1168128031 J * lilalinux_ ~plasma@dslb-084-058-201-147.pools.arcor-ip.net 1168128111 Q * ensc Ping timeout: 480 seconds 1168128463 Q * lilalinux Ping timeout: 480 seconds 1168128891 Q * nayco Quit: Bonne nuit ! 1168131433 Q * dna_ Quit: Verlassend 1168131442 A * Belu is away (bye bye) 1168131442 N * Belu BeLu_zZZz 1168131990 M * Bertl good night! 1168132176 J * comfrey ~comfrey@70.91.185.84 1168132252 M * Bertl welcome comfrey! 1168133380 M * comfrey yo Bertl! 1168133866 Q * bandsaw Quit: The computer fell asleep 1168134957 Q * lilalinux_ Remote host closed the connection 1168135463 J * Aiken_ ~james@tooax8-203.dialup.optusnet.com.au 1168135580 M * Bertl morning Aiken_! 1168135616 M * Aiken_ good morning 1168135773 Q * Aiken Ping timeout: 480 seconds 1168136482 Q * duckx Remote host closed the connection 1168136954 Q * Piet_ Quit: Piet_ 1168137555 Q * grant Ping timeout: 480 seconds 1168137899 J * ensc ~irc-ensc@p54B4D3AF.dip.t-dialin.net 1168137972 J * grant mep@85.195.118.202 1168138467 Q * meandtheshell Quit: Leaving. 1168138545 J * wartan ~kpwlek@82-32-97-99.cable.ubr01.hawk.blueyonder.co.uk 1168138554 M * Bertl welcome wartan! 1168138735 M * wartan hi 1168138738 M * wartan :) 1168138885 Q * FireEgl Quit: ... 1168139030 Q * bronson Ping timeout: 480 seconds 1168145685 Q * nox Ping timeout: 480 seconds 1168146048 J * FireEgl ~FireEgl@adsl-147-90-220.bhm.bellsouth.net 1168146159 J * nox ~nox@static.88-198-17-175.clients.your-server.de 1168152058 Q * pflanze Read error: Operation timed out 1168153835 J * Aiken__ ~james@tooax6-206.dialup.optusnet.com.au 1168154133 Q * Aiken_ Ping timeout: 480 seconds 1168157386 M * Bertl okay, off to bed now .. have a good one everyone! cya tomorrow! 1168157390 N * Bertl Bertl_zZ 1168162378 Q * softi42 Ping timeout: 480 seconds 1168162966 J * softi42 ~softi@p549D628C.dip.t-dialin.net 1168163108 Q * pusling Ping timeout: 480 seconds 1168163291 J * pusling pusling@195.215.29.124 1168163748 J * bonbons ~bonbons@83.222.37.103 1168164165 J * dna ~naucki@p54BCE786.dip.t-dialin.net 1168164969 Q * mrrm Remote host closed the connection 1168165015 J * mrrm ~urkel@tor-irc.dnsbl.oftc.net 1168165534 J * mugwump ~samv@watts.utsl.gen.nz 1168165553 N * BeLu_zZZz Belu 1168165685 Q * dna Ping timeout: 480 seconds 1168165827 J * dna ~naucki@p54BCE786.dip.t-dialin.net 1168165888 M * Belu good morning 1168166805 J * meandtheshel1 ~markus@85-124-174-112.dynamic.xdsl-line.inode.at 1168168067 J * m`m`h ~simba@mm-145-150-57-86.adsl.mgts.by 1168170375 J * Aiken ~james@tooax7-104.dialup.optusnet.com.au 1168170693 Q * Aiken__ Ping timeout: 480 seconds 1168171394 Q * ensc Killed (NickServ (GHOST command used by ensc_)) 1168171404 J * ensc ~irc-ensc@p54B4E764.dip.t-dialin.net 1168172226 J * Piet hiddenserv@tor.noreply.org 1168173296 J * blknight ~blknight@124-254-74-242-static-dsl.ispone.net.au 1168173787 Q * blknight Quit: Leaving 1168176176 Q * m`m`h Ping timeout: 480 seconds 1168176375 J * bandsaw me@host217-45-242-181.in-addr.btopenworld.com 1168176900 J * s0undt3c1_ ~s0undt3ch@bl9-224-237.dsl.telepac.pt 1168177020 J * _dmax ~semaj@bl9-224-237.dsl.telepac.pt 1168177187 M * wartan I was using IRC few years ago but I don't see big difrent now | It is quiet like before 1168177230 Q * Piet Remote host closed the connection 1168177240 M * Borg- quiet? geez.. this is most active channel comparing to those were I idle 1168177333 J * Piet hiddenserv@tor.noreply.org 1168177340 Q * s0undt3ch Ping timeout: 480 seconds 1168177340 N * s0undt3ch_ s0undt3ch 1168177366 Q * dmax Ping timeout: 480 seconds 1168177376 N * _dmax dmax 1168177469 Q * Aiken Quit: Leaving 1168177809 N * sid3wind1 SiD3WiNDR 1168178362 J * Blissex ~Blissex@82-69-39-138.dsl.in-addr.zen.co.uk 1168178470 M * wartan yes I can see that :) 1168178641 M * doener it's probably too early... (and sunday!) 1168179143 Q * Johnnie Read error: Connection reset by peer 1168179715 J * pflanze ~chris@84-73-61-207.dclient.hispeed.ch 1168180209 M * blino hello 1168180335 M * blino the ecryptfs module does not build with patch-2.6.19.1-vs2.2.0-rc6.diff, because of vfs_{link,unlink,symlink,mkdir,rmdir,mknod} prototypes 1168180358 M * wartan :) 1168180360 M * blino should we just add a NULL parameter to these functions, like done for nfsd? 1168180916 J * m`m`h ~simba@mm-145-150-57-86.adsl.mgts.by 1168181320 P * wartan 1168181451 M * bonbons blino: what is the missing parameter? mount-point information? in that case, by setting it to NULL, you loose the bind-mount extensions (e.g. ro bind mount of rw filesystem) 1168181509 M * blino bonbons: it's a struct nameidata * 1168181723 J * dreamind ~dreamind@C2107.campino.wh.tu-darmstadt.de 1168181800 M * bonbons looks like that's it (nameidata contains a vfsmount entry and is a parameter to functions like may_open, or permission checks) 1168181842 M * bonbons you will possibly have the same problems with the other new filesystems... e.g. the cluster filesystems 1168183073 Q * s0undt3ch Killed (NickServ (GHOST command used by s0undt3c1_)) 1168183073 N * s0undt3c1_ s0undt3ch 1168183358 M * pflanze Heh ecryptfs sounds interesting for vserver: 1168183378 M * pflanze each vserver client could theoretically provide his own key, it seems. 1168183411 M * pflanze so that would provide much assurance to the clients that their data is safe (e.g. no fear from backups). 1168183511 M * pflanze After having got the necessary setup being done by the host admin, they do not depend on the admin anymore: they can choose their own key. 1168183531 M * pflanze So not even the admin can decrypt their data afterwards except by inspecting the running machine. 1168183548 M * pflanze e.g. after a machine reboot, if the vserver is not running, he cannot get at the data. 1168183553 M * pflanze Am I right? 1168183582 A * pflanze is reading http://ecryptfs.sourceforge.net/ecryptfs.pdf 1168183622 M * pflanze (May be that ecryptfs needs some customization for linux-vserver first, though.) 1168183624 M * TrueBrain that makes me wonder how you can boot the vserver without the client entering a key... can be annoying... you reboot the server for a kernel upgrade, all your clients have to come online and enter a key? 1168184430 Q * m`m`h Remote host closed the connection 1168184504 M * pflanze The client could provide the key in a manner so that the host can retrieve it. 1168184528 M * pflanze For example, put it onto a dm-crypt encrypted partition. 1168184543 M * pflanze (using mount --bind to give the vserver owner access to the partition) 1168184582 M * TrueBrain but then an admin can decrypt the data again afterwards :) 1168184598 M * pflanze Sure, but only as long as the client doesn't delete it from there. 1168184626 M * pflanze (And the admin doesn't keep this data, of course) 1168184633 M * Borg- haha.. 1168184635 M * Borg- ;) 1168184641 M * TrueBrain see my point :) 1168184647 M * pflanze Not really 1168184658 M * Borg- pflanze: r00t.. g0d.. whats the difference? 1168184662 M * Borg- there is none.. ;) 1168184681 M * pflanze You always have to trust your hoster for the moment. 1168184691 M * Borg- trust noone.. 1168184693 M * TrueBrain so then what is the use of crypting it in the first place? 1168184699 M * Borg- if you want to stay alive for a while.. 1168184711 M * pflanze But if your data is not going into a backup, and the hoster is bought or whatever, you can quickly remove access to the data. 1168184737 M * Borg- pflanze: encryption such like that have just sense when you are the hoster.. 1168184925 M * pflanze The hoster can say, "we do have your data at many places, to prevent loosing it. But you provide the access key, and we only keep this key in the places you define, we won't copy it. If you put it into one place, you can be condident it will stay only there." 1168184956 M * Borg- sure sure ;) and then you can buy all your confident company data on ebay ;] 1168184988 M * TrueBrain I think usespace crypted files is more useful for such scenarios :) 1168184997 M * pflanze You don't get my point. 1168185017 M * pflanze You *have* to trust that the hoster is doing what he says he is doing. 1168185028 M * pflanze But if something goes wrong, it doesn't affect you as much. 1168185036 M * Borg- TrueBrain: yep.. but not it remote world.. I think. 1168185053 M * pflanze TrueBrain: why that? 1168185080 M * TrueBrain because then the client is the only one who has the key 1168185098 M * pflanze in which way is this different from my scenario? 1168185109 M * TrueBrain still, a reboot gives enough problems 1168185132 M * TrueBrain btw, Borg-, just an observation, but men, you are paranoid :) 1168185181 M * Borg- could be... :) 1168185191 M * TrueBrain but you are right, it doesn't really help, it just delays it a bit.. 1168185238 M * pflanze It reduces the places where a cracker can get hold to the data to one machine instead to many. 1168185267 M * TrueBrain true 1168185281 M * pflanze And on top of that, it can, under some assumptions, even revoke access to the data on that single machine. 1168186166 J * m`m`h ~simba@deb30.mgts.by 1168187192 Q * m`m`h Quit: υΘΟΦΥ Ρ ΟΤ ΧΑΣ 1168187201 J * m`m`h ~simba@deb30.mgts.by 1168188952 J * dna_ ~naucki@p54BCE786.dip.t-dialin.net 1168189170 Q * dna Ping timeout: 480 seconds 1168189331 J * dna ~naucki@p54BCE786.dip.t-dialin.net 1168189468 J * dna___ ~naucki@p54BCE786.dip.t-dialin.net 1168189576 J * lilalinux ~plasma@dslb-084-058-201-147.pools.arcor-ip.net 1168189593 Q * lilalinux Remote host closed the connection 1168189720 Q * dna_ Ping timeout: 480 seconds 1168189779 J * dna_ ~naucki@p54BCE786.dip.t-dialin.net 1168189900 Q * dna Ping timeout: 480 seconds 1168189920 Q * gerrit Ping timeout: 480 seconds 1168189950 J * gerrit ~gerrit@c-67-160-146-170.hsd1.or.comcast.net 1168189954 J * dna ~naucki@p54BCE786.dip.t-dialin.net 1168190175 Q * dna___ Ping timeout: 480 seconds 1168190214 J * dna___ ~naucki@p54BCE786.dip.t-dialin.net 1168190355 Q * dna_ Ping timeout: 480 seconds 1168190435 J * dna_ ~naucki@p54BCE786.dip.t-dialin.net 1168190540 Q * dna Ping timeout: 480 seconds 1168190735 Q * dna___ Ping timeout: 480 seconds 1168191094 J * dna ~naucki@p54BCE786.dip.t-dialin.net 1168191382 Q * phreak`` Quit: leaving 1168191393 J * phreak`` ~phreak``@styx.xnull.de 1168191450 Q * dna_ Ping timeout: 480 seconds 1168192170 Q * dna Ping timeout: 480 seconds 1168192216 Q * weasel Ping timeout: 480 seconds 1168192283 J * weasel weasel@asteria.debian.or.at 1168193518 T * * http://linux-vserver.org/ | latest stable 2.0.2.1, 2.0.3-rc1, 2.2.0-rc6, devel 2.1.1.7.1, 2.3.0.6, stable+grsec 2.0.2.1, 2.2.0-rc6, devel+grsec 2.1.1 |util-vserver-0.30.212 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;) 1168193518 T * harry - 1168193577 J * bandsaw me@host217-45-242-181.in-addr.btopenworld.com 1168193676 J * DreamerC ~dreamerc@125-225-99-252.dynamic.hinet.net 1168193839 M * nebuchadnezzar daniel_hozac: I'm intalling gcc4.2 and g++4.2 1168193846 J * Guy- JQFlvqaGio@chardonnay.math.bme.hu 1168193850 M * daniel_hozac nebuchadnezzar: ok. 1168193989 J * vasko ~vasko@unreal.rainside.sk 1168193989 A * vasko is gone. Gone since Wed Sep 20 15:44:00 2006 1168194007 J * m`m`h ~simba@deb30.mgts.by 1168194102 J * gerrit ~gerrit@c-67-160-146-170.hsd1.or.comcast.net 1168194117 J * Zaki ~Zaki@88.213.43.1 1168194708 J * starlein ~star@fo0bar.de 1168194972 M * nebuchadnezzar daniel_hozac: with gcc 4.2 I have the same 1168195010 M * nebuchadnezzar http://paste.linux-vserver.org/857 1168195049 M * nebuchadnezzar daniel_hozac: I use the no patched source tree 1168195069 M * nebuchadnezzar maybe with syscall-shiny11b.h ? 1168195103 A * nebuchadnezzar is eating now 1168195106 M * daniel_hozac i don't think it'd help. 1168195129 M * daniel_hozac it really seems like a gcc bug is in order. 1168195160 M * daniel_hozac it should know that any call will clobber %o*. 1168195824 Q * bandsaw Quit: Snak 5.1.5 IRC For Macintosh - http://www.snak.com 1168196100 Q * starlein Read error: Connection reset by peer 1168196162 J * starlein ~star@fo0bar.de 1168197649 N * Bertl_zZ Bertl 1168197656 M * Bertl morning folks! 1168197660 M * daniel_hozac morning Bertl! 1168198139 J * ard ~ard@gw-cistron.kwaak.net 1168198174 M * nebuchadnezzar hi Bertl 1168198212 M * Bertl welcome ard! hey nebuchadnezzar! 1168198513 N * sannes_ sannes 1168198622 J * Piet_ hiddenserv@tor.noreply.org 1168198645 Q * gerrit Ping timeout: 480 seconds 1168198890 J * gerrit ~gerrit@c-67-160-146-170.hsd1.or.comcast.net 1168198969 Q * Piet Ping timeout: 480 seconds 1168199922 M * nebuchadnezzar daniel_hozac: So for now, I build my own debian package without the NOLEGACY and use my private debian repository :-) 1168199953 M * Bertl probably the best, did you report that issue upstream (debian) yet? 1168199957 M * daniel_hozac --disable-alternative-syscalls should work too. 1168199958 M * nebuchadnezzar yes 1168199990 M * nebuchadnezzar well, the NOLEGACY is to support LEGACY apis ? 1168200014 N * Piet_ Piet 1168200017 M * daniel_hozac actually, could you try with --disable-alternative-syscalls? i wonder if dietlibc's fast syscall invocation works. 1168200025 M * daniel_hozac (does it have one?) 1168200035 M * daniel_hozac yeah, NOLEGACY will enable the older APIs. 1168200057 M * daniel_hozac the default (v13,net,v21) should suffice for any 2.0+ kernel, as long as you don't enable the legacy version. 1168200094 M * TrueBrain there, I put together a really dirty bash script as vserver-stat replacement, that does give me to correct values... 1168200155 M * nebuchadnezzar daniel_hozac: I try with --enable-apis=NOLEGACY and --disable-alternative-syscalls 1168200194 M * daniel_hozac speaking of which, Bertl: do we have an API to get a list of currently hashed contexts? and one to get the number of ticks/msec of user/systime? 1168200224 M * TrueBrain daniel_hozac: for the latter I used the data from 'sched' 1168200235 M * TrueBrain dunno if it is valid, but... it shows the amount of ticks spent in userland and kernelland 1168200243 M * Bertl for the former, we decided to leave it at the readdir 1168200256 M * daniel_hozac yes, but i'm not going to write a vserver-stat replacement that is still parsing proc. 1168200262 M * Bertl (or poll all contexts, if that is preferred) 1168200275 M * daniel_hozac i guess readdir will suffice. 1168200276 M * Bertl for the latter, we should have an interface 1168200286 M * TrueBrain daniel_hozac: good point :) 1168200287 M * daniel_hozac is there a vc_get_sched? 1168200311 M * nebuchadnezzar daniel_hozac: I have an error http://paste.linux-vserver.org/858 1168200379 M * daniel_hozac nebuchadnezzar: what's on line 6 of /usr/lib/diet/include/sys/syscall.h? 1168200479 M * nebuchadnezzar int syscall(int number, ...); 1168200485 M * daniel_hozac ah. 1168200531 M * daniel_hozac ok, well, change line 256 in lib/vserver-internal.h to #if 0 then. 1168200586 M * Bertl hmm, I was pretty sure we added a get_sched() already, but I don't see it in 2.3.x, maybe it 'got lost' on the way, will double check, but let me know if you need any kernel interfaces, we'll add them to 2.2.0 asap 1168200600 M * daniel_hozac i can't find it anywhere. 1168200663 M * daniel_hozac a grep get_sched *.diff in my patch directory doesn't return anything. 1168200695 M * Bertl neither does it here, so it was wishfull thinking :) 1168200701 M * daniel_hozac hehe. 1168200709 M * TrueBrain a man can always hope, can't he? :) 1168200746 M * Bertl :) 1168200789 M * TrueBrain while at it, it might be nice if vserver-stat has a param that showed the highest values recorded :) 1168200861 M * Bertl hmm, for the memory or what? 1168200865 M * TrueBrain yes 1168200868 M * TrueBrain and processes 1168200876 M * Bertl yeah, that should be possible, it's already there 1168200881 M * Bertl (the information) 1168200884 M * nebuchadnezzar daniel_hozac: sys_call pb in lib_internal/sys_clone.h line 46 too 1168200894 M * TrueBrain Bertl: I noticed, therefor I ask :) 1168200907 M * daniel_hozac yeah, same thing should work there. 1168200907 M * Bertl ah, i.c. fair enough ... 1168200939 M * nebuchadnezzar ./lib_internal/sys_personality.h:32: too 1168200957 M * daniel_hozac ah, i did not know about that one. 1168200975 M * daniel_hozac i guess that really ought to move to lib/syscall-wrap.h. 1168201170 J * bandsaw me@host217-45-242-181.in-addr.btopenworld.com 1168201180 M * Bertl wb bandsaw! 1168201184 M * nebuchadnezzar daniel_hozac: with --disable-alternative-syscalls it works 1168201191 M * daniel_hozac okay. 1168201228 M * daniel_hozac i guess that's the only workaround i could support having in the package. 1168201273 J * DreamerC_ ~dreamerc@125-225-97-113.dynamic.hinet.net 1168201611 Q * bandsaw Quit: The computer fell asleep 1168201675 Q * DreamerC Ping timeout: 480 seconds 1168202365 Q * nou Ping timeout: 480 seconds 1168202822 Q * nebuchadnezzar Quit: ERC Version 5.1.4 (IRC client for Emacs) 1168202909 J * nebuchadnezzar ~nebu@zion.asgardr.info 1168202912 J * nou Chaton@causse.larzac.fr.eu.org 1168203139 M * Bertl wb nou! nebuchadnezzar! 1168203448 J * Aiken ~james@tooax6-053.dialup.optusnet.com.au 1168203475 M * Bertl morning Aiken! 1168203561 M * Aiken hi 1168203609 M * nebuchadnezzar thanks 1168205337 J * Sebastian|aw ~sebastian@office.star-hosting.de 1168206404 J * Piet_ hiddenserv@tor.noreply.org 1168206612 Q * Piet Remote host closed the connection 1168206641 Q * gerrit Ping timeout: 480 seconds 1168207216 J * xe ex@valis.net.pl 1168207261 Q * ex Read error: Connection reset by peer 1168207261 N * xe ex 1168207286 J * hardwirea ~hardwire@rdbck-6119.palmer.mtaonline.net 1168207286 Q * hardwire` Read error: Connection reset by peer 1168207290 M * Bertl welcome ex! 1168207757 Q * bonbons Quit: Leaving 1168209499 J * eyck_ ~eyck@nat.nowanet.pl 1168209502 Q * eyck Read error: No route to host 1168210271 J * dna ~naucki@221-208-dsl.kielnet.net 1168210421 Q * Piet_ Quit: Piet_ 1168211164 J * bandsaw me@host217-45-242-181.in-addr.btopenworld.com 1168211352 Q * dna Read error: Connection reset by peer 1168212013 Q * FireEgl Quit: ... 1168212610 Q * bandsaw Quit: The computer fell asleep 1168212636 J * bandsaw me@host217-45-242-181.in-addr.btopenworld.com 1168212710 Q * bandsaw 1168213485 M * blino Bertl: btw, I'm uploading a kernel-vserver package in Mandriva cooker, and fixing our vserver-build scripts 1168213549 Q * Blissex Remote host closed the connection 1168214045 Q * DreamerC_ Quit: leaving 1168214078 J * DreamerC ~dreamerc@125-225-97-113.dynamic.hinet.net 1168214397 J * Johnnie ~jdlewis@jdlewis.org