1165449953 Q * DavidS Quit: Leaving.
1165450058 Q * gry_ Quit: Leaving
1165450405 J * bronson ~bronson@66.160.177.201
1165451226 Q * yarihm Quit: Leaving
1165451909 Q * meandtheshell Quit: Leaving.
1165452393 J * lilalinux_ ~plasma@dslb-084-058-201-099.pools.arcor-ip.net
1165452410 J * derjohn2 ~aj@dslb-084-058-201-099.pools.arcor-ip.net
1165452834 Q * lilalinux Ping timeout: 480 seconds
1165452855 Q * derjohn Ping timeout: 480 seconds
1165455564 Q * shedi Ping timeout: 480 seconds
1165457161 Q * FireEgl Remote host closed the connection
1165458003 Q * sladen Ping timeout: 480 seconds
1165458021 J * sladen paul@starsky.19inch.net
1165460663 Q * Zaki_ Ping timeout: 480 seconds
1165461354 J * shedi ~siggi@inferno.lhi.is
1165462925 J * FireEgl ~FireEgl@adsl-61-147-76.bhm.bellsouth.net
1165463502 Q * bronson Ping timeout: 480 seconds
1165465876 J * bronson ~bronson@adsl-75-36-147-248.dsl.pltn13.sbcglobal.net
1165468380 Q * Johnnie Read error: Connection reset by peer
1165468502 J * Johnnie ~jdlewis@jdlewis.org
1165468681 Q * Borg- Ping timeout: 480 seconds
1165469172 J * Borg- borg@cube.benet.uu3.net
1165469553 M * bronson I'm trying to port linux-vserver 2.0.2.1 to the Ubuntu 2.6.17 kernel.
1165469607 M * bronson Fortunately or unfortunately, they've applied the NFS4 patch at http://www.citi.umich.edu/projects/nfsv4/linux/kernel-patches/2.6.17-1/linux-2.6.17-CITI_NFS4_ALL-1.diff
1165469662 M * bronson Fortunately, I only get 3 rejected hunks: http://paste.ubuntu-nl.org/35711/
1165469681 M * bronson Unfortunately I have no idea how to fix them.  :)
1165469778 M * doener bronson: what a stupid pastebin... if the window is too narrow, you can't see the full lines and not even scroll vertically
1165469795 M * doener ok, rant over ;)
1165469824 M * bronson doener: no, I agree.
1165469835 M * bronson Looks like there's a 'download as text' button though.
1165469872 M * doener hm, the upper half in each part is not what appears in the ubuntu sources, is it?
1165469880 M * bronson Not even close.
1165469887 M * bronson Those functions don't even exist in the Ubuntu sources.
1165469894 M * bronson Huge replacement.
1165470039 M * doener the first one just got minor modifications in that part and was moved into fs/nfs/super.c
1165470054 M * bronson ah, excellent
1165470063 M * bronson oh, I'm dumb.
1165470075 M * doener (simple search for nfs_sb_init and then client->cl_intr ;))
1165470075 M * bronson I should have searched the patch.  :)
1165470115 M * doener same for the second
1165470144 M * doener and also for the third ;)
1165470178 M * bronson doener: thanks!
1165470194 M * doener no problem
1165470530 Q * DreamerC Quit: leaving
1165470550 J * DreamerC ~dreamerc@59-115-48-84.dynamic.hinet.net
1165471319 Q * bronson Ping timeout: 480 seconds
1165475490 J * DavidS ~david@chello062178045213.16.11.tuwien.teleweb.at
1165476631 J * bronson ~bronson@adsl-75-36-147-248.dsl.pltn13.sbcglobal.net
1165477156 J * dna ~naucki@129-228-dsl.kielnet.net
1165478622 Q * dna Quit: Verlassend
1165479156 J * Torsti76 tkurbad@gate.iwm-kmrc.de
1165479558 N * otaku42_away otaku42
1165479990 M * anonc evening all - just a couple of things of note. nfsv3 acls work inside a vserver against a solaris10 nfs server but not solaris9 and linux servers (2.6.18-vs2.1.1-gentoo-r1). Also, for those using cow-links, there is a new copy-on-write dm target which supposedly offers better performance than the shapshot target and may be useful to vserver users (http://groups.archivesat.com/device_mapper_development/thread291000.htm). Haven't tried it yet.
1165480005 J * meandtheshell ~markus@85-124-38-124.dynamic.xdsl-line.inode.at
1165481260 J * mark12 ~Miranda@static-ip-62-75-166-220.inaddr.intergenia.de
1165481399 J * prae ~Benjamin@host.187.57.23.62.rev.coltfrance.com
1165481573 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net
1165481679 Q * DavidS Read error: Connection reset by peer
1165481742 Q * mark12 Remote host closed the connection
1165483072 M * bronson Should I compile my new vserver kernel with BLK_DEV_VROOT?
1165483086 M * bronson Seems like there's no reason not to...?
1165483646 J * TheSeer ~theseer@border.office.salesemotion.net
1165483830 J * dna ~naucki@86-249-dsl.kielnet.net
1165484084 Q * shedi Quit: Leaving
1165484769 J * DavidS ~david@vpn.uni-ak.ac.at
1165484792 J * s0undt3ch_ ~s0undt3ch@81.193.59.127
1165484887 J * _dmax ~semaj@bl4-59-127.dsl.telepac.pt
1165485098 Q * s0undt3ch Read error: Operation timed out
1165485098 N * s0undt3ch_ s0undt3ch
1165485226 Q * dmax Ping timeout: 480 seconds
1165485233 N * _dmax dmax
1165485370 M * DavidS I'm thinking about reorganising my logical volumes where  i have my VServers located
1165485412 M * DavidS some of the LVs (like /home) are shared between VServers and currently i manually mount them into the host namespace before I start the VServers
1165485453 M * DavidS shared LVs are then additionally bind mounted to other VServers (still in host ctx)
1165485459 M * DavidS this has several problems:
1165485491 M * DavidS 1) backup from the host ctx is possible but sees many files multiple times (every bind mount)
1165485531 M * DavidS 2) there is a privileged VServer which is not bind- but directly mounted
1165485575 M * DavidS 3) unclean namespaces: by mounting in the host ctx, every started VServer inherits the mounts
1165485718 M * DavidS I'm now planning to mount all LVs outside of /vservers (something like /media/* comes to mind) and bind mount those FS i really need via vservers/fstab
1165485754 M * DavidS If I understand it correctly, this would ...
1165485776 M * DavidS 1) hide those bind mounts from the host ctx, therefore removing my problems with the backup seeing things multiple times
1165485790 M * DavidS 2) unifies handling of mounts over all VServers
1165485837 M * DavidS but 3) still inherits those mounts (unneccessarily) into the guest namespaces, which I understand will be fixed by the "namespace cleanup" patch, pending for the utils?
1165485845 M * DavidS does that sound sensible?
1165486344 M * doener DavidS: what exactly is your concern about the inheritance?
1165486637 M * DavidS doener: i'm using heartbeat to control two groups of vservers (with their respective LVs) on two machines, when trying to failback to the active/active configuration, i need to unmount the LVs, which is troublesome because they're still "in use" when the mount point was leaked to one of the staying VServers
1165486665 M * DavidS I have tried to workaround this as suggested, by unmounting the stuff in all ctx, but that didn't help as expected
1165486775 Q * ruskie Quit: Caught sigterm, terminating...
1165486935 M * doener assuming that you have e.g. /media on the host, with the lvs mounted below that and no mounts "on" these, i.e. no /media/lv1/other_mount, you could get away with shared subtrees...
1165487194 M * DavidS i would make /media/vserver[ABC]-root and /media/student-home
1165487337 M * DavidS /goes reading up on shared subtrees
1165487342 M * DavidS /me*
1165487352 J * djrise ~djrise2b@ch-bastia.rain.fr
1165487369 M * djrise a everyone
1165487371 M * djrise hi
1165487392 M * djrise i have a question about vserver and samba
1165487724 M * djrise there is someone ????
1165487747 M * DavidS djrise: nobody can help you without knowing the question
1165487769 M * djrise o sorry but i said hello ;-)
1165487810 M * djrise ok
1165487829 M * djrise i have installed samba in a vserver and i know they are probleme of broadcast
1165487843 M * djrise so in my main interfce configuration 
1165487857 M * djrise i said a file named bcast
1165487862 M * djrise with 255.255.255.255
1165487876 M * djrise but it's not a success
1165487912 M * djrise how do you do to setup correctly a bcast adress for samba ?
1165488000 M * DavidS doener: so i want to mark my mounts in /media as "private", so they are not propagated on the vserver start?
1165488015 M * DavidS djrise: you put the bcast IP of your subnet there
1165488071 M * djrise my network it's 10.0.0.0/16 so i must set in bcast file 255.255.0.0?
1165488273 M * oo ahh.. sweet sixteen...
1165488287 M * DavidS djrise: 10.0.255.255
1165488294 M * oo the broadcast ip is 10.0.255.255
1165488299 M * oo as djrise says
1165488300 M * DavidS 255.255.0.0 is the netmask
1165488371 M * djrise i try this solution but when i run smbclient:
1165488373 M * djrise NT_STATUS_CANT_ACCESS_DOMAIN_INFO
1165488386 J * kir ~kir@swsoft-mipt-nat.sw.ru
1165488483 M * doener DavidS: no, private is the default ;)
1165488527 Q * Loki|muh Ping timeout: 480 seconds
1165488759 J * Loki|muh loki@satanix.de
1165488827 J * shedi ~siggi@dsl-149-109-85.hive.is
1165488981 M * doener DavidS: http://paste.linux-vserver.org/735
1165489082 J * ruskie ~ruskie@ruskie.user.oftc.net
1165489109 M * doener DavidS: as you see, the umount propagates into the namespace
1165490027 J * Piet hiddenserv@tor.noreply.org
1165490035 M * djrise  NT_STATUS_CANT_ACCESS_DOMAIN_INFO
1165490054 M * djrise the logs says
1165490074 M * djrise Domain password server not available
1165490092 M * djrise but i have no problem on samba without vserver
1165490095 M * djrise an idea?
1165490136 M * DavidS doener: ah, cool i guess "smount" is mount --make-sharable?
1165490194 M * DavidS -shared
1165490326 M * doener smount is the tool provided in the shared subtree documentation
1165490346 M * doener at least my mount command does not yet support that stuff
1165490456 M * doener at least the bind mount, mounting media on itself needs to happen before anything is mounted there
1165490512 M * doener not sure about the sharing, but it should be enough to do that before the namespace is created
1165490531 J * eyck ~eyck@nat-old.nowanet.pl
1165490531 Q * eyck_ Read error: Connection reset by peer
1165490562 M * DavidS doener: I'll try that as soon as nobodywill notice ;)
1165490620 M * DavidS djrise: can you access the bcast ip from within the guest?
1165490650 M * DavidS perhaps you have to configure the bcast ip explicitly in the host and the guest as interface??
1165490937 M * djrise i try that now to see
1165491872 M * Mediv507 hi
1165491883 M * Mediv507 anyone got a clue if vyum work correctly with yum 3.x?
1165492652 Q * Aiken Ping timeout: 480 seconds
1165492734 Q * eyck Remote host closed the connection
1165492747 J * eyck ~eyck@nat-old.nowanet.pl
1165492855 Q * ensc Killed (NickServ (GHOST command used by ensc_))
1165492865 J * ensc ~irc-ensc@p54B4E193.dip.t-dialin.net
1165493694 M * lilalinux_ how do I get the linux sourcetree for linux-image-2.6.18-3-vserver-k7 in debian?
1165493709 M * lilalinux_ apt-get source gets only the vanilla 2.6.18
1165493731 Q * Blissex Remote host closed the connection
1165495189 M * lilalinux_ knock knock
1165495285 M * oo Who's there?
1165495532 J * yarihm ~yarihm@whitehead2.nine.ch
1165495650 M * daniel_hozac Mediv507: yes.
1165495656 M * lilalinux_ how do I get the linux sourcetree for linux-image-2.6.18-3-vserver-k7 in debian?
1165495660 M * daniel_hozac Mediv507: at least, it did when i last tested it.
1165495705 M * daniel_hozac lilalinux_: doesn't the vanilla 2.6.18 tree contain the vserver patch?
1165495718 M * daniel_hozac in a subdirectory or so, i mean.
1165495892 M * lilalinux_ daniel_hozac: how do I find out?
1165495913 M * daniel_hozac find . -name '*vs*' maybe.
1165495951 M * lilalinux_ vsyscall?
1165495963 M * lilalinux_ ip_vs_...
1165496262 J * Zaki ~Zaki@88.213.59.31
1165496391 M * DavidS lilalinux_: apt-get source linux-image... in the worst case, then hack the build system
1165496403 M * DavidS else ask #debian
1165497676 Q * Piet Remote host closed the connection
1165498637 J * Piet hiddenserv@tor.noreply.org
1165500855 J * Markus ~session@89.19.31.6
1165500862 M * Markus hi all
1165500867 M * daniel_hozac hello
1165500877 M * Markus i ve got a question about disk quotas
1165500918 M * Markus when i virtualise the disk i cant get used space information at df output
1165500930 M * Markus but it gives correct output for free and total usage
1165500944 M * Markus 2.6.17 kernel
1165500951 M * daniel_hozac are you using disk limits or quotas?
1165500959 M * Markus disk limits sorry me
1165500973 M * Markus not quotas , quotas dont work too
1165500981 M * daniel_hozac so what does df say?
1165500998 M * Markus used space is always 0
1165501015 M * Markus so usage is always %0
1165501023 M * Markus but total and available is correct
1165501036 M * daniel_hozac could you paste the output?
1165501044 M * Markus holdon
1165501053 M * daniel_hozac (to, e.g. paste.linux-vserver.org)
1165501089 M * Markus pasting to pastebin but a bit slow
1165501121 M * Markus http://paste.linux-vserver.org/736
1165501142 M * daniel_hozac you did mount the filesystem with tagxid, right?
1165501151 M * daniel_hozac (or whatever the proper option is for your kernel)
1165501162 M * daniel_hozac and you tagged the files belonging to the guest?
1165501191 M * Markus hm actually i use openvcp to create vservers
1165501205 M * Markus would you like me to paste dlimits ?
1165501214 M * daniel_hozac that won't help.
1165501228 M * daniel_hozac just make sure the files are tagged properly and that tagging is enabled.
1165501239 M * daniel_hozac (using lsxid and cat /proc/mounts on the host)
1165501297 M * Markus http://paste.linux-vserver.org/737
1165501338 M * daniel_hozac you don't have a separate /vservers filesystem?
1165501350 M * Markus no
1165501374 M * daniel_hozac that's going to make enabling tagging rather difficult, and not really recommended.
1165501401 M * Markus how should i enable tagging?
1165501436 M * daniel_hozac should? probably by creating another filesystem to store your guests and mounting that with tagxid (or tagid if you're using 2.1).
1165501511 M * daniel_hozac but if that's not an option, and you really really need it (and willing to accept that things can break horribly), you could boot with rootflags=tagxid.
1165501556 M * Markus i can create another partition to keep guests no matter
1165501619 M * Markus i am gonna get some information about tagxid mount
1165501642 M * Markus cheers
1165502023 J * comfrey ~comfrey@201.243.174.242
1165502713 Q * mnemoc Ping timeout: 480 seconds
1165503006 Q * Torsti76 Quit: Download Gaim: http://gaim.sourceforge.net/
1165503113 J * mnemoc ~amery@kilo105.server4you.de
1165503763 J * zagor ~andrea@service.cab.unipd.it
1165505841 M * zagor Hi folks:)
1165505865 M * zagor The "No command given; use '--help' for more information." start error is back again after the upgrade to Debian util-vserver 0.30.211-4 (I suppose)
1165505884 M * zagor It only affects my gentoo guest, inside a Debian host, like it used to do before I switched from 'gentoo' to 'plain' style...
1165505892 M * zagor Any idea?
1165505911 J * lilalinux ~plasma@80.69.41.2
1165505915 M * zagor kernel: 2.6.17-vs2.0.2-rc24
1165506055 M * daniel_hozac i think you should upgrade to -5.
1165506076 M * daniel_hozac ah, -6 is the latest even.
1165506089 M * daniel_hozac but -5 should fix that issue.
1165506109 Q * lilalinux_ Ping timeout: 480 seconds
1165506188 M * zagor daniel_hozac: ops! Thanks, now I see
1165506589 M * Mediv507 daniel_hozac: i'm wondering, will there be util-vserver/yum-rpms from you for FC6?
1165506674 M * zagor daniel_hozac: great! Thanks!:)
1165507004 M * daniel_hozac Mediv507: util-vserver is in Fedora Extras.
1165507034 M * daniel_hozac but yeah, i guess i should make a yum package for Fedora 6 as well.
1165507367 N * Mediv507 Medivh
1165507418 M * daniel_hozac would you be willing to give it a test-run?
1165507476 M * Medivh daniel_hozac: installed the extras version here, but it has some trouble as it doesn't recognize the yum version ;)
1165507484 M * Medivh for another yum package, sure, i'd be glad to
1165507489 M * daniel_hozac right... well, that'll be fixed in 0.30.212.
1165507498 M * daniel_hozac (which should be out soon)
1165507567 M * daniel_hozac in the mean time, you could apply http://svn.linux-vserver.org/projects/util-vserver/changeset/2356 and http://svn.linux-vserver.org/projects/util-vserver/changeset/2361 manually.
1165507592 M * daniel_hozac http://people.linux-vserver.org/~dhozac/p/m/yum-3.0.1-2.fc6.chroot.noarch.rpm http://people.linux-vserver.org/~dhozac/p/m/yum-updatesd-3.0.1-2.fc6.chroot.noarch.rpm (if you need that)
1165507671 M * Medivh thanks... applied the patches, let me build a test image with the new yum ;)
1165507808 P * Markus 
1165507884 M * Medivh daniel_hozac: seems to be working fine, gonna take a while till it finishes though, only got 2 mbit/s here atm
1165508456 M * daniel_hozac Bertl_zZ: hmm. do namespaces still die when the context does? (on 2.6.19-vs2.1.x-t6)
1165508504 N * otaku42 otaku42_away
1165508561 Q * Adrinael Ping timeout: 480 seconds
1165508736 Q * shedi Quit: Leaving
1165508872 J * Adrinael adrinael@st12-127.tky.hut.fi
1165509303 M * Medivh daniel_hozac: probably not an issue with rpm, but maybe you have an idea anyway... yum just finished, then i got: /usr/lib64/util-vserver/distributions/fc6/initpost: line 107: 4924 Killed $_VSERVER "$vserver" exec bash -c ': >/tmp/startwait' >&/dev/null
1165509312 M * Medivh shouldn't be like that i guess?
1165509476 Q * Adrinael Ping timeout: 480 seconds
1165509600 M * daniel_hozac well, it is sort of expected.
1165509620 M * daniel_hozac i haven't quite figured out how that worked in the past.
1165510177 J * Adrinael ~adrinael@st12-127.tky.hut.fi
1165510621 Q * Adrinael Read error: Connection reset by peer
1165511001 M * Hollow daniel_hozac: short question, i semi-followed the discussion recently... why have the namespace commands been renamed to space?
1165511052 M * daniel_hozac well, namespace (at least for me) hints at a filesystem sort of thing.
1165511103 M * daniel_hozac and the new spaces aren't called namespaces, i think.
1165511108 M * daniel_hozac (at least pidspaces aren't)
1165511135 M * Hollow but pidspaces aren't in mainline yet..?
1165511178 M * daniel_hozac well, parts of it are i think, and i believe the whole thing will get in soon, no?
1165511234 M * Hollow yeah.. so this rename is just precaution?
1165511267 M * daniel_hozac i suppose, in a way. is it IPC space or IPC namespace?
1165511393 J * stefani ~stefani@tsipoor.banerian.org
1165511504 M * Hollow well, i don't have a preference here, namespace(s) would be totally fine with me too
1165511567 M * daniel_hozac well, same for me, i guess.
1165511634 Q * lilalinux Ping timeout: 480 seconds
1165511663 M * Hollow not sure if an api break is worth it, but for me it doesn't make a differnce, since i don't pay attention to backwarsd compatibility yet :)
1165511682 M * daniel_hozac hmm? what API break?
1165511702 M * daniel_hozac it's just the name of the define that changed, everything else is the same.
1165511757 M * Hollow ah, ok.. well.. thanks for the info then :)
1165511834 M * daniel_hozac and well, new versions were introduced for the mask accepting commands.
1165511982 M * Hollow yeah, have to look at the new patch in detail this weekend, was quite busy with studying lately..
1165512675 J * pmenier ~pmenier@ACaen-152-1-47-117.w83-199.abo.wanadoo.fr
1165512692 M * pmenier hello
1165512795 M * pmenier i've a small pb since kernel-2.6.19 : i can't see tcpip open ports with netstat in a vserver ... Any idea ?
1165512893 J * lilalinux ~plasma@80.69.41.2
1165512988 M * daniel_hozac which version?
1165512996 J * Osgiliath ~osgiliath@vdebian.org
1165513001 M * pmenier util-vserver-0.30.212-rc2
1165513026 M * pmenier patch--2.6.19-vs-2.1.1-t6
1165513294 N * Bertl_zZ Bertl
1165513301 M * Bertl morning folks!
1165513306 M * Osgiliath hi Bertl :)
1165513341 M * Bertl pmenier: hmm, can you give a simple example with e.g. netcat?
1165513349 M * pmenier yes it comes
1165513379 M * pmenier vweb1:/# netstat -tpan
1165513379 M * pmenier Connexions Internet actives (serveurs et établies)
1165513379 M * pmenier Proto Recv-Q Send-Q Adresse locale          Adresse distante        Etat        PID/Program name   
1165513379 M * pmenier vweb1:/#
1165513436 Q * lilalinux Ping timeout: 480 seconds
1165513485 M * Bertl could you upload the output of 'cat /proc/self/v*' to paste.linux-vserver.org?
1165513495 M * Bertl (from inside the guest)
1165513508 M * pmenier ok
1165513583 J * lilalinux ~plasma@dslb-084-058-201-099.pools.arcor-ip.net
1165513611 M * pmenier vweb1:/# cat /proc/self/v*
1165513611 M * pmenier XID:    49158
1165513611 M * pmenier BCaps:  000000003fffffff
1165513611 M * pmenier CCaps:  0000000000000101
1165513611 M * pmenier CFlags: 0000000602020010
1165513612 M * pmenier CIPid:  0
1165513612 M * pmenier vweb1:/# 
1165513685 M * Bertl okay, you are using dynamic context ids, so it is not unexpected IMHO that this fails
1165513702 M * Bertl could you please stop the guest, assign a static context id to it
1165513716 M * Bertl then start it again and see if you observe the same issues?
1165513732 M * pmenier ok but how do i assign a static context ? in /usr/local/etc/vservers ?
1165513748 M * pmenier sorry i'm not a huge programmer.....
1165513766 M * Bertl you simple do 'echo <id> >/etc/vservers/<name>/context'
1165513775 M * Bertl replace <id> with a number ebtween 2 and 49151
1165513778 M * pmenier ok thanks
1165513792 M * Bertl and <name> with your guest name (adjust the path to local in your case)
1165513892 M * Bertl daniel_hozac: I suspect that will be one of the upcoming issues, as we moved the visibility check to the network context, which IIRC is not properly used by the tools .. or am I wrong there?
1165513900 M * pmenier it tolds me : ncontext: vc_net_create(): Invalid argument
1165513992 M * Bertl what number did you choose for <id>?
1165514004 M * pmenier 49158 or 49156
1165514013 M * Bertl 18:49 < Bertl> replace <id> with a number ebtween 2 and 49151
1165514019 M * pmenier ok
1165514062 M * daniel_hozac Bertl: the nid is used as expected since 0.30.210.
1165514085 M * Bertl yes, but the enter cannot figure the dynamic nid, right?
1165514097 M * daniel_hozac ah, right.
1165514106 M * daniel_hozac no, it doesn't.
1165514108 M * pmenier it runs with context-id 10 but no more netstat in vserver
1165514155 M * Bertl okay, so you experience the same issues inside the guest?
1165514166 M * pmenier yes
1165514174 M * Bertl how do you enter the guest?
1165514183 M * pmenier vserver vweb1 enter
1165514194 M * Bertl okay, do you have sshd running inside?
1165514205 J * timo_ ~timo@dslb-084-058-031-210.pools.arcor-ip.net
1165514212 M * pmenier not again but i can install it 
1165514251 M * Bertl would be interesting to see if entering the guest via ssh changes that behaviour
1165514265 M * pmenier ok i'm installing ssh
1165514271 M * Bertl please alos check the output of 'cat /proc/self/ninfo'
1165514312 M * pmenier vweb1:/# cat /proc/self/ninfo
1165514313 M * pmenier NID:    10
1165514313 M * pmenier V4Root[0]:      192.168.0.210/255.255.255.0
1165514313 M * pmenier V4Root[bcast]:  0.0.0.0
1165514371 M * Bertl okay, looks good, let's see what the ssh gives
1165514493 M * timo_ hi i am new to vserver. I read the last weeks huge amount of wiki and faqs and mailing lists.
1165514522 M * timo_ The problematic with the loopback device is a interesting point
1165514526 M * Bertl good, welcome to Linux-VServer
1165514557 M * Bertl well, there is no _real_ problematic with the loopback device, it is mostly misunderstood 
1165514568 M * timo_ I installed a loopback device for my vserver and it is working
1165514577 M * Borg- timo_: the problem exist only in badly or not flexible apps really
1165514583 M * Bertl here is one of the misunderstanding :)
1165514588 M * Bertl +s
1165514593 M * Borg- timo_: I guess it works not as you expect :>
1165514606 M * timo_ i read that it is not able to get a loopback device with 127.0.0.1
1165514618 M * timo_ but i have that running and it is working
1165514623 M * Bertl sure it is
1165514635 M * timo_ i use the 2.6.18 kernel with stable dev patch
1165514645 M * Bertl but a) it is not required at all and b) it lowers your security
1165514697 M * pmenier i've startted ssh on port 1022 in guest (as it runs on 22 on host) and i connect to vserver : ssh 192.168.0.210
1165514710 M * pmenier oops -p 1022
1165514720 M * Bertl okay
1165514739 M * pmenier now i can see tcp open port
1165514760 M * Bertl daniel_hozac: any ideas? different context or so? missing enter?
1165514776 M * Bertl pmenier: what ports do you see?
1165514814 M * pmenier ssh port (1022) but i can try to start other services
1165514834 M * Bertl okay, maybe we are not seeing any issue at all
1165514851 M * Bertl pmenier: you did start/install the sshd just now, right?
1165514873 M * Bertl you only see the sshd port atm, because it is the only running service, right?
1165514873 M * pmenier yes on the guest
1165514898 M * Bertl so before, no services were running and you didn't see any ports, yes?
1165514903 M * pmenier yes it's the onlmy running service but i'm trying on another machine
1165514913 M * pmenier yes you're right
1165514920 M * Bertl let's try if you see the ssh port with enter too
1165514927 M * Bertl (now that you have a static context)
1165515007 M * pmenier ???????? am i crazy ? now i see the ports just when i enter !!!
1165515040 M * timo_ lol
1165515070 M * Bertl pmenier: static context id ...
1165515120 M * timo_ I have two guests with mysql running and both mysql servers listening on 127.0.0.1:3306
1165515123 M * timo_ and it is working
1165515148 M * timo_ but netstat show me other ip of the mysql server
1165515169 M * timo_ but the connection with the client work witch 127.0.0.1
1165515196 M * timo_ cat /proc/self/ninfo
1165515206 M * timo_ NID:    10V4Root[0]:      192.168.1.10/255.255.255.0
1165515206 M * timo_ V4Root[1]:      127.0.0.1/255.0.0.0
1165515206 M * timo_ V4Root[bcast]:  0.0.0.0
1165515219 M * pmenier thanks for all guys. 
1165515236 M * Bertl pmenier: you're welcome! have fun and feel free to hang around!
1165515270 M * Bertl timo_: what do you need the 127.0.0.1 for?
1165515309 M * timo_ i think it is a good think to have one per guest
1165515330 M * Bertl hmm, why? because it looks nice?
1165515343 M * timo_ the applications do work without modifications from real servers
1165515365 M * Bertl what application do you think you have to modify?
1165515368 M * timo_ if i use an other ip i could not be sure that is not in use on other servers
1165515382 M * timo_ if i would move the vserver
1165515391 M * Bertl actually the 127.0.0.1 _will_ be in use by others :)
1165515418 M * timo_ yes sure
1165515434 M * timo_ but i read that you are working on a seperation of lo device
1165515446 M * Bertl yes, and that is already there in 2.3.x
1165515467 M * timo_ now i am suprised that my two mysql deamons in two diffrent vservers do coexists
1165515493 M * timo_ thy listen both on the same ip and port
1165515496 M * Bertl because they do not bind to 127.0.0.1, I'd say :)
1165515532 M * timo_ mysql -h 127.0.0.1 do work correct in both environments
1165515543 M * Bertl the ip remapping will have taken care of that and mapped them to the 192.168.1.10
1165515569 M * timo_ yea but if i try  mysql -h 192.168.1.10
1165515572 M * timo_ that do not work
1165515601 M * timo_ ERROR 1130 (00000): Host 'vdebian1.drick.de' is not allowed to connect to this MySQL server
1165515603 Q * pmenier Quit: KVIrc 3.2.0 'Realia'
1165515610 Q * zagor Quit: I'm gonna save Rose Tyler from the middle of the Dalek fleet, and then I'm gonna save the Earth
1165515613 M * Bertl yep, because your 'config' denies that
1165515627 M * timo_ hmm
1165515654 M * Bertl you would need to use 127.0.0.1 as src ip, and connect to 192.168.1.10
1165515691 M * timo_ ah ok
1165515723 M * Bertl so your current setup, would work as well without 127.0.0.1, I'd say :)
1165515745 M * daniel_hozac probably even better, as daemons binding to 0.0.0.0 wouldn't interfere with eachother.
1165515752 M * timo_ yes but i have the advantage that i am able to use 127.0.0.1
1165515761 M * daniel_hozac you are able to use 127.0.0.1 anyway.
1165515772 M * daniel_hozac as you just demonstrated.
1165515778 M * Bertl that's what the remap is for :)
1165515785 M * timo_ ah cool
1165515835 M * timo_ how is this done the correct way
1165515842 M * timo_ without loopback device
1165515862 M * daniel_hozac just remove the interface directory, and you'll notice that everything still works.
1165515880 M * timo_ ok thx i will try
1165515910 M * Bertl if you change 'localhost' to the first assigned ip (in /etc/hosts) then 99% of all services will bind correctly
1165515922 M * daniel_hozac is that even required?
1165515931 M * daniel_hozac this is something i've wondered about for a while.
1165515933 M * Bertl probably not
1165515960 M * Bertl it will definitely be obsoleted with 2.3.x and lback
1165515966 M * daniel_hozac right.
1165515997 M * daniel_hozac Bertl: btw, did you see my question about the namespaces?
1165516033 M * daniel_hozac i tried to build a guest, but it failed. removing it doesn't work, as the mounts on the directories are still there...
1165516045 M * daniel_hozac no processes are left, and the context is gone.
1165516051 Q * DavidS Quit: Leaving.
1165516053 M * daniel_hozac what am i missing?
1165516058 M * Bertl hmm ...
1165516077 M * Bertl the nsproxy is supposed to dispose the stuff
1165516085 M * daniel_hozac that's what i thought.
1165516090 M * Bertl but it might be a bug, where we do not dispose the nsproxy ...
1165516091 M * daniel_hozac is there any debugging i can enable?
1165516101 M * daniel_hozac hmm, put_nsproxy should do that, no?
1165516111 M * Bertl let me check the code and see what we actually do there
1165516159 M * timo_ ok i removed the lo device and all is working. (Without altering the hosts file)
1165516171 M * Bertl great! :)
1165516205 M * timo_ thanks
1165516218 J * Adrinael adrinael@st12-127.tky.hut.fi
1165516224 M * Bertl timo_: np, you're welcome! and feel free to hang around too ...
1165516228 M * Bertl welcome Adrinael!
1165516261 M * Adrinael Hi
1165516415 Q * yarihm Quit: Leaving
1165516445 M * daniel_hozac Bertl: /usr/sbin/vnamespace -n -- /usr/sbin/vcontext --create --xid 666 -- /usr/sbin/vnamespace --set -- /usr/sbin/vcontext --endsetup --migrate-self -- bash -c "mkdir /tmp/666; mount -t proc none /tmp/666" reproduces it.
1165516727 M * Bertl okay, great, will add a few debug statements and check
1165516750 M * Osgiliath hi Bertl
1165516763 M * Bertl hey Osgiliath!
1165516769 M * Osgiliath i just updated util-vserver to 0.30.210
1165516779 M * Osgiliath and i when i stop a guest, i get this kind of line :
1165516789 M * Bertl daniel_hozac: what is the sequence the tools will do, regarding namespaces in this commandline?
1165516794 M * Osgiliath . /usr/sbin/vserver: line 85: 26480 Processus arrêté        "${NICE_CMD[@]}" ${USE_VNAMESPACE:+$_VNAMESPACE --enter "$S_CONTEXT" -- } $_VCONTEXT $SILENT_OPT --migrate --chroot --xid "$S_CONTEXT" -- "${INITCMD_STOP[@]}"
1165516797 M * Osgiliath is it normal ?
1165516823 M * Bertl Osgiliath: why 0.30.210 not 0.30.211 or 0.30.212-rc*?
1165516838 M * Osgiliath because i prefer to stay with debian packages
1165516854 M * Bertl but I assume, the french? part says that the process was killed
1165516858 M * Osgiliath nevertheless, i'm using deb backports
1165516873 M * Osgiliath Processus arrêté = process stoped yes
1165516883 M * Bertl in which case, one of your shutdown scripts kills it
1165516926 M * Bertl daniel_hozac: in this regard, would it make sense to protect the shutdown script like an init?
1165516950 Q * prae Quit: Quitte
1165516953 M * Osgiliath a script in rc6.d or rc0.d ?
1165516966 M * Osgiliath it does this for all the guests
1165516978 M * Bertl look out for killall5 or killall
1165516990 M * Bertl (grep is your friend)
1165517128 M * Bertl daniel_hozac: looks to me like the nsproxy mix is wrong
1165517220 M * Bertl daniel_hozac, doener: if you have a moment, could we walk the nsproxy mixing stuff and check it?
1165517250 M * daniel_hozac sure.
1165517298 M * Bertl okay, let's assume a single set_namespace() call with CLONE_NEWNS as flag
1165517317 M * Bertl set_space() that is :)
1165517375 M * daniel_hozac okay.
1165517391 M * Bertl we can assume that the proxies and namespaces have a count of N
1165517430 M * Osgiliath Bertl, i have a S20sendsigs in rc0.d & rc6.d which has 
1165517430 M * Osgiliath echo -n "Sending all processes the TERM signal..."
1165517430 M * Osgiliath killall5 -15
1165517430 M * Osgiliath echo "done."
1165517430 M * Osgiliath sleep 5
1165517431 M * Osgiliath echo -n "Sending all processes the KILL signal..."
1165517431 M * Osgiliath killall5 -9
1165517433 M * Osgiliath echo "done."
1165517442 M * Osgiliath it might be that ?
1165517445 M * Bertl yep
1165517490 M * Bertl in set_space() we increase the N[fs] and N[proxy]
1165517514 M * Osgiliath hum with 0.30.204, i did'nt have this problem at all
1165517535 M * Bertl that is interesting ...
1165517547 M * Bertl could you revert to 0.30.204 and verify that?
1165517551 M * Osgiliath and this file, S20sendsigs is debian standard
1165517558 M * Osgiliath yes, i just did it
1165517565 M * Osgiliath i'm sure of it
1165517605 M * Bertl okay, give us a few minutes to walk through the nsproxy code, we'll then check the shutdown, okay?
1165517633 M * Osgiliath alright
1165517642 M * Osgiliath (this is not critical, take your time)
1165517663 M * Bertl daniel_hozac: okay, so we then call the mix
1165517693 M * Bertl ah, here is the first bug, we simply overwrite the old values
1165517712 M * Bertl vxi->vx_nsproxy = vx_mix...
1165517728 M * Bertl now that we 'allow' to reset that, we want to put the old one
1165517748 M * daniel_hozac right.
1165517759 M * daniel_hozac and shouldn't the null_proxy have all the values set to NULL?
1165517769 M * Bertl that is already done
1165517786 M * daniel_hozac am i looking at an old tree again...
1165517786 M * Bertl C99 (or what is used in the kernel :) will ensure that
1165517796 M * Bertl null_proxy = { .namespace = NULL };
1165517832 M * daniel_hozac so that sets all of them to NULL?
1165517836 M * Bertl yep
1165517849 Q * Adrinael Read error: Operation timed out
1165517850 M * daniel_hozac oh, ok.
1165517853 M * daniel_hozac i had no idea :)
1165517873 M * Bertl IIRC, C99 actually defines that, but gcc did that for some time
1165518109 M * Bertl http://home.tiscalinet.ch/t_wolf/tw/c/c9x_changes.html#Syntax
1165518117 M * Bertl As usual, global data is by default set to zero (or to NULL in the case of pointers). If an initializer is present, any members not explicitly set also are zeroed out. (As in C89; the clarifications from TC2 are retained in C9X.) 
1165518335 M * Bertl I think we do not have to get/put the nsproxy of current, right?
1165518383 M * Bertl but it probably won#t hurt, so let's leave it there, in case somebody changes it 
1165518420 M * bronson I've got 2.0.2.1 compiled on Ubuntu's patched Edgy kernel...  now to see if it runs!
1165518434 M * Bertl k, keep us posted
1165518498 M * Bertl daniel_hozac: okay, I change the code to look like this: http://paste.linux-vserver.org/739
1165518519 M * daniel_hozac i'll have to go for a while, bbiab.
1165518564 M * Bertl okay, tx
1165518695 M * hardwire bleh
1165519434 J * timo__ ~timo@dslb-084-058-079-250.pools.arcor-ip.net
1165519819 Q * timo_ Ping timeout: 480 seconds
1165520242 J * Adrinael adrinael@st12-127.tky.hut.fi
1165520403 Q * timo__ Quit: Verlassend
1165520671 M * Bertl Osgiliath: okay, I guess you have to wait until daniel_hozac returns, I see no reason why the code should have changed in this regard
1165520731 Q * comfrey Ping timeout: 480 seconds
1165520905 M * daniel_hozac ok, finally back.
1165520951 M * daniel_hozac Bertl: hmm, do we want the null_proxy there at all?
1165520961 M * daniel_hozac i thought with multiple sets we'd want vxi->vx_nsproxy there?
1165520975 M * daniel_hozac or, old this case.
1165521105 M * Bertl yeah, I think we should move the 'null' proxy to the context initialization
1165521123 M * Bertl I'm currently rewriting the 'merge/mask' part there
1165521132 Q * cdrx Quit: Leaving
1165521134 M * Bertl (as it will now be used for both, set and enter
1165521145 M * daniel_hozac ok.
1165521147 M * Bertl it wasn't designed for the set case before
1165521336 Q * lilalinux Ping timeout: 480 seconds
1165521363 M * Bertl daniel_hozac: any idea why 0.30.204 would not be killed by the shutdown, but 0.30.210 is?
1165521381 M * daniel_hozac looking at the diff, i have no idea.
1165521539 M * Osgiliath i'm back, thanks for looking
1165521579 M * daniel_hozac so it's the exact same guest, only difference is the utils?
1165521589 M * Osgiliath yes it is
1165521625 M * Osgiliath i'm using .deb (debian.org sarge for 0.30.204 and backports.org for 0.30.210)
1165521898 M * daniel_hozac only thing that changed is vwait, AFAICT.
1165521899 J * jayeola ~jayeola@host-84-9-34-210.bulldogdsl.com
1165521904 M * jayeola hey Bertl 
1165521914 M * jayeola i can ask the questions now.
1165521923 M * Bertl hey :)
1165521954 M * Osgiliath ok daniel_hozac, is it linked with my problem ?
1165521978 M * jayeola right - firstly some methods may scale better than others. what in your opinion comes out top?
1165521982 M * daniel_hozac Osgiliath: i doubt it.
1165522028 M * Osgiliath hmpf, ok
1165522049 M * Bertl jayeola: Linux-VServer is quite lightweight (mostly isolation), while OpenVZ focuses more on 'compelte' virtualization 
1165522063 M * Bertl *complete
1165522163 M * jayeola k. i'm concentrating on linux and *bsd. how simple is it to create own's own images for
1165522191 M * Bertl well, BSD is not covered by _Linux_-VServer :)
1165522191 M * jayeola vserver?
1165522202 M * jayeola ok - i can handle that
1165522228 M * jayeola so how simple is it to make, say a gentoo, foo,bah by myself?
1165522231 M * Bertl creating a custom 'image' or 'template' can happen as you prefer to do it
1165522253 M * Bertl you can take an installed host and virtualize it, or create a new one from the net
1165522259 J * lilalinux ~plasma@dslb-084-058-201-099.pools.arcor-ip.net
1165522272 M * Bertl there is not much difference between guests and real machines
1165522290 M * Bertl you typically just clean up hardware related services as they are not required in a guest
1165522292 M * jayeola good. i got vserver going some time ago but i only used the same host/guests. this time i'll mix and match
1165522316 M * Bertl is no problem at all, you can take all kind of templates
1165522689 M * daniel_hozac Osgiliath: well, if you figure it out, please let me know.
1165522712 M * Osgiliath ok, no pb
1165522750 J * Aiken ~james@tooax6-143.dialup.optusnet.com.au
1165523673 Q * nebuchadnezzar Quit: ERC Version 5.1.4 (IRC client for Emacs)
1165523719 J * rgl ~Rui@84.90.8.214
1165523723 M * rgl hi
1165523745 M * rgl how do you guys monitor your vserver?  you something like munin?  cacti?
1165523767 M * daniel_hozac or collectd.
1165523792 M * rgl humm didn't known about collectd, gonne google, thx :D
1165523812 M * daniel_hozac there are plugins available for at least munin and collectd.
1165523851 M * daniel_hozac and then there's vstatd, but i don't know how ready for consumption it is.
1165523946 M * rgl where can I find vstatd?  on linux-vserver.org?
1165524048 J * nebuchadnezzar ~nebu@zion.asgardr.info
1165524051 M * daniel_hozac svn.linux-vserver.org
1165524057 M * nebuchadnezzar hello back
1165524062 M * daniel_hozac hi
1165524121 Q * lilalinux Remote host closed the connection
1165524136 M * rgl thx daniel_hozac 
1165524354 J * lilalinux ~plasma@dslb-084-058-201-099.pools.arcor-ip.net
1165524398 Q * nebuchadnezzar Remote host closed the connection
1165524458 J * nebuchadnezzar ~nebu@zion.asgardr.info
1165525196 M * Bertl daniel_hozac: okay, I should have a simplified and cleaned up version shortly
1165525470 M * daniel_hozac okay, thanks.
1165526201 J * DreamerC_ ~dreamerc@59-115-50-39.dynamic.hinet.net
1165526556 Q * DreamerC Ping timeout: 480 seconds
1165526832 Q * rgl Ping timeout: 480 seconds
1165527416 M * Bertl daniel_hozac: hmm, encountering issues with unset nsproxy/fs atm
1165527437 M * Bertl the main question here is, when do we initialie them and to what?
1165527468 J * ggh ~hghg@jacque.homelinux.org
1165527476 Q * ggh Remote host closed the connection
1165527683 J * Piet_ hiddenserv@tor.noreply.org
1165527746 Q * lilalinux Remote host closed the connection
1165528020 M * Bertl daniel_hozac: would it make sense to copy the init nsproxy on context creation?
1165528111 Q * Piet Ping timeout: 480 seconds
1165528918 M * daniel_hozac Bertl: hmm, i guess so...
1165528953 M * daniel_hozac i can't think of anything that would make more sense, at least.
1165528969 M * daniel_hozac but that could just be due to my limited imagination :)
1165529009 M * Bertl well, that would introduce a race as I just figured, because of the copy operation (which can not be done within locks)
1165529028 M * Bertl so I'll implement proper handling of NULL values isnteaqd
1165529034 M * Bertl *instead
1165529044 M * daniel_hozac hmm, the init_nsproxy can go away?
1165529096 M * daniel_hozac or what would the race be?
1165529138 M * Bertl context is hashed before we can assign vx_nsproxy
1165529147 M * daniel_hozac ah, okay.
1165529159 M * daniel_hozac but why can't we assign it earlier?
1165529186 M * Bertl because we have to make a copy of something
1165529197 M * Bertl sure we could make the copy erlier and pass that on
1165529215 M * Bertl becomes quite ugly though with the legacy stuff
1165529265 M * daniel_hozac couldn't we just do vxi->vx_nsproxy = &init_nsproxy; get_nsproxy(vxi->vx_nsproxy);?
1165529286 M * Bertl and for vx_fs ?
1165529312 Q * dna Quit: Verlassend
1165529325 M * daniel_hozac hmm, that's true.
1165529541 J * comfrey ~comfrey@201.243.174.242
1165529830 J * rgl ~Rui@84.90.8.214
1165530005 M * Bertl wb comfrey! rgl!
1165530430 M * Bertl daniel_hozac: okay, I guess I have it now, what is your test line supposed to do, when it works/fails?
1165530462 M * daniel_hozac well, when it failed, /tmp/666 is EBUSY.
1165530469 M * daniel_hozac (on rmdir)
1165530541 M * Bertl okay, that seems to be solved then :)
1165530550 M * daniel_hozac great! :)
1165530760 M * Bertl okay, -t7 :)
1165530786 M * Bertl also renamed the namespace.c to space.c
1165530786 M * daniel_hozac thanks
1165530829 M * Bertl let me know how it goes ... btw I changed the 'autoset' behaviour on context create (non legacy) to assign the uts/ipc only
1165530888 M * daniel_hozac ah, great!
1165530890 M * Bertl that is sufficient for backwards compatibility and does not interfere with vnamespace I hope
1165530913 M * daniel_hozac well, currently it tries to do them all.
1165530918 M * Bertl we can do similar for the legacy case, if that makes sense
1165530934 M * daniel_hozac (i.e. mask is 0)
1165530942 M * daniel_hozac that'll change though.
1165530946 Q * comfrey Ping timeout: 480 seconds
1165530949 M * Bertl daniel_hozac: no, I'm referring to the vc_ctx_create() v0
1165530967 M * daniel_hozac right.
1165530980 M * daniel_hozac i meant the interfere with vnamespace part.
1165531001 M * Bertl setting all there won't hurt, I think
1165531008 M * daniel_hozac i guess not.
1165531026 M * daniel_hozac but i'd like to keep it as consitent as possible with older versions.
1165531050 M * daniel_hozac i.e. extend vc_ctx_migrate to also enter the uts and IPC namespaces.
1165531091 M * Bertl okay, for the 'enter all' case the '0' is the way to go (for the mask)
1165531113 M * daniel_hozac right, but i'm not sure we want to 'enter all' anywhere.
1165531126 M * daniel_hozac vnamespace (IMHO) should do CLONE_FS|CLONE_NEWNS.
1165531140 M * daniel_hozac vcontext CLONE_NEWUTS|CLONE_NEWIPC.
1165531157 M * Bertl yep, but also newer to come
1165531168 M * daniel_hozac btw, i think i'll stick with VCMD_ctx_create_v0 for now.
1165531177 M * daniel_hozac right.
1165531205 M * daniel_hozac _v1 requires specifying the VXF_INIT_SET in userspace, and keeping that in the kernel seems like a good idea to me.
1165531232 M * daniel_hozac (VXF_STATE_ADMIN e.g. would've made the utils useless until they were updated)
1165531251 M * Bertl hmm ...
1165531258 J * shedi ~siggi@inferno.lhi.is
1165531275 M * daniel_hozac this is mostly a problem with the utils though, since the flags aren't available to vcontext (right now).
1165531336 M * Bertl okay, I do not see a big problem there, right now
1165531359 J * derjohn ~derjohn@80.69.41.2
1165531426 M * derjohn daniel_hozac, did you try the v6 patch on 2.1.1.3 ?
1165531434 J * comfrey ~comfrey@201.243.174.242
1165531437 M * daniel_hozac derjohn: so you were using my patch?
1165531452 M * Bertl daniel_hozac: maybe we should export the init_set to userspace?
1165531459 M * daniel_hozac i think my 2.6.18 testing tree is still using 2.1.1.2.3. i'll update it later today.
1165531461 M * derjohn 2.1.1.2.x series v6 patch, yes. applied but never used.
1165531487 M * derjohn (want to start with v6 in the next coule of weeks ...)
1165531488 M * daniel_hozac derjohn: the error you got though shouldn't be possible with my patch.
1165531525 M * derjohn ok, might be my fault, I try to patch from very clean source (did apply and deapply and apply again ...)
1165531543 M * daniel_hozac Bertl: well... wouldn't it be possible to set vxi->vx_flags to VXF_INIT_SET, and then mask that with the values from the _v1 creation?
1165531559 M * daniel_hozac derjohn: i'll give it a spin as soon as my 2.6.19 kernel is done.
1165531594 M * derjohn hm, do we have a a 2.6.19 patch thats is not a singularity ?
1165531604 M * daniel_hozac hmm?
1165531620 M * derjohn i saw 3 or 4 possible patches for 2.6.19 ...
1165531634 M * daniel_hozac 2.1, 2.2 and 2.3, yes.
1165531652 J * yarihm ~yarihm@84-75-123-221.dclient.hispeed.ch
1165531659 M * Bertl daniel_hozac: how would you set and clear flags then?
1165531677 M * daniel_hozac Bertl: hmm?
1165531698 M * derjohn 2.1.x-t5(2.6.19) ? well, I dont ask about versioning, I just wait until it's available as human understandable version number .. ;)
1165531699 M * daniel_hozac Bertl: ah, create is just a flagword.
1165531714 M * daniel_hozac i thought it was a flag+mask as usual.
1165531726 M * daniel_hozac derjohn: 2.1.x-t7 is current :)
1165531726 M * Bertl but we can easily provide the init_set ...
1165531739 M * derjohn daniel_hozac, update topic ?
1165531755 M * Bertl derjohn: feel free to do so :)
1165531769 T * daniel_hozac http://linux-vserver.org/ | latest stable 2.02.1, exp 2.02.2-rc8, devel 2.1.1.3, (2.6.19) 2.2.0-rc1, 2.1.x-t7, stable+grsec 2.0.2.1, devel+grsec 2.1.1 | util-vserver-0.30.211 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;)
1165531779 M * derjohn Bertl, no, this is yours or daniels honour ! :)
1165531781 M * daniel_hozac which reminds me, i forgot to upload 2.2.0-rc1
1165531783 M * derjohn ah ;)
1165531802 A * derjohn confused
1165531809 M * Bertl well, will be superceded shortly :)
1165531825 A * derjohn waits for deconfusion
1165531845 M * daniel_hozac what are you confused about? :)
1165531853 M * derjohn versioning ;)
1165531861 M * Bertl *sigh*
1165531871 M * daniel_hozac isn't it obvious? :)
1165531872 M * Bertl derjohn: you can tell even from odd?
1165531888 M * daniel_hozac lol
1165531909 M * derjohn yup ... t7 ... is odd ?
1165531924 M * Bertl that one goes to you! :)
1165531925 M * daniel_hozac more like 1 is odd.
1165531932 M * daniel_hozac like 3.
1165531963 M * Bertl we currently have 2.x.y[.z|-z]
1165531995 M * Bertl x = 0 first stable branch, x = 2 second stable branch
1165532002 M * derjohn well, I actually dont care much, but IMVHO all that should be experimental stuff
1165532018 M * Bertl x = 1 first devel branch, x = 3 second devel branch (upcoming)
1165532057 M * Bertl -t* means testing, -pre* means prerelease, -rc* means release candidate
1165532092 M * derjohn well that concept be kept from now on ?
1165532111 M * derjohn or was that born just from necessity to update quickly ?
1165532119 M * Bertl we'll we always tried to keep it that way
1165532153 M * Bertl of course, eperimental stuff can assume arbitrary names too
1165532156 M * daniel_hozac indeed, the release scheme hasn't changed.
1165532157 M * derjohn Ive never seen "-tx" .. at least not in the topic
1165532157 M * Bertl *experimental
1165532170 M * daniel_hozac -tX is test, so that's not too unexpected ;)
1165532180 M * daniel_hozac usually occurs after rebasing to new kernels ;)
1165532199 M * Bertl derjohn: we usually avoid putting them into the topic, but as it takes longer with 2.6.19 to get a perfect patch :)
1165532223 M * derjohn that much difference in that "rare perfect" kernel ?
1165532225 M * daniel_hozac and people were asking.
1165532232 M * daniel_hozac yes, included virtualization.
1165532243 M * daniel_hozac and lots of proc changes too.
1165532244 M * derjohn daniel_hozac, yes, makes sense to list it in the topic then
1165532268 M * derjohn will vserver adopt the biederman (?) virt proc etc ?
1165532275 M * derjohn *namespace
1165532286 M * derjohn or isnt that in ?
1165532289 M * Bertl it alread did :)
1165532299 M * daniel_hozac what do you mean, exactly?
1165532312 M * Bertl the new namespaces, I guess
1165532333 M * derjohn well, Im only offline for some days (moved the company to a new loc) and everything changed ;)
1165532341 M * daniel_hozac yeah, that's what i assumed...
1165532342 M * derjohn daniel_hozac, Bertl : yup.
1165532356 M * daniel_hozac yes, we're using the IPC and uts namespaces.
1165532361 M * derjohn daniel_hozac, Bertl : and other v12n support from 2.6.19 too
1165532368 M * derjohn IPC? fine ...
1165532391 M * derjohn what is about NGnet ? the last thing i read was the it might be closer than we all think ?
1165532396 M * Bertl all what is currently there and working is used in the 2.6.19 patches
1165532420 M * daniel_hozac well, parts of ngnet are already in 2.3.
1165532440 M * Bertl layer 2 virtualization is worked on in mainline, layer 3 isolation in 2.3.x
1165532470 M * daniel_hozac Bertl: btw, did you see http://people.linux-vserver.org/~dhozac/p/k/delta-secdev-poc03.diff?
1165532475 M * derjohn hm. Bertl not vice versa ?
1165532494 M * derjohn I mean, we have layer3 (ip) isolation currently, nor ?
1165532494 M * daniel_hozac does the concept look sane?
1165532507 M * daniel_hozac derjohn: yes, but virtualized loopback, etc.
1165532513 M * Bertl derjohn: not for ipv6 and not as flexible as we want
1165532530 M * Bertl daniel_hozac: cool name for a patch :)
1165532541 M * derjohn Bertl, because you wrote:  "layer 3 isolation in 2.3.x"
1165532553 M * daniel_hozac derjohn: as in, it's being worked on in 2.3.x.
1165532556 M * Bertl yep, that was correct :)
1165532582 M * Bertl daniel_hozac: I thought about something like that myself, but we have to generalize that first
1165532593 M * derjohn "layer 2 virtualization is worked on in mainline" -> does that refer to mainline kernel ?
1165532594 M * daniel_hozac Bertl: yeah, it's just a proof of concept patch.
1165532599 M * Bertl i.e. I do not like to see those devices hardcoded into the ekrnel
1165532613 M * daniel_hozac Bertl: next version will have the list modifiable from userspace :)
1165532640 M * Bertl okay, that is something we can start working on immediately, if you are volunteering to do the userspace part
1165532659 M * Bertl I envision a generic device mapping scheme for some time now
1165532664 M * daniel_hozac oh, for sure.
1165532680 M * Bertl that would immediately allow to create arbitrary devices inside
1165532696 M * daniel_hozac and then limit on access?
1165532703 M * Bertl when a device node (major/minor) is first accessed
1165532703 M * daniel_hozac i was thinking about that too.
1165532724 M * Bertl a userspace helper is asked, and the result is hashed
1165532745 M * Bertl also a default table can be loaded for each guest
1165532765 M * Bertl devices not listed/allowed are mapped to /dev/null or similar
1165532778 M * daniel_hozac hmm, wouldn't it be better to actually return EPERM?
1165532791 M * Bertl is an alternative too
1165532804 M * Bertl this could also be used to remap the vroot device
1165532808 M * daniel_hozac i mean, would kind of suck for debugging if opening/reading/writing worked, just got mapped to /dev/null silently.
1165532857 M * Bertl well, you basically can remap it to any device, including /dev/null, /dev/zero and 'EPERM'
1165532872 M * daniel_hozac ah, ok, complete remapping.
1165532877 M * Bertl (or some special /dev/perm :)
1165532933 Q * michal` Ping timeout: 480 seconds
1165532935 M * daniel_hozac i guess simple access lists would suffice for most use-cases... when would you need the remapping?
1165532981 M * harry wiiiiiii... my mlock patch made it into the kernel!!!!! ;0
1165532988 M * harry at least... allmost ;)
1165533044 M * derjohn harry, congrats ! :)
1165533117 M * Bertl daniel_hozac: well, the remapping would also finally solve the vroot 'mapping' part
1165533145 M * daniel_hozac oh, the quick hack patch for XFS?
1165533151 M * Bertl yep
1165533163 M * daniel_hozac right... yeah, i didn't think of that.
1165533174 M * Bertl and such things like vc/console
1165533185 M * daniel_hozac yeah.
1165533199 M * Bertl if you allow to create arbitrary devices, you have to use such mappings
1165533260 M * daniel_hozac oh, btw, vs_base.h shouldn't be included in net/ipv6/addrconf.c.
1165533276 M * daniel_hozac (2.6.19-vs2.1.x-t7)
1165533285 J * michal` ~michal@www.rsbac.org
1165533290 M * Bertl okay
1165533291 Q * eGnarF Ping timeout: 480 seconds
1165533502 M * daniel_hozac derjohn: are you sure you used my patch? that's one of the things i fixed in my patch
1165533519 M * daniel_hozac derjohn: and it still works for me on 2.6.18.5-vs2.1.1.3.
1165533628 M * derjohn daniel_hozac, i'll try again, but i used a 2.1.1.2.2 patch and I only modded the extraversion.
1165533660 M * derjohn i'll simply try again - if there are no objections, because the patch is currently being superseeded ...
1165533668 M * daniel_hozac and you're sure? because i just applied that one and built a kernel.
1165533696 M * derjohn hm... I might add the I complied V6 "hard in", NOT as module (if that matters)
1165533716 M * daniel_hozac me too.
1165533719 M * derjohn bonbons told me, I can use it as module too since some time
1165533734 M * daniel_hozac i try to restrict my testing kernels' modules.
1165533738 M * daniel_hozac (i.e. none :))
1165533792 M * derjohn well, I try to patch again ... but now 'mv /tmp/derjohnatoffice /home/derjohn'
1165533813 M * derjohn i'll tell you if it worked
1165533828 M * daniel_hozac well, let me know how it goes.
1165534187 M * Bertl daniel_hozac: any suggestions for the kernel side interface?
1165534197 J * eGnarF ~bartek@bk.crystone.se
1165534203 M * Bertl welcome eGnarF!
1165534224 M * daniel_hozac Bertl: two times int type; dev_t dev; makes sense to me.
1165534263 M * Bertl hmm, what about passing a filehandle?
1165534287 M * daniel_hozac hmm, well, that requires the device to be present somewhere.
1165534320 M * Bertl right, but IIRC, it is a declared goal to get rid of major/minor pairs
1165534342 M * Bertl and some devices already have dynamic major/minor pairs
1165534349 M * daniel_hozac oh, ok.
1165534358 M * daniel_hozac file handle sounds good then.
1165534393 M * Bertl so, an active interface, where you upload all values?
1165534407 M * daniel_hozac active interface?
1165534411 M * Bertl or a passive one, when the device is first accessed
1165534490 M * daniel_hozac i don't think i quite understand.
1165534515 M * Bertl well, would you load the table at guest startup?
1165534534 M * daniel_hozac or use vshelper?
1165534544 M * Bertl yep, that's the question, basically
1165534555 M * daniel_hozac okay, in that case i don't really have a preference.
1165534571 M * Bertl okay, in which case I'd prefer the former (active one)
1165534590 M * Bertl because it is a) more flexible, and b) less cpu intensive
1165534592 M * daniel_hozac right, i imagine that makes the implementation a lot easier.
1165534615 M * Bertl so we also need to define a few special cases
1165534627 M * Bertl i.e. we probably want some 'default fallback'
1165534636 M * daniel_hozac right.
1165534651 M * Bertl configureable to /dev/null or zero or error or whatever
1165534679 M * Bertl and then we can add flags, if we like
1165534696 M * Bertl i.e. remap silently, allow create, etc
1165534733 M * daniel_hozac what would remap verbose mean?
1165534755 M * Bertl was just an idea, could also be 'warn on create' :)
1165534776 M * daniel_hozac sounds good.
1165534786 M * Bertl I think this can be flexible without adding code bloat
1165534815 M * Bertl one question here is, do we want to share those hash tables between guests?
1165534838 M * Bertl and if so, what would be the userspace interface to that
1165534881 M * daniel_hozac between all guests, or say, two specific guests?
1165534897 M * Bertl not necessarily something we have to fix now, just a thought for the future
1165534942 M * Bertl the typical setup will use one and the same 'default' for all guests, I guess
1165534948 M * daniel_hozac yeah.
1165534970 M * daniel_hozac i guess not many people would be changing the defaults at all.
1165534981 M * Bertl so it might make sense to have a single setup, similar to the proc security, with some exceptions (think vroot/console)
1165534994 M * daniel_hozac yeah, that makes sense.
1165535009 M * Bertl i.e. we can have a 'master' table, and a custom guest table
1165535015 M * daniel_hozac proc security like is what i had in mind, until you brought up vroot :)
1165535045 M * Bertl and when there is no guest table, or the guest table is inconclusive (default says check master)
1165535059 M * Bertl then the master table is consulted
1165535066 M * daniel_hozac that sounds good.
1165535094 M * Bertl btw, we might add something similar for procfs at some point
1165535139 M * daniel_hozac yeah, IIRC someone requested that.
1165535159 M * Bertl what about changing such mappings on the fly?
1165535187 M * daniel_hozac add/remove should suffice.
1165535193 M * Bertl I assume a 'new' mapping should silently override the existing one
1165535209 M * daniel_hozac well, or return EEXIST.
1165535211 M * Bertl and we can define a 'default' setting which implicitely deletes it?
1165535228 M * Bertl or do you prefer an explicit 'add/remove'?
1165535245 M * daniel_hozac what's the alternative?
1165535267 M * Bertl well, I think we could make it like this:
1165535295 M * Bertl - set_mapping(device, target, flags)
1165535316 M * Bertl the target can be a device, or NULL, for special cases/flags
1165535331 M * Bertl special cases include:
1165535347 M * Bertl  - error on open
1165535352 M * Bertl  - deny creation
1165535360 M * Bertl  - use default
1165535377 M * Bertl devie can be a device or NULL (where NULL means the default action)
1165535403 M * daniel_hozac and then there's a set_default(action[, device])?
1165535422 M * Bertl that would not even be required in this case
1165535436 M * Bertl what you need is to specify a context
1165535437 M * daniel_hozac ah, i misread your last line, sorry.
1165535455 M * Bertl leaving the context 0 or 1 would address the master table
1165535475 M * Bertl (probably 1 is the better choice here :)
1165535543 M * Bertl so, the basic functions would be:
1165535590 M * Bertl set_mapping(1, /dev/hda, /dev/null, map)  [add]
1165535607 M * Bertl set_mapping(42, /dev/hda, /dev/vroot0, map)  [add, guest]
1165535635 M * Bertl set_mapping(42, /dev/hdb, NULL, default)  [delete, guest]
1165535660 M * Bertl set_mapping(42, NULL, /dev/zero, default)  [set default, guest]
1165535671 M * Bertl well, something like this :)
1165535685 M * daniel_hozac what would the third delete?
1165535694 M * daniel_hozac or did you mean /dev/hda there too?
1165535715 M * Bertl a special assignment of /dev/hdb to /dev/wossname which was not explicitely listed :)
1165535731 M * daniel_hozac ah, ok :)
1165535739 M * daniel_hozac well, the interface looks good to me.
1165535781 M * Bertl okay, just uploaded patch-2.6.19-vs2.3.0.1.diff and patch-2.6.19-vs2.2.0-rc2.diff (with the fixes we did for t7)
1165535825 M * Bertl so I'll prepare that (the interface) and the one for the 'match blocks'
1165535836 M * daniel_hozac awesome!
1165535856 M * Bertl when do you think that you'll have something to test with from the userspace side?
1165535872 M * Bertl (just so that I can coordinate the kernel side)
1165535893 M * daniel_hozac for the devices?
1165535896 M * Bertl and which one do you want to see first ...
1165535928 J * haxier ~haxier@eu85-84-185-208.clientes.euskaltel.es
1165535937 M * Bertl welcome haxier!
1165535959 M * daniel_hozac well, the order doesn't matter much to me, and as soon as i have a VCMD_* and a struct vcmd_* it shouldn't take too long, once i get 0.30.212 ready.
1165535984 M * Bertl okay, so weekend would be fine?