1162685070 Q * s0undt3ch Ping timeout: 480 seconds 1162685070 N * s0undt3ch_ s0undt3ch 1162685692 J * besonen_ ~besonen@dsl-db.pacinfo.com 1162686077 Q * besonen Ping timeout: 480 seconds 1162688343 Q * Piet Ping timeout: 480 seconds 1162688771 M * Bertl okay, off for now .. back later ... 1162688776 N * Bertl Bertl_oO 1162689816 Q * matled Read error: Operation timed out 1162692480 Q * Hunger Server closed connection 1162692495 J * Hunger Hunger.hu@Hunger.hu 1162693924 J * node_ ~dwindsor@c-69-143-154-220.hsd1.md.comcast.net 1162694989 J * bronson ~bronson@c-71-198-75-160.hsd1.ca.comcast.net 1162696553 Q * ray6 Server closed connection 1162696553 J * ray6 ~ray@vh5.gcsc2.ray.net 1162696960 J * Piet hiddenserv@tor.noreply.org 1162698058 J * Piet_ hiddenserv@tor.noreply.org 1162698130 Q * Piet Remote host closed the connection 1162698636 J * Aiken_ ~james@tooax8-212.dialup.optusnet.com.au 1162698961 Q * Aiken Ping timeout: 480 seconds 1162701814 J * ntrs_ ~ntrs@68-188-55-120.dhcp.stls.mo.charter.com 1162702266 Q * ntrs Ping timeout: 480 seconds 1162703183 Q * Dimmu Server closed connection 1162703184 J * Dimmu cliff@dropkick.oisec.net 1162703482 Q * node_ Ping timeout: 480 seconds 1162707456 J * Piet__ hiddenserv@tor.noreply.org 1162707486 Q * Piet_ Remote host closed the connection 1162708040 J * matled ~matled@85.131.246.184 1162708986 J * node_ ~dwindsor@c-69-143-154-220.hsd1.md.comcast.net 1162709957 J * Piet_ hiddenserv@tor.noreply.org 1162710358 Q * Piet__ Ping timeout: 480 seconds 1162710938 Q * cohan Server closed connection 1162710942 J * cohan ~cohan@koniczek.de 1162711227 J * Piet__ hiddenserv@tor.noreply.org 1162711254 Q * Piet_ Remote host closed the connection 1162711346 N * Piet__ Piet 1162713574 Q * node_ Read error: Operation timed out 1162717029 J * Aiken__ ~james@tooax6-170.dialup.optusnet.com.au 1162717038 J * dna_ ~naucki@17-208-dsl.kielnet.net 1162717357 Q * Aiken_ Ping timeout: 480 seconds 1162717820 J * bonbons ~bonbons@83.222.36.111 1162721349 Q * bon Quit: leaving 1162722998 J * matled_ ~matled@85.131.246.184 1162723187 Q * matled Remote host closed the connection 1162723187 N * matled_ matled 1162723232 Q * Hunger Quit: changing servers 1162723246 J * Hunger Hunger.hu@Hunger.hu 1162724353 Q * ensc Killed (NickServ (GHOST command used by ensc_)) 1162724362 J * ensc ~irc-ensc@p54B4F603.dip.t-dialin.net 1162725319 J * SoftIce ~newbie@vc-196-207-45-253.3g.vodacom.co.za 1162725334 M * SoftIce hi, please could somebody explain why i'm getting this during a vserver build 1162725357 M * SoftIce . /usr/lib/util-vserver/distributions/fc5/initpost: line 107: 18697 Killed 1162725370 M * SoftIce hmm, just re-building to view the entire error message 1162725433 M * SoftIce also another quick question while that builds how does the vservers, v-utils, vs kernel, yum patch, etc respond or should I say affect a yum upgrade to a later version of fc? 1162725456 M * SoftIce as I know yum upgrades sometimes break or wont build with 3rd party repo, app installs? 1162725742 Q * ensc Remote host closed the connection 1162725784 M * |yang| i get this error on my guest - 1162725788 M * |yang| criten:~# ulimit -n 64000 1162725788 M * |yang| bash: ulimit: open files: cannot modify limit: Operation not permitted 1162725800 M * |yang| and i tried to modify on main, and it worked 1162725809 M * |yang| but on guest i cannot set it 1162726128 M * SoftIce have you edited your conf file and mended the line to look like this S_CAPS="CAP_SYS_RESOURCE" 1162726154 Q * Osgiliath Server closed connection 1162726190 M * Hollow SoftIce: you have read the read warning on http://linux-vserver.org/Capabilities_and_Flags#System_capabilities_.28bcaps.29 ? 1162726279 M * SoftIce Hollow: yes, I have. but when it comes to using BIND I have no choice 1162726337 M * Hollow http://people.linux-vserver.org/~dhozac/p/m/bind-9.2.3-CAP_SYS_RESOURCE-when-available.patch 1162726369 M * SoftIce I guess I can compile BIND with --disable-linux-caps 1162726382 Q * WorkRoey Ping timeout: 480 seconds 1162726382 M * SoftIce Hollow: I have not read that, let me check 1162726407 J * FaUl immo@shell.chaostreff-dortmund.de 1162726411 M * FaUl huhu 1162726425 M * FaUl i just got antoher panic ;-( 1162726442 M * FaUl and once again no log ;-( 1162726460 M * FaUl because my null-modem-cables aren't here unfortunately 1162726462 M * SoftIce Hollow: but that means I have to compile as source and enable | patch 1162726487 M * SoftIce Hollow: in this box setup I prefure to use the chroot-bind rpm package 1162726521 M * Hollow well, you can build your own rpm i guess, but don't how that works .. ;) 1162726727 M * SoftIce true, but it means I still have to compile as source and statically link the package 1162726741 M * SoftIce so that defeats the point ;) 1162726756 M * daniel_hozac ... why would you have to link it statically? 1162726845 M * SoftIce well daniel_hozac, how would I go abouts using a rpm package compiled on a certain version of gcc, etc. then do fc upgrade 1162726882 M * daniel_hozac upgrade first, build later? 1162726893 M * SoftIce that can work 1162726917 M * SoftIce but i'm not 100% sure on remote yum fc5/fc6 upgrade yet 1162726964 M * SoftIce and its in a data centre so i'm not to happy yet with the process and new kernel yet, or better yet I possibly could stage it. so that isn't really an excuse 1162726998 M * SoftIce right, this is where my vserver breaks, or maybe this is a normall error code 1162726999 M * SoftIce ... 1162727000 M * SoftIce RTNETLINK answers: File exists 1162727000 M * SoftIce /usr/lib/util-vserver/distributions/fc5/initpost: line 107: 21112 Killed $_VSERVER "$vserver" exec bash -c ': >/tmp/startwait' >&/dev/null 1162727000 M * SoftIce ... 1162727011 M * SoftIce I can carry on with the build 1162727089 M * SoftIce line 107 is how ever just a string by the looks of it to start the vserver? 1162727089 M * SoftIce $_VSERVER "$vserver" exec bash -c ': >/tmp/startwait' &>/dev/null || : 1162727120 M * SoftIce thats the second to last line in the file 1162727136 M * SoftIce i'm not if that is where it is supposed to stop ? 1162727198 M * daniel_hozac there are some synchronization issues with the initpost script, but it shouldn't be fatal. 1162727305 M * SoftIce so its pretty much just safe to go on? 1162727423 M * SoftIce daniel_hozac: are you 1 of the developers? 1162727436 Q * FaUl Ping timeout: 480 seconds 1162727490 M * SoftIce never mind just re-searched you are ;) 1162727525 M * SoftIce daniel_hozac: could you maybe tell me offhand what the difference between vserver and user mode linux is, or have a link to a comparison or are they 1 and the same? 1162727621 J * immo ~immo@miniFaUl.wlan.chaostreff-dortmund.de 1162727623 N * immo FaUl 1162727629 M * FaUl ok, panic, once again ;-( 1162727637 M * FaUl but this time i got a log 1162727888 M * SoftIce ieesh, these mirrors are really slow, you guys looking for somebody to do mirroring? 1162727889 M * SoftIce ;) 1162728064 M * SoftIce hmf, now I get a this error 1162728070 M * SoftIce , /bin/chown: cannot access `/var/lib/rpm/[A-Z] 1162728077 J * meandtheshell ~markus@85-124-206-56.dynamic.xdsl-line.inode.at 1162728078 M * SoftIce does this have something to do with the post install script? 1162728142 M * SoftIce never mind I have a string to add to the initpre script 1162728145 M * SoftIce | ( cd "$vdir" && $_CHROOT_SH append /var/lib/rpm/FORTYTWO enter, su - , you can write to and read from /dev/null just fine? 1162737764 M * daniel_hozac but not if you SSH to it? 1162737777 M * SoftIce daniel_hozac: no only root can 1162737785 M * SoftIce user accounts cant 1162737809 M * daniel_hozac so what does ls -ld / /dev /dev/null say? 1162737833 M * daniel_hozac (inside the guest) 1162737844 M * SoftIce daniel_hozac: well i'm really using vserver for 'security' i want to run 1 server for BIND so pretty much just port 53 will be open. so i'm not worried about buffer overflow, etc. 1162737872 M * daniel_hozac if you're running BIND, security should be your top priority :) 1162737891 M * SoftIce daniel_hozac: I was thinking of chroot() chroot() 1162737897 M * SoftIce running a chroot within vserver 1162737899 M * SoftIce so that would be secure? 1162737925 M * SoftIce even though vserver is '' less than secure '' 1162737926 M * SoftIce drwxr-xr-x 21 root root 4096 Nov 5 19:25 / 1162737926 M * SoftIce drwxr-x--- 3 root root 4096 Nov 5 21:56 /dev 1162737926 M * SoftIce crw-rw-rw- 1 root root 1, 3 Nov 5 20:56 /dev/null 1162737927 M * daniel_hozac secure how? if the guest has CAP_MKNOD, anything you do can still be circumvented. 1162737946 M * daniel_hozac that's your problem, /dev is 0750. 1162737947 M * SoftIce guess so 1162737953 Q * micah Server closed connection 1162737953 M * SoftIce guess i'm just trying to fool myself 1162737960 J * micah ~micah@micah.riseup.net 1162737964 M * daniel_hozac chmod 0755 /dev inside, and things should work fine. 1162737970 M * SoftIce 755? 1162737979 M * SoftIce kewl 1162737980 M * SoftIce let me try 1162738007 M * SoftIce haha, thanks for taking the time helping me through that 1162738009 M * SoftIce its working 1162738366 M * SoftIce by default does vserver have configuration flags set on inet to enable it to listen on its appropriate ip only? 1162738367 Q * eyck Ping timeout: 480 seconds 1162738402 M * SoftIce i'm not sure if thats a stupid question ;) 1162738408 Q * coocoon Quit: KVIrc 3.2.0 'Realia' 1162739571 M * daniel_hozac of course, a guest can only use the addresses you have assigned to it. 1162739602 Q * derjohn2 Ping timeout: 480 seconds 1162739641 J * derjohn2 ~aj@dslb-084-058-194-013.pools.arcor-ip.net 1162739653 M * SoftIce i'm talking about the parent? 1162739935 M * daniel_hozac the host is not restricted, you'll have to limit any services you might be running there. 1162740480 J * matled_ ~matled@85.131.246.184 1162740645 M * SoftIce ahh, thanks 1162740654 Q * matled Read error: Connection reset by peer 1162740654 N * matled_ matled 1162740716 M * SoftIce daniel_hozac: sorry to pester you, last question for the day, is there a reason to run a chroot() BIND installation if running in vserver or not? 1162741364 M * derjohn2 SoftIce, bind like DNS server bind9? It needs capabilties by default. 1162741409 M * derjohn2 either you compile it without capa support (check makefile) or use vserver devel 2.1.1rc48 .. then it works within a guest 1162741444 M * derjohn2 ah, linux-vserver.derjohn.de .. there is a (outdated!) prepatched bind9 for debian. HTH... 1162741447 A * derjohn2 away now 1162741741 Q * shedi Quit: Leaving 1162741772 Q * bubulak Server closed connection 1162741789 J * bubulak ~bubulak@whisky.pendo.sk 1162742986 J * meandtheshell ~markus@85-124-206-56.dynamic.xdsl-line.inode.at 1162743025 J * node_ ~dwindsor@c-69-143-154-220.hsd1.md.comcast.net 1162743273 Q * sebastian 1162744060 Q * node_ Ping timeout: 480 seconds 1162744070 M * matti :) 1162744136 J * mire ~mire@126-167-222-85.adsl.verat.net 1162744962 Q * sladen Ping timeout: 480 seconds 1162745189 J * sladen paul@starsky.19inch.net 1162745359 Q * meandtheshell Remote host closed the connection 1162745694 J * meandtheshell ~markus@85-124-206-56.dynamic.xdsl-line.inode.at 1162745792 Q * derjohn Remote host closed the connection 1162745802 Q * meandtheshell Remote host closed the connection 1162746068 J * Hurga nobody@p508AA9CA.dip0.t-ipconnect.de 1162746096 M * Hurga Hiya. 1162746135 A * Hurga has some weird issues with vserver networking... 1162746159 J * derjohn ~derjohn@80.69.37.19 1162746168 M * Hurga Hi derjohn 1162746210 M * daniel_hozac such as? 1162746273 M * derjohn Hurga, 'd evening ! 1162746305 M * derjohn just rebootet with 2.6.18.2-rc48 ...debian packages (p3) are ready and work :) 1162746360 M * Hurga daniel_hozac: I have a colocated server which resently got ipv6, via vlan. I have eth0 configured with 2 vlans, one for ivp4 and one for ipv6. I didn't change the guest configs, big mistake, it seems. 1162746408 M * daniel_hozac why is that? 1162746443 M * Hurga Today i noticed one of the guests still has lo configured (eraly experimants). I removed that, and all communication between the guests stopped. To the internet, all was fine. 1162746477 M * daniel_hozac you removed lo? 1162746494 M * Hurga From the guest it still had it. 1162746509 Q * derjohn Quit: by(t)e 1162746538 J * derjohn ~derjohn@80.69.37.19 1162746539 M * daniel_hozac was it nodev? 1162746556 M * daniel_hozac i.e. does lo have an address assigned right now and is it up? 1162746619 M * Hurga currently, the server is down :) But that might explain part of my problems. 1162746635 M * Hurga Let me continue... 1162746681 J * shedi ~siggi@inferno.lhi.is 1162746684 M * Hurga After thinking a bit, I thought I would have to use the ipv4 vlan device instead of eth0 for the guest networking config. I put the the vlan device in .../dev and I saw the device in the guest, but along with eth0. Which I don't understand. 1162746773 M * daniel_hozac was the address assigned to both interfaces? 1162746780 M * Hurga Yes. 1162746783 M * daniel_hozac did you change .../dev while it was still running, and then ran vserver ... restart? 1162746817 M * Hurga No. I shut the guest down, changed the device, and started it again. 1162746844 M * daniel_hozac no errors anywhere? 1162746872 M * Hurga As far as I can tell, no. 1162746920 M * daniel_hozac well, just removing it from eth0 should do the trick. 1162746943 M * Hurga eventually I tried to shut down eth0 inside the vserver, which killed networking, but that was my own stupidity... I should have known that. 1162746944 M * daniel_hozac and as the server is down now, it shouldn't even be assigned to eth0 by the time it's rebooted. 1162746958 M * Hurga "just removing it from eth0"? 1162746968 M * Hurga the Ip address? 1162746968 M * daniel_hozac hmm, you shouldn't be able to mess with interfaces at all inside a guest. 1162746971 M * daniel_hozac yes. 1162747019 M * Hurga I did "vnamespace -e services ifconfig eth0 down" (and I know that was stupid). 1162747032 M * daniel_hozac ... why vnamespace? 1162747042 M * daniel_hozac what does filesystem namespaces have to do with networking? 1162747043 M * Hurga But how do I remove the IP when I'm not able to mess with interfaces at all inside a guest? 1162747052 M * daniel_hozac you do it on the host, as usual. 1162747109 M * Hurga But the IP of the guest only appears on eth0 when I start the guest. 1162747139 M * Hurga looks like my server is back. 1162747182 M * daniel_hozac so it's somehow assigned to both the VLAN and real interface? 1162747192 M * Hurga Yes. 1162747204 M * Hurga hangon, doing a few teste 1162747207 M * Hurga tests 1162747208 M * daniel_hozac you must have multiple interfaces specified then, one for each. 1162747268 M * daniel_hozac because if you just have the VLAN one specified, the real interface shouldn't get the address (as far as i understand VLANs, anyway). 1162747404 M * Hurga ok, now I have problems starting any kind of networking. 1162747427 M * Hurga root@kabelmarder:~# cat /etc/vservers/eurofur/interfaces/0/dev 1162747427 M * Hurga vlan11 1162747457 M * Hurga hmm. 1162747494 M * Hurga "nodev" means that the guest start scrips don't try to assign an IP to that device, right? 1162747539 M * daniel_hozac yep. 1162747561 M * Hurga ok, I guess I now know what's wong. 1162747589 M * trippeh_ Is util-vserver 0.30.211 compatible with the 2.1.x patches? 1162747595 M * daniel_hozac yes. 1162747605 M * daniel_hozac but it lacks support for the newer features. 1162747622 M * daniel_hozac (like new scheduler configuration and raising bcaps) 1162747625 M * trippeh_ Ah, cool 1162747640 M * daniel_hozac that should all be there in 0.30.212 though :) 1162747847 M * trippeh_ vserver-utils is the new userspace stuff? 1162747862 M * daniel_hozac now called vcd, vstatd and vwrappers, yes. 1162747890 M * daniel_hozac (and lucid and libvserver, i guess) 1162748344 M * trippeh_ It will eventually replace util-vserver? 1162748360 M * daniel_hozac it's an alternative. 1162748378 M * trippeh_ Hm, ok 1162748382 M * SoftIce where can I find vserver startup scripts for guess OS's 1162748385 M * SoftIce guest OS's 1162748401 M * daniel_hozac that depends on the initstyle. 1162748417 N * Bertl_oO Bertl 1162748418 M * daniel_hozac the default, sysv, just executes /etc/{rc,init}.d/rc, depending on which exists. 1162748421 M * daniel_hozac morning Bertl! 1162748422 M * Bertl morning folks! 1162748460 M * SoftIce ta 1162748473 M * Hurga Hi Bertl 1162748514 M * daniel_hozac Bertl: about ulimits, should i really reset the soft limit as well? isn't the hard limit sufficient? 1162748536 M * Bertl hmm, yeah, should suffice 1162748575 M * daniel_hozac enabling core dumps by default just seemed like a bad idea :) 1162749023 Q * Piet Ping timeout: 480 seconds 1162749191 M * Hurga daniel_hozac: Thanks for your help, everything seems to work like intended now. I still don't know what *exactly* was wrong, but it seems to have been an issue of mixing configs. 1162749227 J * Piet hiddenserv@tor.noreply.org 1162749618 Q * lilalinux Remote host closed the connection 1162749925 M * Hurga What's the status of ipv6 for guests? 1162750074 J * meandtheshell ~markus@85-124-206-56.dynamic.xdsl-line.inode.at 1162750242 J * bronson_ ~bronson@c-71-198-75-160.hsd1.ca.comcast.net 1162750242 Q * bronson Read error: Connection reset by peer 1162750387 M * daniel_hozac it should work if you use bonbons' patch. 1162750549 M * Hurga nice :) 1162750763 Q * mire Ping timeout: 480 seconds 1162751052 J * yarihm ~yarihm@84-74-17-6.dclient.hispeed.ch 1162751198 M * Piet has someone of you ever setup a set of vservers with a single public ip address using shorewall? 1162751256 M * Piet i'm wondering whether i need to use the 'loc' zone or whether the vservers need to be part of the $fw zone 1162751322 M * Piet someone told me i'd need to add all vservers to the $fw zone, but this seems quite dirty to me... 1162751940 M * Bertl well, as far as I understood the feedback from folks using shorewall (and Linux-VServer) it doesn't quite handle the setup used in a typical Linux-VServer scenario 1162751960 M * Bertl note: I'm not using shorewall, I'm using iptables :) 1162752017 M * Piet well, it's quite versatile and pretty configurable so i think it must be possible 1162752065 M * Bertl if you figure how, and what needs to be changed, please add it to the wiki, for the rule set, the following is true (for Linux-VServer) 1162752081 M * Bertl - all Host - Guest and Guest - Guest traffic uses lo 1162752102 M * Bertl - guests directly connected to the outside will look like the host 1162752127 M * Bertl - guests using a private ip with S/DNAT will connect over the external (NAT) interface 1162752302 M * Piet ok, so i guess i need to add all vservers to the $fw zone then, but seperate them by ip addresses, not zones. i'm going to try that. thanks. 1162752336 M * Bertl you're welcome! 1162752480 Q * sid3windr Server closed connection 1162752484 J * sid3windr luser@195.160.166.163 1162752765 Q * SoftIce Ping timeout: 480 seconds 1162753889 J * mire ~mire@48-166-222-85.adsl.verat.net 1162754253 Q * meandtheshell Remote host closed the connection 1162754290 J * meandtheshell ~markus@85-124-206-56.dynamic.xdsl-line.inode.at 1162754519 Q * click Server closed connection 1162754525 J * click click@ti511110a080-5188.bb.online.no 1162754728 M * Bertl Hollow: do we have vserver-utils for 2.1.1? 1162754876 Q * meandtheshell Remote host closed the connection 1162755425 Q * ex Server closed connection 1162755454 J * ex ex@81.219.196.129 1162755507 M * Bertl wb ex! click! 1162755739 M * Bertl neuralis: ping? 1162756128 M * neuralis Bertl: pong 1162756178 M * neuralis what's up? 1162756337 M * matled % vserver - build --help 1162756337 M * matled vnamespace: clone(): Operation not permitted 1162756351 M * matled those commands are strange, ok, it is not supposed to do anything useful as normal user 1162756359 M * matled but what does it need privileges for when running --help? 1162756452 M * Bertl hmm, probably should work or error out early 1162756509 M * matled is there documentation about the syscall interface to vserver? 1162756561 M * Bertl yes and no 1162756583 M * matled "Details and examples are in the kernel module source." (man iptables)? :) 1162756592 M * Bertl i.e. the include files from the kernel are quite easy to read, and util-vserver provides a library to do advanced stuff 1162756611 M * Bertl also there is a hack tool which allows you to test/investigate the kernel API 1162756653 M * matled where is this? 1162756766 J * adrien ~vserver@24.201.209.190 1162756822 M * adrien Hello ! does anyone knows how to change the gateway of guest ? 1162757001 M * Bertl the same as you change a gateway of the host 1162757014 M * Bertl i.e. you configure the routing and gateways on the host system 1162757040 M * Bertl if you have more than one gateway, you simply use multiple routing tables and source rules 1162757045 M * adrien ok 1162757055 M * adrien so gateway is handle by the host 1162757126 M * adrien there is something I don't understand, inside my guest I end up with two interfaces 1162757146 M * Bertl hmm? 1162757149 M * adrien eth0 without an IP and eth0:gues with the correct ip 1162757157 M * Bertl ah, you are using aliases 1162757176 M * Bertl what kernel patch do you use atm? 1162757196 M * adrien vs2.0.2.2-rc4 1162757225 M * Bertl try the following: 1162757252 M * Bertl shut down the guest, remove the 'name' entry in /etc/vservers//interfaces/0 and start it again 1162757267 M * Bertl after that, you should only see eth0 with the guest ip 1162757309 M * adrien ok now I have only one interface 1162757317 M * adrien what's the use anyway of the alias ? 1162757343 M * Bertl in ancient times :) when we didn't do the visual sugar stuff ... 1162757359 M * Bertl we used aliases for all the guests 1162757372 M * adrien ok so the documentation is out of date 1162757373 M * Bertl nowadays it's mainly a legacy feature 1162757412 M * Bertl probably, docu is always out of date ... but our online docu is a wiki, so you can update it where appropriate 1162757427 M * adrien I haven't found any good documentation regarding util-verser, is it normal ? 1162757442 Q * Piet Quit: Piet 1162757454 M * adrien is someone in charge of the project documentation ? 1162757476 M * adrien because that might be something I could handle 1162757603 M * mnemoc adrien: poke Hollow 1162757619 M * Bertl well, util-vserver itself is maintained by daniel_hozac and ensc, Hollow is coordinating the wiki stuff 1162757649 M * mnemoc aaah, sorry.... i tend to confuse util-vserver with vserver-util :\ 1162757651 M * Bertl adrien: so if you think about man pages and util-vserver documentation, I'm pretty sure daniel_hozac will accept patches and such 1162757779 M * adrien I see that the wiki is migrating to wikipedia 1162757798 M * adrien is it possible to help to move the old help pages ? 1162757822 M * adrien anyway I'll send an email to Hollow about this 1162757871 M * Bertl sure, go ahead, you can start moving/improving on the wiki right ahead 1162757895 M * Bertl that's the idea behind a wiki in the first place 1162758002 A * sid3windr moos loudly 1162758775 J * DavidS ~david@chello062178045213.16.11.tuwien.teleweb.at 1162758784 M * Bertl wb DavidS! LTNS! 1162758814 M * DavidS Bertl: hi, usually i just hang around #debian.or.at ... 1162758837 Q * yarihm Quit: Leaving 1162758840 M * DavidS I admit, i only come here if i need advice or want to report BUGs (like now ;) 1162758853 M * Bertl ah, please go ahead then 1162758893 M * DavidS i'm currently playing with my new hvm-xen-vserver thingy ... 1162758909 M * DavidS BUG: warning at kernel/irq/handle.c:177/__do_IRQ() 1162758919 M * DavidS [] __do_IRQ+0x45/0x160 1162758931 M * Bertl what Linux-VServer patch? 1162758941 M * DavidS sid's debian kernel 1162758955 M * Bertl so you want to talk to waldi then I guess 1162758969 M * Bertl this should be fixed in recent versions 1162758991 M * Bertl but you can easily fix it yourself I guess 1162759025 M * Bertl if you upload the full trace to paste.linux-vserver.org I can probably tell you what to change where 1162759037 M * DavidS Bertl: personally I'm satisfied if the problem is known and the fix will make it's proper way 1162759080 M * Bertl I hope so, but I personally have no overview what debian incorporates and what not 1162759096 M * DavidS if someone want's to push it, so the potential etch-kernel can be fixed "faster" I'd be happy to help ... 1162759114 M * Bertl so probably filing a debian bug and/or submitting a patch will speed up things 1162759181 M * DavidS Bertl: aye, probably: http://paste.linux-vserver.org/632 1162759258 M * Bertl yup looks like the one who merged Xen with Linux-VServer forgot the proper __enter/leave in do_IRQ 1162759301 M * Bertl do you have the source at hand? maybe even the built vmlinux? 1162759331 M * DavidS Bertl: The source can be downloaded, the vmlinux is on hand (booted right before my feet) 1162759357 M * Bertl careful, vmlinux != bzImage (aka vmlinuz) 1162759383 M * Bertl if you have the vmlinux, try the following: 1162759405 M * Bertl addr2line -e vmlinux c01060c4 1162759412 M * DavidS I used the debian packages ... 1162759448 M * Bertl well, look for the Xen do_IRQ function 1162759494 M * Bertl and basically you want to add something like this: 1162759497 M * Bertl http://vserver.13thfloor.at/Experimental/delta-doirq-fix02.diff 1162759538 A * DavidS unpacks source ... 1162759540 M * Bertl in your case, you are not looking for a handle_irq but for a do_IRQ (according to your traces) 1162759917 A * DavidS needs to fetch the "real" source ... 1162759925 M * Bertl :) 1162760186 M * DavidS Bertl: I'd really rather go on configuringmy new server, but having the kernel fill logfiles faster than i can ignore them is no fun either ... 1162760265 M * Bertl well, it somehow suggests that the kernel you use was not tested :) 1162760462 M * DavidS Bertl: combining xen and vserver on the same box, feels weird indeed ... 1162760721 M * DavidS great! xen and vserver both have do_IRQ functions ... and macro defines ... 1162760743 M * Wonka debian seems to be able to do it, though 1162760768 Q * ruskie Server closed connection 1162760774 M * DavidS Wonka: indeed, the kernel does run and i already have a vserver within xen, right beside a test windows XP ... 1162760776 M * Bertl DavidS: xen is an arch, you just want to add the enter/leave before calling __do_IQ 1162760779 M * Bertl *IRQ 1162760928 M * DavidS Bertl: let's see if i got that right: i have to modify the vserver patch so that the xen arch will use the special __enter/leave_vx_admin calls? 1162760961 J * ruskie ~ruskie@84.20.228.4 1162760987 M * Bertl if the vserver patch is applied after the xen one, yes 1162761078 M * DavidS Wonka: my use case is having a "frontend" Linux-domU that translates/proxies various services (smtp, http reverse proxying and VirtualHost multiplexing, and various forwarded ports for ssh and others) the layer-7+ proxies each reside in vservers for enhanced isolation 1162761110 M * DavidS but i'm strapped for ip addresses ... xen doesn't facilitate ip sharing ;) 1162761142 J * borgfish ~bla@p54A7A4C8.dip0.t-ipconnect.de 1162761154 M * borgfish hi 1162761177 M * borgfish i wonder whats the difference between rlimits and ulimits and some example about the settings syntax 1162761251 M * borgfish ok found it. now the example 1162761380 M * DavidS Bertl: btw, Debian's current 2.6.18 packages carry vs2.0.2.2-rc3 1162761426 M * borgfish can someone point me to an example howto limit the ram usage with etc/vservers/vserver-name/rlimits/resource file ? 1162761474 M * Bertl hey borgfish! 1162761489 M * borgfish rss in 4k pages ? 1162761491 M * borgfish hello bertl 1162761505 M * Bertl depends on the arch, but for x86 4k is fine 1162761532 Q * mnemoc Ping timeout: 480 seconds 1162761564 M * borgfish so if i created a file etc/vservers/vserver-name/rlimits/rss with content 65536 the vserver could use 256 meg ram ? 1162761571 M * Bertl http://linux-vserver.org/Resource_Limits 1162761592 M * Bertl RSS is pages in memory, while VM/AS is accumulated address space 1162761622 M * borgfish i want to keep it from swapping 1162761643 M * borgfish so i guess rss is enough 1162761649 M * borgfish ? 1162761672 M * Bertl you cannot really keep a guest from swapping, the host will decide when to swap 1162761683 M * DavidS Bertl: ok, i think i found it .. the xen feature patch carries a arch/kernel/i386/irq-xen.c which looks like a copy of the irq.c at the same place that is being patched by the vserver patch 1162761691 M * Bertl borgfish: but given that you have enough memory available that is probably fine 1162761704 M * DavidS I'll try to just copy the changes from irq.c to irq-xen.c and we'll see what happens ... 1162761711 M * borgfish thanks bertl ill try 1162761716 M * Bertl np 1162761772 M * DavidS borgfish: try to not to forget that vserver guests do not have their own kernel running ... 1162761823 M * borgfish err i dont know what you want to tell me with that :) its just one vserver thats swapping and making a load of 14 i got to limit it asap 1162761859 J * mnemoc ~amery@kilo105.server4you.de 1162761948 M * Bertl borgfish: load of 14 sounds like something going wrong inside 1162761968 M * borgfish webshop with mysql bigger than ram i have 1162761992 M * borgfish does this seem right ? 1162761992 M * borgfish /etc/vservers/vs8/rlimits# cat rss 1162761992 M * borgfish 65536 1162761999 M * borgfish /etc/vservers/vs8/rlimits# cat cpu 1162761999 M * borgfish 500 1162762144 M * Bertl cpu doesn't make sens 1162762151 M * Bertl *sense 1162762163 M * Bertl it would, if it was implemented, kill off the guest after 500 seconds 1162762172 M * borgfish CPU time in ms ? 1162762182 M * Bertl in seconds, and it is a total 1162762186 M * harry Bertl: that would be awesome ;) 1162762193 M * borgfish okay 1162762195 M * harry you have 500 seconds of serverpower! ;) 1162762208 M * Bertl precisely, that's the idea behind the cpu limit 1162762210 J * DreamerC_ ~dreamerc@61-224-133-223.dynamic.hinet.net 1162762233 M * Bertl harry: is a kind of legacy from the early batch processing times 1162762352 M * borgfish so howto limit the actual cpu usage ? only nice level ? 1162762367 M * trippeh_ Like what Sun is trying to establish nowadays? CPU hour for $$ ;) 1162762376 M * Bertl borgfish: nope, you have different ways to control that 1162762397 M * Bertl borgfish: the typical way is to use the token bucket scheduler (either in prio adjusting or hard cpu mode) 1162762418 M * Bertl another way is to use cpusets and limit the number of virtual cpus 1162762423 M * borgfish aah :) 1162762459 M * borgfish how much cpus does the host have to give to the vservers ? 1162762486 M * Bertl that depends on your hardware 1162762498 M * borgfish its not virtual ? /etc/vservers/vserver-name/cpuset/cpus [file] 1162762498 M * borgfish The list of CPUs in this cpuset 1162762503 M * Bertl we had sparc systems with 32 and more cpus 1162762525 M * Bertl a typical dual core amd system will have 4 virtual cpus 1162762531 M * borgfish i have 2 sparc systems with 8 cpus but i dont use them 1162762542 M * borgfish so its only for real cpus 1162762565 M * Bertl SMT/SMP basically 1162762583 M * Bertl if your /proc/cpuinfo shows four of them, you can adjust at this level 1162762592 Q * DreamerC Ping timeout: 480 seconds 1162762613 M * Bertl the token bucket scheduler is for finer grained stuff 1162762622 M * borgfish yes but i only have one cpu 1162762631 M * borgfish so i guess i have to use this way 1162762639 M * borgfish experimental; name is subject of possible change] :( 1162762661 M * Bertl what kernel patches/tools do you use right now? 1162762697 M * borgfish -vs2.0.2-rc29 /util-vserver-0.30.210 1162762760 M * Bertl hmm, okay, older one, but supports what you need 1162762775 M * Bertl you just have to make sure that the kernel has the hard cpu scheduler enabled 1162762904 M * DavidS *sigh* of course, xen is applied after vserver .. and there is a "xen/vserver-clash.patch" ... *goes digging* 1162762927 M * borgfish shit where is my kernel config file, its missing 1162762974 M * Bertl there is a kernel config option to put that into /proc (helps in such cases) 1162762988 M * DavidS borgfish: debian has them in /boot/config-... if you made your kernel with make-kpkg 1162762996 M * borgfish yes i know. ill seek if i can figure out how to get it hehe 1162763005 M * borgfish no i make them manual 1162763056 J * Aiken ~james@tooax8-200.dialup.optusnet.com.au 1162763142 M * borgfish yes i compiled it on another machine and planted it with debootstrap into my host-debian far away. hope i find it somewhere 1162763341 M * borgfish poor its not compiled into 1162763349 M * borgfish thanks for the helkp anyways 1162763375 M * Bertl morning Aiken! 1162763499 M * borgfish how the project doing anyways bertl ? :) 1162763525 M * Bertl fine I think, we added a lot of stuff recently 1162763540 M * Bertl and it will become more in the near future 1162763562 M * borgfish i guess you already had a look at virtuozzo ? this stuff is doing great for the hosters 1162763573 M * borgfish maybe you can make some monex selling support for vservers hehe 1162763609 M * Bertl you can buy consulting time from me if you like :) 1162763632 M * borgfish yes but the features ... did you look at virtuozzo ? 1162763646 M * borgfish their backup is just tar-gz 1162763690 M * Bertl I'd say, there are not many features present in virtuozzo(tm) which are missing in Linux-VServer, no? 1162763700 M * DavidS borgfish: there are worse ways to backup (ln -s /dev/null /dev/rmt) 1162763704 M * DavidS ;) 1162763735 M * borgfish its just their soft limits and the main thing: webpage for the users 1162763765 M * borgfish i think they sell it for 1teur per cpu or something alike 1162763800 M * Bertl yeah, quite some money they charge, as I heard, probably business is not going as expected 1162763801 M * borgfish you could make some company and sell the QOS for the free versions 1162763829 M * borgfish i was Way of surprised as i found out they are in rheinstrasse , darmstadt 1162763851 M * borgfish you know fraunhofer SIT my new /old job is there also 1162763880 M * borgfish well the money sure is enough. i think swsoft comes from russia? 1162763996 M * borgfish i tried the demos and if you make files with date in the future, their backup tar throws errors into the webpage buffer 1162764018 M * borgfish when there are enough errors, the backup process will stop and your vz is kinda stuck hehe 1162764156 M * Bertl well, I guess we are more interested in issues with Linux-VServer and new/interesting features than in VZ stuff :) 1162764180 M * borgfish sure *g* sorry thought it was funny hehe 1162764194 M * DavidS borgfish: that it was ;) 1162764420 J * hello ~bla@p54A7A4C8.dip0.t-ipconnect.de 1162764433 N * hello borgfish_ 1162764445 M * borgfish_ bluescreen because of usb wavelan stick. that was a first 1162764459 M * daniel_hozac Bertl: speaking of new/interesting features, where's 2.1.1? ;) 1162764472 M * Bertl borgfish: didn't know linux can bluescreen :) 1162764484 M * borgfish_ hey i am a MCSE be afraid ! 1162764490 M * Skram haha 1162764498 M * Bertl daniel_hozac: almost out .. really final checks now 1162764510 M * daniel_hozac Bertl: awesome! 1162764555 M * borgfish_ cool :) 1162764570 M * borgfish_ maybe i come to use vserver at my new working place 1162764663 Q * borgfish Ping timeout: 480 seconds 1162764766 M * DavidS Bertl: what are the highlights of 2.1.1 vs. 2.0? 1162764794 M * Skram hopefully linux can work with it.. ive never done a raid 1162764809 M * Bertl http://paste.linux-vserver.org/617 1162764839 M * Skram woops, wrong channel 1162764981 M * DavidS Bertl: ah, better than the changelog-2.1 page on the wiki (it's kinda hard dto interpret for the un-initiated) 1162765481 M * borgfish_ ppl i gotta go fetch sleep i guess ill be back tomorrow 1162765488 M * borgfish_ cyas 1162765491 Q * borgfish_ 1162765501 M * Bertl cya 1162765623 A * Skram waves 1162766640 M * Bertl DavidS: and? success with the xen adaptations? 1162766674 M * DavidS Bertl: it still compiles ... 1162766687 A * DavidS needs a fast build host ... 1162766696 M * DavidS *faster 1162766703 M * Bertl or a smaller .config :) 1162766742 M * DavidS Bertl: I'm compiling the default debian kernel ... I didn't want to mess to much with the build-scripts 1162766767 M * Bertl hmm, you need to mess with the build scripts for a custom config? 1162766775 A * DavidS can still remember the days where a optimized kernel build took the whole day ... 1162766787 M * DavidS Bertl: I don't know and i don't want to know ... 1162766826 M * DavidS Bertl: there are enough other things on my mind that i really don't worry about the time this compile will take ... 1162766863 M * Bertl okay, calm down, np, was just a question/comment :) 1162766931 M * daniel_hozac DavidS: i usually run find . -name '*-xen.[chS]' | { while read FILE; do f=${FILE/./}; f=${f/-xen/}; filterdiff -i "*$f" | patch $FILE; done } 1162766947 M * daniel_hozac (if Debian does something similar to Fedora, that is) 1162766986 M * daniel_hozac to get the missing hunks, i mean. 1162766989 M * DavidS daniel_hozac: the patch is called "fedora-36252.patch" ;) 1162767036 M * daniel_hozac it should be noted though that i haven't thoroughly tested by xen kernels either :) 1162767046 M * daniel_hozac i booted one once, just to see if it would work :) 1162767091 M * DavidS daniel_hozak: it seems to work here just fine ... 1162767092 M * daniel_hozac s/by/my/ 1162767127 M * daniel_hozac that warning suggests you might have problems ;) 1162767175 M * DavidS *shrugs* i haven't seen anything worse than filled logfiles ;) 1162767414 Q * dna_ Quit: Verlassend 1162767673 M * Bertl daniel_hozac: what do you think, shall we remove the cond_resched() on exit? 1162767726 M * daniel_hozac hmm, did i ever track that down? 1162767728 M * DavidS g'night 1162767750 M * daniel_hozac i don't remember anything more than maybe being able to reproduce it. 1162767760 M * daniel_hozac but i can't remember how or where i did that. 1162767780 M * Bertl well, we got no reports anymore with 2.6.18.x, i.e. it seems to work quite fine 1162767794 M * Bertl but I remember the 'kernel doesn't boot' issue 1162767825 M * daniel_hozac well, should be fine then... 1162767844 M * Bertl I think so too, especially for devel 1162767851 M * daniel_hozac if it turns out to be a real problem, we can always do a 2.1.1.1. 1162767855 M * Bertl if some issues pop up (on boot) folks will report it 1162767858 M * matled is it possible to use multicast in a vserver? the machine is currently not in a network with any multicast services, but i'd need it later 1162767885 M * Bertl yes, multicast should work fine, if you add the multicast ips to the guest 1162768213 Q * DavidS Ping timeout: 480 seconds 1162768344 M * matled mh, for each multicast ip I could possibly want to bind to? 1162768358 M * matled at least using an ip from the same subnet does not seem to work 1162768372 Q * bonbons Quit: Leaving 1162768387 M * Bertl matled: you can only 'bind' to ips assigned to the guest 1162768398 Q * michal` Ping timeout: 480 seconds 1162768404 M * matled that's quite bad for multicast.. 1162768414 M * Bertl the entire networking will change in the very near future 1162768428 M * Bertl allowing you to assign entire networks 1162768435 M * matled sort | uniq | wc -l 308 1162768448 M * matled so I'd have to add 308 devices to the guest :) 1162768461 M * Bertl ips that would be 1162768473 M * Bertl and it will not work right now if you try 1162768481 M * Bertl (limit is 16, with patches 64/128) 1162768768 J * michal` ~michal@www.rsbac.org 1162768776 M * Bertl wb michal`! 1162768931 Q * almak Server closed connection 1162768932 J * almak ~almak@willers.employees.org 1162768948 M * Bertl wb almak! 1162768972 Q * DreamerC_ Quit: leaving 1162768988 J * DreamerC ~dreamerc@61-224-133-223.dynamic.hinet.net 1162769223 M * derjohn2 Bertl, could you pls define "very near future" ?? 1162769308 M * Bertl probably the next two month 1162769327 M * Bertl folks ready for testing can start queueing right now :) 1162770496 J * node_ ~dwindsor@c-69-143-154-220.hsd1.md.comcast.net 1162770531 Q * romke Server closed connection 1162770543 J * romke ~romke@acrux.romke.net 1162770786 Q * adrien Ping timeout: 480 seconds