1170115208 M * Bertl in both cases I see at least partially undefined behaviour
1170115225 M * Bertl in the first case, the mnt is cleared out of the nsproxy
1170115271 M * Bertl in the second case the nsproxy is disposed before the exit_notify
1170115291 M * daniel_hozac yeah, i see your point.
1170115294 M * Bertl or what am I missing here?
1170115375 M * daniel_hozac AFAICT, those cases are certainly possible...
1170115378 M * Bertl I don't see any locks or semaphores keeping that from happening
1170115410 M * Bertl so, IMHO, with the current concept of nsproxy potentially being shared
1170115445 M * Bertl we _must_not_ manipulate an nsproxy at any time (except at creation and destruction time) 
1170115464 M * Bertl i.e. before the first reference is taken and after the last reference is dropped
1170115481 M * Bertl (note: this is true for the current nfs patch)
1170115534 M * Bertl but, what the patch doesn't handle is that we also want to keep the mnt from doing evil stuff to the tasks
1170115559 M * Bertl (by getting released and hitting already partially tasks)
1170115564 M * Bertl +disposed
1170115639 M * Bertl my question now is, could be postpone the mnt disposal until all tasks are really gone?
1170115654 M * Bertl and more important, would that help?
1170115658 M * daniel_hozac how would we accomplish that? a kernel thread?
1170115687 M * Bertl we could simply keep a reference to the mnt
1170115709 M * daniel_hozac yeah, but what would cause it to finally be freed?
1170115709 M * Bertl wouldn't hurt to take one for each task, and drop it very late
1170115737 M * Bertl i.e. after tsk->state = TASK_DEAD 
1170115755 M * daniel_hozac the problem with the NFS code is that it's locking current->sighand, so current would have to refer to another process...
1170115804 M * Bertl okay, different approach, could we fix the nfs code?
1170115823 M * Bertl i.e. make the lock depend on sighand actually being there?
1170115832 M * daniel_hozac that was my initial thought too.
1170115854 M * Bertl my issues with the current patch are basically those:
1170115876 M * Bertl - the code is extremely hard to read/understand (at least for me)
1170115879 M * daniel_hozac TBH, i don't understand why the NFS code take the lock.
1170115899 M * Bertl - it doesn't work for OUR refcounting at all
1170115911 M * Bertl - it doesn't fix the issue for cornercases :)
1170115945 M * Bertl okay, could you point me to the lock/code?
1170115955 M * daniel_hozac fs/lockd/svc.c:lockd_down
1170115985 Q * duckx Quit: Client exiting
1170116023 M * daniel_hozac (Trond Myklebust seemed to suggest NFS does this in more places though)
1170116044 M * Bertl and the issue happens around the recalc_sigpending(), right?
1170116066 M * daniel_hozac right.
1170116158 M * Bertl was there an explanation why this locking is required?
1170116171 M * Bertl (or why it does the sigpending stuff at all?)
1170116204 M * daniel_hozac not that i saw.
1170116249 M * daniel_hozac i don't understand what signal it's expecting current to get.
1170116262 M * Bertl okay, I think I'm going to write an answer, and we can then think/discuss a solution with the involved parties
1170116290 M * Bertl IMHO this is some kind of notification between userspace and kernel thread or between kernel and thread
1170116323 M * Bertl this is definitely older than the kthread api which has other mechanisms in place
1170116339 M * daniel_hozac yeah
1170116350 M * Bertl do you agree that the second case is not handled by the patch?
1170116361 M * Bertl and that it might cause the same issues?
1170116369 M * daniel_hozac definitely. that would cause an Oops, IMHO.
1170116391 M * Bertl okay, I guess that isn't really easy to trigger though ...
1170116426 M * daniel_hozac yeah, i guess that would be the hard part.
1170116454 M * Bertl k, np
1170117098 M * PowerKe Bertl: Did you find anything in that tracefile I made?
1170117375 M * Bertl PowerKe: good question, let me ask a simple one, which tracefile? :)
1170117394 M * Bertl daniel_hozac: actually, I think we are wrong, the B case should be fine
1170117424 M * PowerKe the permission denied problem on my UI files
1170117425 M * daniel_hozac hmm, how so?
1170117430 M * Bertl daniel_hozac: the important part is to have a current->sighandler when disposing the mnt
1170117461 M * PowerKe 2.6.17-vs2.0.2.1-gentoo, jfs
1170117471 M * daniel_hozac i was under the impression we needed the pid namespace for exit_notify, from some of ebiederm's comments.
1170117479 M * Bertl PowerKe: please give me a short reminder and point me to the trace
1170117530 M * daniel_hozac PowerKe: as i told you, that's expected. the file is immutable.
1170117566 M * PowerKe odd, it doesn't do that on my other vserver
1170117646 M * Bertl there shouldn't be any inconsistancies, that's right
1170117655 M * Bertl do you have the trace(s) at hand?
1170117670 M * PowerKe http://powerpnt.dyndns.org:8080/vserver/
1170117686 M * daniel_hozac PowerKe: same kernel? files are UI?
1170117691 M * PowerKe older kernel
1170117704 M * Bertl ah, the utimes() issue
1170117708 M * PowerKe 2.6.14-vs2.0.1-gentoo
1170117751 M * Bertl I remember that we had a few versions which didn't check the permissions properly
1170117772 M * Bertl so I suspect the older gentoo kernel is just doing the wrong thing
1170117772 M * PowerKe So what I'm seeing on the older kernel would be the wrong behaviour
1170117774 M * daniel_hozac immutable is a vanilla flag though, so that should be checked everywhere.
1170117791 M * Bertl not necessarily for jfs
1170117810 M * daniel_hozac ah right... JFS only grew that support in 2.6.17, right?
1170117819 M * daniel_hozac (it's missing from 2.6.16)
1170117822 M * Bertl PowerKe: let's do a few simple tests in parallel on both systems, shall we?
1170117902 M * PowerKe ok
1170117961 M * Bertl first one: touch xx; chattr +i xx; touch xx  (on the jfs partition)
1170118007 M * PowerKe nexus vservers # touch xx; chattr +i xx; touch xx
1170118007 M * PowerKe chattr: Inappropriate ioctl for device while reading flags on xx
1170118105 M * Bertl and on the other one?
1170118106 M * daniel_hozac on the 2.6.17 box?
1170118155 M * PowerKe laptoptom vservers # touch xx; chattr +i xx; touch xx
1170118156 M * PowerKe touch: cannot touch `xx': Permission denied
1170118180 M * Bertl okay, so we now know that the first one is missing generic xattr support
1170118207 M * Bertl IIRC, I implemented it around 2.6.13 or so and it was included in mainline around 2.6.16
1170118224 M * PowerKe So I should consider the new behaviour as being correct
1170118234 M * Bertl yes, definitely for 2.0x
1170118252 M * Bertl with the 2.2 branch, you can enable the CoW link breaking
1170118266 M * Bertl in which case the utimes change 'should' break the link
1170118367 M * PowerKe What I did was unify 2 guests, but since they both have different mtimes, every file gets 2 hardlinks. One to the hash directory, one in the guest.
1170118369 M * Bertl IIRC, the reason for your doing was to sync the times, yes?
1170118401 M * Bertl daniel_hozac: would it be hard to extend the vhashify/unify by an option which allows to completely ignore the times?
1170118402 M * PowerKe What I used to do was then update the mtimes so they match and run vhashify again and delete the copies with 1 hardlink in the hashing folder
1170118413 M * PowerKe Bertl: He already made that one
1170118413 M * daniel_hozac Bertl: already done :)
1170118430 M * Bertl excellent, so that should be a nonissue then? good work!
1170118457 M * PowerKe daniel_hozac: which mtime is taken in that case? Is there a rule or is it random?
1170118476 M * daniel_hozac the first one to put the link in the hash directory.
1170118524 M * Bertl what if the hash directory already contains that entry?
1170118557 M * daniel_hozac as the mtime is part of the hash, that's rather unlikely.
1170118559 M * Bertl i.e. real world example:
1170118575 M * Bertl unify guests A and B
1170118592 M * Bertl then run touch on the hash
1170118608 M * Bertl (with 2.2 this will break the links there, right?)
1170118611 M * daniel_hozac that should break the link.
1170118627 M * Bertl okay, now I re-unify A and B, what happens?
1170118652 M * Bertl do I get new hash files? is the hash now twice as large?
1170118669 M * Bertl or will they be 'just' overwritten?
1170118722 M * daniel_hozac by default, already unified files are just skipped.
1170118735 M * PowerKe if the mtime is part of the hash, then how do you match them?
1170118752 M * daniel_hozac the mtime isn't part of the hash if --ignore-mtime is specified.
1170118759 M * Bertl something completely different: how does your nfs test setup look like (right now) to trigger the oops?
1170118920 M * daniel_hozac after boot, just service portmap start; ./test-nfs mount -t nfs stagioni:/pub /mnt
1170118948 M * daniel_hozac (where test-nfs just does unshare(CLONE_NEWNS); execvp(argv[1], argv+1);)
1170118958 M * Bertl okay, excellent
1170118996 M * Bertl what if we add the following before exit_notify()
1170119062 M * PowerKe To be able to change a file with UI flags from within the guest, I need to enable the CoW link breaking kernel flag?
1170119091 M * Bertl yes, but you can unlink it (remove/delete)
1170119144 Q * Piet Remote host closed the connection
1170119144 M * Bertl daniel_hozac: sleep(tsk->pid % 3);
1170119177 M * Bertl if you now spawn a second process inside that namespace
1170119180 J * Piet hiddenserv@tor.noreply.org
1170119205 M * Bertl that should have a good chance to eventually hit case B, no?
1170119216 M * daniel_hozac there are two processes created already, mount and mount.nfs.
1170119226 M * Bertl even better :)
1170119264 M * Bertl couldn't hurt to add a printk() there too
1170119476 M * daniel_hozac so which sleep do we want?
1170119504 M * Bertl well, A should sleep longer than B
1170119524 M * Bertl and A should actually start dying earlier
1170119556 M * Bertl that's why I think the % 3 might be a good idea
1170119569 M * Bertl you will get 'pseudo random' 0,1,2 sec sleeps
1170120240 M * daniel_hozac Hollow, phreak``, Gentoo users: if some of you could test http://people.linux-vserver.org/~dhozac/p/uv/experimental/util-vserver-0.30.213-rc1.tar.bz2, especially the initscripts and their installation, it would be very much appreciated.
1170120484 M * daniel_hozac Bertl: did you see Hollow's bug, btw? http://paste.linux-vserver.org/986
1170120499 M * Bertl nope, not yet
1170120555 M * Bertl a context gets disposed with claims?
1170120562 M * daniel_hozac looks like it.
1170120685 M * Bertl is it reproduceable?
1170120790 M * daniel_hozac i think so.
1170120817 M * Bertl should be easy to fix then, we just need the proper debug run
1170120836 M * daniel_hozac yeah.
1170120849 M * daniel_hozac (damn, booting the modified kernel is taking forever...)
1170120873 M * Bertl heh, quite some processes on startup, eh?
1170120881 M * daniel_hozac yeah, apparently.
1170120892 M * Bertl btw, doing usleep() should be enough
1170120901 M * Bertl I know, too late :)
1170120907 M * daniel_hozac hehe.
1170120917 M * daniel_hozac might be worth it...
1170120924 M * daniel_hozac it still hasn't brought up my interfaces.
1170121001 M * daniel_hozac hmm, though, the processes need to die at the same time, right?
1170121031 M * Bertl Hollow: please recreate with debugging enabled, xid=1,2,3,4,6 switch=0,1 misc=4,5
1170121066 M * daniel_hozac for that i guess we need another test-case, as i believe mount is waiting on mount.nfs to die.
1170121105 M * Bertl hmm, could work nevertheless, as the 'wait' happens in the notify, no?
1170121125 M * Bertl so basically adding the sleep before and after that, would help
1170121140 M * Bertl nah, probably now :)
1170121144 M * Bertl *not
1170121159 M * Bertl anyway, adding another process should not be too hard
1170121210 M * daniel_hozac indeed, unshare(CLONE_NEWNS); fork(); exit(0); should work, no?
1170121222 M * Bertl yes
1170121253 M * daniel_hozac i have to admit that i don't see where in exit_notify we need the pid namespace though...
1170121267 M * daniel_hozac at least, not the very small part of it that has been merged into mainline now.
1170121585 M * daniel_hozac i just get the lockd_down oops now.
1170121598 M * Bertl with the patch?
1170121605 M * daniel_hozac no, i removed the patch.
1170121612 M * daniel_hozac ... that wasn't very clever, was it.
1170121624 M * Bertl hmm, weeeell ...
1170121656 M * Bertl we have now verified that it still oopses :)
1170121694 M * daniel_hozac sorry, i don't know what i was thinking... i'm starting to get a bit tired, so i'll blame it on that :)
1170121714 M * Bertl hey, np, just happens ...
1170121745 M * Bertl just think how many other things could have gone wrong, and you got them all right :)
1170121807 M * daniel_hozac lol
1170121840 M * daniel_hozac seems you're not the only one with issues with the patch.
1170121893 M * Bertl ah?
1170122080 M * daniel_hozac see Oleg Nesterov's email.
1170122126 M * daniel_hozac seems like a legit concern as well.
1170122159 M * Bertl indeed
1170123001 M * daniel_hozac i can't seem to break it.
1170123014 M * Bertl that's what I assumed ...
1170123039 M * Bertl current will always have a sighand with that patch
1170123053 M * daniel_hozac yeah
1170123054 M * Bertl so we cannot argue that it actually breaks in certain cases
1170123091 M * daniel_hozac well, the second case could certainly break once the full pid namespace is in.
1170123117 M * daniel_hozac (i assume that's when it'll be required for exit_notify)
1170123133 M * Bertl yes, I will document it on lkml and state my 'issues' with the patch itself
1170123145 M * Bertl but I guess it should be fine for now
1170123177 M * Bertl in addition, I'm going to add some accounting for the spaces to 2.2+
1170123191 M * Bertl i.e. mnt, uts, ipc and proxy
1170123193 M * daniel_hozac what kind of accounting?
1170123204 M * Bertl so that we get an idea if we lose one or the other :)
1170123213 M * daniel_hozac ah, hehe.
1170123429 M * daniel_hozac well, i think i'm gonna get some sleep now... good night!
1170123442 M * Bertl have a good one, and thanks for the help!
1170125110 J * ensc ~irc-ensc@p54B4EC6D.dip.t-dialin.net
1170126833 Q * anonc Ping timeout: 480 seconds
1170127021 Q * Adrinael Read error: Connection reset by peer
1170127023 J * Adrinael adrinael@st12-127.tky.hut.fi
1170127351 Q * Piet Quit: Piet
1170127736 Q * Roey Ping timeout: 480 seconds
1170127758 J * Roey ~katz@h-69-3-4-130.mclnva23.covad.net
1170131353 Q * lylix Read error: Connection reset by peer
1170133380 J * stefani ~stefani@c-24-19-46-211.hsd1.wa.comcast.net
1170134670 M * Bertl wb stefani!
1170134728 M * stefani hola
1170134887 M * Bertl how's going?
1170134967 M * stefani slooowwww
1170135009 M * Bertl you must be using something else than Linux-VServer :)
1170135154 M * stefani at the moment, i'm not focussing on vserver much .   the ones i have just work... 
1170135189 M * Bertl that's the way it should be ... anyway, not going to bother you any longer ...
1170135284 Q * nou Ping timeout: 480 seconds
1170135285 M * stefani np.
1170137076 M * Bertl daniel_hozac: just stumbled over the util-vserver clone implementation; my manpage for clone says that since Linux 2.5.49, the syscall has five instead of two arguments, which I can confirm for 2.6.19 :)
1170138793 Q * Hsilamot Ping timeout: 480 seconds
1170139200 P * stefani parting (is such sweet sorrow)
1170139541 Q * tanteauguri Quit: using sirc version 2.211+KSIRC/1.3.12
1170140588 J * gab ~gab@158.36.45.236
1170141637 J * greedy ~jesper@221.217.18.62
1170141850 Q * dlezcano Quit: Leaving
1170144467 Q * gab Remote host closed the connection
1170144815 M * Hollow morning
1170144845 M * Bertl good morning ...
1170144875 M * Bertl Hollow: do you use sys_clone()?
1170144887 M * Hollow in libvserver?
1170144892 M * Bertl yes, and vcd
1170144896 M * Hollow sure i do
1170144906 M * Bertl how many arguments do you pass?
1170144932 M * Hollow flags and child_stack
1170144935 M * Hollow i.e. 2
1170144947 M * Bertl interesting, because it takes 5 :)
1170144971 M * Bertl note: I'm talking about sys_clone() not clone()
1170144982 M * Hollow it always worked with syscall3(), also the clone manpage lists it
1170144999 M * Hollow syscall2 of course
1170145002 M * Bertl see my note above ...
1170145039 M * Hollow ?
1170145046 M * Hollow don't have abacklog here
1170145057 M * Bertl my manpage for clone says that since Linux 2.5.49, the syscall has five instead of two arguments, which I can confirm for 2.6.19 :)
1170145091 M * Bertl so the 2 argument version is only true for 2.4 kernels
1170145092 M * Hollow well.. i can change it if you want, but i never had problems with the older interface
1170145102 M * Hollow and i don't need the other arguments
1170145111 M * Bertl well, the other arguments are random values in a syscall2
1170145137 M * Bertl so they might as well give funny results, by overwriting your program
1170145150 M * Bertl (or segfaulting in the syscall, etc ...)
1170145194 M * Hollow ok.. can i just pass NULL for the other 3?
1170145204 M * Bertl haven't verified that yet
1170145219 M * Bertl but I would assume so, at least for two of them
1170145281 M * Hollow btw, util-vserver uses the syscall2 version too
1170145323 J * zhou_rock ~zhou@202.170.218.253
1170145370 M * Hollow daniel_hozac: you around?
1170145613 M * Bertl one possible explanation (unverified) would be that the 5 arg syscall is somehow backward compatible
1170145619 M * Bertl welcome zhou_rock!
1170145635 M * zhou_rock thanks
1170145714 M * zhou_rock glad to meet you
1170145778 M * Bertl the pleasure is mine, what's up?
1170145854 M * Hollow Bertl: well, i use your shiny syscall, should be easy to verify, no?
1170145911 M * Bertl passing -1 for all three arguments could give a clue
1170145959 J * gab ~gab@158.36.45.236
1170145979 M * Bertl welcome gab!
1170145988 M * Hollow i.e. using syscall5 with -1 for the 3 new arguments?
1170146023 M * gab good moring Bertl
1170146031 M * Bertl Hollow: yep, that should not be handled special, but OTOH, it should we the worst case scenario
1170146052 M * Hollow ok, will try that when back at home
1170146077 M * Bertl okay, will take a look at the implementation in the evening ...
1170146099 M * Hollow Bertl: btw, did you see http://paste.linux-vserver.org/986 ?
1170146120 M * Bertl yes, I wrote an answer too, sec, let me copy that one too
1170146129 M * Hollow hapened during startup when the helper segfaulted... so it si "fixed" now
1170146178 M * Bertl 02:37 < Bertl> Hollow: please recreate with debugging enabled, xid=1,2,3,4,6  switch=0,1 misc=4,5
1170146200 M * Hollow ok, i have to make the helper segfault again then, but will take a look ;)
1170146224 M * Bertl if that is really recreateable, it will be interesting
1170146246 M * Bertl it seems that a context is disposed while still claimed
1170146308 M * Hollow yeah.. it wasn't even the helper that segfaulted actually... the helper called vcd to do the startup work, vcd segfaulted during mount, but the vshelper still existed in some weird blocked select()
1170146349 M * Bertl so I'm definitely interested if you can trigger that on recent kernels
1170146354 M * Hollow so the khelper thread was still active which is why the context was claimed probably
1170146361 M * Hollow it was on 2.2.0-rc8.7
1170146368 M * Hollow but i will try to recreate that
1170146385 M * Bertl okay, tx
1170146497 J * ntrs ~ntrs@68-188-55-120.dhcp.stls.mo.charter.com
1170146602 P * zhou_rock 
1170146689 M * Bertl okay, off to bed now ... have a good one everyone! cya!
1170146694 N * Bertl Bertl_zZ
1170146695 M * Hollow night!
1170146876 M * Hollow off again too
1170146878 Q * ntrs_ Ping timeout: 480 seconds
1170146998 J * dna ~naucki@24-193-dsl.kielnet.net
1170147038 M * matti :)
1170147990 P * click [IRSSI]
1170149778 Q * m`m`h Ping timeout: 480 seconds
1170150357 J * click click@ti511110a080-5475.bb.online.no
1170151489 J * m`m`h ~simba@deb30.mgts.by
1170151928 Q * marcfiu Ping timeout: 480 seconds
1170151988 J * DavidS ~david@vpn.uni-ak.ac.at
1170152268 J * meandtheshel1 ~markus@85-124-206-1.dynamic.xdsl-line.inode.at
1170153540 J * marcfi1 ~mef@c-68-39-177-97.hsd1.nj.comcast.net
1170153587 P * marcfi1 
1170154040 Q * greedy Quit: using sirc version 2.211+KSIRC/1.3.12
1170156757 Q * shedi Quit: Leaving
1170159269 Q * Aiken Quit: Leaving
1170159528 Q * trippeh Quit: fikse litt charset-tull
1170159873 Q * cdrx Ping timeout: 480 seconds
1170160627 J * me ~me@p548AA222.dip0.t-ipconnect.de
1170160643 M * me good morning, I've got a kernel oops on restarting a vserver: http://nopaste.linux-dev.org/?1089
1170160665 M * me Could anyone say me maybe something about it? The root and the vserver are working ( without a restart )
1170160681 M * daniel_hozac you're using the broken Debian vserver kernel.
1170160695 M * daniel_hozac you should upgrade to 2.6.18-4.
1170160974 M * me okay, the one from sid, thanks
1170161300 J * Wajat MasteR@77-105-56-172.adsl-1.sezampro.yu
1170161961 Q * me Remote host closed the connection
1170161991 Q * transacid Ping timeout: 480 seconds
1170161999 M * daniel_hozac Bertl_zZ, Hollow: AFAICT the other three arguments are dependent on CLONE_PARENT_SETTID, CLONE_CHILD_SETTID, and CLONE_SETTLS, respectively.
1170162571 J * transacid ~transacid@transacid.de
1170162614 J * cdrx ~legoater@blueice4n2.uk.ibm.com
1170163884 Q * Wajat 
1170166325 J * Piet hiddenserv@tor.noreply.org
1170166679 M * Guy- if I used hashify, and then deleted some hashified files from a vserver so that they are now only in .hash, how do I get rid of them?
1170166686 M * Guy- find -tpye f -links 1 | xargs rm?
1170166698 M * Guy- or is there a Better Way (tm)?
1170166852 J * lilalinux ~plasma@dslb-084-058-203-076.pools.arcor-ip.net
1170166916 M * Guy- also, I have some hashified files with more links than vservers, which leads me to believe that hashify does in fact not skip files that have links counts greater than one, which is bad
1170168712 M * daniel_hozac find is pretty much the only way to clean up.
1170169765 P * DavidS 
1170169766 Q * Piet Remote host closed the connection
1170169860 J * Piet hiddenserv@tor.noreply.org
1170170134 Q * gab Quit: Leaving
1170170268 M * Hollow daniel_hozac: the execve error was so dumb .. i have allocated argv using malloc(argc + 1) not malloc((argc + 1) * sizeof(char *))
1170170284 M * daniel_hozac ah, hehehe.
1170170353 M * Hollow daniel_hozac: it was clearly not the same bug as we experienced before where gcc4.1.1 seemed to f*ck up the envp in execve
1170170395 M * daniel_hozac apparently not :)
1170170422 J * shuri ~shuri@hq01.electronicbox.net
1170170460 M * Hollow daniel_hozac: btw, do you know if there is any arch where pagesize < 1024?
1170170603 M * daniel_hozac it seems the smallest page size on Linux is 4096.
1170170612 J * ybanafa ybanafa@82.114.188.218
1170170734 M * daniel_hozac (judging by a quick grep 'define[[:space:]]*PAGE_SIZE' include/asm-*/page.h, anyway)
1170170746 M * ybanafa Hi All .. my eth0 connect to my isp dhcp .. what is the best way to build vps (I did not see any doc about dhcp-host & static-guest)
1170170819 M * daniel_hozac ybanafa: assign the guests private IP addresses, and use NAT?
1170170919 M * ybanafa daniel_hozac : Thanx .. is there doc/link about that ?
1170170960 J * Sagitrio ~S@213.87.72.70
1170170969 M * daniel_hozac http://iptables.org/documentation/HOWTO//NAT-HOWTO.html maybe.
1170170991 M * ybanafa daniel_hozac : Thanx ++
1170171004 M * Sagitrio ïðèâåòû +)
1170171010 M * Sagitrio êàê âàøè äåëà ?
1170171162 Q * Sagitrio 
1170171186 Q * ybanafa Quit: using sirc version 2.211+KSIRC/1.3.11
1170171297 J * hallyn ~xa@cpe-72-179-43-119.austin.res.rr.com
1170171389 M * daniel_hozac hey hallyn.
1170172837 M * daniel_hozac hallyn: what tree is your latest patch against?
1170173018 J * FireEgl Proteus@2001:5c0:84dc:1:211:9ff:feca:b042
1170173433 N * Bertl_zZ Bertl
1170173436 M * Bertl morning folks!
1170173438 M * daniel_hozac morning Bertl!
1170174151 T * * http://linux-vserver.org/ | latest stable 2.0.2.1, 2.0.3-rc1, 2.2.0-rc8.7, devel 2.1.1.7.1, 2.3.0.8, stable+grsec 2.0.2.1, 2.2.0-rc8, devel+grsec 2.1.1 | util-vserver-0.30.212 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;)
1170174151 T * Bertl -
1170174160 M * ciphergoth at shutdown I get this, why? "cat: /proc/cmdline: No such file or directory"
1170174166 M * ciphergoth and "mount: permission denied"
1170174391 Q * lilalinux Remote host closed the connection
1170174446 Q * tokkee cation.oftc.net galapagos.oftc.net
1170174464 J * yarihm ~yarihm@vpn-global-dhcp2-26.ethz.ch
1170174580 J * tokkee tokkee@casella.verplant.org
1170174599 Q * ciphergoth Quit: Client exiting
1170174603 J * lilalinux ~plasma@dslb-084-058-203-076.pools.arcor-ip.net
1170174771 J * Greek0_ ~greek0@85.255.145.201
1170174772 Q * Greek0 Read error: Connection reset by peer
1170175191 Q * Johnnie Remote host closed the connection
1170175224 J * Johnnie ~jdlewis@jdlewis.org
1170175266 M * Bertl daniel_hozac: so syscall2 should be fine even on 2.6 (without the special flags)?
1170175565 M * daniel_hozac i think so.
1170176101 M * Bertl okay, good then ...
1170176113 M * Bertl off for now .. will be back in the evening ... have fun!
1170176119 N * Bertl Bertl_oO
1170176168 J * stefani ~stefani@tsipoor.banerian.org
1170176791 J * bonbons ~bonbons@83.222.37.103
1170177333 Q * FaUl Ping timeout: 480 seconds
1170179578 J * Pazzo ~ugelt@dialin-225136.rol.raiffeisen.net
1170179688 M * Pazzo hi all! running nfs-user-server within a vserver is no problem, but right now I'm trying to let a vserver mount a nfs share. could someone give me a hint on how to accomplish this?
1170179706 M * daniel_hozac is it absolutely necessary to have the guest mount it?
1170179720 M * daniel_hozac however, with the secure_mount and binary_mount ccapabilities, that should work fine.
1170179724 M * Pazzo hi daniel_hozac!
1170179731 M * daniel_hozac hey
1170179753 M * Pazzo I added secure_mount, binary_mount and secure_remount to ccapabilities
1170179763 M * Pazzo -> stale nfs file handle
1170179802 M * Pazzo unfs3 is running within the same vserver, shares there can successfully be mounted
1170179963 M * daniel_hozac so you can mount things from the local server, just not a remote one?
1170179981 M * Pazzo hmm... let me explain:
1170180012 M * Pazzo vhost1 and vhost2 are the "real" servers
1170180019 M * Pazzo running vserver1 and vserver2
1170180077 M * Pazzo atm vserver1 is still a single server, needs to be moved
1170180099 M * Pazzo vserver2 has been a "real" server, but is right now already a vserver
1170180121 M * Pazzo both servers have been using nfs shares (somehow "cross-mounting" things)
1170180152 M * Pazzo now I need to accomplish the same job within vservers
1170180190 M * daniel_hozac is there any particular reason you can't use the fstab file?
1170180218 M * Pazzo so I installed unfs3 on vserver2, works fine and can be mounted from vserver1
1170180276 M * Pazzo daniel_hozac: hmmm... no.
1170180286 M * Pazzo I have never been doing so
1170180314 M * Pazzo I probably need portmapper on host-side to do so, is this correct?
1170180337 M * daniel_hozac i guess.
1170180350 M * daniel_hozac but IME, you need portmapper on the host even for guest mounts.
1170180356 M * Pazzo aaaah!
1170180364 M * Pazzo ? hmmm
1170180405 M * Pazzo guest mounts are using the host's portmapper?
1170180432 M * daniel_hozac lockd is, at least.
1170180453 M * Pazzo ok
1170180465 M * daniel_hozac (hmm, that's another problem with doing the mount in a guest. it'll want to spawn a kernel thread, and that's blocked...)
1170180488 M * Pazzo are guest mounts to considered "harmful"?
1170180493 Q * cdrx Quit: Leaving
1170180517 J * cdrx ~legoater@blueice3n1.uk.ibm.com
1170180530 M * Pazzo btw: my "co-worker" killed the host 5 minutes ago...
1170180549 M * daniel_hozac depends on what you're referring to, i suppose.
1170180567 M * Pazzo ...is this a "to-be-expected-feature" when trying to do nfs-mounts from inside a vserver?
1170180599 M * daniel_hozac well, right now, being able to do the mount in the first place needs some luck :)
1170180609 J * duckx ~Duck@tox.dyndns.org
1170180646 M * Pazzo daniel_hozac: ok, thanks a lot for your assistance!
1170180665 M * Pazzo so I'll NEVER again use guest-mounts
1170180672 M * daniel_hozac using the guest's fstab.remote file should avoid all of the problems.
1170180676 M * Pazzo install portmapper on the host
1170180732 M * Pazzo and use... fstab.remote :-)
1170180765 M * Pazzo thnx a lot daniel, I have to leave now as it really seems that we shoot this host in the head :o)
1170180773 N * Pazzo PazzoOoo
1170180795 M * daniel_hozac heh.
1170180803 M * daniel_hozac you're welcome!
1170180877 J * FaUl immo@shell.chaostreff-dortmund.de
1170180993 Q * yarihm Ping timeout: 480 seconds
1170181467 Q * cdrx Read error: Connection reset by peer
1170181952 Q * bronson Read error: Connection reset by peer
1170184013 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net
1170184029 J * abackos ~irc@ip70-190-32-70.ph.ph.cox.net
1170184354 Q * lilalinux Remote host closed the connection
1170184754 Q * abackos 
1170184755 Q * ntrs Remote host closed the connection
1170185042 J * gerrit ~gerrit@bi01p1.co.us.ibm.com
1170186205 Q * FireEgl Remote host closed the connection
1170186226 N * PazzoOoo Pazzo
1170186246 M * Pazzo re
1170186304 M * Pazzo daniel_hozac: works like a charm! I'll touch guest-mounts never again :-p
1170186498 J * marcfiu ~mef@aegis.CS.Princeton.EDU
1170186846 M * Hollow Bertl_oO, daniel_hozac: guess i've found another bug.. empty (persistent) contexts have a task count of 1
1170186863 M * daniel_hozac vx_tasks? that's expected.
1170186875 M * daniel_hozac it's so we don't free the context.
1170186886 M * Hollow ok ..
1170186888 M * daniel_hozac you should check the rlimit_stat of NPROC.
1170186904 M * Hollow ah, good idea
1170186948 Q * Pazzo Quit: ...
1170187051 M * sid3windr is there any chance vserver messes with usb storage?
1170187073 M * daniel_hozac highly unlikely. why?
1170187078 M * sid3windr that's what I thought
1170187091 M * sid3windr i've got a problem with a usb storage device and googling stuff there was one guy on fedora who had the same and it started to work when he disabled selinux
1170187102 M * sid3windr (or so he says)
1170187110 M * daniel_hozac heh.
1170187117 M * daniel_hozac what kind of problem?
1170187642 M * sid3windr usb 1-3: device not accepting address 4, error -62
1170187653 M * sid3windr it's a very long shot to think vserver has anything to do with it though :)
1170187698 M * daniel_hozac hmm -ETIME (Timer expired)? sounds more like a problem with the device, IMHO.
1170187953 M * Hollow daniel_hozac: works :) http://paste.linux-vserver.org/994
1170187973 M * Hollow without /proc parsing :)
1170187997 M * Hollow (except to get the running xids)
1170188014 M * daniel_hozac looks like the new vserver-stat ;)
1170188024 M * Hollow yep :)
1170188042 M * Hollow it's just the first time i see the new syscalls in action ;)
1170188077 M * daniel_hozac hehe.
1170188223 M * daniel_hozac how do you find out the number of CPUs?
1170188659 M * Hollow daniel_hozac: sysconf(_SC_NPROCESSORS_ONLN);
1170188712 M * daniel_hozac ah, nice. i didn't even think to consult sysconf.
1170188789 M * daniel_hozac then i can get rid of the   // XXX: arbitrary CPU limit. for (cpu = 0; cpu < 1024; cpu++) {
1170188812 M * Hollow heh :) i stumbled over the sysconf value some time ago, but i had some hackish workaround as well ;)
1170188862 M * daniel_hozac is it possible to, with CPU hotplug, get CPU 0 and CPU 2 online, with _SC_NPROCESSORS_ONLN then returning 2?
1170188925 M * Hollow no idea ..
1170189149 M * daniel_hozac is sysconf a syscall?
1170189265 M * daniel_hozac hmm, it seems to parse /proc/stat.
1170189293 M * Hollow bah
1170190605 Q * dna Ping timeout: 480 seconds
1170191017 Q * marcfiu Remote host closed the connection
1170191443 J * dna ~naucki@24-193-dsl.kielnet.net
1170191551 J * DreamerC_ ~dreamerc@125-225-98-45.dynamic.hinet.net
1170191650 J * Aiken ~james@ppp218-108.lns2.bne1.internode.on.net
1170191754 J * toom ~toom@coco.docisland.org
1170191760 M * toom hi
1170191777 M * daniel_hozac hello
1170191883 M * toom is there a known problem in sendfile syscall with 2.6.19.2-grsec2.1.10-vs2.2.0-rc8 ?
1170191914 M * daniel_hozac no.
1170191951 Q * DreamerC Ping timeout: 480 seconds
1170191989 M * toom my apache-2.2.3 doesn't work and fails in sendfile syscall (EINVAL)
1170192228 Q * bonbons Quit: Leaving
1170192388 M * daniel_hozac works fine here.
1170192405 M * daniel_hozac (although, i'm not using grsec)
1170192468 M * toom I use apache2 in the root server and it works fine
1170192507 M * toom when I chroot (without chcontext), it doesn't work
1170192557 M * toom I'll try to remove grsec
1170192614 M * daniel_hozac that makes it sound more like your apache is broken.
1170192640 M * daniel_hozac are your host and guest running the same distribution?
1170192651 M * toom no
1170192669 M * toom debian unstable (root) and debian etch (in vserver)
1170192711 M * daniel_hozac different versions of apache installed?
1170192743 M * Radiance using grsec here and apache 2.x just fine btw
1170192769 M * toom same versions
1170192780 M * Radiance but a .7.14 kernel and fitting patches
1170192886 M * daniel_hozac could you paste the strace surrounding the error?
1170192905 M * toom k
1170193119 M * toom http://code.bulix.org/x8dtls-31936
1170193224 M * daniel_hozac is your filesystem/block device/whatever is needed supporting mmap?
1170193247 M * toom ah !
1170193252 M * toom I use unionfs
1170193289 M * daniel_hozac well, that's external so i can't check the source.
1170193291 Q * gerrit Ping timeout: 480 seconds
1170193298 M * daniel_hozac (well i could, but i'm lazy :))
1170193298 J * yarihm ~yarihm@84-75-123-221.dclient.hispeed.ch
1170193305 M * toom ok :)
1170193306 M * daniel_hozac but i imagine that's why.
1170193314 M * toom I think so
1170193320 M * toom thank you
1170193322 M * daniel_hozac try getting your host's apache to serve from the same directory.
1170193356 M * toom yes, I'll do that, thx
1170193364 M * daniel_hozac np.
1170193438 J * gerrit ~gerrit@bi01p1.co.us.ibm.com
1170193647 P * toom 
1170193748 J * Piet_ hiddenserv@tor.noreply.org
1170194040 Q * DreamerC_ Quit: leaving
1170194060 J * DreamerC ~dreamerc@125-225-98-45.dynamic.hinet.net
1170194113 Q * Piet Ping timeout: 480 seconds
1170194162 J * chris_ ~chris@e179192098.adsl.alicedsl.de
1170194615 Q * chris_ Quit: leaving
1170195178 N * Bertl_oO Bertl
1170195183 M * Bertl evening folks!
1170195195 M * shuri hi Bertl 
1170195265 M * shuri hey Bertl i did not find any way to fix the segmentation errors with utils-vserver on ubuntu
1170195297 M * shuri remove dietlibc from ubuntu compile it from source and i got the same
1170195482 M * Bertl okay, we should definitely look into that, got some time?
1170195537 M * shuri got 40 minutes
1170195582 M * Hollow is there a way to find out if a directory is a mount point without parsing /proc/mounts?
1170195602 M * shuri df ?
1170195611 M * Hollow without parsing df too
1170195632 M * Hollow some syscall would be appretiated :)
1170195753 M * Bertl yes, check the directory inodes
1170195773 M * Bertl if rdevs do not match, you have a mountpoint
1170195791 M * Bertl but careful, that does not address --bind or --move mounts
1170195801 M * Bertl which are basically undetectable atm
1170195819 M * Bertl shuri: okay, you get the segfault unconditionally?
1170195834 M * shuri vserver-stats
1170195839 M * Bertl shuri: what exactly does segfault?
1170195850 M * Hollow ah, good idea.. guess i can live with knowing normal mount points for now
1170195866 M * shuri vserver-stat 
1170195866 M * shuri Erreur de segmentation
1170195873 P * stefani I'm Parting (the water)
1170195873 M * shuri segmentation fault
1170195884 M * Bertl okay, first lets do export LC_ALL=C LANG=POSIX
1170195889 M * shuri same with vserver-info
1170195899 M * shuri lol
1170195900 M * shuri ok
1170195902 M * Hollow Bertl: btw, the new sched_info syscall works great: http://paste.linux-vserver.org/995 (used for sys/user time)
1170195904 M * Bertl do you get a coredump?
1170195912 M * shuri vserver-info 
1170195912 M * shuri Segmentation fault
1170195918 M * Bertl Hollow: cool!
1170195936 M * shuri i only get this output
1170195948 M * Bertl okay, so no core.xxxx file?
1170195967 Q * meandtheshel1 Quit: Leaving.
1170195981 M * shuri no
1170196024 M * Bertl 'ulimit -Hc' says?
1170196049 M * shuri ulimit -H
1170196049 M * shuri unlimited
1170196050 M * Bertl and 'ulimit -Sc'?
1170196052 M * shuri but right now
1170196066 M * shuri i am not on a kernel with vserver patch
1170196097 M * Bertl hmm, okay?
1170196116 M * Bertl you don't expect it to work there, do you? :)
1170196125 M * shuri nop
1170196138 M * shuri but the segmentation fault is not related with the kernel
1170196148 M * Bertl hum
1170196163 M * Bertl so that would mean it is ubuntu related, no?
1170196167 M * shuri yes
1170196185 M * Bertl okay, so a problem with the ubuntu toolchain then
1170196205 M * Bertl did you try to disable the alternative syscalls?
1170196222 M * Bertl btw, what arch is that? sparc or x86?
1170196244 M * shuri let me try
1170196245 M * shuri x86
1170196260 M * shuri ./configure --disable-alternative-syscalls
1170196275 M * Bertl sounds about right
1170196422 M * shuri got compile error
1170196429 M * shuri ps/lib_libvserver_a-syscall.Tpo"; exit 1; fi
1170196429 M * shuri In file included from lib/syscall.c:33:
1170196429 M * shuri lib/vserver-internal.h: In function 'vserver':
1170196436 M * shuri lib/vserver-internal.h:257: error: conflicting types for 'syscall'
1170196436 M * shuri /usr/lib/diet/include/sys/syscall.h:6: error: previous declaration of 'syscall' was here
1170196436 M * shuri make[2]: *** [lib/lib_libvserver_a-syscall.o] Error 1
1170196442 M * shuri make[2]: Leaving directory `/home/shuri/Desktop/util-vserver-0.30.212'
1170196442 M * shuri make[1]: *** [all-recursive] Error 1
1170196442 M * shuri make[1]: Leaving directory `/home/shuri/Desktop/util-vserver-0.30.212'
1170196442 M * shuri make: *** [all] Error 2
1170196489 M * Bertl okay, try to disable diet too
1170196763 M * shuri vserver-stat 
1170196764 M * shuri can not change context: migrate kernel feature missing and 'compat' API disabled: Function not implemente
1170196776 M * shuri sthe error is normal
1170196783 M * shuri this error is normal
1170196799 M * shuri but not more Segmentation fault
1170196805 M * Bertl okay, so that works for you
1170196825 M * Bertl let me guess, ubuntu uses a 4.0.2 gcc toolchain?
1170196891 J * pflanze ~chris@84-73-56-44.dclient.hispeed.ch
1170196892 M * shuri                        CC: gcc, gcc (GCC) 4.1.2 20070106 (prerelease) (Ubuntu 4.1.1-21ubuntu7)
1170196892 M * shuri                       CXX: g++, g++ (GCC) 4.1.2 20070106 (prerelease) (Ubuntu 4.1.1-21ubuntu7
1170196907 M * Bertl yeah, sorry, I meant 4.1.2 ...
1170196928 M * pflanze Hello
1170196936 M * Bertl okay, np, I'm going to rewrite the shiny stuff to cope with those newer compiler bugs ...
1170196957 M * Bertl shuri: but I will need some testing, can you do that for me in the next few days?
1170196963 M * shuri yes
1170197010 M * Bertl okay, will prepare something tonight or tomorrow, and do some testing on my own first, then I'll hand that to you ...
1170197020 M * shuri perfect
1170197023 M * Bertl hey pflanze!
1170197045 M * shuri pm me when you are ready
1170197058 Q * gerrit Ping timeout: 480 seconds
1170197068 M * pflanze Semi-ontopic question: does anyone know how to dump core files of processes to safe places? (especially ones with changing uids). The on-topic part of the question is, how to do it inside vservers (/proc/sys/kernel/core_* seem not virtualized).
1170197074 M * Bertl shuri: perfect, tx
1170197092 M * shuri thx to you!
1170197108 M * Bertl pflanze: hmm, yes, core dumps are always an issue
1170197135 M * Bertl pflanze: by default, the binary dumps right into the current directory
1170197153 M * Bertl pflanze: the kernel honors the ulimits for core dump sizes
1170197202 M * pflanze I've got an intermittent problem with qmail I'm trying to track down and would like to make it dump core,
1170197216 M * pflanze but a) I don't like it writing files into the queue, and b) maybe it even can't.
1170197245 M * Bertl well, the can't part is not very likely, as the kernel actually does the core dumping
1170197246 A * pflanze checks the proc files on the host
1170197264 M * pflanze hm it doesn't honor permissions?
1170197272 M * pflanze e.g. acts as root?
1170197293 M * Bertl well, it probably does a few checks, but it's not a 'can not' issue :)
1170197313 M * Bertl i.e. it might be a 'should not' and 'does not' issue :)
1170197395 A * pflanze tries
1170197446 M * Bertl but I wonder for some time now, if there isn't a mechanism to control the coredump in a more precise way
1170197464 M * Bertl I have to admit, I didn't check the kernel side interface yet
1170197491 M * Bertl Hollow: you got daniel_hozac's explanation regarding clone?
1170197504 M * Hollow no?
1170197519 M * Bertl basically the 3 additional arguments are tied to 3 flags
1170197534 M * Bertl when the according flag is not set, the argument is ignored
1170197542 M * Hollow ah, i see ..
1170197553 M * Bertl that explains why it works so well :)
1170197574 M * pflanze ok at least the kernel doesn't overwrite existing files, that's good news. I think I can live with that, I've set core_pattern to /tmp/cure now.
1170197582 M * Hollow hm.. my ext3 partition wonÄt mount with tagxid .. :/
1170197604 M * Bertl Hollow: mount or _remount_?
1170197617 M * Hollow mount .. remount said not allowed in dmesg
1170197707 M * Bertl and what does mount tell you?
1170197740 M * Hollow nothing... it mounts the filesystem, but without tagxid .. 
1170197742 M * Hollow MiddleEarth linux # mount -o tagxid /dev/sda9 /vservers/
1170197742 M * Hollow MiddleEarth linux # grep /dev/sda9 /proc/mounts
1170197742 M * Hollow /dev/sda9 /vservers ext3 rw,data=ordered 0 0
1170197770 M * Bertl 2.2.x?
1170197781 M * Hollow yep.. rc8.7
1170197854 N * shuri shu_school
1170197857 M * Hollow hm.. works on my local box with xfs though .. rc8.7 too
1170197919 M * Bertl checking ext3 options as we speak ...
1170197976 M * Bertl #ifndef CONFIG_TAGGING_NONE
1170198117 Q * dna Quit: Verlassend
1170198145 M * daniel_hozac Hollow: what tagging do you use?
1170198187 M * Bertl Hollow: could you do a testme.sh -D run?
1170198211 M * Bertl ahem, -d I mean
1170198222 M * Hollow sec ..
1170198237 J * gerrit ~gerrit@bi01p1.co.us.ibm.com
1170198290 M * Hollow hehe.. no util-vserver on that machine 
1170198310 M * Bertl -qd then?
1170198324 M * Hollow utility 'vserver' could not be found.
1170198327 M * Hollow :)
1170198347 Q * yarihm Quit: Leaving
1170198561 M * Bertl hmm, okay, will fix that in the next release :)
1170198641 M * Bertl cat /proc/virtual/info maybe?
1170198715 M * Hollow VCIVersion:     0002:0200
1170198715 M * Hollow VCISyscall:     236
1170198715 M * Hollow VCIKernel:      030107f1
1170198827 M * daniel_hozac that'd be... ID24, right?
1170198868 Q * attila_ Ping timeout: 480 seconds
1170199004 M * Hollow yep
1170199132 M * pflanze (OT: Is it possible to dump a core without exiting the process? And do you know a better place discussing such questions?)
1170199197 M * pflanze (probably ##c, but it's not really C specific..)
1170199228 M * ard Huh?
1170199241 M * ard I didn't meant to paste that here... wrong channel
1170199249 M * ard ow
1170199262 M * ard somewthing wrong with  my xterm
1170199414 J * FireEgl ~FireEgl@2001:5c0:84dc:1:211:9ff:feca:b042
1170199589 Q * ensc Ping timeout: 480 seconds
1170199798 M * PowerKe I'm now on kernel version 2.6.19-vs2.2.0-rc8 with COW enabled in the kernel and that solved the touch file problems in the shell.
1170199816 M * PowerKe Now, for some reason I can append to the file from PHP, but using the PHP touch() function on the file fails
1170199973 M * daniel_hozac what does strace say PHP is doing?
1170200109 M * PowerKe I think this is the relevant part (blah is the filename):
1170200111 M * PowerKe access("blah", F_OK)                    = 0
1170200111 M * PowerKe utime("blah", [2007/01/31-00:34:00, 2007/01/31-00:34:00]) = -1 EPERM (Operation not permitted)
1170200144 M * daniel_hozac ah, utime...
1170200153 M * daniel_hozac i think we only fixed utimes.
1170200218 M * PowerKe I can work around it by using a shell command
1170200310 M * PowerKe Or first open/close the file and then use touch() to set the new mtime.
1170201037 J * [Lars_Ulrich] bbpqr@bl4-191-115.dsl.telepac.pt
1170201058 Q * [Lars_Ulrich] 
1170201279 J * shuri ~shuri@hq01.electronicbox.net