 Killed                  "${NICE_CMD[@]}" ${USE_VNAMESPACE:+$_VNAMESPACE --enter "$S_CONTEXT" -- } $_VCONTEXT $SILENT_OPT --migrate --chroot --xid "$S_CONTEXT" -- ...
1158590767 M * _are_ "${INITCMD_STOP[@]}"
1158590774 M * coocoon hehe have tried to install the latest svn version and it failled
1158590781 M * _are_ this I get when I stop the server.
1158590801 M * daniel_hozac _are_: probably means your kill scripts forcefully kills itself. :)
1158590809 M * _are_ it is gone afterwards, so in mey eyes cosmetcal.
1158590810 Q * shedi Read error: Connection reset by peer
1158590824 M * daniel_hozac coocoon: how come?
1158590846 M * coocoon dunno
1158590855 M * coocoon u wanna see the error 
1158590900 M * daniel_hozac sure, but i have to admit that i haven't touched vcd yet :(
1158591016 M * coocoon daniel_hozac: no prob it is not new situation, the older repo works for me at this moment
1158591061 M * coocoon daniel_hozac: http://paste.linux-vserver.org/381
1158591096 M * daniel_hozac _are_: http://people.linux-vserver.org/~dhozac/p/uv/experimental/namespace.patch is the final patch (unless you tell me otherwise ;)), i'll commit it to SVN shortly.
1158591119 M * daniel_hozac coocoon: well, the error is pretty descript, looks like you don't have libvserver 2.0 installed.
1158591154 M * coocoon i have but i wll emereg it again
1158591189 M * coocoon daniel_hozac: or is it false to use the svn from hollow
1158591199 M * coocoon i mean libvserver-svn
1158591217 M * daniel_hozac that one should be fine.
1158591240 M * coocoon it is installed and as i know i ave tried it with it and it is the same
1158591256 M * coocoon do it again to be on the safe side ;-)
1158591257 M * daniel_hozac do you have the most recent version installed?
1158591281 M * coocoon i use the vps layman
1158591313 M * coocoon and the svn is 4 weeks old
1158591318 M * daniel_hozac yeah, i noticed.
1158591323 M * coocoon have had only one week holiday ;-)
1158591324 M * _are_ daniel_hozac: this patch works for me as well
1158591331 M * daniel_hozac but that version does have vx_clone_namespace.
1158591362 M * daniel_hozac coocoon: i suppose the configure test could be faulty though. what does your config.log say about it?
1158591366 M * daniel_hozac _are_: ok, thanks a lot!
1158591393 M * coocoon mom emerge libvserver and vcd again
1158591424 M * _are_ thanks for that nice solution, I know 1 place where I would have had to migrate quite a few vservers to a host-mounted root otherwise
1158591499 M * daniel_hozac it's in SVN now, so will be in 211 once it's released.
1158591528 M * harry what's a sane default nproc value?
1158591530 M * _are_ we expect 211 this year? ;)
1158591531 M * harry 512? 1024?
1158591539 M * daniel_hozac _are_: i'll release it any day now.
1158591545 M * harry less... more??? what's max nb proc on a normal linux system?
1158591551 M * harry ulimit -a says: unlimited :S
1158591570 M * daniel_hozac 65536, i think?
1158591580 M * harry hmm... possibly
1158591590 M * harry so.... 4096 is a good default for a machine?
1158591606 M * daniel_hozac i guess.
1158591739 M * _are_ always depends what you want to do with the bbox what a good default is
1158592349 M * coocoon daniel_hozac: sorry which config.log do u mean
1158592362 M * daniel_hozac coocoon: vcd's config.log.
1158592374 M * daniel_hozac it should be in the directory where it's building.
1158592475 J * dreamind ~dreamind@C2107.campino.wh.tu-darmstadt.de
1158592485 M * dreamind Hi :)
1158592498 N * Bertl_zZ Bertl
1158592503 M * Bertl morning folks!
1158592535 M * Bertl daniel_hozac: 0 is not a good choice for tasks :)
1158592540 M * _are_ hi Bertl
1158592557 M * coocoon morning bertl
1158592562 M * coocoon or aloha
1158592567 M * daniel_hozac Bertl: lol, true.
1158592638 M * coocoon daniel_hozac: there is no config.log, but no problem i will wait till hollow is available again
1158592661 M * daniel_hozac coocoon: are you sure you're in the right directory? there really ought to be.
1158592710 M * coocoon daniel_hozac: /usr/portage/local/layman/vps/sys-cluster/vcd-svn
1158592716 M * coocoon here or where
1158592763 M * daniel_hozac well, i'm not a Gentoo person, but i'd expect it to be in /var.
1158592878 M * dreamind hi Bertl :)
1158593013 M * nayco He, i'm still connected ;-) 
1158593018 M * nayco Hello, all :-) !
1158593025 M * coocoon daniel_hozac: /var/log/portage here i have looked but it looks like it is the same but here is the paste http://paste.linux-vserver.org/382
1158593166 M * Bertl hey dreamind! nayco!
1158593727 M * coocoon daniel_hozac: it is the right one right ?
1158594244 M * daniel_hozac coocoon: hmm, i can't really tell, that appears to be a different error.
1158594259 M * daniel_hozac coocoon: or did you reinstall libvserver now?
1158594264 M * coocoon yes
1158594275 M * coocoon u right
1158594288 M * daniel_hozac ah, well, you also seem to have an old lucid library.
1158594321 M * coocoon ok i will install all older ones thanx
1158594405 Q * sezuan Ping timeout: 480 seconds
1158594431 M * coocoon to newer ones ;-)
1158594700 Q * cryptronic Remote host closed the connection
1158594700 Q * Belu_zZz Remote host closed the connection
1158594804 Q * AjAx- Ping timeout: 480 seconds
1158594889 Q * Piet Ping timeout: 480 seconds
1158594928 J * BeLu ~B.Lukas@88.134.54.56
1158594932 M * BeLu hello
1158594934 J * shedi ~siggi@inferno.lhi.is
1158594953 M * BeLu Bertl, ure there?
1158595118 J * Piet hiddenserv@tor.noreply.org
1158595126 M * daniel_hozac doesn't appear to be right at this moment, why?
1158595297 J * ComplexMind ~mark@162.84.2.81.in-addr.arpa
1158595323 J * AjAx- hiddenserv@tor.noreply.org
1158595673 J * Nei ~ailin@userv2.informatik.uni-leipzig.de
1158595681 M * Nei yo~
1158595687 M * daniel_hozac hello
1158595737 M * Bertl BeLu: yup!
1158595782 M * Bertl .o( every now and then, nature calls :)
1158595800 M * Nei mhm, what would be a common approach for the guest to communicate with the host?
1158595832 M * Bertl sockets or pipes, either unix or ipv4
1158595905 M * Nei mhm I guess I could run a listener on the host that the guest can talk to
1158596005 M * Nei I guess there isn't any other sensible way even if it's just about triggering a program execution on the host
1158596036 P * AjAx- 
1158596080 M * Bertl Nei: well, wouldn't that be very insecure then?
1158596102 M * Bertl but of course, you can use the mechanisms already there, like rsh/ssh for example
1158596113 M * Nei I dont quite understand
1158596121 M * Nei what is insecure?
1158596132 M * Nei and how do I make it secure ^^
1158596151 M * Bertl well, executing host programs from the guest would be insecure, no?
1158596174 M * Nei I mean I want to allow the guest to execute only one hopefully secure program
1158596178 Q * id23 Remote host closed the connection
1158596205 M * Bertl so why not install sshd on the host (you probably already have that) and ssh on the guest
1158596251 M * Bertl then add a public key from the guest to the host config (together with the command you want to execute) and the guest can then (via inet sockets) start that program and receive the output (or whatever)
1158596302 M * Nei sounds like a way, a bit cumbersome though 
1158596316 M * Bertl why?
1158596380 M * Nei well ssh -> key auth -> special security setup for that ssh account -> run program
1158596400 J * id23 ~id@p50810ADD.dip0.t-ipconnect.de
1158596401 M * Nei doesnt seem most direct 
1158596418 M * Nei but maybe thats just me
1158596441 M * Bertl well, you would need some security checks anyway
1158596456 M * Bertl you need a channel from the guest to the host (i.e. a socket or pipe)
1158596461 M * Nei I guess it might still be more secure/proven than a custom unix socket made available in the guest fs
1158596467 M * Bertl and you want to execute something ... :)
1158596494 M * Bertl ssh = secure shell (sounds like it was made for that :)
1158596573 M * Nei I guess I dont like the auth layer
1158596586 M * Nei fearing stupid vserver users deleting the key
1158596610 M * Nei I guess one could question if they should be  allowed root on the vserver then
1158596653 M * Nei how do I protect files inside the guest fs? there is some way isnt there
1158596665 M * Bertl well, you could as well fear that guest root will delete the entire guest :)
1158596684 M * Nei hehehe
1158596684 M * Bertl but you can still use the immutable flag to protect certain files
1158596765 M * Nei vservers are so great~
1158596782 M * Bertl yes, they are :)
1158596818 M * Nei what's the highest allowed uid/gid?
1158596837 M * daniel_hozac depends on your xid tagging settings.
1158596852 M * daniel_hozac 65535 should be safe though.
1158596863 M * daniel_hozac (but is usually occupied already)
1158596871 M * Bertl right, 2^16-1 is always safe, 2^24-1 or 2^32-1 is optional
1158596890 M * Nei thanks
1158596892 M * Bertl i.e. depends on the xid tagging options
1158596922 M * Nei whats the default ;p? then again 65534 should be enough
1158596944 M * Bertl default is to use 24/24 tagging, so you have 2^24-1
1158596972 M * Nei ok cool
1158596983 J * marcfiu ~mef@targe.CS.Princeton.EDU
1158597376 M * Nei can someone throw a disk limit tutorial at me? do I need to set up something in the host?mess with 'quota'? only put my wishes in the vserver config? how are the quotas enforced?
1158597427 M * Nei oh wait http://oldwiki.linux-vserver.org/Disk+Limits
1158597440 M * daniel_hozac yep.
1158597675 Q * cdrx Ping timeout: 480 seconds
1158598037 M * Nei is there still any truth to the wiki mentioning that this requires ext[23]fs?
1158598069 M * Bertl no, not really, should work on all major unix filesystems with xid tagging now
1158598086 M * Nei I'll find it out ^^
1158598124 M * daniel_hozac hmm, where does it say that?
1158598192 M * Nei On "Quota and Disk Limits"
1158598220 Q * _are_ Ping timeout: 480 seconds
1158598487 M * daniel_hozac ah.
1158598508 M * Bertl maybe it relates to teh quota? haven't checked
1158598543 M * daniel_hozac that document in general is referring to 2.4.
1158598583 M * daniel_hozac do we support all filesystems in 2.4?
1158598673 M * coocoon daniel_hozac: u r the best thanx a lot it works after updating lucid
1158598683 M * daniel_hozac coocoon: great!
1158598709 M * Bertl daniel_hozac: some, not all of them, IIRC, it was ext2/3 and reiser (xfs and jfs wasn't even there)
1158598721 M * daniel_hozac ah.
1158598763 A * daniel_hozac has forgotten everything about 2.4 by now.
1158598772 M * Bertl but I think xfs got included some time ago, so it might be there now, we should ask 2.4 folks :)
1158599178 J * derjohn2 ~aj@dslb-084-058-229-052.pools.arcor-ip.net
1158599235 Q * dna_ Quit: Verlassend
1158599345 P * BeLu 
1158599374 M * Nei vserver cant benefit from any journaling quota support in the fs or can it?
1158599522 M * Bertl if it is a partition per guest, then yes
1158599573 M * Bertl the shared quota is not integrated in 2.6 for now anyways, so that's not an issue :)
1158599656 M * Nei could vservers use xfs' project attribute instead of xid tagging or is that a stupid idea?
1158599710 J * Johnnie ~jdlewis@jdlewis.org
1158599768 M * Bertl Nei: well, in theory they could, but there is no implementation (yet)
1158599785 M * Bertl Nei: would also require to disable the project attributes inside a guest
1158599792 M * Bertl welcome Johnnie!
1158599823 J * mkhl mkhl@200-148-40-184.dsl.telesp.net.br
1158599887 M * Nei is there any reason for guests on a shared filesystem to be able to set pprojids?
1158599926 M * Johnnie Hey Bertl.
1158599935 M * Nei they cant use the quotas anyway or am I wrong?
1158599938 M * Bertl well, I'd say the same reason as for ahving the project ids in the first place?
1158600074 Q * derjohn2 Ping timeout: 480 seconds
1158600089 M * Nei mhm i thought they were only for quotas
1158600127 M * Bertl could be, never dived into the xfs details ...
1158600457 M * Nei curious, what good does it do to run the host with chbind?
1158600479 M * Nei (there is a receipe on how to do this on the wiki)
1158600575 Q * fluor Ping timeout: 480 seconds
1158600832 M * Bertl Nei: well, for the entire guest it's a very bad idea actually, but for certain services it is a simple way to limit them
1158600844 M * Bertl okay, off preparing dinner now ... back later
1158600853 N * Bertl Bertl_oO
1158600891 M * Nei ah yea limiting host services which bind on everything by default
1158600980 Q * id23 Quit: Leaving
1158601081 Q * Johnnie Remote host closed the connection
1158601459 J * Johnnie ~jdlewis@jdlewis.org
1158601755 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net
1158601761 M * daniel_hozac Nei: and have no sensible means to disable it.
1158601767 M * daniel_hozac Nei: but those services should be few.
1158601829 J * bonbons ~bonbons@83.222.36.111
1158601965 M * Nei yea
1158602644 P * marcfiu 
1158605835 J * comfrey ~comfrey@h-64-105-215-75.sttnwaho.covad.net
1158607396 Q * dreamind Quit: dreamind
1158607507 Q * lilalinux Remote host closed the connection
1158609213 Q * coocoon Quit: KVIrc 3.2.0 'Realia'
1158609894 J * fluor ~fluor@tanneries.squat.net
1158610070 Q * comfrey Quit: Lost terminal
1158610590 J * _are_ are@dslb-088-064-117-244.pools.arcor-ip.net
1158611035 Q * yarihm Quit: Leaving
1158611298 J * yarihm ~yarihm@84-75-123-221.dclient.hispeed.ch
1158611342 J * pisco hiddenserv@tor.noreply.org
1158611654 Q * bonbons Quit: Leaving
1158611881 J * ruskie_ ~ruskie@84.20.228.4
1158611901 Q * ruskie Read error: Connection reset by peer
1158612054 N * ruskie_ ruskie
1158612529 Q * pisco Ping timeout: 480 seconds
1158613141 J * vrwttnmtu ~eryktyktu@82-69-161-137.dsl.in-addr.zen.co.uk
1158614046 J * Aiken ~james@tooax6-044.dialup.optusnet.com.au
1158614944 Q * mkhl 
1158615719 Q * Piet Quit: :tiuQ
1158616086 J * cryptronic ~oli@p549CF191.dip.t-dialin.net
1158616092 M * cryptronic hi all
1158616191 M * _are_ Hi cryptronic
1158616273 M * cryptronic i have a hugh problem and i have no clue where i can ask for help
1158616299 M * cryptronic maybe i am allowed to ask?
1158616359 M * _are_ depends on your problem. You can either try and read tons of docs to find out if you are right here, or you can just ask :-)
1158616416 M * cryptronic ok, on my server maybe hd crashes but when i boot into a rescue system no hd is found and dmesg only gives: ide0: Wait for ready failed before probe !
1158616452 M * cryptronic what does this mean: controller defect or crashed hd
1158616469 M * cryptronic i didn't find anything else containig hd's only this ide0...
1158616491 M * _are_ can be both, I'd assume the disk, though
1158616506 M * cryptronic :(((
1158616508 M * _are_ do you hear the drive spinning?
1158616518 M * cryptronic it'S my dedicated server :(
1158616635 M * _are_ hmm, well, in the rescue system, what is below /proc/ide?
1158616690 M * cryptronic drivers  via
1158616691 M * harry bananas!
1158616824 M * _are_ well, I'd assume the disk and if it was a box next to me, I'd just unplug all power for 2m and then retry. However, this is most liklely not possible so you probably have to open a call at your hoster. sorry.
1158616872 M * cryptronic shit, but thanks a lot for your answers
1158616904 A * harry concurs with are, btw :)
1158616910 M * harry probably disk failure
1158616919 M * harry (/me never (really... never) seen a controller die)
1158616930 M * harry now... dishes
1158616937 Q * meandtheshell Quit: exit (0);
1158618204 Q * _are_ Ping timeout: 480 seconds
1158618918 Q * vrwttnmtu Quit: Leaving
1158619381 J * dna_ ~naucki@226-230-dsl.kielnet.net
1158619549 Q * cryptronic Quit: Leaving
1158619966 Q * yarihm Quit: Leaving
1158620022 Q * dna_ Quit: Verlassend
1158620423 Q * Aiken Quit: Leaving
1158622576 Q * mcp Read error: Connection reset by peer
1158622585 J * mcp ~hightower@wolk-project.de