1172709165 M * Bertl well, off again ... back later ...
1172709170 N * Bertl Bertl_oO
1172710248 Q * dreamind Quit: dreamind
1172712963 J * _dmax ~semaj@81.193.58.191
1172713250 M * brcc_ Is 2.6.20.1  vs2.2.0-rc15 stable ?
1172713263 Q * ema Quit: leaving
1172713305 Q * dmax Ping timeout: 480 seconds
1172713309 N * _dmax dmax
1172713564 Q * s0undt3ch Quit: Lost terminal
1172713586 J * s0undt3ch ~s0undt3ch@80.69.34.154
1172714856 Q * virtuoso Ping timeout: 480 seconds
1172717665 N * Bertl_oO Bertl
1172717678 M * Bertl brcc_: yes, we consider it _almost_ stable
1172720836 M * Bertl okay, off to bed now ... have a good one everyone!
1172720844 N * Bertl Bertl_zZ
1172721883 Q * ensc Killed (NickServ (GHOST command used by ensc_))
1172721893 J * ensc ~irc-ensc@p54B4EB66.dip.t-dialin.net
1172723100 Q * brcc_ Ping timeout: 480 seconds
1172725095 Q * dmax Ping timeout: 480 seconds
1172725108 J * dmax ~semaj@81.193.57.120
1172725145 Q * Piet Quit: Piet
1172726999 J * jkl_ 3VCgv8fEI1@c-67-173-253-237.hsd1.co.comcast.net
1172727020 Q * jkl Quit: PEACE
1172727048 N * jkl_ jkl
1172727116 J * John ~Neo@210.2.140.186
1172727415 N * John N3o
1172730303 J * brcc_ bruce@i.am.someasshole.com
1172730409 J * gab ~gab@158.36.45.236
1172731292 N * DoberMann[ZZZzzz] DoberMann
1172733137 Q * comfrey Ping timeout: 480 seconds
1172733614 Q * tzafrir_ Ping timeout: 480 seconds
1172734076 J * DoberMann_ ~james@AToulouse-156-1-12-27.w86-196.abo.wanadoo.fr
1172734180 Q * DoberMann Ping timeout: 480 seconds
1172735626 N * DoberMann_ DoberMann
1172736161 N * DoberMann DoberMann[PullA]
1172736342 Q * N3o Ping timeout: 480 seconds
1172739214 N * DoberMann[PullA] DoberMann
1172739575 J * virtuoso ~s0t0na@80.253.205.251
1172739829 J * spion ~bombadil@bofh.lx.se
1172739833 M * spion hi!
1172739846 Q * grobie Quit: Chatzilla 0.9.77 [Firefox 2.0.0.2/2007021917]
1172739860 M * daniel_hozac hello
1172739884 M * spion is the a way to account the traffic of the guests?
1172739906 M * daniel_hozac sure, iptables or /proc/virtual/<xid>/cacct should work fine for that.
1172739947 Q * cehteh Read error: Connection reset by peer
1172740285 M * spion hmm .... shorewall can also count ... so i need anything to generate a stats
1172740306 M * daniel_hozac graphing, you mean?
1172740593 J * ema ~ema@lart.galliera.it
1172740607 J * beuss ~beuss@malibu.tuxfamily.net
1172740800 M * spion nope
1172740841 M * spion i need to know how many traffic was in a period of time
1172740897 M * daniel_hozac so, make a script that collects the values and writes them/a delta to a file and run that on a regular basis.
1172741571 J * meandtheshel1 ~markus@85-124-233-202.work.xdsl-line.inode.at
1172742066 Q * ema Quit: leaving
1172742257 J * dna ~naucki@p54BCFF4C.dip.t-dialin.net
1172742508 M * borgfish can i update the mount table within the vserver ? 
1172742682 T * harry http://linux-vserver.org/ | latest stable 2.0.2.1, 2.0.3-rc1, 2.2.0-rc15, devel 2.3.0.11, stable+grsec 2.0.2.1, 2.2.0-rc1 | util-vserver-0.30.212 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;) 
1172742853 J * comfrey ~comfrey@70.91.185.84
1172743299 M * daniel_hozac harry: 2.2.0-rc1? that's quite a downgrade.
1172743306 M * daniel_hozac borgfish: hmm?
1172743326 M * harry heeeeeeey... that's not good
1172743330 M * harry where did the 5 go? ;)
1172743338 T * harry http://linux-vserver.org/ | latest stable 2.0.2.1, 2.0.3-rc1, 2.2.0-rc15, devel 2.3.0.11, stable+grsec 2.0.2.1, 2.2.0-rc15 | util-vserver-0.30.212 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;) 
1172743345 M * Wonka hehe
1172743359 M * Wonka any idea when there will be a 2.2.0?
1172743379 M * harry i'm waiting for god^Wbertl to tell us
1172743380 M * Wonka (without grsec, atm)
1172743400 M * harry when there will be a release, the grsec version will be added really quickly :)
1172743439 M * daniel_hozac as soon as we don't find any bugs for a while, Bertl_zZ has enough time to split the patches and we do some cleanup...
1172743442 M * daniel_hozac i guess.
1172743462 M * harry eta?
1172743481 M * daniel_hozac (i guess more more success reports wouldn't hurt either)
1172744331 M * Wonka harry: i don't need grsec, atm - just a stable release
1172744340 M * matti harry: How are you?
1172744342 M * matti Wonka: ;]
1172744347 M * matti daniel_hozac: ;]
1172744348 M * matti Uh.
1172744367 M * Wonka 2.6.19.1-vs2.2.0-rc6 runs fine here
1172744375 M * daniel_hozac hello matti.
1172744378 M * matti ;]
1172744382 M * Wonka up 69 days
1172744415 M * Wonka and i don't really want to reboot every odd day for a new -rc
1172744426 M * matti LOL
1172744431 M * matti Wonka: Just don't ;]
1172744437 M * Wonka it's a "production" machine of a small club
1172744441 Q * shedi Quit: Leaving
1172744444 M * matti Wonka: So, don't reboot.
1172744447 M * Wonka yeah
1172744456 M * Wonka but for a release, i will
1172744456 M * daniel_hozac Wonka: that rc is over 2 months old though.
1172744464 M * matti Wonka: Don't change something that actually works only because you want something newer ;p
1172744483 M * Wonka 2.6.19.5 is out, though
1172744492 M * Wonka and has some fixes that might be nice
1172744494 M * matti I run 2.6.17.11-grsec2.1.9-vs2.0.2-rc31
1172744498 M * matti ;)
1172744503 M * matti That is a pretty old one ;]
1172744507 M * matti But it just works ;]
1172744511 M * Wonka also, -rc15 surely has fixes that -rc6 hasnt
1172744519 M * daniel_hozac http://linux-vserver.org/ChangeLog-2.2
1172744536 M * daniel_hozac quite a few, yes
1172744545 M * matti And I have almost 200 days of uptime ;]
1172744546 M * matti So.
1172744547 M * matti ;]
1172744590 M * Wonka yeah, especially COW link breaking and stuff could be nice
1172744606 M * Wonka we don't have anything unified atm because there were problems months ago
1172744620 M * matti :)
1172744684 M * matti Hm.
1172744701 M * matti I wonder, why Xen is so old.
1172744719 M * matti Latest kernels + latest Xen = this will not gonna work.
1172744721 M * matti Bleh.
1172744760 M * daniel_hozac yep, Xen seem to be really slow-moving.
1172744828 M * matti harry: I can report that setup like: Xen + stripped grSecurity (no PaX, etc) + Linux vServer 2.x on vmx capable machine with this fancy patch for Xen (I forgot the name ;p) runs perfectly for 100 days ;]
1172744875 M * matti daniel_hozac: Yep. And kvm seems to be more and more feature rich and a bit more stable/mature.
1172744884 M * matti daniel_hozac: So, Xen guys should really do something ;]
1172744939 M * daniel_hozac well, KVM does require hardware virtualization support.
1172744960 M * matti daniel_hozac: Yep, but almost all new CPUs have one.
1172744973 M * daniel_hozac sure, but i don't get new processors all that often :)
1172744975 M * matti daniel_hozac: And in not so far future evey CPU will do have this capability.
1172744989 M * matti daniel_hozac: :)
1172745009 M * daniel_hozac my vserver host has 2xP3 650 MHz right now...
1172745020 M * matti daniel_hozac: I remember, that I spent almost 3 days trying get SAS working under Xen.
1172745034 M * matti daniel_hozac: It is some corportate production one?
1172745057 M * daniel_hozac not at all, it's my home production one.
1172745063 M * matti That's the difference ;]
1172745067 M * daniel_hozac (i.e. if that goes down, i don't have anything to do :))
1172745072 M * matti Mine is Quad Opteron with 32 GB of ram ;p
1172745085 M * matti But this is a production machine.
1172745156 M * matti Either way, Xen + vServer works just out of the box :) Almost perfect.
1172745157 M * matti ;]
1172745207 M * spion is there a problem with tools that use "promiscuous mode" on a vserver patched kernel?
1172745216 A * Wonka wants kvm-kqemu or kvm-vbox...
1172745223 M * daniel_hozac spion: no.
1172745226 M * Wonka kvm-intel and kvm-amd won't run here
1172745227 M * spion daniel_hozac: okay
1172745228 M * spion :)
1172745258 M * Wonka daniel_hozac: this host has 2x P3 850MHz
1172745261 M * daniel_hozac spion: note that guests cannot create raw sockets though.
1172745273 M * matti I like Xen, because I can live migrate domU if something is going wrong ;]
1172745306 M * matti And nobody will notice anything ;]
1172745330 M * Wonka i don't have hardware to migrate between :/
1172745353 M * spion daniel_hozac: yea ... I'm trying to account on my host via sniffing software
1172745375 M * daniel_hozac that works fine. i do that on one of my hosts.
1172745394 M * matti Wonka: I will try to do a test and live migrate domU between blades.
1172745449 M * spion pmacct is kinda sucking
1172745709 M * harry Wonka: the grsec stuff is just... well... useful to me, because of the extra security it adds
1172745716 M * harry aslr etc...
1172745770 M * harry i'm working on ways to break pax tough... (no luck so far)
1172745827 M * matti Break?
1172745842 M * harry yes
1172745847 M * matti Which means?
1172745859 M * harry well... reliable exploitation of aslr enabled machines
1172745865 M * matti Oh.
1172745868 M * matti It is possible?
1172745873 M * harry not sur
1172745875 M * harry e
1172745877 M * matti Theoretically probably, but...
1172745895 M * harry the idea would be: (only possible for local exploits)
1172745917 M * harry malloc more than half of all possible memory, in the same vm, load the vulnerable suid binary
1172745940 M * harry but the: load a binary in a predefined vm address space...
1172745945 M * harry is the problem
1172745952 M * matti Well.
1172745959 M * matti malloc will probably fails.
1172745964 M * harry clone() will work
1172745967 M * harry why would malloc fail?
1172745977 M * matti Because kernel will not allow you to allocate too much memory.
1172745989 M * harry sure it will...
1172746014 M * harry on i386 with SEGMEXEC you can only allocate 1,5GB of memory
1172746023 M * harry ==> malloc 1GB
1172746064 M * harry you know you have 0x60000000 in there... mmap a lib there, so you know your return address, load the vulnerable suid binary, jump to that address
1172746065 M * matti What about mmaping?
1172746076 M * matti Hmm...
1172746087 M * harry you have to be sure not to mmap in "illegal" areas
1172746097 M * harry otherwise you'll definately get segfault
1172746101 M * matti Yep.
1172746119 M * matti Do we have a knowledge of them?
1172746122 M * matti When allocationg?
1172746135 M * harry whenyou allocate 1GB, it has to be in memory
1172746139 M * harry in "legal" memory
1172746142 M * harry in 1 piece
1172746152 M * harry so you're sure that 0x60000000 is in there
1172746163 M * matti Yeah, but you need to remember, that some memory may be already in use.
1172746173 M * matti For example if this is a busy machine.
1172746174 M * harry noep
1172746177 M * matti No?
1172746179 M * matti ure?
1172746183 M * harry its VIRTUAL memory
1172746186 M * matti I know.
1172746193 M * harry different for each process
1172746196 M * matti OK.
1172746197 M * harry but that's the biggest problem
1172746209 M * harry how do you keep your memory space the same when loading another binary
1172746223 M * matti Yep, ALSR will randomize layout...
1172746229 M * matti Isn't it?
1172746233 M * harry as much as possible, yes
1172746243 M * matti That's crap
1172746243 M * matti ;]
1172746249 M * harry no it's secure ;)
1172746260 M * matti What about injecting some code.
1172746265 M * matti In to allocated memory.
1172746268 M * matti And jmp to it?
1172746271 M * harry sure
1172746274 M * harry jump where?
1172746288 M * harry lets say you can overwrite eip
1172746295 M * matti Hm
1172746295 M * harry where will you jump to? what address?
1172746301 M * matti Good point.
1172746304 M * harry (remember, heap etc... all randomized)
1172746329 M * matti What about using garbage collector to execure your code?
1172746330 M * harry ==> make sure you have predictable mapping for your mem
1172746345 M * matti I was reading about using such attacks vectors.
1172746348 M * matti Somewhere...
1172746367 M * harry ow... it's time.. /me gotta go
1172746372 M * harry time for a swim...
1172746375 M * matti See ya
1172746378 M * matti Have fun harry ;]
1172746393 M * matti harry: Come back later it is interesting topic to discuss
1172748551 J * chand ~chand@m167.net81-64-156.noos.fr
1172749496 Q * Johnnie Quit: G'bye!
1172749939 Q * comfrey Remote host closed the connection
1172752024 M * brcc_ ok
1172752072 Q * Aiken Quit: Leaving
1172753842 M * harry back
1172754547 J * cehteh ~ct@pipapo.org
1172755246 Q * mjt Read error: No route to host
1172755823 Q * michal` Ping timeout: 480 seconds
1172756358 J * michal` ~michal@www.rsbac.org
1172757263 J * ema ~ema@lart.galliera.it
1172757753 J * dna_ ~naucki@84.188.207.42
1172757830 Q * dna Ping timeout: 480 seconds
1172758493 Q * borgfish 
1172759370 M * harry  15:29:24 up 45 days, 23:49,  1 user,  load average: 5.36, 6.39, 4.82
1172759375 M * harry on helios... is this normal?
1172759381 M * harry its not from helios himself...
1172759403 M * daniel_hozac the website is rather loaded.
1172759424 M * harry we rule! :)
1172759444 M * harry i'll put up a mirror of it once i get my server up and running in some datacentre :)
1172759476 M * daniel_hozac i guess Hollow will be able to tell us what's causing the load.
1172759488 M * sid3windr if you need mirrors just let me know :p
1172759511 M * harry hmm... my cpu will be slower tough...
1172759520 M * daniel_hozac define "mirro".
1172759521 M * daniel_hozac +r
1172759527 M * harry i'll have a dual p3-1GHz, but... with 4 GB of ram :)
1172759545 M * harry yeah, if you want, i think i can manage to put a mirror online too
1172759559 M * harry on a dual xeon machine, 3GB ram, hotplug scsi disks etc..
1172759567 M * harry GBit network connection, limitless
1172759573 M * Hollow uhm
1172759574 M * harry have to ask around here tough ...
1172759614 M * Hollow well, the cause seems to be gone already.. but i noticed high loads too lately..
1172759648 M * sid3windr daniel_hozac: basically, a vserver for whatever you wanna do, with x diskspace and y bandwidth on 100Mbit 
1172759665 M * sid3windr also only 1.2GHz P3
1172760437 N * Bertl_zZ Bertl
1172760975 M * Bertl morning folks!
1172762344 Q * gab Quit: Leaving
1172763167 Q * virtuoso Ping timeout: 480 seconds
1172763489 J * virtuoso ~s0t0na@80.253.205.251
1172763872 Q * virtuoso Read error: Connection reset by peer
1172763883 J * virtuoso ~s0t0na@80.253.205.251
1172765248 M * Bertl okay, off for now .. back shortly
1172765255 N * Bertl Bertl_oO
1172766522 J * stefani ~stefani@flute.radonc.washington.edu
1172766767 N * Bertl_oO Bertl
1172766778 M * Bertl back again! morning stefani!
1172766792 M * stefani hola encore.
1172767056 M * matti Bertl: ;)
1172767071 M * Bertl hey matti! how's going?
1172767277 M * matti Not bad... except horrible hadache today ;(
1172767343 M * matti Anyway thanks for asking :)
1172767354 M * matti I hope, that you're fine ;]
1172767380 M * Bertl yes, I'm quite fine ... tx
1172767412 M * matti :)
1172767671 J * lilalinux ~plasma@80.69.41.2
1172769006 J * bonbons ~bonbons@83.222.38.146
1172769121 Q * m`m`h Ping timeout: 480 seconds
1172769253 N * DoberMann DoberMann[PullA]
1172769305 Q * ZLinux osmotic.oftc.net oxygen.oftc.net
1172769305 J * ZLinux_ ~ZLinux@88.213.57.11
1172769334 Q * chand Quit: chand
1172769966 J * m`m`h ~simba@deb30.mgts.by
1172770204 Q * dna_ Read error: Connection reset by peer
1172770230 J * dna_ ~naucki@84.188.207.42
1172770749 M * phedny how can I (u)mount a filesystem in a guest from the host?
1172770758 M * phedny without restarting the guest
1172770885 M * bonbons phedny: using vnamespace, but that's only possible if you have not enabled guest privacy
1172770912 M * phedny hmm, I just found this command to be working:
1172770913 M * phedny vnamespace -e 118 chroot /vservers/samba umount /extern
1172770990 M * harry vserver <name> exec umount /extern
1172770992 M * harry doesn't work?
1172771030 M * harry (maybe i just don't get the q ;))
1172771046 M * phedny than it said /extern is not found
1172771061 M * phedny but I thought that might be because it is not in the host /etc/mtab of /proc/mtab
1172771072 M * phedny owh
1172771078 M * phedny sorry
1172771096 M * phedny with vserver exec it gets the guest capabilities and it has no mount cap
1172771142 M * Bertl unmount should still work though, but the namespace approach is fine
1172771265 M * phedny well, now I'd also want to mount it again
1172771297 M * phedny do I have to create a device file first?
1172771308 M * Bertl depends on what you want to mount
1172771312 M * phedny /dev/sdb1
1172771323 M * Bertl probably secure-mount is what you actually want
1172771387 M * phedny is that a command line tool or a vserver setting?
1172771398 M * Bertl command line tool used by util-vserver
1172771562 M * phedny :/vservers/samba# /usr/lib/util-vserver/secure-mount --chroot /dev/sdb extern
1172771570 M * phedny is this the correct way of calling it?
1172771592 M * Bertl probably not, I guess you want sdb1 and /extern
1172771663 M * phedny okay, did that change, but it doesn't work yet
1172771672 M * phedny hmm, of course, must use vnamespace :)
1172771736 Q * m`m`h Ping timeout: 480 seconds
1172771772 M * Bertl daniel_hozac: ping?
1172771777 M * daniel_hozac pong
1172771786 M * Bertl ah, great, you're around ...
1172771793 M * daniel_hozac just got in.
1172771800 M * Bertl I discovered that ubuntu is doing evil stuff to /var/run
1172771810 M * Bertl are you aware of that?
1172771821 M * daniel_hozac mounting it as tmpfs?
1172771840 M * Bertl yep, and/or cleaning it up on restart
1172771860 M * daniel_hozac +not?
1172771879 M * Bertl so basically the tools end up complaining about vshelper binary after reboot
1172771884 N * DoberMann[PullA] DoberMann
1172771899 M * Bertl but of course, it is the missing directories in /var/run/
1172771904 M * daniel_hozac yep.
1172771916 M * daniel_hozac IIRC the Debian initscript is supposed to handle that.
1172771923 M * Bertl you have to create them manually, then everything works again ...
1172771943 M * Bertl okay, but we do not have them in the util-vserver package yet, right?
1172771978 M * daniel_hozac nor do i have any intention of adding it, as i don't see what it has that the already present sysv scripts have.
1172771997 M * daniel_hozac now that we have the util-vserver initscript, adding the mkdir there would make sense though.
1172772032 M * Bertl yes, IMHO acheck for them + make won't hurt and will help folks
1172772175 Q * phedny Remote host closed the connection
1172772376 J * _mcp ~hightower@wolk-project.de
1172772382 Q * mcp Read error: Connection reset by peer
1172772568 Q * duckx Quit: Client exiting
1172772697 M * Bertl daniel_hozac: what is this for?
1172772701 N * _mcp mcp
1172772702 M * Bertl 439134 2007-03-01 19:08:02 lib/util-vserver/vserver.start.bin
1172773222 N * mcp _mcp
1172773369 Q * ZLinux_ Remote host closed the connection
1172773500 J * phedny ~mark@ip56538143.direct-adsl.nl
1172773860 Q * DoberMann Remote host closed the connection
1172773885 J * DoberMann ~james@AToulouse-156-1-12-27.w86-196.abo.wanadoo.fr
1172774177 J * duckx ~Duck@tox.dyndns.org
1172774189 Q * duckx Remote host closed the connection
1172774290 J * CHTEKK ~chtekk@62.48.110.172
1172774293 M * CHTEKK lo all :)
1172774330 M * daniel_hozac Bertl: nothing.
1172774346 M * CHTEKK we're seeing strange utime issues with linked templates on VCD, which is explained quite easily: we set IATTR_IMMUTABLE on the linked files, and Linux doesn't allow utime calls on files with the immutable bit set, the man page says... anyone has any idea on how to solve this correctly? /me hasn't :(
1172774359 J * duckx ~Duck@tox.dyndns.org
1172774375 M * daniel_hozac Bertl: there's a C implementation of vserver-start in the utils, but it's neither maintained nor used, AFAIK.
1172774385 M * CHTEKK easiest solution is to just not set IATTR_IMMUTABLE on the linked files, but afaik that's needed
1172774393 M * daniel_hozac CHTEKK: 2.1+ will break the links on utimes.
1172774415 M * CHTEKK hrmmm let me ask the users who's seeing this what kernel he's running
1172774440 M * daniel_hozac (note: utimes, not utime (yet))
1172774487 M * CHTEKK ah... cause this seems to badly break emerge for some things, for example the os.utime call of Python breaks
1172774514 M * daniel_hozac of course, but why is it trying to set the times of files that are already on the system?
1172774518 M * CHTEKK k he's using 2.6.19-vs2.2.0-rc12, as am I...
1172774532 M * CHTEKK nfc :) fact is a couple of pkgs fail because of this
1172774557 M * daniel_hozac when you do what?
1172774665 M * daniel_hozac Bertl: http://people.linux-vserver.org/~dhozac/p/k/delta-utime-fix01.diff
1172774677 M * CHTEKK <lylix> seems liek anyhting doing a utime on /etc files
1172774677 M * CHTEKK <lylix> pkgs for example: util-linux, openssh, even nano
1172774677 M * CHTEKK <lylix> /etc/nanorc
1172774699 M * CHTEKK why they do utime calls on compile/install, don't ask me, but they seem to do :)
1172775398 M * Hollow you know that utimes works, but utime not?
1172775412 M * CHTEKK yes daniel_hozac told me before
1172775417 M * Hollow ok
1172775441 M * CHTEKK still, the stuff seems to do utime, and that fails... and we can't really go round and check the whole portage tree what fails and fix it individually etc, imo
1172775455 M * daniel_hozac if you apply the patch above, utime should break the link as well.
1172775464 M * daniel_hozac IMHO emerge seems rather broken in this regard though.
1172775501 J * lylix ~eric@dynamic-acs-24-154-33-9.zoominternet.net
1172775512 M * daniel_hozac the idea of identical systems does not seem to be something that they want to enable.
1172775553 M * daniel_hozac Bertl: could you test a fix for the initscript?
1172775555 M * CHTEKK well it probably was never worked on from a perspective of "let's make this work with multiple systems sharing the same files through hardlinks fully" :)
1172775598 M * daniel_hozac or NFS-root, or....
1172775630 M * CHTEKK yeah, probably :)
1172775671 M * CHTEKK well, cause of all the optimizations et all, emerge is anyway very "host-centered", so tehre really probably wans't that much demand to get this working properly on such setups
1172776381 J * m`m`h ~simba@deb30.mgts.by
1172777478 J * Piet hiddenserv@tor.noreply.org
1172779353 J * Piet_ hiddenserv@tor.noreply.org
1172779493 Q * dna_ Read error: Connection reset by peer
1172779520 J * dna_ ~naucki@p54BCCF2A.dip.t-dialin.net
1172779680 Q * Piet Ping timeout: 480 seconds
1172779959 M * Bertl daniel_hozac: sure, but it will have to wait a little, as this is the machine I'm currently working on :)
1172780029 M * daniel_hozac http://people.linux-vserver.org/~dhozac/p/uv/experimental/delta-ubuntu-init.diff
1172780075 M * Bertl okay, what about the utime delta?
1172780113 M * daniel_hozac i don't remember why we didn't add link breaking there in the first place.
1172780115 M * Bertl btw, can we remove the vserver.start.bin then from installation, as it takes up a lot of place?
1172780139 M * Bertl I remember we had a patch for that, but it did break certain things
1172780153 M * daniel_hozac oh?
1172780169 M * daniel_hozac why does it work for utimes which looks basically the same?
1172780190 M * Bertl might have been unrelated to that though, we had other CoW issues at that time too
1172780199 M * daniel_hozac (or doesn't it work with utimes either?)
1172780203 M * Bertl let me dig out what we had/did back then ...
1172780348 M * Bertl hmm, interesting ... at least the sys_utime doesn't show up in my deltas
1172780388 M * Bertl okay, I guess you tested it, right?
1172780408 J * dev-zero ~TizianoMu@gw.ptr-80-238-132-170.customer.ch.netstream.com
1172780415 M * dev-zero hi everyone
1172780416 M * Bertl welcome dev-zero!
1172780429 M * daniel_hozac no, that's what i wanted CHTEKK/lylix to do ;)
1172780432 M * dev-zero is it possible to add a volume to a running vserver?
1172780444 M * Bertl daniel_hozac: okay, then we give it some time :)
1172780462 M * Bertl dev-zero: volume as in 'mounted filesystem'?
1172780471 M * dev-zero Bertl: yes
1172780484 M * Bertl sure, you can do that at any time
1172780490 M * dev-zero hmm
1172780590 M * dev-zero Bertl: doesn't seem so
1172780598 M * dev-zero Bertl: or I'm doing it the wrong way
1172780615 M * Bertl that's probably the reason, what _are_ you doing?
1172780633 M * dev-zero well, mount /dev/evms/foo /vserver/myvserver/mnt/foo
1172780639 M * dev-zero just the naive way :)
1172780647 M * Bertl hehe, well, that won't work ...
1172780656 M * Bertl you are mounting the stuff in the host namespace
1172780667 M * Bertl so it will only be visible on the host, not inside the guest
1172780679 M * dev-zero ok, how do I do it the way I want it to do it
1172780691 M * Bertl you want to do that mount inside the guest namespace, so using vnamespace ... is the proper way to do that
1172780793 M * Bertl something like: vnamespace -e <xid> -- mount -n /dev/evms/foo /vserver/myvserver/mnt/foo
1172780892 M * Bertl daniel_hozac: 213-rc4 is the latest, right?
1172780909 M * daniel_hozac Bertl: yep.
1172780912 M * dev-zero Bertl: worked. Thanks!
1172780923 M * Bertl dev-zero: you're welcome!
1172780998 M * dev-zero Bertl: another question (just curious): is there some work going on to have full-networking support in a vserver?
1172781019 M * Bertl you mean layer 2 virtualization?
1172781022 M * dev-zero jup
1172781059 M * Bertl mainline is addressing that atm, and as soon as L2namespaces will be introduced, Linux-VServer will support them
1172781095 M * Bertl our main focus is on L3 isolation, as it turns out to be much faster and scales a lot better than L2 virtualization
1172781165 M * dev-zero while L2 virtualization covers more use-cases
1172781193 M * Bertl well, there are only a few cases which actually require L2, but for those, of course, L3 is insufficient
1172781228 M * dev-zero and for some, there might be the workaround via the dummy-interface
1172781266 M * Bertl personally I do not see any real need for dummy0, but it makes some folks really happy :)
1172781270 M * dev-zero hmm, but the dummy-interface probably can't be added to a bridge, can it?
1172781306 M * Bertl sure it can, it will just not do anything there, but as it doesn't do anything right now ... that is probably not an important change :)
1172781317 M * daniel_hozac what are you trying accomplish in the first place?
1172781345 M * dev-zero nothing, just thinking :)
1172781390 M * dev-zero in Xen you usually have a bridge and you add tun-devices to it, while the other side of the tun-device is the vm
1172781424 M * dev-zero and kvm probably does the same (although I didn't check)
1172781448 M * Bertl yes, and with QEMU, UML and VMware you need similar
1172781484 M * dev-zero just thought what I'm gonna do if I once decide that I also want another OS virtualized
1172781492 M * Bertl and the best advice I can give you, is to forget about this approach, because it is neither useful nor applicable to Linux-VServer :)
1172781505 M * dev-zero probably
1172781520 M * Bertl if you want another OS, have Xen+Linux-VServer
1172781571 M * Bertl put the other OS in a domU, and the Linux-VServer kernel in another
1172781571 M * dev-zero hmm, nice
1172781575 M * Bertl will allow you to share the resources efficiently between the guests
1172781601 M * dev-zero hmm, needs more ram if you do heavy disk-io
1172781623 M * dev-zero and gives a performance impact for the vm's in the vserver-domU
1172781627 J * chrome___ ~sabaini@85-124-41-108.dynamic.xdsl-line.inode.at
1172781646 M * dev-zero but mixing kvm and vserver is probably not such a good idea anyway
1172781650 M * Bertl dev-zero: yep, besides the fact that the guests are not VMs ...
1172781669 M * dev-zero yes, sure
1172781750 M * dev-zero thanks for the answers and your help :)
1172781814 M * Bertl you're welcome!
1172781968 J * shedi ~siggi@ftth-237-144.hive.is
1172782609 J * Aiken ~james@ppp216-125.lns2.bne1.internode.on.net
1172782716 Q * lilalinux Remote host closed the connection
1172782957 J * yarihm ~yarihm@84-75-123-221.dclient.hispeed.ch
1172783142 M * ray6 Bertl: oh, you're beginning to promote Xen+Vserver? :) 
1172783194 J * tzafrir_ ~tzafrir@bzq-179-75-202.static.bezeqint.net
1172783326 M * Bertl ray6: always :)
1172784340 J * Sawtooth ~gangster@d2-ms.xs4all.nl
1172784436 P * chrome___ Kopete 0.12.4 : http://kopete.kde.org
1172784500 N * Sawtooth Chainsaw_
1172784523 M * Bertl welcome Sawtooth/Chainsaw_! 
1172784535 M * Chainsaw_ thank you!
1172784542 M * Chainsaw_ sorry for the nick change ;)
1172784547 M * Chainsaw_ other one was taken lol
1172784567 M * Bertl np
1172784585 M * Chainsaw_ been debian quite a while now,and irc forever
1172784596 Q * Aiken Remote host closed the connection
1172784597 M * Chainsaw_ so i thought,why am i not on irc on about debian
1172784597 M * Chainsaw_ ;)
1172784605 M * Bertl hehe ...
1172784750 J * Aiken ~james@ppp216-125.lns2.bne1.internode.on.net
1172784830 M * Chainsaw_ this vserver looks interesting
1172784935 M * hardwire still no vserver kerns in feisty
1172784939 M * hardwire wtfn00b
1172784963 M * Bertl Chainsaw_: for sure it is :)
1172784992 M * Chainsaw_ Bertl before i ask the stupid question,ill read the sites first hehe
1172784993 M * Chainsaw_ brb
1172784995 M * Chainsaw_ :)
1172785012 M * Bertl Chainsaw_: np, take your time ...
1172785274 M * Chainsaw_ looks great
1172785281 M * Chainsaw_ im gonna play with it tommorow :)\
1172785295 M * Bertl k, let us know if you have any troubles ...
1172785300 M * Chainsaw_ thnx m8
1172785438 M * Bertl np
1172785946 J * nadim ~nadim@10.252.186.81.lund.res.sta.perspektivbredband.net
1172785965 M * Bertl welcome nadim!
1172785971 M * nadim thank you
1172786019 Q * bonbons Quit: Leaving
1172786076 M * nadim I hang out here for a while and see what you guys discuss
1172786099 M * nadim I'm still scratching my head trying to decide what to use for a little experiment
1172786143 M * Bertl np, but it might turn out that there is no discussion for quite some while .. so do not be disappointed :)
1172786187 M * nadim I'm on another channel with just one other user and I think it has been silent for 3 weeks now so I'm used :)
1172786209 M * Bertl ah, okay, I can guarantee, it won't be that long :)
1172786225 M * nadim I'll come up with a bunch of stupid questions tomorow to inject some life (and laughs)
1172786239 M * Bertl see topic :)
1172786302 M * nadim that's why I need 24 hours. I need to get all the elements from the web site so I can ask real stupid questions
1172786333 M * Bertl sounds promising ...
1172786343 M * nadim don't be so sure :)
1172786376 M * nadim anyway I can say what I want to do (though I'm not so sure yet)
1172786410 M * nadim I work with build systems and I'm thinking of distributing few things in a small cluster
1172786456 M * nadim IE I want a certain compiler to be used but I don't want to the users (yet it's a cluster of boxes that have users)
1172786460 M * Bertl build systems like cross compile farms or more like distro package building or maybe both?
1172786510 M * nadim to change compiler version or other damage. I'd like to build an "image" then ask the cluster nodes to download it and start a VM just for the compilation I need
1172786547 M * Bertl i.c. well, makes sense to me
1172786552 M * nadim both and the tricky thing is that I don't want to distribute the building but the build system
1172786615 M * nadim what I would really like it to be able to take an image and just add the files that I need instead for rebuilding a complete image
1172786651 M * Bertl okay, let's define things like 'image' and 'cluster nodes'
1172786671 M * nadim actually I believe it would be better to start the vms and let them update themselves (rsynch, ...) with the master image
1172786688 M * nadim cluster node == a computer
1172786716 M * nadim image == a complete sytem you run in a vm
1172786735 M * Bertl ah, so image = files for a guest, yes?
1172786737 M * nadim I understand that vserver uses it's host as much as possible (which is good)
1172786769 M * nadim immage == files, config, applications, ...
1172786775 M * Bertl well, you do not need to have a special device or mount for the guests, but of course you can ...
1172786846 M * nadim I actually don't care if it's a special mount or not. all I need is to guaranty that the image is equivalent to a "master image"
1172786866 M * Bertl okay, rsync should be able to take care of that
1172786897 M * nadim I believe it's better to let the vm update itself instead for creating a new image each time
1172786907 J * neuralis_ ~krstic@solarsail.hcs.HARVARD.EDU
1172786908 M * nadim time is _very_ important
1172786930 M * nadim rsych is actually too slow
1172786957 M * Bertl well, you can have both
1172786982 M * Bertl you can simply copy an exisiting template, and then bring it up-to-date with rsync, no?
1172786990 M * nadim right
1172787015 Q * neuralis Ping timeout: 480 seconds
1172787018 M * nadim I just think that some p2p would be well used here
1172787035 M * Bertl ah, might work as well
1172787052 M * nadim I haven't seen any p2p rsync yet
1172787073 M * nadim but it's something that's not too difficult to implement
1172787096 M * nadim specially in a little, controlled environment
1172787219 M * nadim the cool thing is that if I have multiple variants for a build (say different compilers) I can synchronize a bunch of templates on all boxes then run the build in each of them 
1172787273 M * nadim pitty the development env. is windows (I'm allowed to used linux because I refused the jib if I had to work in windows :)
1172787274 M * Bertl yep, and you might even end up with a performance gain if you ensure that the data they operate on can be shared
1172787301 M * nadim how would that give me more performance?
1172787322 M * Bertl quite simple, let's assume you want to compile the linux kernel with 3 different compilers
1172787339 M * nadim ok
1172787359 M * Bertl this will require roughly 250mb of kernel sources, and three toolchains
1172787389 M * Bertl now, the kernel source doesn't change in the process, nor will the actual compile sequence
1172787411 M * nadim I agree for the first but not the second
1172787435 M * nadim but please continue
1172787438 M * Bertl thus, if you ensure (e.g. by using unification) that the kernel source is available for all three compiles, then you will only use 1/3rd of the caching and buffer resources
1172787486 M * nadim you are thinking simulteanous compiling in the 3 vms
1172787494 M * nadim then you get your gain
1172787544 M * nadim but calculated in seconds (time) the three compilation will take as long (longer) with three simultaneous compilation as three sequential compilations
1172787633 M * nadim Is it possible to start a vm in a vm? and does it degrade performance?
1172787685 M * Bertl well, yes, but we do not do VMs :)
1172787704 M * Bertl we do isolation, separation and a little virtualization
1172787704 M * nadim right VPS, is it?
1172787819 M * nadim I read a paper this afternoon comparing prestanda between vserver, uml, xen and vmware. Very interresting
1172787829 M * nadim I guess you've seen that one.
1172787849 M * Bertl yep, the guy who wrote it (or part of it) is standing behind me atm
1172787866 M * Bertl and is urging me to go to dinner ... which is what I will do now :)
1172787876 M * nadim ttl
1172787879 M * nadim ttyl
1172787882 M * Bertl k, cya!
1172787905 N * Bertl Bertl_oO
1172789366 N * neuralis_ neuralis
1172789818 N * DoberMann DoberMann[ZZZzzz]
1172790298 P * stefani I'm Parting (the water)
1172790980 Q * duckx Remote host closed the connection
1172793044 Q * meandtheshel1 Quit: Leaving.