1171585876 Q * pstader 
1171586552 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171586593 J * mEDI_S ~medi@snipah.com
1171586678 M * Bertl welcome mEDI_S!
1171586686 M * mEDI_S hi Bertl 
1171586702 M * mEDI_S its a other problem sorry for the fail report
1171586706 M * Bertl where is the linux-image-2.6.19.3-vs2.2.0-rc12-amd64-smp kernel from?
1171586717 M * mEDI_S from me
1171586721 M * Bertl is that self built?
1171586726 M * mEDI_S yes
1171586734 M * Bertl what issues do you experience with that?
1171586849 M * mEDI_S i tink it is ha hw problem or so the old kernel crasched todey 2 times ;/
1171586868 M * Bertl ah, okay, that would explain it
1171587845 Q * shedi Quit: Leaving
1171588411 J * shedi ~siggi@ftth-237-144.hive.is
1171589229 Q * Aiken Remote host closed the connection
1171589414 J * marcfiu ~mef@aegis.CS.Princeton.EDU
1171589694 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171590363 P * marcfiu 
1171591843 M * Bertl morning Aiken!
1171591911 M * Aiken morning Bertl
1171591931 M * Aiken sitting here wondering if I want to swear at etch or stay with it
1171592033 M * Aiken what is vserver like with 2.6.20?
1171592053 M * Bertl not much feedback yet
1171592061 M * Bertl it boots and passes the basic tests here
1171592064 M * Aiken everything is running stock debian kernels at the moment and only just starting to compile up some normal kernels
1171593258 Q * Aiken Remote host closed the connection
1171593604 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171593909 J * ensc ~irc-ensc@p54B4FF89.dip.t-dialin.net
1171594223 Q * Aiken Remote host closed the connection
1171594270 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171594313 Q * Aiken Remote host closed the connection
1171594362 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171595949 J * jmcaricand ~kvirc@d83-179-128-215.cust.tele2.fr
1171595966 Q * Aiken Remote host closed the connection
1171596010 J * FireEgl Proteus@68.220.222.136
1171597374 J * gerrit ~gerrit@mobile-166-214-197-129.mycingular.net
1171597476 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171597527 Q * jmcaricand Quit: KVIrc 3.2.4 Anomalies http://www.kvirc.net/
1171598386 M * Bertl okay, off to bed now ... have a good one everyone!
1171598391 N * Bertl Bertl_zZ
1171599066 Q * Aiken Remote host closed the connection
1171599099 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171599344 Q * Aiken Remote host closed the connection
1171601481 Q * DreamerC Read error: Connection reset by peer
1171602189 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171602553 J * muuhDBX ~foo@a213-22-7-80.cpe.netcabo.pt
1171602553 Q * Aiken Read error: Connection reset by peer
1171602834 Q * Johnnie Quit: G'bye!
1171602972 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171603126 P * muuhDBX 
1171603463 Q * Aiken Remote host closed the connection
1171603496 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171603587 J * DoberMann_ ~james@AToulouse-156-1-71-2.w90-16.abo.wanadoo.fr
1171603618 J * pusling_ pusling@195.215.29.124
1171603652 Q * pusling Read error: Connection reset by peer
1171603694 Q * DoberMann[ZZZzzz] Ping timeout: 480 seconds
1171603810 J * Johnnie ~jdlewis@jdlewis.org
1171604719 J * DreamerC ~dreamerc@125-225-109-38.dynamic.hinet.net
1171606720 Q * FireEgl Ping timeout: 480 seconds
1171606769 J * FireEgl ~FireEgl@68.220.222.136
1171607354 Q * gerrit Ping timeout: 480 seconds
1171607618 N * DoberMann_ DoberMann
1171608312 J * gerrit ~gerrit@mobile-166-214-202-071.mycingular.net
1171608837 J * gab ~gab@158.36.45.236
1171609349 Q * gerrit Ping timeout: 480 seconds
1171609453 Q * Aiken Remote host closed the connection
1171610405 J * gerrit ~gerrit@mobile-166-214-097-228.mycingular.net
1171610561 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171610856 J * meandtheshell ~markus@85-124-175-128.dynamic.xdsl-line.inode.at
1171611482 N * DoberMann DoberMann[PullA]
1171611982 J * DavidS ~david@chello062178045213.16.11.tuwien.teleweb.at
1171613395 N * pusling_ pusling
1171615934 Q * dlezcano Ping timeout: 480 seconds
1171617072 Q * DavidS Quit: Leaving.
1171617376 J * duckx ~Duck@tox.dyndns.org
1171617690 J * dna ~naucki@21-242-dsl.kielnet.net
1171617936 J * bonbons ~bonbons@83.222.38.237
1171619323 J * DavidS ~david@vpn.uni-ak.ac.at
1171620201 J * dlezcano ~dlezcano@blueice1n1.uk.ibm.com
1171620321 Q * gerrit Ping timeout: 480 seconds
1171621480 J * gerrit ~gerrit@mobile-166-214-097-228.mycingular.net
1171621831 Q * DavidS Ping timeout: 480 seconds
1171621920 Q * mnemoc Ping timeout: 480 seconds
1171621981 Q * cdrx Quit: Leaving
1171622336 J * DavidS ~david@vpn.uni-ak.ac.at
1171622353 J * mnemoc ~amery@kilo105.server4you.de
1171622356 Q * gerrit Ping timeout: 480 seconds
1171623203 J * lilalinux ~plasma@dslb-084-058-193-110.pools.arcor-ip.net
1171623366 J * muuhDBX ~foo@a213-22-7-80.cpe.netcabo.pt
1171624706 J * gerrit ~gerrit@mobile-166-214-097-228.mycingular.net
1171624772 M * matti :)
1171625376 J * tuxmania ~bonbons@83.222.39.164
1171625412 M * CHTEKK lo all :)
1171625413 M * CHTEKK hi matti 
1171625769 Q * bonbons Ping timeout: 480 seconds
1171626410 Q * gerrit Read error: Connection timed out
1171626495 J * olivierk ~olivier@olivierk.org
1171626579 Q * olivierk_ Ping timeout: 480 seconds
1171628236 M * Guy- hi
1171628274 M * Guy- I'd like to run tcpdump in a vserver; I assume I need to set a capability... how? can I do it without stopping the vserver?
1171628289 Q * tuxmania Ping timeout: 480 seconds
1171628506 M * Guy- echo CAP_NET_ADMIN >>/etc/vservers/guestname/bcapabilities?
1171628751 M * CHTEKK probably, though I'm pretty sure you have to restart the guest for that to take effect
1171628821 M * Guy- even if I don't want already running processes to have the capability, just a new vserver exec?
1171628908 M * matti CHTEKK: Hi :)
1171628956 M * CHTEKK the stuff in /etc afaik is only what util-vserver then parses and uses to set all the stuff it needs to set when the vserver is started up
1171628990 M * CHTEKK so if you modify stuff in /etc, it wouldn't go and change directly what's happening now, but probably what will happen on the next restart, at least for caps, flags etc
1171629003 M * Guy- CHTEKK: sure, but isn't there a way to add the capability to the permitted set of the vserver context?
1171629023 M * Guy- CHTEKK: the persistent flag can be set without restarting, for example
1171629034 M * CHTEKK ahhh using the vx commands
1171629044 M * Guy- yes
1171629059 J * olivierk_ ~olivier@olivierk.org
1171629105 M * Guy- vattribute --set --xid 4 --bcap NET_ADMIN might work...
1171629109 M * CHTEKK at least with libvserver (I'm not using util-vserver, so check the command syntax for that), you can just do vx -bcaps-set <xid> <bcap>
1171629124 M * CHTEKK yup that's probably the util-vserver pendant to that
1171629126 M * Guy- no, I need NET_RAW, but it works
1171629166 Q * olivierk Ping timeout: 480 seconds
1171629238 M * Guy- the trouble is, I'm not seeing the traffic I'm expecting
1171629257 M * Guy- I see LAN traffic of the physical interface
1171629278 M * Guy- I don't see traffic to and from the vserver (which uses another physical interface and is NATed)
1171629298 M * DavidS Guy-: are you sure it's plugged in correctly?
1171629304 M * Guy- DavidS: yes :)
1171629322 Q * Aiken Quit: Leaving
1171629331 M * Guy- DavidS: I have a ppp0 interface (DSL towards internet) and an eth0 (LAN)
1171629344 M * Guy- DavidS: eth0 in the vserver has a LAN address and netdev is eth0
1171629354 M * Guy- DavidS: I'd like to see the traffic between the internet and the vserver
1171629375 M * Guy- DavidS: I can't sniff on ppp0 because there I don't yet see which packet is going to this specific vserver
1171629417 M * Guy- DavidS: can you suggest a way of capturing vserver<->inet traffic in this setup?
1171629449 M * Guy- I guess it would be possible with the ROUTE target of iptables, to create copies of packets
1171629459 M * Guy- isn't there a better way?
1171629531 M * DavidS I don't know, I never quite got into the details of vserver networking. Is there any good doc to read up?
1171629570 M * Guy- ask me another :)
1171629629 M * Guy- but ROUTE won't do either, because it goes in the mangle table, i.e. before nat
1171629714 M * Guy- wow, with these capabilities the vserver can even sniff ppp0 traffic even though it doesn't actually have a ppp0 interface :)
1171629763 M * Guy- but unfortunately it sees all ppp0 traffic, not only its own
1171629951 N * Bertl_zZ Bertl
1171629955 M * Bertl morning folks!
1171629991 M * id23 hi Bertl :)
1171630176 M * mjt am i right thinking that openvz and linux-vserver are similar to each other, but ovz has alot more features?
1171630218 M * Bertl like strange kernel issues? or less hardware support?
1171630292 M * mjt less hardware? you mean it doesn't support the latest-n-greatest kernel version?
1171630369 M * Bertl well, or different archs, like mips, hppa, arm ...
1171630404 M * Bertl or even your custom kernel config ... 
1171630423 M * mjt with more stuff in place (esp. that intrusive as ovz has), it's quite expectable that support for recent kernels comes later, and there will be.. issues (bugs) too.
1171630446 M * mjt what's about custom kernel config?
1171630450 M * Bertl well, feature wise there is not much difference between both
1171630491 M * mjt i always used kernels compiled by my own. including ovz-enabled ones.
1171630496 M * Bertl mjt: you are advised to use the OVZ .config, otherwise strange things can happen (stuff breaks etc ...)
1171630512 M * mjt never heard of that...
1171630519 M * mjt it must be some new feature ;)
1171630542 M * mjt there isn't much to configure in there, really
1171630576 M * mjt (not counting usual drivers/filesystems/networking stuff wich is the same as in mainline)
1171630590 M * Bertl http://plm.testing.osdl.org/patches/show/OVZ-022stab077
1171630600 M * Bertl (IMHO says it all :)
1171630616 M * mjt heh. i never used any their stable version :)
1171630650 M * Bertl fehttp://plm.testing.osdl.org/patches/show/OVZ-026test009
1171630666 M * Bertl feel free to use whatever version you like ...
1171630675 M * Bertl it's all about freedom of choice ...
1171630679 M * mjt to be fair, i never *used* ovz, and never used vserver either.  Just compiled and ran briefly to see what each can do.
1171630810 M * Bertl and, what great features did you find in OVZ?
1171630835 M * mjt fine-grained resource limits mostly.
1171630848 M * mjt but that's not "great feature"
1171630872 M * Bertl like those: http://linux-vserver.org/Resource_Limits
1171630901 M * mjt (nowhere i said it has Many Great Features.  More features - yes)
1171630923 M * Bertl okay, what are those features Linux-VServer is missing?
1171630970 M * mjt that thing is new in vserver, isn't it?
1171630981 M * Bertl no, not at all
1171631018 M * Bertl here is an overview of the limit accounting (as example)
1171631019 M * Bertl http://paste.linux-vserver.org/1169
1171631057 M * Guy- Bertl: did you see my sniffing question above?
1171631084 M * Bertl sec, checking ...
1171631085 M * Guy- Bertl: basically, how can I sniff a vserver's traffic if it's NATed?
1171631105 M * Bertl tcpdump -vvnei eth0 host <vserver-ip> ?
1171631112 M * Guy- Bertl: nope
1171631121 M * Bertl hmm, yep
1171631124 M * Guy- Bertl: the relevant traffic comes from the internet
1171631127 M * Guy- Bertl: from ppp0
1171631134 M * Bertl okay, so use ppp0 then
1171631143 M * Guy- Bertl: and at that point it's not yet addressed to the vserver's IP
1171631155 M * Bertl you said without NAT, no?
1171631163 M * Guy- I said with nat :)
1171631187 M * mjt it's like it is addressed to a local process(es)
1171631212 M * mjt comes from ppp0 and goes to, say, apache.  Where to sniff it on the apache's side?
1171631212 M * Guy- mjt: yes. so, how do I sniff it?
1171631237 M * Guy- mjt: with apache, it'd be trivial because I know what ports apache uses
1171631254 M * Guy- mjt: but in my case, it's difficult because the vserver runs a p2p filesharing application
1171631257 M * Bertl you have to use a marking for that
1171631268 M * Guy- Bertl: and then what?
1171631275 M * mjt ok, something like honeypotd or whatever - that is listening to whole NETRANGES
1171631282 M * Bertl then filter packets based on that
1171631292 M * Guy- Bertl: you lost me
1171631300 M * Guy- Bertl: tcpdump has no concept of netfilter marking
1171631303 M * Bertl thing is, if you use NAT (only for outgoing connections)
1171631328 M * Bertl you have to know the current state of the network stack
1171631337 M * Bertl i.e. the connection tracking properties
1171631342 M * mjt your p2p app is in fact running on the host kernel - on a single kernel running on this machine.  From this standpoint, it's one of many local applications, with some traffic.
1171631362 M * Bertl yep, nevertheless, it is possible to filter that traffic
1171631362 M * Guy- Bertl: yes, netfilter has that knowledge - but how does that translate to the sniffer?
1171631381 M * Bertl my first idea would be to have a rule to mark the traffic
1171631394 M * Bertl and then 'copy' the packets to another interface
1171631397 M * Guy- mjt: I know; I was just hoping that the isolation vserver provides would allow me to somehow see all traffic that the vserver receives without seeing anything else
1171631406 M * Bertl (like a mirror port on a switch)
1171631427 M * Guy- Bertl: with iptables -j ROUTE I could do that, but that sits in the mangle table, and marking would happen in the nat table
1171631434 A * mjt isn't familiar with vserver enough to answer that kinds of questions... ;)
1171631455 M * Bertl Guy-: the marking has to be part of the connection tracking
1171631464 M * Guy- Bertl: naturally
1171631487 M * Guy- Bertl: but, come to think of it, marking takes place in the mangle table too
1171631536 M * Guy- Bertl: this would be something for connmark then, otherwise I still can't mark the relevant packets because they're not nated yet, so I don't know which ones they are
1171631546 M * Bertl yep
1171631548 M * mjt i don't think it's iptables/netfilter business to distinguish packets
1171631563 M * Guy- Bertl: does connmark work like this? I've never used it
1171631571 M * mjt the kernel knows which vserver owns that virtual interface
1171631585 M * Guy- Bertl: I mean, if I set a connmark on a connection, will incoming reply packets already have the mark?
1171631605 M * Bertl mjt: no, especially for incoming packets there is no way to 'own' a packet without additional routing
1171631616 M * sannes hm, I got a process that I want to kill, if I do vkill pid it says "vkill: vc_ctx_kill(): No such process", if I enter the vserver and do kill, well nothing happens actually and the process is not killed .. any ideas?
1171631629 M * Bertl sannes: --xid <xid>
1171631648 M * mjt Guy-: not in the mangle table
1171631666 M * mjt only in filter
1171631675 M * Guy- mjt: drat.
1171631692 M * Guy- Bertl: so apparently not even -j ROUTE --tee works for this
1171631712 M * mjt raw and mangle are processed before considering the conntrack stuff
1171631718 M * sannes Bertl: ah, that worked :)
1171631737 M * Guy- I guess if I want to sniff the traffic of this p2p app, I'll have to run it in xen or UML
1171631747 M * sannes hm, still have a process I can't kill using 100% cpu.. ugh
1171631768 M * mjt there's another option - to route it all thru a dummy interface
1171631796 Q * muuhDBX Ping timeout: 480 seconds
1171631806 M * Guy- mjt: hmm. that's worth a try, yes, good idea
1171631884 M * Bertl for example, you could use the type of service to extract a single guest
1171631902 M * DavidS Guy-, Bertl: would it help to bind the vserver on a dummy interface? then you could tcpdump -i dummyX
1171631921 M * Bertl no, as the dummy interface is not used
1171631941 N * DoberMann[PullA] DoberMann
1171631954 M * DavidS Is there any good doc on networking to read up on?
1171631973 M * DavidS (one with a vserver perspective)
1171631987 M * Bertl any Linux networking doc will do
1171631996 M * Guy- Bertl: I'm not sure how I could cause incoming connections to my guest to use a specific TOS
1171632002 M * Bertl Linux-VServer does not change the netorking behaviour ...
1171632022 M * Bertl Guy-: with the connection tracking
1171632029 M * Guy- Bertl: what does it mean, "the dummy interface is not used"?
1171632046 M * Bertl if traffic would go to the dummy interface, it would be lost
1171632060 M * Bertl the dummy interface simply throws away data ... 
1171632063 M * Guy- Bertl: I don't understand. Someone out there decides to connect to my vserver on port 4242. How would they know they have to use a specific TOS?
1171632079 M * Guy- Bertl: how about a tap interface then?
1171632090 M * Bertl Guy-: either you have NAT or you don't
1171632104 M * Guy- Bertl: I have nat, but some connections, I nat into the vserver
1171632105 M * Bertl Guy-: if you have NAT, then nobody from outside can connect to your port 4242
1171632106 M * mjt it's dummy not tap.  Requires advanced routing.
1171632135 M * Bertl Guy-: if you map port 4242 explicitely, you _know_ that it will always contain guest specific traffic
1171632138 M * Guy- Bertl: of course, I can mark those, because I know what they are, yes
1171632145 M * Bertl Guy-: so you can makr it and/or log it
1171632164 M * Guy- Bertl: still, using a separate interface sounds easier; how about tap instead of dummy? would that work?
1171632178 M * mjt er... not dummy either. imq
1171632183 M * Bertl only if you have an app receiving the packets on that tap
1171632211 M * Bertl i.e. if you use e.g. QEMU and route all packets to it
1171632244 M * Guy- yuck.
1171632265 M * Bertl you already have all information to dump it, just the tools are missing
1171632273 M * Guy- yes
1171632286 M * Bertl maybe there is some connection aware tcpdump out there?
1171632298 M * Bertl if not, it might be an interesting project
1171632310 M * Guy- I'll see if any of my students want to do it :)
1171632320 M * mjt Bertl: those plm tests - what do they show?  As far as i remember, ovz is x86-only
1171632337 M * Guy- but now, lunch.
1171632343 M * Guy- thanks everyone
1171632370 M * Bertl mjt: it was said that they support x86_64 and sparc/64 too ... powerpc was added recently ...
1171632390 M * Bertl mjt: but check the ia32 columns only, if you prefer :)
1171632518 M * DavidS and sparse2 is arch independent too, isn't it?
1171632527 M * Bertl yes
1171632868 J * marcfiu ~mef@aegis.CS.Princeton.EDU
1171632874 M * marcfiu hello vsworld
1171632922 M * Bertl hey marcfiu!
1171636197 J * muuhDBX ~foo@a213-22-7-80.cpe.netcabo.pt
1171636223 Q * cast Quit: leaving
1171636239 M * Bertl welcom muuhDBX!
1171637495 J * bonbons ~bonbons@83.222.39.252
1171637537 M * Bertl welcome bonbons!
1171637584 M * bonbons Hey Bertl :) was hard to come back, had to fight with my router and finally replace it
1171637636 M * Bertl ouch!
1171637649 M * bonbons and I might disappear a few more times because of re-cabling - but that's less of an issue
1171637712 M * bonbons don't know why, but suddenly to router part of the device lost it's config, an finally didn't want to come up again after restart
1171637728 M * Bertl I had that a few weeks ago
1171637754 M * Bertl luckily I had a replacement unit at hand
1171637812 M * bonbons same as for me right now - and luck the replacement device worked... not sure ADSL devices always work, no matter if the line is couples to ISDN or analog telephone...
1171638578 J * tuxmania ~bonbons@83.222.38.14
1171638637 M * Bertl welcome tuxmania!
1171638959 Q * bonbons Ping timeout: 480 seconds
1171639636 P * muuhDBX 
1171640323 J * Rich_Estill ~restill@c-24-11-195-139.hsd1.mi.comcast.net
1171640349 M * Rich_Estill Hey all
1171640400 M * Bertl hey Rich_Estill!
1171640451 M * Rich_Estill Whats new?
1171641168 M * Bertl 2.6.20?
1171641207 M * Bertl we are currently getting 2.2.0 rock solid, so not too many new features
1171641240 M * CHTEKK Bertl, quick question: when I halt the host, are all active vservers automatically shutdown somehow by the kernel, or must the userspace utility (util-vserver, vcd etc) take care of doing that?
1171641272 M * Bertl well, implicitely they are 'killed off'
1171641279 M * CHTEKK yeah, that's for sure
1171641284 M * CHTEKK I'm talking about a "clean" shutdown
1171641286 M * Bertl but for a proper shutdown, there are the runlevel scripts
1171641295 M * CHTEKK ok thanks, that's what I wanted to know :)
1171641308 M * Bertl (i.e. util-vserver vserver-default and vserver-legacy, IIRC)
1171641724 M * CHTEKK for the ones using util-vserver ;) I'm actually writing something up to get that functionality using vcd
1171641760 J * stefani ~stefani@flute.radonc.washington.edu
1171642340 J * bruno ~bonbons@83.222.38.93
1171642607 M * Bertl welcome stefani! wb bruno! :)
1171642616 M * stefani h.
1171642636 Q * bruno 
1171642650 J * bonbons ~bonbons@83.222.38.93
1171642724 Q * tuxmania Ping timeout: 480 seconds
1171643360 Q * DavidS Quit: Leaving.
1171643465 Q * fb_ Quit: reboot kontrolowany
1171643996 M * harry config:/usr/local/config/kernel# interdiff patch-2.6.19.3-vs2.2.0-rc12.diff patch-2.6.19.3-vs2.2.0-rc13.diff | wc 57001  188518 1542710
1171644000 M * harry wtf???
1171644009 M * harry what happened to rc13 ?
1171644039 M * Bertl interdiff is not the best choice
1171644047 M * harry apparently :)
1171644072 M * Bertl also, there is an rc13.1
1171644125 M * Bertl diff -NurpP --minimal linux-2.6.19.3-vs2.2.0-rc12 linux-2.6.19.3-vs2.2.0-rc13.1 | wc 283    1233   12426
1171644157 M * harry hmm... can you put the diff somewhere?
1171644161 M * harry i can't find the 13.1
1171644165 M * harry http://ftp.linux-vserver.org/pub/kernel/vs2.2/testing/
1171644169 M * harry its not there
1171644781 M * Bertl it is where I always put my diffs
1171644835 M * Bertl http://vserver.13thfloor.at/Experimental/delta-vs2.2.0-rc12-rc13.1.diff
1171644848 M * Bertl okay, off to dinner now ... back shortly
1171644867 N * Bertl Bertl_oO
1171645133 T * harry http://linux-vserver.org/ | latest stable 2.0.2.1, 2.0.3-rc1, 2.2.0-rc13/pre4, devel 2.1.1.7.1, 2.3.0.10, stable+grsec 2.0.2.1, 2.2.0-rc13.1 | util-vserver-0.30.212 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;) 
1171645423 N * DoberMann DoberMann[PullA]
1171646581 J * trento ~orwell@68-115-222-161.static.spbg.sc.charter.com
1171646584 P * trento 
1171649284 M * daniel_hozac harry: interdiff -p1, as always...
1171649611 Q * dlezcano Read error: Connection reset by peer
1171650201 M * harry daniel_hozac: i noticed ;)
1171650204 M * harry my bad, sry
1171650445 Q * lilalinux Remote host closed the connection
1171651769 N * DoberMann[PullA] DoberMann
1171652626 Q * Rich_Estill Quit: Leaving
1171654764 J * cronnel ~cronnel@adsl-068-209-169-032.sip.bgk.bellsouth.net
1171655494 Q * cronnel Ping timeout: 480 seconds
1171655587 N * TrueBrain GateKeeper
1171655626 N * GateKeeper TrueBrain
1171655819 M * mjt does PAX_MEMORY_UDEREF work with vserver?
1171657760 J * loceur ~Loceur@204.15.179.182
1171657780 J * dlezcano ~dlezcano@AToulouse-252-1-5-74.w82-125.abo.wanadoo.fr
1171657795 N * Bertl_oO Bertl
1171657806 M * Bertl so much about shortly ...
1171657827 M * Bertl mjt: if you patch PAX into the kernel, it should
1171658661 J * olivierk ~olivier@olivierk.org
1171658770 Q * olivierk_ Ping timeout: 480 seconds
1171659469 J * ema ~ema@lart.galliera.it
1171659538 M * Bertl wb ema!
1171659579 M * ema hey Bertl :)
1171660703 J * comfrey__ ~comfrey@70.91.185.84
1171660753 M * pusling ..there is no problems with 64bit vserver kernel and 32bit vservers, right ?
1171660772 M * waldi no
1171660810 Q * comfrey_ Ping timeout: 480 seconds
1171661712 M * sannes hm...
1171661725 M * sannes Vserver '/etc/vservers/sysdb-kahneman' still running unexpectedly; please investigate it manually..
1171661902 M * sannes when trying to stop a vserver .. 
1171662075 P * marcfiu 
1171662424 M * Bertl sannes: should not happen with recent tools
1171662435 J * DavidS ~david@chello062178045213.16.11.tuwien.teleweb.at
1171662438 Q * DavidS Read error: Connection reset by peer
1171662854 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171663111 M * Bertl morning Aiken!
1171663139 J * haxier ~haxier@eu85-84-174-73.clientes.euskaltel.es
1171663177 M * Aiken hi Bertl
1171663362 P * stefani I'm Parting (the water)
1171663712 M * sannes Bertl: What is recent tools?
1171663766 M * sannes currently using util-vserver-0.30.212 
1171663772 M * Bertl IIRC, 212+ should kill off the guest completely
1171663790 M * sannes and vkill doesn't kill the process either, it seems to be stuck in D state
1171663795 M * Bertl so if something remains, it is a good sign for something going wrong
1171663805 M * Bertl what ekrnel version is that?
1171663816 M * daniel_hozac sannes: kernel oops?
1171663868 M * sannes daniel_hozac: nopes
1171663888 M * sannes p=reaper: ffff81007d124100[6634,#12] replaced with ffff81007f186040[1,#0] is the only thing that seems out of order ..
1171663893 M * sannes oh, running 2.3.0.10 if it matters
1171663898 M * daniel_hozac NFS mount-gone-bad?
1171663927 M * bonbons sannes: some vshelper still running?
1171663941 M * sannes no, don't this is actually on a local volume .. yip it is..
1171663948 M * sannes bonbons: how would I check that?
1171663955 M * sannes oh, only process left in the namespace is shutdown
1171663966 M * bonbons reading the output of ps
1171664029 Q * michal` Ping timeout: 480 seconds
1171664046 M * sannes bonbons: doesn't seems so ..
1171664065 M * Bertl sannes: would be nice if you could figure a way to trigger this reliably
1171664103 M * daniel_hozac Bertl: should we remove 2.1 from the front page/topic? i assume it's not going to be updated any more?
1171664116 M * sannes Bertl: I'll try to do a shutdown now (don't you just love powerswitches) and see if I can make it happen again ..
1171664132 M * bonbons ok, so you are probably not the case I got with my SuSE guest (possibly util-vserver deadlock because of vserver ... stop while already having started shutdown procedure from inside guest)
1171664135 M * Bertl daniel_hozac: yes, I guess so
1171664213 T * daniel_hozac http://linux-vserver.org/ | latest stable 2.0.2.1, 2.0.3-rc1, 2.2.0-rc13/pre4, devel 2.3.0.10, stable+grsec 2.0.2.1, 2.2.0-rc13.1 | util-vserver-0.30.212 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;)
1171664270 M * sannes root      7587    12 sysdb-kahneman  0.0  0.0   1556   640 ?        Ds   21:12   0:00 /sbin/shutdown -r 0 w .. (btw)
1171664342 M * daniel_hozac bonbons: i.e. vserver ... stop calling shutdown ..., calling vserver ... stop?
1171664366 M * Johnnie Has anyone had problems with xtables and iproute2 compiling in Gentoo 2.6.19-vs2.3.0.3?
1171664368 M * Bertl sannes: can you attach with gdb or strace?
1171664412 Q * duckx Remote host closed the connection
1171664440 M * bonbons daniel_hozac: no, from inside the guest "shutdown -h now", then later because the guest was not shutting down from outside "vserver ... stop" (it was block on the vserver lock file)
1171664480 M * bonbons do you remember, about 3 weeks ago when I hade issue with the suse guest (first getting it to start at all!)
1171664538 M * daniel_hozac not quite...
1171664575 M * sannes Bertl: can I do that from outside the guest?
1171664581 J * michal` ~michal@www.rsbac.org
1171664585 M * Bertl sannes: no, but from inside
1171664763 M * sannes Just going install gdb .. or strace, what do you prefer ?
1171664862 M * Bertl whatever works :)
1171664981 Q * Aiken Remote host closed the connection
1171665303 J * pflanze ~chris@80-218-220-172.dclient.hispeed.ch
1171665311 M * pflanze Hello
1171665316 M * Bertl hey pflanze!
1171665461 M * sannes sorry, for the delay, had to install gdb, and took me a while to figure out how to actually do that :P gdb program 7587 right?
1171665461 J * Aiken ~james@ppp109-15.lns2.bne4.internode.on.net
1171665496 M * sannes Bertl: it says "Attaching to process 7587" and nothing happens ..
1171665531 M * Bertl hmm, okay ...
1171665544 M * Bertl what about CTRL-C then where?
1171665572 M * sannes ctrl-c, ctrl-5 even won't kill gdb .. heh
1171665626 M * Bertl do you have magic sysctl enabled?
1171665659 M * Bertl *sysrq
1171665689 M * sannes I'm not very local to this machine, so how would I do that over an ssh session?
1171665699 M * sannes or serial console if it is possible?
1171665710 M * Bertl via /proc/magic-sysrq
1171665724 M * sannes ah, never tried that before :P
1171665739 M * Bertl serial console, it would be BREAK - cmd
1171665742 M * sannes killall gdb worked, so gdb didn't hang it just handles signals.. 
1171665767 M * Bertl yes, I'm more interested in a process trace of the D state 
1171665795 M * sannes didn't have a /proc/magic-sysrq, but I do have a /proc/sysrq-trigger
1171665807 N * DoberMann DoberMann[ZZZzzz]
1171665808 M * Bertl ah, yes, that's it
1171665895 M * sannes echo "t" > /proc/sysrq-trigger ?
1171665895 M * Bertl try echo t >/proc/sysrq-trigger
1171665901 M * Bertl yep
1171665937 M * sannes that is a alot, want me to save it to a file and put it up somewhere?
1171665958 M * sannes or do you want the trace just for the D state one?
1171665960 M * sannes hm
1171665966 M * Bertl the latter one
1171665975 M * Bertl paste.linux-vserver.org
1171665978 M * ntrs Bertl, why is there rc13.1 only for grsec?
1171666000 M * Bertl ntrs: because harry forgot to update the normal version :)
1171666023 M * ntrs I thought you were doing the updates.
1171666026 T * Bertl http://linux-vserver.org/ | latest stable 2.0.2.1, 2.0.3-rc1, 2.2.0-rc13.1/pre4, devel 2.3.0.10, stable+grsec 2.0.2.1, 2.2.0-rc13.1 | util-vserver-0.30.212 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;)
1171666048 M * Bertl ntrs: yes, I did forget it the last time :)
1171666070 M * ntrs anyway, is the only change between 13 and 13.1 the printk that daniel_hozac mentioned?
1171666075 M * Bertl yep
1171666131 M * ntrs Ok, I am guessing this is a version of quite high quality.
1171666137 M * sannes http://paste.linux-vserver.org/1172
1171666189 M * Bertl ntrs: rc13 says it all, no?
1171666247 M * ntrs Bertl, yes, but the fact that there were 13 rcs makes me wonder.
1171666324 M * sannes ntrs: could be that the initial rc was so bad that ...... :P *lol* .. nah, was too stable so I jumped on the 2.3.0.10 ship :P
1171666386 M * Bertl ntrs: well, we could have done 4 level release codes too, but this seems more appropriate to me
1171666413 M * Bertl the first rc was probably a little too optimistic
1171666422 M * ntrs Ok, I am just thinking if we should make the move on our production machines.
1171666425 M * Bertl (or the feedback from testing stuff before rc1 was bad)
1171666447 M * Bertl there are no currently known issues with rc13
1171666473 M * ntrs right, how long will you wait for final 2.2.0 with no known issues?
1171666501 M * Bertl I plan to do the splitup and whitespace cleanup in the next week, if I find the time
1171666521 M * Bertl if that goes without any 'discoveries', we have a release
1171666556 M * Bertl there will be no feature additions and/or new stuff in 2.2.0 before release
1171666559 M * ntrs what is a "splitup"?
1171666572 M * Bertl the broken out version of the patch
1171666585 Q * puck Ping timeout: 480 seconds
1171666592 M * ntrs hmm, why is that needed?
1171666603 M * Bertl like this one http://vserver.13thfloor.at/Experimental/split-2.6.12.3-vs2.0/
1171666625 M * Bertl ntrs: for several reasons, first to allow other developers to understand what the patches do
1171666647 M * Bertl second, to catch certain copy/paste issues and/or missing stuff
1171666667 M * Bertl third, to similify porting to distro kernels
1171666671 M * ntrs I see. Thanks.
1171666685 M * Bertl my pleasure ...
1171667010 M * sannes Bertl: could that process be waiting for a lock on a file in /etc/vservers ?
1171667019 Q * bonbons Quit: Leaving
1171667037 M * sannes cause that is the only, networked filesystem I am currently using .. 
1171667040 M * Bertl sannes: maybe, but usually it should respond to kill -9 then
1171667073 M * sannes ah, but it is gfs, and gfs does strange things ..hm
1171667116 M * sannes and altough it looks like I unmounted it cman_tools still says I'm using its lock space..
1171667129 M * Bertl whowowo ... nobody said anything about gfs :)
1171667217 M * sannes hehe
1171667249 M * sannes I thought I wasn't using it at the time you see :P
1171667289 M * sannes going to try without any gfs clutter to see if I can reproduce it ..
1171667328 M * pflanze Can I modify a ncontext to take on new settings without killing all processes in it?
1171667352 M * Bertl pflanze: yep
1171667376 M * pflanze I mean: running some init.d/foo restart should kill old processes but start the new one with the new ip's
1171667388 M * pflanze currently it starts them with the same ip's as the old processes already there.
1171667405 M * pflanze (this is for a setup with dhcp)
1171667446 M * pflanze Bertl: how?
1171667471 M * Bertl simply add/remove ips to it, or change flags/ncaps
1171667512 M * Bertl if the bindings are to 0.0.0.0, they will be effective even without restart of the service
1171667524 M * pflanze with which tool? Currently I run chbind --nid 22 --ip eth0 -- /etc/init.d/ntp-server "$@"
1171667562 M * pflanze I basically just want the above to work when being run after eth0 has it's ip changed :)
1171667587 M * Bertl naddress --help
1171667587 M * Bertl Usage:
1171667587 M * Bertl   naddress (--add|--remove|--set) [--silent] [--nid <nid>]
1171667587 M * Bertl     [--ip <ip_num>[/<mask>]] [--bcast <broadcast>] [--] <commands> <args>*
1171667609 M * pflanze ah, cool
1171667791 M * sannes Bertl: : I take it gfs is known for bad problems? :P
1171667811 M * Bertl no, actually we have no real feedback for that
1171667832 M * Bertl but network filesystems can cause processes to get into D state
1171667853 M * sannes I have used it for a about 6 months with aoe, and it works well for what it does well, ..
1171667892 M * Bertl nevertheless, if you can recreate or trigger this issue somehow, I'll investigate (even with gfs :)
1171667903 M * sannes altough, keeping mail on a gfs volume is really bad, performance drops considerably when you have more than 3600 files in one directory
1171667909 M * sannes Bertl: havn't been able to without gfs
1171667922 M * sannes I use gfs to share vservers directory between servers
1171667996 M * sannes then use dvserver on top of that to be able to say dvserver vserver enter and it will go to the correct server or dvserver vserver moveto someotherserver 
1171668043 M * sannes Problem now is that I'm using the cvs (STABLE branch of cvs) to make it work with 2.6.20, and my hunch is that maybe that is the issue .. 
1171668286 Q * ensc Killed (NickServ (GHOST command used by ensc_))
1171668296 J * ensc ~irc-ensc@p54B4D7C3.dip.t-dialin.net
1171668325 M * Bertl sannes: of gfs that is?
1171668379 J * puck ~puck@leibniz.catalyst.net.nz
1171668382 J * mire ~mire@237-166-222-85.adsl.verat.net
1171668394 M * Bertl welcome puck! mire!
1171668428 M * sannes Bertl: yes, they are very stingy on releases it seems, think the last release is actually for 2.6.13 or something like that, but according some (mailing list) their STABLE branch of their cluster suite is updated to work with latest vanilla branch ..
1171668478 M * sannes ugh, can't reproduce any issues .. maybe I'll mount a gfs volume and see what happens :P
1171668788 J * muuhDBX ~foo@a213-22-7-80.cpe.netcabo.pt
1171668810 M * Bertl wb muuhDBX!
1171669158 M * sannes I actually reproduced it
1171669192 M * Bertl let's hear ...
1171669198 M * sannes ok, I think I've got the hang of how to reproducing it, atleast with gfs .. so now I'm going to try without again and see if that does the trick..
1171669215 M * sannes well, I enter the vserver in on terminal and stop it in another .. 
1171669611 M * sannes nah, need gfs to reproduce it.. oh well
1171669653 M * Bertl okay, I'm kind of tired today ... try to narrow it down to a few commands, maybe even a chcontext or so (with a lock or whatever it needs)
1171669694 M * Bertl pack that together with the gfs patch you use and send it to me or the ML
1171669736 M * Bertl btw, what's the problem with gfs2 or ocfs2?
1171669793 M * sannes heh, not stable enough yet?
1171669806 M * Bertl well, both are in 2.6.20 :)
1171669814 M * sannes at least with gfs2, they don't recommend using it yet
1171669842 M * sannes ocfs2 doesn't have fencing and such does it?
1171669856 M * Bertl haven't investigated it mucch
1171669858 M * sannes no acl, no quota and so on ..hm
1171669905 M * Bertl okay, folks! I'm off to bed now .. have a good one everyone!
1171669917 N * Bertl Bertl_zZ
1171669937 M * sannes gfs2 will solve a lot of my problems, but they havn't released any stable userspace tools and all attempts I have done (installing a lot of software by hand) has resulted in kernel panics and hangs after a couple minutes->hours .. 
1171669941 M * sannes night Bertl
1171670271 P * muuhDBX