1174349563 N * Bertl_oO Bertl 1174349566 M * Bertl back now ... 1174349758 Q * boci^ Quit: Távozom 1174349850 Q * Piet_ Ping timeout: 480 seconds 1174349953 J * Piet_ hiddenserv@tor.noreply.org 1174350146 J * _mcp ~hightower@wolk-project.de 1174350146 Q * mcp Read error: Connection reset by peer 1174350173 J * infowolfe_ ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net 1174350191 Q * bonbons Quit: Leaving 1174350439 Q * infowolfe Read error: Connection reset by peer 1174350843 Q * Piet_ Ping timeout: 480 seconds 1174351293 J * dghill dghill@office.mel.illuminate.com.au 1174352297 Q * gerrit Ping timeout: 480 seconds 1174352444 Q * shedi Quit: Leaving 1174353383 J * shedi ~siggi@ftth-237-144.hive.is 1174354492 M * Bertl daniel_hozac: ping? 1174354707 M * Bertl daniel_hozac: help for vunify is wrong too, IMHO it implies that this would be correct: 1174354723 M * Bertl /lib/util-vserver/vunify --manually -nvR -- /vservers/mdv$n /dev/null 1174354740 M * Bertl but it gives: No reference path(s) given 1174354767 M * Bertl specifying /vservers/mdv$n before the double dash seems to do the trick though 1174354793 M * Bertl some deunify everything for a (possibly stopped) guest would be nice to have too 1174357629 J * marcfiu ~mef@c-68-39-177-97.hsd1.nj.comcast.net 1174357642 M * marcfiu hey there 1174357836 M * Bertl hey marcfiu! 1174358891 M * Bertl okay, off to bed now ... have a good one everyone! cya! 1174358895 N * Bertl Bertl_zZ 1174359122 Q * softi42 Ping timeout: 480 seconds 1174359446 P * marcfiu 1174359728 J * softi42 ~softi@p549d5358.dip.t-dialin.net 1174359862 Q * dghill Ping timeout: 480 seconds 1174361758 Q * hallyn Quit: leaving 1174361974 Q * Aiken Remote host closed the connection 1174362267 J * Aiken ~james@ppp250-73.lns2.bne4.internode.on.net 1174362278 Q * Aiken Read error: Connection reset by peer 1174363708 Q * ensc Ping timeout: 480 seconds 1174363780 J * aaaaaaaaaaaaaaaaaaaaaaaa ~almazchm@219.239.98.225 1174363814 Q * aaaaaaaaaaaaaaaaaaaaaaaa 1174365231 J * slack101 ~root@cpe-71-65-58-25.insight.res.rr.com 1174365255 M * slack101 can i run multiple vservers with 1 public ip ? 1174366034 M * slack101 i cant figure out how to to have incoming traffic 1174366111 Q * sid3windr Ping timeout: 480 seconds 1174366140 J * Aiken ~james@ppp250-73.lns2.bne4.internode.on.net 1174366146 M * daniel_hozac Bertl_zZ: hmm, what are you unifying it with? 1174366156 M * daniel_hozac slack101: sure you can. 1174366172 M * daniel_hozac slack101: but you can't have them listening on the same ports. 1174366238 M * slack101 what do you mean 1174366250 M * slack101 its a isolated network right ? 1174366323 M * slack101 daniel_hozac: expalin how i could do this please 1174366348 M * daniel_hozac you can't redirect traffic to two guests from :x. 1174366381 M * slack101 i have 10 vps 1174366386 M * slack101 i can get multiple ip's 1174366391 M * slack101 but is it possible to use one 1174366396 J * timbangai ~timbangai@58.186.240.184 1174366397 M * slack101 and each user have a httpd server 1174366414 M * daniel_hozac only if you use different ports. 1174366422 M * timbangai hi 1174366434 J * sid3windr luser@bastard-operator.from-hell.be 1174366441 M * timbangai anybody wana chat 01b0hith me 1174366456 M * slack101 daniel_hozac: eexplain what you mean by that please 1174366496 M * daniel_hozac i did. with one IP address, you need to use different ports to run the same service multiple times. 1174366504 M * daniel_hozac same as on a regular Linux system. 1174366509 M * slack101 even if its different 1174366511 M * slack101 vps ? 1174366548 M * daniel_hozac and how do you expect the traffic to make it to the right guest when you just one IP? 1174366561 M * slack101 thats what im asking 1174366572 Q * timbangai Quit: See you! 1174366608 M * daniel_hozac so the answer is no; computers are not psychic yet ;) 1174366616 M * slack101 anyway to do it ? 1174366619 M * slack101 filter ? 1174366665 M * daniel_hozac no, you need to be able to identify which guest its destined for. without using the IP or port, what's left? 1174366680 M * slack101 request :) 1174366686 M * slack101 but yea i see ur point 1174366851 M * slack101 daniel_hozac: i willl just use ip's 1174366890 M * slack101 daniel_hozac: how do i set it up with multiple ip;s .........do i need to use iptables to redirect ? 1174366909 M * slack101 someone is trying to tell me ot use iptables to forward ot right local ip or somethig 1174367896 J * DoberMann_ ~james@AToulouse-156-1-87-233.w86-196.abo.wanadoo.fr 1174368004 Q * DoberMann[ZZZzzz] Ping timeout: 480 seconds 1174368027 M * slack101 anyone else up .......sorry for askin bu woulld really like to get this setup ish 1174369022 J * gerrit ~gerrit@c-67-160-146-170.hsd1.or.comcast.net 1174369723 Q * _cob Ping timeout: 480 seconds 1174369733 J * _cob ~cob@pc-csa01.science.uva.nl 1174369914 J * lylix ~eric@dynamic-acs-24-154-33-9.zoominternet.net 1174369936 M * lylix daniel_hozac: hello? 1174370197 J * dghill dghill@office.mel.illuminate.com.au 1174370891 M * slack101 i need to know ...........should i give every user the same base distro .............or is their a way to share ? 1174370941 M * arachnist you should probably check the unionfs 1174370980 M * arachnist or something look for a cowfs for fuse (or something like that, cow meaning copy on write) 1174370990 M * slack101 talking to me ? 1174370994 M * arachnist yup 1174371001 M * slack101 i mean 1174371027 M * slack101 is there a way to share the main base or w/e so i dont have to waste 800 mb of space on each one ? but if they change something have it change ? 1174371027 M * arachnist http://www.freebsd.org/cgi/man.cgi?query=mount_unionfs 1174371064 M * arachnist here's a description of how unionfs works on fbsd, i don't think that linux's unionfs implementation is much different 1174371079 M * arachnist slack101: yes, there is 1174371110 M * slack101 doesnt vserver have something for this ? 1174371117 M * arachnist dunno 1174371923 J * besonen_ ~besonen@209-180-234-92.eugn.qwest.net 1174372352 Q * besonen__ Ping timeout: 480 seconds 1174372878 M * daniel_hozac lylix: pong 1174372920 M * daniel_hozac arachnist: you realize Linux-VServer has COW, right? 1174372942 M * daniel_hozac (in 2.1+) 1174373022 M * daniel_hozac slack101: just create a template in which you run setattr --iunlink on every regular file and then use the clone build method (util-vserver 0.30.213+). 1174373044 M * hardwire I am still not used to that 1174373068 M * hardwire so 'find -type f -print0 | xargs setattr --iunlink' 1174373074 M * hardwire or both files and directories? 1174373076 M * daniel_hozac xargs -0, but yes. 1174373086 M * hardwire err.. throw a -0 in there yebh 1174373091 M * hardwire but just files/ 1174373092 M * hardwire ? 1174373093 M * daniel_hozac yes. 1174373099 M * hardwire whyfer? 1174373108 M * slack101 daniel_hozac: i really dont get what you mean there 1174373131 M * daniel_hozac because you don't want immutable directories? 1174373149 M * daniel_hozac slack101: what hardwire said. 1174373162 M * hardwire daniel_hozac: why not? 1174373175 M * daniel_hozac hardwire: because you can't create files in it then? 1174373181 M * hardwire dur 1174373197 M * hardwire I just didn't understand how the COW works 1174373210 M * hardwire if there is a dir, and it has immutable files in it. it won't be deleted 1174373215 M * hardwire but how does it white it out? 1174373224 M * daniel_hozac what? 1174373244 M * hardwire how do you white out directories or files? 1174373256 M * daniel_hozac "white out"? 1174373266 M * hardwire you don't use unionfs do you.. 1174373290 M * daniel_hozac no. 1174373292 M * hardwire touch /tmp/a 1174373294 M * hardwire rm -rf /tmp 1174373298 M * hardwire mkdir /tmp/ 1174373300 M * hardwire ls /tmp/ 1174373306 M * hardwire it would show file 'a' right? 1174373311 M * daniel_hozac uh, no. 1174373315 M * daniel_hozac you removed the directory. 1174373321 M * hardwire how did it white it out? 1174373322 M * daniel_hozac thus, /tmp/a doesn't exist. 1174373346 M * lylix daniel_hozac: heya... 1174373350 M * hardwire a is immutable 1174373354 M * daniel_hozac no it's not. 1174373357 M * daniel_hozac you didn't make it immutable. 1174373364 M * lylix interesting issue w/ mutliple ips assigned to a vserver 1174373366 M * daniel_hozac if it were, you wouldn't be able to remove /tmp. 1174373371 M * daniel_hozac lylix: oh? 1174373373 M * hardwire daniel_hozac: I thought the conversation context made it immutable :) 1174373378 M * hardwire either way 1174373392 M * daniel_hozac you cannot remove non-empty directories. 1174373394 M * lylix running an app like yates throws this when trying to bind to the SIP port (5060): 1174373400 M * hardwire daniel_hozac: ok.. so no white out 1174373403 M * lylix Initializing module SIP Channel 1174373403 M * lylix Unable to bind to preferred port - using random one instead 1174373408 M * hardwire how do you remove immutable files? 1174373413 M * lylix when only one IP is asssigned, works fine 1174373416 M * hardwire you can't white them out I take it 1174373428 M * daniel_hozac you don't. that's what the immutable linkage invert (iunlink) flag is for. 1174373440 M * hardwire I'm pretty sure I will be using LVM snapshots vs COW then. 1174373444 M * daniel_hozac lylix: hmm, that's odd. kernel? 1174373446 M * lylix ive seen this same type of behavior w/ some Asterisk setups 1174373462 M * lylix 2.6.19-vs2.3.0.6 in this case 1174373475 M * lylix i can test in 2.2.0 also if needed 1174373476 M * daniel_hozac hardwire: if you use the vserver COW, i.e. iunlink|immutable, removing immutable files is posible. 1174373496 M * hardwire ok.. how does that work? 1174373499 M * daniel_hozac lylix: i think that would be better. 2.3 isn't very stable and the networking is one of the things being worked on. 1174373503 M * daniel_hozac hardwire: the file is removed. 1174373509 M * daniel_hozac hardwire: like any other file. 1174373512 M * hardwire heh. 1174373523 M * daniel_hozac (well, not the file, the dentry) 1174373528 M * hardwire dentry? 1174373550 M * hardwire is that part of the hash? 1174373556 M * daniel_hozac hmm? 1174373557 M * lylix k, brb 1174373563 M * daniel_hozac a dentry is a reference to an inode in a directory. 1174373563 M * hardwire whats a dentry in your world? 1174373571 M * hardwire yeh 1174373571 M * daniel_hozac i.e. what links a file to a name. 1174373582 M * hardwire a kick ass "vserver cow" indepth documentation would rule 1174373593 M * hardwire maybe I looked over it 1174373601 M * daniel_hozac someone would have to write it. 1174373604 M * hardwire ah 1174373609 M * hardwire this again explains my confusion 1174373627 M * daniel_hozac i believe there are some docs on the oldwiki. 1174373635 M * slack101 shoukld i even bother or just give every user a distro ? 1174373653 M * daniel_hozac slack101: that's up to you, no+ 1174373657 M * daniel_hozac s/+/?/ 1174373665 M * slack101 huh? 1174373673 M * slack101 i mena is it worth the extra stufff ? 1174373676 M * daniel_hozac we can't tell you what you should provide your users. 1174373698 M * slack101 i will give the ability here in a lil to change ditro 1174373699 M * slack101 distro 1174373703 M * slack101 so maybe not 1174373748 M * hardwire daniel_hozac: so do you have a base directory, that you set immutable, and hard linked the entire tree for the virtual server? 1174373959 M * lylix same behavior in 2.6.19-vs2.2.0-rc5 1174373973 M * lylix ill paste an strace on the bind call 1174374126 M * daniel_hozac hardwire: it's what makes the most sense to me. 1174374139 M * daniel_hozac lylix: well, we're at 2.6.19.7-vs2.2.0-rc19 now... 1174374212 M * lylix http://paste.linux-vserver.org/1330 1174374230 M * lylix again, only happens when 2+ IPs assign to a vserver 1174374248 M * lylix are there any significant networking changes between rc5 -> rc19? 1174374365 N * DoberMann_ DoberMann 1174374489 M * daniel_hozac is anything else bound to it? 1174374494 M * daniel_hozac what addresses are you assigning it? 1174374507 M * lylix nope... maybe just other vservers 1174374510 M * lylix def not on the host 1174374529 M * lylix i just tested w/ an asterisk setup and w/ 2+ IPs, sip 5060 binds 1174374550 M * lylix put iax 4569 not w/ 0.0.0.0 1174374565 M * lylix [Mar 20 02:50:47] ERROR[2472]: netsock.c:137 ast_netsock_bindaddr: Unable to bind to 0.0.0.0 port 4569: Address already in use 1174374565 M * lylix [Mar 20 02:50:47] ERROR[2472]: chan_iax2.c:9046 set_config: Unable to create network socket: Address already in use 1174374567 M * daniel_hozac so if you use just two guests, with two completely different IP-sets, you can't bind the same port? 1174374589 M * lylix no no... w/ mutliple guests w/ 1 IP each, works fine 1174374614 M * lylix problem is w/ a single guest w/ mutliple IPs and application set w/ 0.0.0.0 binding 1174374623 M * lylix it claims the port is in use and craps 1174374879 M * lylix setting up a test guest on that vcc machine you looked at before... 1174374885 M * lylix kernel 2.2.0_rc12 1174374893 M * lylix and it will be the only guest on the syste, 1174374924 M * daniel_hozac so one guest, multiple IPs triggers it? 1174374941 M * lylix gimme one sec, ill bind another ip to this one just to confirm that 1174374990 J * ensc ~irc-ensc@p54B4E57E.dip.t-dialin.net 1174375009 M * lylix hmm, interesting... this time it wasnt triggered! 1174375028 M * lylix 1 guest, 2 IPs, yate started w/o errors/warnings 1174375033 M * lylix let me fire up another guest 1174375272 Q * cdrx Ping timeout: 480 seconds 1174375337 Q * dghill Ping timeout: 480 seconds 1174375362 M * lylix k, here is how to reproduce it from my tests 1174375515 J * gab ~gab@158.36.45.236 1174375614 M * daniel_hozac where? :) 1174375634 M * lylix sri, 1 sec... 1174375647 M * lylix k, here goes 1174375677 M * lylix guest1, 1IP, startup yate and no errors/warnings 1174375681 M * lylix this guest is left running 1174375698 M * lylix guest2, 1IP, startup yate and no errors/warnings 1174375713 M * lylix now... when guest2 is shutdown and a second IP assigned: 1174375732 M * lylix guest2, 2IPs, start yate and get port bind errors 1174375756 M * daniel_hozac what addresses are you assigning? 1174375785 M * lylix if a guest is the only one one the system, it can have mutliple IPs and works fine... so the precense of a second vserver is what trips it in a multi-IP vserver 1174375793 M * lylix publics 1174375814 M * lylix 7X.X.20X.2X 1174375834 M * lylix guest1 = .22 1174375842 M * lylix guest2 = .20 and .21 1174375915 Q * gab cation.oftc.net galapagos.oftc.net 1174375915 Q * Aiken cation.oftc.net galapagos.oftc.net 1174375915 Q * andres cation.oftc.net galapagos.oftc.net 1174375915 Q * phedny cation.oftc.net galapagos.oftc.net 1174375915 Q * tokkee cation.oftc.net galapagos.oftc.net 1174375915 Q * glut cation.oftc.net galapagos.oftc.net 1174375915 Q * mEDI_S cation.oftc.net galapagos.oftc.net 1174375915 Q * fs cation.oftc.net galapagos.oftc.net 1174375956 M * lylix now, if i shutdown the app in guest1 (1IP), and then startup in guest2 (2IPs), it works fine 1174375993 M * lylix but then going back to guest1 (1IP), the app errors w/ bind problems 1174376025 J * gab ~gab@158.36.45.236 1174376025 J * Aiken ~james@ppp250-73.lns2.bne4.internode.on.net 1174376025 J * andres ~as.sa@rtfm.ping.ee 1174376025 J * phedny ~mark@ip56538143.direct-adsl.nl 1174376025 J * tokkee tokkee@ssh.faui2k3.org 1174376025 J * glut glut@no.suid.pl 1174376025 J * mEDI_S ~medi@snipah.com 1174376025 J * fs fs@213.178.77.98 1174376284 M * lylix seeing this behavior across all systems... ranging from kernel 2.6.18-vs2.1.1 - 2.6.19-vs2.3.0.6 1174376363 M * daniel_hozac weird. 1174376446 M * daniel_hozac works fine here using chbind and nc. 1174376495 M * daniel_hozac i.e. chbind --nid 42 --ip 10.0.0.1/8 -- nc -l 0.0.0.0 4242 & chbind --nid 43 --ip 10.0.0.2/8 --ip 10.0.0.3/8 -- nc -l 0.0.0.0 4242 & doesn't error 1174376498 M * daniel_hozac . 1174376525 M * lylix apache bind ok... 1174376565 M * daniel_hozac so yate is what's causing it? 1174376572 M * daniel_hozac (whatever that is) 1174376577 M * lylix yate and asterisk are effected for sure 1174376610 M * lylix yate is a voip engine 1174376653 M * daniel_hozac could you upload an entire strace of that? 1174376665 M * lylix sure... 1174376762 M * lylix ill have to go in chunks 1174377014 M * lylix http://paste.linux-vserver.org/1331 - http://paste.linux-vserver.org/1334 1174377028 M * lylix what is the paste line limit anyways? 1174377118 Q * gerrit Ping timeout: 480 seconds 1174377355 M * daniel_hozac no idea. 1174377653 J * yarihm ~yarihm@pub-wlan.office.nine.ch 1174377723 M * lylix the chbinds above also work here on same target host 1174377750 J * dna ~naucki@p54bce1c3.dip.t-dialin.net 1174377790 N * DoberMann DoberMann[PullA] 1174377862 M * lylix you can try running the app in a pair of vservers 1174377866 M * lylix http://yate.null.ro/tarballs/yate1/yate-1.1.0-1.tar.gz 1174377890 M * lylix ./configure && make && ./run & 1174377960 Q * Aiken Quit: Leaving 1174378725 J * meandtheshel1 ~markus@85-124-36-142.dynamic.xdsl-line.inode.at 1174378983 J * cdrx ~legoater@blueice2n1.uk.ibm.com 1174379960 M * lylix only thing worth noting is that the SIP/IAX use UDP as opposed to TCP 1174380038 J * prae ~benjamin@foxhound.sherpadown.net 1174380604 M * daniel_hozac still works fine if i add a -u to the nc. 1174380604 Q * infowolfe_ Read error: Connection reset by peer 1174380712 M * matti :) 1174380832 J * infowolfe ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net 1174381887 Q * prae Quit: Pwet 1174382395 J * bonbons ~bonbons@83.222.39.9 1174383355 Q * yarihm Quit: Leaving 1174383482 Q * _cob Read error: Connection reset by peer 1174383731 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl 1174383759 N * Bertl_zZ Bertl_oO 1174384592 Q * cdrx Read error: Connection reset by peer 1174384690 J * yarihm ~yarihm@whitehead2.nine.ch 1174384865 J * lilalinux ~plasma@dslb-084-058-204-186.pools.arcor-ip.net 1174384995 Q * lilalinux Remote host closed the connection 1174385241 J * lilalinux ~plasma@dslb-084-058-204-186.pools.arcor-ip.net 1174387159 J * ema ~ema@rtfm.galliera.it 1174387826 Q * shedi Quit: Leaving 1174387879 J * mjt_ ~mjt@nat.corpit.ru 1174387880 Q * mjt Remote host closed the connection 1174391128 Q * lilalinux Remote host closed the connection 1174391812 Q * derjohn Quit: by(t)e 1174392751 Q * ema Quit: leaving 1174394963 M * harry Bertl_oO: you there? 1174395010 M * Bertl_oO barely ... what's up? 1174395019 M * harry wiiiiiii 1174395021 M * harry eth0 atm 1174395024 M * harry but that's not the q :) 1174395033 M * harry will there be a rc20 any time soon? 1174395041 J * dghill dghill@office.mel.illuminate.com.au 1174395046 M * harry are there still bugs in rc19 that are known? 1174395063 M * harry i'm gonna upgrade some of our servers 1174395065 Q * mnemoc Ping timeout: 480 seconds 1174395128 M * harry yesterday, i updated patch, 5 min later, there was a new rc :) 1174395255 M * daniel_hozac yes, there are known bugs in rc19. 1174395323 M * harry bad ones? 1174395396 M * harry i mean impact etc... 1174395426 A * harry meeting now... will catch up later 1174395446 N * Bertl_oO Bertl 1174395449 J * mnemoc ~amery@kilo105.server4you.de 1174395458 M * Bertl wb dghill! 1174395494 M * Bertl daniel_hozac: did you get my rant from tonight? 1174395521 M * Bertl daniel_hozac: ah, yes, no, I didn't unify, I did de-unify them :) 1174395685 M * daniel_hozac Bertl: yeah, i saw it. 1174395706 M * daniel_hozac Bertl: ah, right. 1174395767 M * Bertl so the help needs correction there ... and I somehow got the feeling the de-unification is _very_ slow 1174395782 M * Bertl i.e it took about 4 hours for 200 guests? 1174395803 M * Bertl while unification was done in 20min or so 1174395812 M * Bertl (probably less) 1174395987 J * jrc ~jrc@cpe.atm2-0-1051059.0x50a09f6a.bynxx11.customer.tele.dk 1174395994 M * Bertl wb jrc! 1174396028 M * jrc hmm, auto greet? 1174396044 M * Bertl jrc: nope, bot in wetware :) 1174396052 M * jrc ah 1174396060 N * jrc Wenix 1174396166 M * Wenix I have a problem, that one of my vservers (an Ubuntu guest on a Gentoo host), the init process goes and no startups scripts are being run 1174396216 M * Wenix This is my only Ubuntu guest, all other vservers of other distributions work fine (Debian, Gentoo, Trustix, etc) 1174396216 M * Bertl hmm, defunct isn't good .. means your init died and wasn't reaped 1174396231 M * Bertl what kernel/patch version? 1174396246 M * Wenix 2.6.17-vs2.0.2.1-gentoo 1174396259 M * Bertl can't hurt to try a newer one :) 1174396290 M * Bertl alternative is to strace -fF the init process, which is kind of tricky .... 1174396313 M * Bertl did you try to run the debian guest without init yet? 1174396320 M * Wenix can I trick it somehow with chcontext? 1174396357 M * Wenix Bertl: Debian works, Ubuntu fails.. do you mean Debian? 1174396420 M * Bertl ah, probably depends on the ubuntu version, IIRC they use strange dependancy scripts instead of sysv (recently) 1174396438 N * mjt_ mjt 1174396490 M * Wenix That might be, I don't know much about Ubuntu.. I just hoped it was a simple error I had made somewhere 1174396490 J * click click@ti511110a080-4806.bb.online.no 1174396507 M * Wenix 1 ? S 0:00 /sbin/init 1174396507 M * Wenix 4867 ? Zs 0:00 [init] 1174396589 M * Bertl well, generally speaking, zombies should never happen 1174396608 M * ntrs Does anyone know an easy way to create a new ubuntu vserver? 1174396611 M * Bertl when init inside a guest dies, it should be reaped by the host init 1174396630 M * Bertl ntrs: IIRC, it can be debootstrapped like debian 1174396654 M * ntrs Bertl, can you show me a complete command line to create it? 1174396767 M * Bertl vserver vubuntu build -m debootstrap --hostname vubuntu.myvservers.net --netdev eth0 --interface 192.168.0.42/24 --context 42 -- -d breezy -m http://us.archive.ubuntu.com/ubuntu 1174396796 M * ntrs Bertl, thank you very much 1174396816 M * Bertl np, let me know if it worked for you 1174397741 M * Wenix Bertl: I'm trying to figure out how to do an strace on init - if you have the patience, can you give me a few clues? - what I'm trying now is chcontext --ctx 8000, strace -fF chroot /sbin/init ... but I can see that this is not the way init is supposed to be started 1174397785 M * Bertl yes, that's the problem 1174397797 M * Wenix Bertl: If you have better things to do, then please don't waste time on this.. I have plenty of time to read docs :) 1174397807 M * Bertl in theory, you can do it like this: 1174397823 M * Bertl - create a process inside the guest 1174397829 M * Bertl - spawn a stopped init 1174397842 M * Bertl - set the guest init to that one 1174397853 M * Bertl - continue with a forked strace -fF on that 1174397885 M * Bertl (this might be implemented by future userspace tools, although I doubt it :) 1174397928 M * Bertl what about log messages? 1174397954 M * Wenix couldn't see anything that seemed related 1174397983 M * Bertl what about inside the guest? 1174397992 M * Bertl init is supposed to log something, no? 1174398061 M * ntrs Bertl, can I install Dapper Drake (6.06) ubuntu using the line you gave me? 1174398090 M * Bertl if you get the host right and it actually can be debootstrapped, why not? 1174398095 M * Wenix Bertl: I'll check some more 1174398100 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net 1174398124 M * Wenix Bertl: I'll return when I have some more to work on 1174398136 M * ntrs Could not find local version of 'debootstrap'; downloading it from 1174398136 M * ntrs http://ftp.debian.org/debian/pool/main/d/debootstrap/debootstrap_0.3.3_all.deb... 1174398136 M * ntrs http://ftp.debian.org/debian/pool/main/d/debootstrap/debootstrap_0.3.3_all.deb: 1174398136 M * ntrs 08:41:52 ERROR 404: Not Found. 1174398144 M * ntrs Why is it looking at debian.org? 1174398228 M * Bertl because debootstrap usually comes from there? 1174398262 M * Bertl probably they updated and removed the old one 1174398277 M * ntrs so, installing this is a no-go currently? 1174398282 M * Bertl 0.3.3.2 is up-to-date 1174398286 M * Bertl just adjust it 1174398296 M * ntrs adjust what? 1174398303 M * daniel_hozac the URL. 1174398310 M * ntrs where is the URL stored? 1174398316 M * daniel_hozac that message is _really_ verbose. 1174398322 M * daniel_hozac it tells you _exactly_ what to do. 1174398338 M * ntrs daniel_hozac, no it does not tell me what to do. 1174398355 M * ntrs The command line does not have that URL anywhere in there 1174398364 M * ntrs So, it must be reading it from some file. 1174398383 M * daniel_hozac you don't get the "ERROR: Could not download the debootstrap package from" message? 1174398394 Q * cdrx 1174398399 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net 1174398406 M * Bertl daniel_hozac: I assume older tools there 1174398409 M * ntrs oops, yes I do, now I see it. Sorry. and thanks. 1174398417 M * ntrs The tools seem to be ok. 1174398502 M * ntrs Ok, now I get this: 1174398504 M * ntrs E: No such script: /var/tmp/debootstrap.fr2984/usr/lib/debootstrap/scripts/dapper 1174398510 M * ntrs Is dapper not supported? 1174398848 M * ntrs Can dapper be installed given the error above?? 1174398912 M * Bertl I have no idea ... try with debootstrap (without the tools) 1174398927 M * Bertl if that works for you, I'm pretty sure the tools can be 'adjusted' 1174399144 J * mcp ~hightower@wolk-project.de 1174399166 Q * DreamerC Ping timeout: 480 seconds 1174399223 Q * ruskie Remote host closed the connection 1174399223 Q * _mcp Read error: Connection reset by peer 1174399337 J * ruskie ruskie@ruskie.user.oftc.net 1174399426 M * ntrs Yes, the script for dapper is missing in /var/tmp/debootstrap.fr2984/usr/lib/debootstrap/scripts 1174399440 M * ntrs Does anyone have a script for dapper? 1174399489 Q * cdrx Quit: Leaving 1174399580 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net 1174399603 M * daniel_hozac you can point it at Ubuntu's debootstrap package. 1174399644 M * ntrs is there an option for that? 1174399658 M * daniel_hozac well, you already had to point it at 0.3.3.2, no? 1174399670 M * daniel_hozac just use the equivalent Ubuntu version of the URL. 1174399700 J * gerrit ~gerrit@c-67-160-146-170.hsd1.or.comcast.net 1174399713 M * ntrs Does it have to be a .deb or can it also be a .tar.gz? 1174399733 Q * cdrx 1174399752 M * daniel_hozac it has to be a .dev. 1174399756 M * daniel_hozac s/dev/deb/ 1174399790 M * ntrs ok 1174400002 J * cdrx ~legoater@cap31-3-82-227-199-249.fbx.proxad.net 1174400297 J * derjohn ~derjohn@80.69.41.3 1174400325 M * Bertl wb cdrx! derjohn! 1174400373 M * derjohn hey Bertl ! 1174400389 M * derjohn nice to get a greeting from you :) 1174400416 M * Bertl yeah, doesn't happen that often, does it? :) 1174400506 M * cdrx hello Bertl ! 1174400519 M * harry it's all about the ladies 1174400611 M * lylix daniel_hozac: i dont think `nc -l 0.0.0.0 4242` is doing what you expect: 1174400617 M * lylix 0.0.0.0: inverse host lookup failed: Unknown host 1174400617 M * lylix listening on [any] 38351 ... 1174400632 M * lylix its binding to a random port... 1174400645 M * Bertl try -s and -p 1174400653 M * Bertl nc needs that for the listen part 1174400662 M * lylix using this to debug w/ : nc -v -l -u -p 4569 1174400672 M * lylix to open a UDP on said port 1174400709 M * daniel_hozac lylix: that depends on the nc version. 1174400730 M * daniel_hozac with mine, specifying -l and -p isn't possible. 1174400736 M * Bertl ah, yes, indeed, there are many of them :) 1174400737 M * lylix k, v1.10 here on deb 1174400766 M * ntrs Bertl, daniel_hozac, that worked. Thanks. 1174400788 M * daniel_hozac 1.84 on Fedora here. 1174400811 M * lylix when running the above nc, and then starting the 'yate' server in the other guest, it is erroring on only that particular port 1174400824 M * lylix however, running the same nc command in that guest binds ok 1174400829 M * lylix very bizarre 1174400847 M * Bertl ntrs: now be so kind and paste the entire line which worked for you somewhere :) 1174400856 M * ntrs Sure 1174400880 M * ntrs vserver 0000ubuntu build -m debootstrap --hostname ubuntu --netdev eth0 --interface 209.135.140.79/24 --force --context 777 -- -d dapper -m http://us.archive.ubuntu.com/ubuntu 1174400900 M * ntrs Bertl, you want me to paste it in a particular location on the wiki? 1174400916 M * daniel_hozac e.g. the Building Guest Systems page would make sense. 1174400960 M * Bertl ntrs: I'll do that 1174400974 M * ntrs Ok, I was looking for that page already. 1174400977 M * daniel_hozac ntrs: you didn't have to point it at Ubuntu's debootstrap, just the mirror? 1174401002 M * ntrs I did point to the debootstrap but that is in the uri file. 1174401019 M * daniel_hozac so, just that command won't work unless you're on Ubuntu. 1174401025 M * ntrs http://mirrors.kernel.org/ubuntu/pool/main/d/debootstrap/debootstrap_0.3.3.0ubuntu2_all.deb 1174401039 M * Bertl daniel_hozac: I'll start a page: Guest Distributions 1174401050 M * ntrs yes, just use the line above inside the uri file 1174401052 M * daniel_hozac Bertl: hmm? what's wrong with Building Guest Systems? 1174401064 M * Bertl daniel_hozac: and I walk through all the different guest distros and do an example 1174401066 M * ntrs Building guest systems makes more sense to me. 1174401096 M * Bertl daniel_hozac: i.e. one line per guest distro (or so), basic install, no cleanup 1174401143 M * daniel_hozac well, i'd prefer Building Guest Systems have all the information required. 1174401157 M * Bertl okay, but then we should remove the existing contents 1174401166 M * daniel_hozac yes, that has always bugged me. 1174401177 M * Bertl okay, then I take that page :) 1174401195 M * daniel_hozac didn't want to remove it before i had something to replace it with ;) 1174401198 M * Bertl and move the existing page to Ubuntu something 1174401240 M * ntrs I can't even find the building guest systems page. 1174401252 M * Bertl http://linux-vserver.org/Building_Guest_Systems 1174401267 M * Bertl but as I said, will replace that shortly 1174401799 Q * gab Quit: Leaving 1174401996 J * DavidS ~david@vpn.uni-ak.ac.at 1174402105 M * Bertl good afternoon DavidS! 1174402131 M * DavidS welcome to this timezone bertl :) 1174402254 M * Bertl ntrs: how did you specify the ubuntu debootstrap? 1174402316 M * ntrs Bertl, in the uri file 1174402323 M * Bertl which uri file? 1174402324 M * matti Bertl: :) 1174402328 Q * Greek0 Read error: Connection reset by peer 1174402345 J * Greek0 ~greek0@85.255.145.201 1174402349 M * Bertl daniel_hozac: can the debootstrap url be specified on the command line? 1174402392 Q * glut Ping timeout: 480 seconds 1174402396 M * ntrs /etc/vservers/.defaults/apps/debootstrap/uri 1174402437 M * Bertl well, that is probably not the best way to do it ... but thanks 1174402571 M * Bertl daniel_hozac: seems to me the debootstrap is kind of hardcoded atm, can we change that soon? (i.e. it doesn't even depend on the distro or so ...) 1174402629 M * daniel_hozac hmm? 1174402637 M * Bertl or am I missing something? 1174402639 M * daniel_hozac yes, the same debootstrap URL is used for all builds. 1174402664 M * Bertl okay, please pretty please add at least an option to the debootstrap build to specify that 1174402684 M * Bertl (i.e. override the default) 1174402789 M * Bertl daniel_hozac: can I use '#' to comment out stuff in the debootstrap.uri file? 1174403075 M * Bertl the answer is no :( 1174403180 M * Bertl daniel_hozac: long outstanding feature request: remove leftover when error on build, we do not want everybody and his dog to use --force unconditionally :) 1174403372 M * lylix Bertl: k, to bring you up to speed on what problem we're seeing 1174403376 M * bXi ARGH 1174403386 M * Bertl hey bXi! :) 1174403390 M * bXi yo Bertl 1174403403 M * bXi how are you today? 1174403414 M * Bertl bXi: knee deep in snow :/ 1174403418 M * lylix some applications (yate, asterisk) are having port binding issues (SIP 5060 UDP, IAX2 4569 UDP) 1174403434 M * bXi lylix: are they binding to 0.0.0.0 ? 1174403443 M * Bertl okay, issues mean, they cannot bind or bind wrong or what? 1174403466 M * lylix if all vservers on the host only have one IP, and each ast* is configured to bind to 0.0.0.0, all works fine 1174403473 M * bXi Bertl: i'm setting up linux on a point of sales machine 1174403476 M * lylix yes, issues = cannot bind to port 1174403491 M * bXi touchscreen and cashdrawer are refusing to cooperate tho 1174403492 M * Bertl lylix: okay, so the single IP special case works fine, not unexpected 1174403519 M * Bertl bXi: Linux-VServer related or just stupid hardware? 1174403527 M * lylix but as soon as one vserver is assigned 2+ IPs, either its own ast* install or the install of others has a bind problem 1174403538 M * bXi Bertl: stupid hardware 1174403559 M * Bertl lylix: but it doesn't share one (or both) ips with other guests, yes? 1174403567 M * lylix nope, all unique 1174403590 M * Bertl lylix: and you can reproduce the binding issues with e.g. nc? 1174403597 M * lylix nc does not seem to trip the bad behavior though 1174403613 M * Bertl neither as probe nor as cause? 1174403639 M * Bertl i.e. when you bind nc to 0.0.0.0 on a two ip guest 1174403651 M * lylix in neither situation 1174403652 M * Bertl do the other guests still work/start fine? 1174403679 M * lylix however... if i do an nc -l -u -p 4569 in one guest 1174403696 M * lylix the ast* IAX2 port 4569 will not bind 1174403717 M * Bertl but you can bind a nc in that guest to 4569 as well, yes? 1174403727 M * lylix and it doesnt seem to be specific to problems within a vserver w/ two IPs 1174403740 Q * gerrit Ping timeout: 480 seconds 1174403754 M * Bertl lylix: how are you entering the guests? 1174403754 M * lylix as long as one vserver on the system has two IPs, everyone eventually has bind issues 1174403777 Q * phedny Ping timeout: 480 seconds 1174403788 M * lylix on the test system w/ vcc, others using vserver XX enter 1174403809 M * bXi Bertl: you wouldnt perhaps know how serial devices in linux work 1174403865 M * lylix yes, an nc invocation in guest2 is successful w/ 4569 bind, but not the ast*, yate application 1174403866 M * Bertl bXi: reliably :) 1174403879 M * bXi Bertl: ooh maybe you can help me then 1174403912 M * bXi according to the bios of this POS system i have a com5/com6 1174403914 M * Bertl lylix: okay, then your next task is to get an strace -fF from the nc binding, and two from the ast, one failing and one succeeding 1174403919 M * lylix however, is it normal to be able to run the same nc invocation several times in one vserver? ie. binding to a port several times? 1174403921 M * bXi which would relate to ttyS4 and ttyS5 1174403932 M * bXi but their not there 1174403941 M * Bertl lylix: no, the nc will try for a short time (5 seconds or so) then fail 1174403958 M * Bertl bXi: dmesg? 1174403975 M * bXi not giving anything usefull 1174403982 M * Bertl bXi: serial devices can get very funny names, depending on bus system and/or manufacturer 1174404027 M * Bertl bXi: e.g. on my ipaq, the serial devices are ttySA0-3 1174404041 M * bXi but starting with ttyS ? 1174404049 M * lylix hmmm, ok... this is after about 1 minute: 1174404051 M * lylix root 26781 26751 0 15:20 pts/1 00:00:00 nc -l -u -p 4569 1174404051 M * lylix root 26782 26751 0 15:20 pts/1 00:00:00 nc -l -u -p 4569 1174404051 M * lylix root 26783 26751 0 15:20 pts/1 00:00:00 nc -l -u -p 4569 1174404056 M * bXi i only have ttyS[0-3] 1174404066 M * Bertl bXi: not necessarily, they can also be on the usb bus, for example 1174404133 M * bXi cant see anything usefull in dmesg 1174404137 M * bXi or in /dev/ 1174404165 J * stefani ~stefani@flute.radonc.washington.edu 1174404167 M * Bertl lylix: does that work on the host too? if so, it is probably intentional ... 1174404181 M * Bertl morning stefani! 1174404192 M * stefani hola 1174404196 Q * DavidS Quit: Leaving. 1174404299 M * lylix yes, same on the host 1174404328 M * Bertl okay, then something in the way it binds is different -> strace for ast* 1174404363 M * lylix anyways... ill run `nc -l -u -p 4569` in one guest... and get the straces from the 2 IP guest 1174404393 M * lylix straces from: nc, asterisk, and yate 1174404398 M * Bertl lylix: next step is to write a trivial C fragment, which does the same bindings ast* does (without all the other stuff) which fails reproduceably in the same context 1174404411 M * lylix then ill stop nc in the first context 1174404444 M * lylix and grab straces for nc,ast,yate in that case... which should all be successful according to tests 1174404468 M * lylix post all these to paste.linux-vserver.org? 1174404483 M * Bertl yep, or upload it somewhere on your sites if that is easier 1174404497 M * lylix prob much easier so i dont have to be careful about line limits 1174404498 M * Bertl (probably, because strace will output quite a lot) 1174404573 M * lylix k, brb 1174404715 M * Bertl daniel_hozac: is the debootstrap build method thread safe? i.e. can I start more of them in parallel without collisions/races? 1174404726 M * lylix Bertl: ill include `netstat -a` output as well prior to and after all traces 1174404729 M * daniel_hozac Bertl: that should happen already (re: leftovers). 1174404747 M * daniel_hozac Bertl: it should be, it should be using mktemp'd directories. 1174404756 M * Bertl daniel_hozac: oh? didn't happen here, sec, let me dig out the case 1174404856 M * Bertl daniel_hozac: http://paste.linux-vserver.org/1335 1174404874 M * daniel_hozac Bertl: IIRC the debootstrap method breaks that. 1174404899 M * Bertl can that be mended? 1174404902 M * daniel_hozac for sure. 1174404908 M * daniel_hozac i'll fix that as soon as i get home. 1174404953 M * Bertl okay, perfect ... I keep seeing the --force stuff in every howto recently ... so we have to improve that ... 1174405257 J * chand ~chand@212.99.51.254 1174405794 M * Bertl welcome chand! 1174405976 M * Wenix bye bertl, and thanks for the help 1174405999 Q * Wenix Quit: keep up the good work : 1174406082 M * Bertl daniel_hozac: hoary and breezy fail with a strange message after I: Base system installed successfully. (and there is nothing left in the install dir) known issue? 1174406118 M * Bertl the message is: 1174406127 M * Bertl /bin/rm: cannot remove directory `/etc/vservers/.defaults/vdirbase/breezy64/dev/.static/dev': Device or resource busy 1174406134 Q * yarihm Quit: Leaving 1174406198 J * dhansen ~dave@pool-72-90-117-15.ptldor.fios.verizon.net 1174406205 M * Bertl wb dhansen! 1174406219 M * dhansen Hi Herbert 1174406963 J * gerrit ~gerrit@bi01p1.co.us.ibm.com 1174406994 M * Bertl wb gerrit! 1174407007 M * bon hello there 1174407014 M * bon Bertl: are you situated in vienna? 1174407021 M * bon we could go for a beer :) 1174407021 M * Bertl hey bon! nearby yes 1174407049 M * Bertl bon: we are currently knee deep in snow ... 1174407083 M * bon klosterneuburg? 1174407096 M * Bertl actually laaben (bei neulengbach) atm 1174407160 M * bon not that far as i look on maps.google 1174407170 M * gerrit hi Bertl! 1174407201 M * Bertl bon: yep, if you feel like it, you can pay me a visit, I should have some beer in the basement (somewhere :) 1174407313 M * bon Bertl: cool, snow over here too, so we might have to postpone that :) 1174407381 M * Bertl yeah, I can understand that, I'm not leaving home today either ... 1174407715 M * Bertl daniel_hozac: another debootstrap related issue: http://paste.linux-vserver.org/1336 1174407788 J * phedny ~mark@ip56538143.direct-adsl.nl 1174407805 M * Bertl welcome phedny! 1174407811 M * phedny thank you 1174407827 M * phedny but I would like it more if the server doesn't crash :) 1174407846 M * Bertl why does it crash? 1174407851 M * phedny that I don't know 1174407866 M * Bertl do you have traces or oopses? 1174407872 M * phedny it doesn't respond to network 1174407888 M * phedny and when I connect a monitor (an hour or so after the crash) it's just blank 1174407906 M * Bertl hmm, you might want to attach a serial console 1174407926 M * phedny hmm 1174407934 M * phedny could a null-cable work? 1174407942 M * phedny I never did something with serial console 1174407949 M * Bertl yes, it works if you have two machines ... sec 1174407964 M * phedny hmm, diner is ready .. I'll be back in some time 1174407973 M * phedny thanks for the hint anyway :) 1174408031 M * Bertl http://vserver.13thfloor.at/Null-Modem/ 1174408208 M * harry 5390 root 25 0 99m 49m 904 R 100 0.2 1:34.39 ld -m elf_x86_64 -o vmlinux -T arch/x86_64/kernel/vmlinux.lds arch/x86_64/kernel/head.o arch/x86_64/kernel/head64.o ar 1174408218 M * harry is thta normal??? 1174408236 M * Bertl what? 1174408247 M * harry that linking is taking over 2 mins now 1174408249 M * harry for a kernel 1174408257 M * harry 8-way with 32GB ram 1174408275 M * harry (its done now btw... more than 2 mins) 1174408293 M * Bertl yes, if you compiled in the kitchensink, then that's normal :) 1174408442 M * lylix Bertl: http://lx-vs.net/vserver/ 1174408491 M * Bertl lylix: tx 1174408616 M * harry Linux legolas 2.6.19.7-grsec2.1.10-vs2.2.0-rc19 #2 SMP Tue Mar 20 17:45:02 CET 2007 x86_64 GNU/Linux 1174408633 M * lylix for all guest2 traces, guest1 had the nc command running on port 4569 1174408712 M * Bertl guest2 has only one ip, yes? 1174408747 M * Bertl lylix: what kernel/patch version is this? 1174408747 M * harry legolas:~# ip a|grep inet|wc -l 1174408748 M * harry 37 1174408749 M * harry moehaha :) 1174408751 M * lylix for uest2-asterisk-fail.txt it had 2 IPs 1174408754 J * DavidS ~david@85.125.165.34 1174408759 M * lylix for -ok it only had 1 IP 1174408773 M * lylix there is an `ip a` output at the head of each file 1174408793 M * Bertl lylix: okay, can you do am aix-ok with 2 ips, nothing else running? 1174408798 M * Bertl *an 1174408855 M * lylix 2.6.19-vs2.2.0-rc12 1174408905 M * lylix k, so you want a trace for one guest, 2IPs? (shutdown other guest?) 1174408912 J * q\ ~java@avr49-1-82-245-33-193.fbx.proxad.net 1174408919 M * q\ hello 1174408927 M * Bertl hello q\ :) 1174408932 M * q\ :) 1174408965 M * q\ err, I'm here for asking a question about my DHCP server :/ 1174408979 M * Bertl q\: go ahead ... (see topic) 1174408995 M * q\ thanks ;) 1174409009 M * q\ I managed to run it wihtout problem, thanks to wiki 1174409033 M * q\ but I can only receive packets from interface which it is bound to 1174409063 M * q\ I explain my configuration: my computer has two network interface, eth0 and eth1 1174409074 M * q\ my dhcp vserver is bound to eth1 1174409080 M * Bertl okay 1174409094 M * q\ everything works fine for request coming from eth1 1174409105 M * q\ but i can't forward requests from eth0 1174409124 M * q\ i tried packets redirection (iptables) and a dhcp relay 1174409133 M * Bertl I'd call that expected behavior .. I would be confused if it answered requests from eth0 if it is only bound to eth1 :) 1174409157 M * Bertl what's the problem with binding it to eth0 too? 1174409161 M * q\ but i don't receive any paquets on my vserver (listening with tcpdump) 1174409182 M * q\ humm I thought about that jsute before coming here 1174409199 M * q\ how can i do that ? 1174409219 M * q\ oh yeah 1174409230 M * q\ let-me try that :) 1174409234 M * Bertl :) 1174409257 M * Bertl q\: don't forget to explain the network layout to dhcpd 1174409268 M * Bertl (via the configuraion file) 1174409274 M * q\ yes 1174409287 M * q\ that will work i assume :) 1174409306 M * q\ but is there any documentation i can read about networking binding with verservs ? 1174409363 M * q\ because I can't really understand how it works, as i can't redirect network packets to it as if it where another computer (with NAT for exemple) 1174409378 M * Bertl the networking inside a Linux-VServer guest is identical to the networking on any Linux machine, except for two tiny details (so all Linux documentations apply) 1174409399 M * Bertl - iptables, routing and mangling happens on the host 1174409402 M * lylix Bertl: guest2-asterisk-ok-only-guest.txt 1174409418 M * Bertl - 127.0.0.1 is remapped to the first assigned ip 1174409419 M * q\ ok 1174409420 M * lylix guest2 w/ 2 IPs and all other contexts shutdown 1174409443 M * Bertl q\: i.e. Linux-VServer uses isolation (which is faster than a virtual network stack like UML has) 1174409460 M * Bertl lylix: tx 1174409462 M * q\ I read taht yes :) 1174409496 M * Bertl q\: so you do not do any routing or forwarding for guests other than you would do for the host (which actually has the ips) 1174409523 M * lylix im also writing up a quick "observations" file to summarize the conditions for failure and success 1174409527 M * Bertl q\: i.e. whenever you want to bend your head about a network config, simply forget about the guests, make it work on the host 1174409545 M * Bertl lylix: I'm already seeing an important difference here 1174409565 M * Bertl lylix: ast* seems to open an 'ip' socket instead of 'udp' 1174409587 M * q\ ok, thank you Bertl ! 1174409589 M * Bertl lylix: do you have the ast* sources at hand? 1174409597 M * lylix i noticed that 1174409600 M * Bertl q\: you're welcome! 1174409616 M * Bertl q\: feel free to hang around and ask ... 1174409635 M * lylix IPPROTO_IP vs. IPPROTO_UDP 1174409643 M * q\ I'll hang around 1174409764 M * lylix yes, i have ast* sources 1174409777 M * Bertl lylix: would be interesting to change that 1174409781 M * lylix checkout observations.txt 1174409922 Q * gerrit Ping timeout: 480 seconds 1174410091 J * boci^ boci@pool-4774.adsl.interware.hu 1174410210 M * lylix heh... here is a snippet from the source: 1174410212 M * lylix /* Make a UDP socket */ 1174410213 M * lylix netsocket = socket(AF_INET, SOCK_DGRAM, IPPROTO_IP); 1174410407 M * lylix recompiling now... 1174410500 J * Guest236 ~knoppix@87.243.141.155 1174410674 Q * Guest236 1174411928 M * daniel_hozac Bertl: IIRC that's a ubuntu problem, i.e. debootstrap fails to build when building it. 1174412018 M * Bertl nope 1174412035 M * Bertl the thing actually is this: 1174412058 Q * andres 1174412060 M * Bertl debootstrap leaves a strange mount (or two of them) in the dev dir 1174412073 M * Bertl which keeps the debian cleanup function from working 1174412087 M * Bertl I'm currently trying a workaround for that 1174412096 M * Bertl with a sepcial ubuntu cleanup function 1174412123 M * Bertl and it worked!! 1174412182 M * daniel_hozac ah, it's from the fixupDebian? 1174412206 M * Bertl yep, sec 1174412236 M * Bertl http://vserver.13thfloor.at/Stuff/delta-ubuntu.diff 1174412247 M * Bertl (this fixes it for me, for breezy) 1174412252 M * Bertl testing hoary now 1174412386 M * Bertl hmm, but it breaks newer releases, so it will need an all fine return value or so 1174412420 M * daniel_hozac hmm, wouldn't it be easier to just run debootstrap in its own namespace? 1174412436 M * daniel_hozac wouldn't that automatically get rid of all the mounts? 1174412439 Q * trippeh Remote host closed the connection 1174412455 M * Bertl daniel_hozac: good idea 1174412738 M * Bertl daniel_hozac: what about the debootstrap caching? 1174412774 M * Bertl was there a solution for that? is that planned somehow? is that distro specific or so? 1174412796 M * daniel_hozac didn't someone say they'd do that? 1174412835 M * daniel_hozac (i haven't seen a patch yet) 1174412839 M * Bertl no idea, maybe? 1174412849 M * Bertl do you remember _who_? 1174412878 J * shedi ~siggi@ftth-237-144.hive.is 1174412892 M * Bertl wb shedi! 1174412893 M * daniel_hozac unfortunately not.... 1174412902 M * shedi thank you kind sir 1174413015 M * Bertl daniel_hozac: if you find out who, let me know and I go poking ... 1174413263 M * Bertl daniel_hozac: okay, using the || : trick makes it work here, better solutions always welcome 1174413278 M * daniel_hozac hmm, which part? 1174413290 M * Bertl the unmount/install issue (delta) 1174413298 M * Bertl something like this: 1174413311 M * Bertl $_UMOUNT -f "$1"/dev/.static/dev >/dev/null 2>&1 || : 1174413330 M * Bertl and same for */dev 1174413347 M * daniel_hozac ok, well, does http://people.linux-vserver.org/~dhozac/p/uv/experimental/delta-ubuntu-build.diff work? 1174413378 M * Bertl I'll give it a try, right when hoary finished 1174413605 M * arachnist daniel_hozac: uhm, i didn't knew about COW 1174413639 M * daniel_hozac Bertl: http://svn.linux-vserver.org/projects/util-vserver/changeset/2519 should do what it says. 1174413682 J * er ~yakker@aegis.CS.Princeton.EDU 1174413701 M * daniel_hozac hmm, it's incomplete though as it'd leave the downloaded debootstrap around... 1174413965 Q * phedny Ping timeout: 480 seconds 1174414083 J * phedny ~mark@ip56538143.direct-adsl.nl 1174414412 J * lilalinux ~plasma@dslb-084-058-204-186.pools.arcor-ip.net 1174414443 Q * lilalinux Remote host closed the connection 1174414494 J * lilalinux ~plasma@dslb-084-058-204-186.pools.arcor-ip.net 1174414519 Q * lilalinux Remote host closed the connection 1174414607 Q * DavidS Quit: Leaving. 1174414747 J * lilalinux ~plasma@dslb-084-058-204-186.pools.arcor-ip.net 1174414950 M * Bertl daniel_hozac: testing now with hoary and dapper 1174414958 J * pflanze ~chris@84-73-56-197.dclient.hispeed.ch 1174414967 M * Bertl (i.e. we'll know in a few minutes) 1174414986 M * pflanze hello 1174414991 M * Bertl hello pflanze! 1174415050 Q * chand Quit: chand 1174415336 Q * phedny Quit: server reboot 1174415619 J * phedny ~mark@ip56538143.direct-adsl.nl 1174416336 M * lylix Bertl: modifying chan_iax.c in ast* w/ IPPROTO_UDP had no effect 1174416595 M * daniel_hozac and strace shows the modification? 1174416765 M * Bertl lylix: yes, please double check that the strace now shows the proper protocol 1174416808 M * mjt as in socket(PF_INET,SOCK_DGRAM,IPPROTO_UDP)? 1174416820 M * mjt or is it something else? 1174417043 M * Guy- strange. I have gdm running in a vserver with xdmcp enabled; I can see it listening in netstat and nmap from the host says it's open|filtered. However, a remote client can't connect and receives an ICMP port unreachable. The INPUT and the FORWARD chains of the host allow all traffic from the client. What could be wrong? 1174417104 M * Bertl mjt: yep 1174417104 J * SadMan sadman@sadman.net 1174417111 M * Bertl welcome SadMan! 1174417152 M * mjt usually it doesn't matter whenever to use IPPROTO_UDP or just pass `0' there. 1174417167 M * mjt most server applications does the latter 1174417277 M * Bertl yeah, problem is, that it seems to make a difference here (or something else does) 1174417586 M * mjt i think it's something else ;) 1174418671 M * Bertl daniel_hozac: yep, seems to work fine ... tx! 1174418705 Q * arachnist Quit: Reconnecting 1174418706 J * arachnist arachnist@088156185052.who.vectranet.pl 1174418795 M * daniel_hozac Bertl: ok, thanks for testing 1174418982 M * Guy- I don't get this XDMCP issue. It works some of the time for a Linux client, and sometimes even the Windows client gets a UDP reply from port 177, but its next packet elicits an ICMP port unrachable even then. I'm perplexed... 1174419119 M * Guy- I have an explicit ACCEPT rule in the FORWARD chain now and I see the counter increment, so the rule is OK 1174419131 M * Guy- stracing gdm just shows me it's sitting in a poll() 1174419173 M * Bertl X inside a guest or the client? 1174419195 M * Guy- gdm inside a guest, X on a different physical computer 1174419251 M * Bertl Guy-: double check that the connection is complete, i.e. not just the syn, also ack and actual data 1174419282 M * Guy- this is UDP 1174419317 M * Guy- the strange thing is I can see gdm listening on 192.168.0.8:177 in netstat -nulp (inside the guest) 1174419323 M * Guy- the host firewall lets the packets pass 1174419330 M * Guy- and still I get an ICMP port unreachable 1174419333 M * Guy- (on the client) 1174419354 M * Bertl hmm, tcpdump? 1174419371 M * Guy- yes, tcpdump is what shows me the ICMP 1174419426 M * Guy- 20:36:55.514855 IP 192.168.0.11.32843 > 192.168.0.8.177: UDP, length 7 1174419426 M * Guy- 20:36:55.551099 IP 192.168.0.8 > 192.168.0.11: ICMP 192.168.0.8 udp port 177 unreachable, length 43 1174419429 M * Guy- like this 1174419475 M * Guy- and the packets definitely get through iptables: 1174419476 M * Guy- Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) 1174419476 M * Guy- pkts bytes target prot opt in out source destination 1174419479 M * Guy- 17 595 ACCEPT udp -- * * 192.168.0.11 0.0.0.0/0 udp dpt:177 1174419567 M * Bertl 192.168.0.8 is outside the host, yes? 1174419575 M * Guy- 0.8 is the guest 1174419579 M * Guy- 0.11 is the outside client 1174419632 M * Bertl so the host answers port unreachable to a request from outside, yes? 1174419660 M * Guy- yes 1174419686 M * Guy- and the packet apparently never reaches gdm running in the guest 1174419717 N * DoberMann[PullA] DoberMann 1174419750 M * Bertl Guy-: hmm, strange ... 1174419759 M * Guy- that's what I thought 1174419784 M * Guy- but what's even stranger is that it worked sporadically for a while 1174419789 J * jmcaricand ~kvirc@d83-179-237-189.cust.tele2.fr 1174419809 M * Guy- now it works again 1174419839 M * Guy- but only for 0.11, not for 0.1 (it has a similar ACCEPT rule) 1174419879 M * daniel_hozac where are the FORWARD rules? on your gateway between the client and server? 1174419897 M * Guy- no, on the host that runs the vserver guest with gdm in it 1174419905 M * Guy- the clients and this box are on the same LAN 1174419925 M * daniel_hozac hmm, so why FORWARD then? 1174419972 M * Guy- I also have INPUT 1174419990 M * Guy- I assumed forward war relevant because those are the counters I see incrementing 1174419995 M * Guy- *was 1174419997 M * daniel_hozac which is weird. 1174420018 M * Guy- 0.8 is only the address of this particular guest, otherwise the IP of the host running it is 0.4 1174420021 M * Bertl maybe some weird routing setup? 1174420041 M * Bertl (would explain the forward chain) 1174420049 M * Guy- there's nothing weird about it that I can see... other vservers work fine 1174420101 M * Guy- OK, the INPUT counters are also incrementing 1174420118 M * Guy- so the packets apparently go both through FORWARD and INPUT... does that make sense? 1174420138 M * Bertl well, the reach input, so far so good 1174420145 M * Bertl normally they would terminate there 1174420157 M * Bertl unless there is some specific route redirecting 1174420171 M * Bertl the packets elsewhere, in which case, it passes forward too 1174420172 Q * lilalinux Remote host closed the connection 1174420181 M * Bertl and then would leave via output 1174420226 J * prae ~benjamin@foxhound.sherpadown.net 1174420266 M * Guy- OK, this is truly weird 1174420282 M * Guy- on some attempts, the INPUT counter is incremented; on others, it isn't, but FORWARD is 1174420311 M * Guy- I now placed a similar rule in the OUTPUT chain (just -p udp --dport 177 -j ACCEPT), but its counter stays zero 1174420373 M * Guy- I'm not doing anything fancy with routing 1174420387 M * Guy- 'ip ru sh' is plain vanilla 1174420484 M * Guy- mangle table is empty 1174420490 J * ema ~ema@rtfm.galliera.it 1174420496 M * Bertl try to flush theroutingcahce 1174420529 M * Guy- how do I do that? 1174420542 M * Bertl ip route cache flush (or so :) 1174420881 J * dev-zero ~TizianoMu@gw.ptr-80-238-132-170.customer.ch.netstream.com 1174420899 M * dev-zero hi everyone 1174420903 M * Bertl wb dev-zero! 1174420907 M * dev-zero hey Bertl :) 1174420932 M * dev-zero I have vserver+grsec here 1174420942 M * Guy- Bertl: let's just say that was not a very good idea :) 1174420951 J * gerrit ~gerrit@mobile-166-214-226-088.mycingular.net 1174420962 M * Bertl Guy-: not ip route flush 1174420992 M * dev-zero if a user tries to execute "./configure" in a vserver, grsec's tpe kicks in and denies the execution of /bin/sh, what can I do? 1174420997 M * Guy- ip ro help doesn't know anything about 'cache' 1174421007 M * dev-zero adding this user to a group with the tpe_gid doesn't help 1174421020 M * Bertl dev-zero: configure grsec or remove/disable it? 1174421085 M * dev-zero Bertl: well, if I disable it, it works of course 1174421126 M * dev-zero Bertl: do I find some infos for this in the wiki? 1174421127 M * Bertl dev-zero: maybe harry knows more ... I don't use grsec 1174421133 J * glut glut@no.suid.pl 1174421193 M * Bertl Guy-: http://linux-ip.net/html/tools-ip-route.html 1174421214 M * Bertl D2.10 1174421317 M * Guy- OK, but no, flushing the cache has no effect 1174421373 M * Bertl okay, could you upload all the output you can produce with 'ip' and 'iptables' somewhere? 1174421392 M * Guy- sure 1174422186 M * Guy- Bertl: can I send it to you via dcc? 1174422207 M * Guy- about 4k 1174422237 M * Bertl can you put it up somewhere? daniel_hozac and others might want to take a look too? 1174422328 M * Guy- we-ell... I'm not sure I'm comfortable with sharing my firewall configuration with the entire world 1174422345 M * Guy- OK, I'll mask the ppp0 IP and upload it 1174422393 M * Bertl make that, tx 1174422472 M * Guy- http://chardonnay.math.bme.hu/~korn/tmp/vserver-udp-weirdness.tar.bz2 1174422651 M * Bertl hmm ... you have a bridging setup? 1174422683 M * Bertl maybe with ebt enabled? 1174422712 M * Bertl local 192.168.0.8 dev br0 table 255 proto kernel scope host src 192.168.0.4 1174422733 M * Bertl why src 192.168.0.4? 1174422802 M * Guy- no ebtables 1174422858 M * Guy- I have no idea why it says src 192.168.0.4, but it does that for all vservers and the others work fine 1174422894 M * Guy- I updated the tar.bz2 with sample tcpdump output that actually shows a reply to the first UDP packet before replying with ICMP port unreachable to the second one 1174422935 M * lylix Bertl: yes, strace shows the mod 1174422936 Q * prae Quit: Pwet 1174422954 M * Bertl lylix: and still it fails, yes? 1174422981 M * Bertl Guy-: what is the ip of a 'working' guest? 1174422995 M * Bertl Guy-: I don't see that many ips in your data? 1174423028 M * Guy- Bertl: 0.19 1174423078 M * Guy- the other vservers just use 0.4, like the host, so I guess that's a different situation 1174423096 M * Guy- but 0.19 is a guest IP and the services in that guest work flawlessly 1174423133 M * Bertl can we get the cache info for that ip too please? 1174423180 M * Guy- sure 1174423274 M * Guy- tar.bz2 updated 1174423279 M * Bertl tx 1174423498 M * lylix yep 1174423518 M * Guy- the strange thing is that I can only elicit the ICMP port unreachable using an X server 1174423532 M * Guy- if I send udp packets using netcat, nothing happens 1174423547 M * lylix socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 12 1174423547 M * lylix bind(12, {sa_family=AF_INET, sin_port=htons(4569), sin_addr=inet_addr("0.0.0.0")}, 16) = -1 EADDRINUSE (Address already in use) 1174423594 M * Guy- and if I set up udpsvd (a minimal udp server) instead of gdm on port 177, I get the same behaviour, so it's not a gdm issue 1174423634 M * lylix nc has this flag in setsockopt -> SO_REUSEADDR 1174423653 M * lylix im guessing that is how it can do multiple binds on the same port/IP? 1174423690 M * Guy- lylix: yes 1174423802 M * Guy- Bertl: what I also don't get is why some packets from 192.168.0.1 end up in the forward chain, but none of 0.11 1174424002 M * Bertl would it be possible to take down the entire iptables stuff for a test run? 1174424038 M * Guy- I guess 1174424061 M * Bertl okay, then please try that and flush the routing cache before testing 1174424084 M * Guy- but wouldn't it be enough to just iptables -I -s 192.168.0.1 -j ACCEPT in all tables, all chains? 1174424087 M * matti Bertl: :))))) 1174424096 M * Bertl I do not see anything obvious, but the limit rules might be involved somehow 1174424097 M * matti *BEEP* 1174424098 M * matti *BEEP* 1174424101 M * matti Coffee brake! 1174424101 M * matti ;] 1174424111 A * matti hands Bertl a cup of coffee. 1174424120 M * Bertl Coffee 'brake' <-- good one :) 1174424152 M * matti Aj ;p 1174424156 M * matti Ops. 1174424157 M * matti Whops. 1174424159 M * matti Sorry ;] 1174424165 M * matti Damn ;p 1174424179 M * matti s/brake/break/ 1174424184 M * matti Sorry :) 1174424188 M * matti ;p 1174424206 A * matti ashamed :< 1174424211 M * Guy- Bertl: sorry, that didn't make a difference 1174424226 M * Guy- Bertl: (I did -F followed by -X in the filter and the nat table) 1174424239 M * Guy- and cleared the routing cache 1174424268 M * Bertl no idea then atm ... 1174424347 M * Guy- from what I can see, it's only 192.168.0.1 that somehow can't connect... this is the only windows client, btw :) I'll try booting linux on it later and retest 1174424407 M * Guy- well, thanks for your efforts anyway 1174424429 M * Bertl np 1174425057 M * lylix Bertl: any thoughts on why bind() is returning -1 EADDRINUSE? I have a notion to try using the SO_REUSEADDR in setsockopt for the socket (as a test), but that kind of fix would be completely unmanagable in real use 1174425117 M * Bertl no idea yet ... we have to recreate it with some C code 1174425143 M * Bertl then I can do specific tests ad dumps 1174425191 J * Aiken ~james@ppp250-73.lns2.bne4.internode.on.net 1174425340 M * lylix k, any version of ast* source should do for reference. related code in asterisk/channels/chan_iax2.c or asterisk/channels/chan_sip.c 1174425385 M * lylix tested ast* version range from 1.0.7 - 1.4.1, though 1.2 is the preferred branch atm 1174425411 M * lylix but again, seeing this same problem w/ apps liek yate as well 1174425485 M * Bertl okay, I guess I need a nap now .. will try to recreate it when up again .. 1174425499 M * Bertl cya later folks! 1174425503 M * lylix k, tnx... ttyl 1174425507 N * Bertl Bertl_zZ 1174425547 P * stefani I'm Parting (the water) 1174426514 Q * eyck Ping timeout: 480 seconds 1174426770 M * Guy- Bertl: it works if 192.168.0.1 is also running linux... :) good night :) 1174427275 Q * jmcaricand Quit: KVIrc 3.2.4 Anomalies http://www.kvirc.net/ 1174427339 J * andres ~as.sa@rtfm.ping.ee 1174427957 N * DoberMann DoberMann[ZZZzzz] 1174428177 J * eyck ~eyck@nat.nowanet.pl 1174428443 Q * michal` Ping timeout: 480 seconds 1174428840 J * michal` ~michal@www.rsbac.org 1174432123 J * DreamerC ~dreamerc@125-225-101-89.dynamic.hinet.net 1174432252 Q * bonbons Quit: Leaving 1174432485 Q * Aiken Quit: Leaving 1174432751 J * pcdog ~pcdog@82.197.169.75 1174432758 M * pcdog hello guys 1174432774 M * pcdog can someone help me with Nat Setup? 1174432796 M * pcdog i cant get that running http://oldwiki.linux-vserver.org/HowtoPrivateNetworking 1174432829 M * pcdog i have followed more or less that, but i had added one more echo in the settings 1174432991 M * pcdog oh, excuse me - i got it running now - tried just a reboot... 1174433341 M * slack101 i have vserver installed 1174433347 M * slack101 i have 5 server ip's 1174433353 M * slack101 do i give each guest a local ip 1174433362 M * slack101 or do i give each guest a real ip ? 1174433368 M * slack101 whne i configure it ? 1174434168 M * pcdog you can choose 1174434182 M * pcdog if you dont have external ips - you can use nat 1174434506 Q * dna Quit: Verlassend 1174434633 Q * ema Quit: leaving 1174434656 M * slack101 pcdog: what do you mean.......how could you run them off nat ? 1174434663 M * slack101 how would incoming request wrork 1174434705 M * lylix iptables on the host 1174434727 M * slack101 ok? 1174434738 M * slack101 could that redirect incomng request 1174434745 M * slack101 plus i got external ip's 1174434754 M * slack101 i want to give each vserver their own ip 1174434806 M * lylix you can assign up to 16 IPs w/o patching the vserver patchset... so you can assign external or local IPs, whatever 1174434860 M * slack101 only 16 ? 1174434895 M * pcdog slack: with iptables 1174434908 M * slack101 how could it work for incoming though ? 1174434911 M * pcdog btw, can somebody help me with a weird problem? 1174434918 M * pcdog with portforwarding, slack 1174434936 M * slack101 heh w/e i just external ip's i can use 1174434944 M * slack101 i got 1174434947 M * pcdog i have the proble that on etch, newvserver is failing on creating a new vserver saying it already exists, what is lied 1174434955 M * slack101 but how do i set it up ? 1174434959 M * pcdog moment, seeking link 1174434970 M * pcdog http://oldwiki.linux-vserver.org/HowtoPrivateNetworking 1174434972 M * pcdog like this 1174434977 M * slack101 like when i setup the vserver ..........it ask for hostname ip etc 1174434988 M * slack101 but does iptables need ot do any forwardiing ? 1174435022 M * lylix 16 ips PER vserver... not overall 1174435036 M * slack101 i just want 1 per vserver 1174435084 M * lylix are you the fellow that was asking about running customer services in vserver w/ one public IP? 1174435114 M * pcdog u have a weird find error . do you know how to resolve that? find: warning: you have specified the -mindepth option after a non-option argument -name, but options are not positional (-mindepth affects tests specified before it as well as those specified after it). Please specify options before other arguments. 1174435120 M * pcdog that 1174435122 M * slack101 lylix: no 1174435141 M * lylix ok, i talked to a guy about this on gentoo-vserver a week or so ago 1174435163 M * slack101 lylix: i have a server i need ot setup 10 vservers ....... 1174435168 M * slack101 each one with their own ip 1174435171 M * slack101 and ye that was me 1174435171 M * lylix public? 1174435176 M * slack101 but i got my own ip;s