1175646059 Q * Piet_ Quit: Piet_ 1175646450 Q * lylix Quit: Leaving. 1175647076 J * karihre ~kari@dsl-214-44.hive.is 1175647189 M * karihre hi, if I wan't all my vservers (on a single host) to communicate with each other via a virtual "lan", can I create a tap device on the host machine for all servers to use and communicate through or is there some other way I'm missing? 1175647230 M * daniel_hozac why do you need a special interface? what do you want to accomplish that lo doesn't already? 1175647296 M * karihre hmm, I don't know, could I let all servers have ip's 10.1.1.X (for example) on the lo device and they could connect with each other? 1175647352 M * daniel_hozac if your firewall rules allow it, sure. 1175647441 M * karihre so it's as simple as # ifconfig lo:0 10.10.10.3 (or whatever) ? 1175647502 M * daniel_hozac you don't have to add them to the lo interface. 1175647514 M * daniel_hozac but i think that'd work. 1175647548 M * karihre hmm, what do you mean, what would you do? 1175647553 M * karihre (ok nice) 1175647578 M * daniel_hozac i just assign my guests IP addresses on the host's primary interface in the same network. 1175647683 M * karihre hmm yes, the problem is just that my server only has 2 ip addresses for external usage and I don't want possible conflicts with the computers around if they might have similar ips. Rather I would wan't all to happen internally and never leave the ethernet card. 1175647714 M * karihre that is internal vservers communication 1175647738 M * karihre so for that scenario you would recommend somthing in the lines of adding these ip's to the lo interface? 1175647816 M * daniel_hozac guest-to-guest communication will never go out to the network. 1175647829 M * daniel_hozac unless you've explicitly configured that with multiple routing tables etc. 1175647852 M * karihre not even in the case if some other computer on the other end of the ethernet card has the same ip? 1175647910 M * daniel_hozac no. 1175647920 M * daniel_hozac but stealing IP addresses is a bad idea anyhow. 1175647931 M * daniel_hozac if you don't have any external addresses, just use some internal ones. 1175648063 M * karihre Yeah I have 2 external ip addresses (as in internet real), but am planning to have 4 vservers so they would need an internal ip (like 10.xx) to communicate inbetween and I was just thinking that it might conflict with the surrounding computers if they are using 10. based network (which I have no clue if they do). 1175648106 M * daniel_hozac nah, shouldn't. 1175648115 M * karihre ok 1175648178 M * karihre So two vservers can just have real ip + 10.based ip and the others have just their 10. based address and all of those are bound to the eth0 card 1175648188 M * karihre that should work fine, correct? 1175648192 M * karihre (bit confused) 1175648347 M * daniel_hozac yep. 1175648353 M * karihre ok 1175648358 M * karihre thank you! 1175648362 M * karihre much appreciated! 1175651604 Q * fatgoose Ping timeout: 480 seconds 1175652728 Q * mattzerah Ping timeout: 480 seconds 1175653732 Q * karihre Quit: Leaving 1175658324 J * fatgoose ~samuel@206-248-130-94.dsl.teksavvy.com 1175659174 Q * softi42 Ping timeout: 480 seconds 1175659785 J * softi42 ~softi@p549D5E95.dip.t-dialin.net 1175660134 M * slack101 tomorrow i will get back to my server 1175664631 M * daniel_hozac mjt: because the process and network isolations are separate. 1175665359 Q * slack101 Read error: Connection reset by peer 1175665495 N * DoberMann_ DoberMann 1175665663 J * slack101 ~root@cpe-71-65-58-25.insight.res.rr.com 1175667964 J * grzegorz ~grzegorz@80.50.86.62 1175667967 N * DoberMann DoberMann[PullA] 1175668056 M * grzegorz quota into vserver, again ;-) 1175668061 M * grzegorz I have all my vservers on one lvm volume, and I have mount 1175668061 M * grzegorz additional lvm volume with quota into one of vservers. 1175668061 M * grzegorz /etc/vservers/VS1/apps/init/mtab is: 1175668061 M * grzegorz /dev/hdv1 /data ufs rw,usrquota,grpquota 0 0 1175668061 M * grzegorz vroot device is setup correctly. 1175668063 M * grzegorz And that configuration doesnt work, /data is not mounted into vserver. 1175668064 M * grzegorz But if I create separate lvm volume for that vserver and 1175668066 M * grzegorz /etc/vservers/VS1/apps/init/mtab is: 1175668068 M * grzegorz /dev/hdv1 / ufs rw 0 0 1175668070 M * grzegorz /dev/hdv2 /data ufs rw,usrquota,grpquota 0 0 1175668072 M * grzegorz all is ok, /data is proper mounted and quota is working. 1175668074 M * grzegorz So, my question is second config only proper way to mount additional 1175668076 M * grzegorz partition with quota into vserver or in first config I make some mistakes. 1175669836 J * mattzerah ~matt@121.50.222.55 1175670461 Q * virtuoso Ping timeout: 480 seconds 1175670624 J * virtuoso ~s0t0na@80.253.205.251 1175671681 J * ema ~ema@rtfm.galliera.it 1175671854 J * dna ~naucki@130-226-dsl.kielnet.net 1175672709 Q * ensc Killed (NickServ (GHOST command used by ensc_)) 1175672720 J * ensc ~irc-ensc@p54B4E9C8.dip.t-dialin.net 1175673786 J * chand ~chand@212.99.51.254 1175674552 M * matti Morning :) 1175674560 M * matti grzegorz: Czesc. 1175674571 M * grzegorz witam 1175674572 J * Piet hiddenserv@tor.noreply.org 1175674583 M * matti :) 1175675043 J * DavidS ~david@chello062178045213.16.11.tuwien.teleweb.at 1175675885 M * derjohn there is pam_limits[18633]: setrlimit limit #12 to soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0 on my logs. I assume pam tries to "gain real root" on the kernel, what is obviously forbidden. What can I do ? 1175675992 M * sid3windr use the latest utils :) 1175675995 M * sid3windr or ignore the message 1175676009 M * sid3windr it's not "gaining root", it's setting the soft and hard limits to -1, which is less than what they were set before 1175676029 M * sid3windr I think .212 resets the limits to maximum when the vserver start, then this should no longer occur 1175676483 M * derjohn sid3windr, utils? the log line is within a guest, not the host 1175676533 M * sid3windr I know that 1175676541 M * sid3windr see above 1175677158 M * grzegorz debian etch has util-vserver 0.30.212 and messages still occur 1175677660 Q * ensc Ping timeout: 480 seconds 1175677850 J * ensc ~irc-ensc@p54b4df8c.dip.t-dialin.net 1175680460 Q * glen_ Ping timeout: 480 seconds 1175680727 Q * shedi Quit: Leaving 1175680969 Q * yang Ping timeout: 480 seconds 1175681174 J * shedi ~siggi@ftth-237-144.hive.is 1175681846 Q * shedi Ping timeout: 480 seconds 1175682574 J * shedi ~siggi@ftth-237-144.hive.is 1175683430 Q * Nam Ping timeout: 480 seconds 1175683441 J * Nam ~nam@S0106001195551ff0.va.shawcable.net 1175683866 J * yang ~yang@cpe-213-157-253-172.dynamic.amis.net 1175684952 J * FireEgl Proteus@adsl-61-136-122.bhm.bellsouth.net 1175685450 Q * dna Read error: Connection reset by peer 1175685480 J * dna ~naucki@130-226-dsl.kielnet.net 1175685567 Q * ema Quit: leaving 1175686508 Q * grzegorz Quit: Leaving 1175686529 M * derjohn micah, any chances to get .213 in? Or should s/o provide a "security patch" for .212 which is a diff between .212 and .213 ? :) 1175687865 P * mattzerah 1175688822 J * dna_ ~naucki@130-226-dsl.kielnet.net 1175689220 Q * dna Ping timeout: 480 seconds 1175689487 J * starcode ~starcode@host-82-135-57-200.customer.m-online.net 1175689505 Q * Piet Ping timeout: 480 seconds 1175689541 M * starcode Is there already a solution for the problem that it's not possible to use ctrl-c in a "vserver xyz enter" session? 1175689591 M * starcode I have upgraded from 2.6.20.3-vs2.2.0-rc19 to 2.6.20.4-vs2.2.0 yesterday and not ctrl-c is not working anymore 1175689635 M * starcode I remember this was a problem a few years ago!? 1175689647 J * Piet hiddenserv@tor.noreply.org 1175689905 Q * shedi Quit: Leaving 1175691133 J * glen_ ~glen@elves.delfi.ee 1175691145 Q * Aiken Quit: Leaving 1175691194 M * daniel_hozac derjohn: into etch? that's impossible. 1175691256 M * derjohn daniel_hozac, why ? 1175691277 M * daniel_hozac because it's supposed to be released in a day or two? 1175691667 M * daniel_hozac starcode: humm, anyting in dmesg? 1175691756 M * daniel_hozac starcode: you used the exact same .config, right? 1175691765 M * starcode Yes, same config 1175691772 M * starcode Still searching in dmesg 1175691958 M * starcode No dmesg when pressing ctrl-c 1175692161 M * starcode ctrl-c does not work in a session started with "chcontext --ctx 1 /bin/bash --login" either 1175692405 M * derjohn daniel_hozac, http://article.gmane.org/gmane.linux.debian.devel.announce/1064 1175692545 M * starcode Oh, I remember, that I changed sth. else yesterday too 1175692586 M * daniel_hozac oh? 1175692595 M * daniel_hozac (i'm still building a kernel to reproduce) 1175692625 M * starcode Before yesterday I logged into the server with root 1175692641 M * starcode Now I login with a non-rootuser and su to root 1175692652 M * starcode From there I did a vserver enter 1175692700 M * starcode But maybe the bash calling sudo still intercepts the ctrl-c... but is in the original context of the sshd? 1175692783 M * daniel_hozac derjohn: right... that seems to confirm what i was saying. 1175692786 M * starcode I'm not sure about the exact way the conversion of a received ctrl-c sequence and the generation auf sigint happens 1175692918 M * daniel_hozac drivers/char/n_tty.c:n_tty_receive_break seems to be it. 1175693289 Q * DavidS Quit: Leaving. 1175693797 M * doener starcode: could you strace the relevant processes to see if the SIGINT arrives anywhere? 1175693821 M * doener sth. like: strace -e signal=SIGINT -e \!all -p $PID 1175693821 M * starcode I've tried already, but havn't seen SIGINT 1175693847 M * doener starting at which process? 1175693982 M * starcode I've only tried at the process that should received it... but you're right... I should strace the hole processtree up to this process 1175693998 M * starcode I'll give it a try 1175694394 M * mjt hmm. Bind-mounts doesn't work over bind-mounts, do they? 1175694438 M * mjt i mean, if i have /foo/a/b bind-mounted from somewhere else.. when i bind-mount /foo/a to /foo/c, there's no /foo/c/b anymore... right? 1175694469 M * doener only if you do a recursive bind mount 1175694471 M * mjt this bind-mount concept is quite confusing 1175694485 M * doener ... then there still is /foo/c/b 1175694497 M * mjt rbind you mean 1175694501 M * doener yep 1175694601 M * mjt `vserver start' tries to clean up namespace (umounting "unrelated" mountpoints -- the ones which aren't inside the vroot). But when vroot itself is bind-mounted, AND the "unrelated" mounts aren't recursive-bind ones, this step is unnecessary it seems. Am I right here? 1175694617 M * mjt er, 1175694631 M * mjt when vroot isn't rbind-mounted but only bind-mounted 1175694654 M * mjt i have /vservers/foo bind-mounted from /vservers/common 1175694702 M * mjt (i ask because with read-only vserver root, `vserver start' complains alot about not being able to update mtab) 1175694881 M * daniel_hozac mjt: hmm? 1175694886 M * derjohn daniel_hozac, yes, the mail is somewhat old. then we must ignore those errors from pam in the future ;) 1175694890 M * mjt hmm what? 1175694908 M * daniel_hozac and please don't use vroot in this context, as that's referring to something entirely different :) 1175694909 M * derjohn or cant that "singular" problem one be patched ? 1175694929 M * daniel_hozac mjt: i assume you're referring to the secure-mount --rbind /vservres... / 1175694933 Q * boci^ Read error: Connection reset by peer 1175694937 M * daniel_hozac mjt: that's not used. 1175694946 M * mjt errr 1175694949 M * daniel_hozac derjohn: hmm? what problem? 1175694949 M * starcode @doener, @daniel_hozac: it has nothing todo with sudo/su... I've just logged in with root directly but after "chcontext --ctx 1 /bin/bash" i still cannot ctrl-c anymore. Now trying to strace all processes in tree to see where sigint ends 1175694962 M * daniel_hozac starcode: even without --login? 1175694965 M * mjt # head -1 /etc/vservers/proxy/fstab 1175694965 M * mjt /var/lib/vservers/root / none bind,ro 0 0 1175695004 M * starcode @daniel: --login or not to --login does not change anything 1175695020 M * daniel_hozac interesting... 1175695036 M * mjt starcode: how about stty -a? 1175695048 M * mjt starcode: what does it say about `intr' char? 1175695077 M * starcode root@nlx4:~# chcontext --ctx 1 /bin/bash --login 1175695078 M * starcode root@nlx4:~# stty -a 1175695090 M * starcode [...] intr = ^C; [...] 1175695095 M * starcode :-( 1175695107 M * daniel_hozac starcode: --xid 1 is probably a really bad idea for testing... 1175695116 M * mjt hmm. it doesn'twork here either 1175695146 M * starcode Does not work with --xid 100 too 1175695178 M * mjt Ctrl+C is just ignored it seems 1175695192 M * mjt hmm 1175695226 M * mjt `tty' says i'm at /dev/pts/2; but /dev/pts is empty after chcontext 1175695243 M * daniel_hozac of course. your terminal belongs to the host. 1175695275 M * mjt Ctrl+C, Ctrl+Z etc all does not work 1175695300 M * mjt but after `vserver foo enter' it all works just fine 1175695324 M * mjt 2.6.19.7-grsec2.1.10-vs2.2.0-rc15 is here (time to upgrade ;) 1175695346 M * daniel_hozac vserver foo enter allocates a new tty inside the guest. 1175695394 M * mjt what does chcontext do? 1175695406 M * daniel_hozac it enters/creates the context. 1175695429 M * mjt so many concepts... ;) 1175695497 M * daniel_hozac starcode: hmm, works fine here. 1175695512 M * daniel_hozac starcode: what does grep CONFIG_VSERVER_PRIVACY .config return? 1175695537 M * mjt CONFIG_VSERVER_PRIVACY=y here 1175695594 M * starcode # 1175695594 M * starcode # Linux VServer 1175695594 M * starcode # 1175695594 M * starcode CONFIG_VSERVER_LEGACY=y 1175695594 M * starcode # CONFIG_VSERVER_LEGACY_VERSION is not set 1175695596 M * starcode CONFIG_VSERVER_DYNAMIC_IDS=y 1175695596 M * starcode CONFIG_VSERVER_LEGACYNET=y 1175695598 M * starcode # CONFIG_VSERVER_REMAP_SADDR is not set 1175695598 M * starcode CONFIG_VSERVER_COWBL=y 1175695600 M * starcode # CONFIG_VSERVER_VTIME is not set 1175695600 M * starcode CONFIG_VSERVER_PROC_SECURE=y 1175695600 M * derjohn daniel_hozac: pam_limits[18633]: setrlimit limit #12 to soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0 on my logs. 1175695602 M * starcode CONFIG_VSERVER_HARDCPU=y 1175695602 M * starcode # CONFIG_VSERVER_IDLETIME is not set 1175695604 M * starcode # CONFIG_VSERVER_IDLELIMIT is not set 1175695604 M * starcode # CONFIG_TAGGING_NONE is not set 1175695606 M * starcode # CONFIG_TAGGING_UID16 is not set 1175695606 M * starcode # CONFIG_TAGGING_GID16 is not set 1175695608 M * starcode CONFIG_TAGGING_ID24=y 1175695608 M * starcode # CONFIG_TAGGING_INTERN is not set 1175695610 M * starcode # CONFIG_TAG_NFSD is not set 1175695610 M * starcode # CONFIG_PROPAGATE is not set 1175695612 M * starcode CONFIG_VSERVER_PRIVACY=y 1175695612 M * starcode CONFIG_VSERVER_CONTEXTS=256 1175695614 M * starcode CONFIG_VSERVER_WARN=y 1175695614 M * starcode # CONFIG_VSERVER_DEBUG is not set 1175695616 M * starcode CONFIG_VSERVER=y´ 1175695645 M * mjt derjohn: did you set non-unlimited limits for your guest? 1175695671 M * derjohn sure, like AS and RSS 1175695685 M * daniel_hozac derjohn: utils? kernel? 1175695693 M * derjohn sid3windr, said that the prob is related to .212 utils 1175695707 M * daniel_hozac starcode: might want to try without CONFIG_VSERVER_PRIVACY. 1175695711 M * sid3windr no, to non-.212 utils :) 1175695724 M * mjt 12 = RLIMIT_MSGQUEUE 1175695774 M * derjohn I didnt check taht further. daniel_hozac: inux pipa 2.6.18.5-vs2.1.1.3-p3-squash-drbd-256ip-ipv6 util-vserver 0.30.211 1175695780 M * starcode What's this for? 1175695781 M * derjohn sid3windr, oh, misunderstanding 1175695860 M * derjohn let's see.....Preparing to replace util-vserver 0.30.211-1 (using .../util-vserver_0.30.212-1_i386.deb) 1175695906 M * daniel_hozac starcode: it makes certain things belonging to guests invisible from the host and spectator. 1175695954 M * starcode Ok, my processtree is the following sshd (ctx 0, pid a) - sshd (ctx 0, pid b) - bash --login (ctx 0, pid c) -- cat (ctx 100, pid d, via "chcontext --ctx 100 cat") 1175695983 M * starcode I received SIGINT with strace at ctx 0, pid c 1175696008 M * starcode I receive no SIGINT with strace at ctx 100, pid d 1175696014 M * daniel_hozac starcode: and this is with 2.2.0? 1175696019 M * starcode I tried this via chcontext --ctx 100 strace -f -p 1175696074 M * starcode Newest kernel from yesterday 2.6.20.4-vs2.2.0, util-vserver 0.30.212 1175696089 M * daniel_hozac well, it works fine here. 1175696103 M * daniel_hozac i.e. chcontext --xid 100 cat ctrl+c interrupts it. 1175696110 M * starcode With 2.6.19.3-vs2.2.0-rc19 ctrl-c still worked 1175696125 M * daniel_hozac i would've expected the opposite... 1175696127 M * mjt i doesn't work here with rc15 1175696142 M * daniel_hozac given that we fixed a similar problem in -rc21. 1175696172 M * daniel_hozac starcode: oh, so you're on 2.6.19.7-vs2.2.0? 1175696176 M * starcode Wait, I'll reboot with -rc19... only to be sure it really worked before (even if i'm quite sure) 1175696195 M * mjt hmm 1175696206 M * starcode 2.6.19.7??? No, 2.6.20.4-vs2.2.0 1175696262 M * daniel_hozac so you can't possibly be using the same .config. 1175696299 M * daniel_hozac doener: any ideas? 1175696347 M * starcode We've copied the 2.6.20.3 config, done make menuconfig to be sure no define names have changed and give errors, saved again and compiled 1175696377 M * daniel_hozac might want to look at make oldconfig ;) 1175696388 M * daniel_hozac so 2.6.19.3-vs2.2.0-rc19 was a typo? 1175696406 M * starcode Uppps, yes.. sorry... typo! 1175696417 M * doener daniel_hozac: no... I only found a call to do_each_pid_task, but we only changed do_each_task_pid (gotta love those unique names...) 1175696426 M * daniel_hozac haha. 1175696639 M * doener daniel_hozac: I guess every netfilter user has lost trust in make oldconfig around 2.6.16 or so, when the CONFIG_* entries for netfilter changed 1175696665 J * dna ~naucki@130-226-dsl.kielnet.net 1175696666 M * daniel_hozac sure, oldconfig isn't perfect. 1175696676 M * daniel_hozac but it doesn't change between the .y releases ;) 1175696716 M * starcode Ok, it does not work with 2.6.20.3-vs2.2.0-rc19 too, but it works with 2.6.19.4-vs2.2.0-rc13 1175696751 M * Bertl_vV greetings folks from albuquerque! 1175696769 M * daniel_hozac hey Bertl_vV! 1175696781 M * doener hi Bertl_vV (vV?) 1175696789 M * daniel_hozac vacation ;) 1175696882 M * starcode I think, between rc13 und stable the vlogin-thing has changed, right? 1175696933 M * daniel_hozac vlogin is a purely userspace thing. 1175696999 M * daniel_hozac however, the do_each_task_pid/do_each_pid_task were modified to look at the context in -rc15. 1175697024 Q * dna_ Read error: Operation timed out 1175697035 M * starcode I had disabled vlogin by touching /etc/vservers/.defaults/apps/vlogin/disable because I had the "openpty(): No such file" bug when entering 1175697080 M * mjt heh. And here it's that -rc15 :) 1175697113 M * daniel_hozac which means your guest is lacking the devices necessary to create psuedo ttys, so sshd won't work :) 1175697136 M * mjt wuh? it works just fine... 1175697214 M * starcode So I have to give every guest the devpts mount? 1175697261 M * mjt i never thought about that. but i do 1175697262 M * starcode But if I do a chcontext --ctx 100 I'm still in the hosts namespace context... so the /dev/pts are there!? 1175697286 M * starcode But ctrl-c does not work 1175697295 M * daniel_hozac that's unrelated. 1175697303 M * starcode I could understand if it does only happens in the guests 1175697361 M * starcode So the changed with devpts are not related to ctrl-c thing 1175697377 M * daniel_hozac there have been no changes to devpts. 1175697729 M * Bertl_vV daniel_hozac: how is the release? 1175697758 M * Hollow Bertl_vV: my host did not crash anymore since 2.2.0 update :) 1175697780 M * Bertl_vV Hollow: great! 1175697831 M * Hollow daniel_hozac: btw.. the debootstrap method does not remove mount stuff from the runlevels, right? 1175697867 M * Hollow at least not the Knnxxx scripts .. 1175697994 M * daniel_hozac Bertl_vV: no problems that i have been able to reproduce yet :) 1175698028 M * daniel_hozac Hollow: i don't think so, Debian guests are rather broken by default. 1175698033 Q * ard Quit: My damn controlling terminal disappeared! 1175698079 M * Hollow yeah.. had to setup a bunch of debian guests at work.. maybe we can fix it for 0.30.213? can try to produce a patch until weekend.. 1175698213 M * daniel_hozac i suppose... but debootstrap is somewhat strange as it builds so many different distributions. 1175698307 M * Hollow well, we don't even have a -d debian or -d etch or whatever .. 1175698317 M * daniel_hozac hmm? 1175698320 M * starcode Is there anything I can debug/test for the ctrl-c issue? 1175698328 M * Hollow at least not in distrib/ 1175698332 M * daniel_hozac starcode: tried disabling privacy already? 1175698348 M * starcode What does this do? 1175698349 M * daniel_hozac Hollow: right, it's all done in the debootstrap build method. it leaves most everything up to debootstrap itself. 1175698352 M * mjt starcode: why does it bother you? 1175698380 M * Hollow daniel_hozac: which would still be the case if we'd add -d debian... 1175698407 M * Hollow (at least if you don't specify -d debian) 1175698422 M * starcode I'm working with production servers with untrusted users in the guests 1175698423 M * daniel_hozac Hollow: but -d is already used. 1175698437 M * daniel_hozac Hollow: that's what specifies what distro to build, according to debootstrap. 1175698452 M * Hollow hm.. good point :) 1175698463 M * daniel_hozac starcode: so you'd actually want to disable privacy, no? 1175698478 M * daniel_hozac starcode: so you're able to check on resources/etc. 1175698668 M * starcode Hmmm, "When enabled, most context checks will disallow access to structures assigned to a specific context, like ptys or loop devices." sounds quite good 1175698746 M * daniel_hozac so you don't want the host to have access to things belonging to a guest? 1175698827 M * mjt like strace-over-chcontext? 1175698865 M * mjt # strace vps 1175698865 M * mjt execve("/usr/sbin/vps", ["vps"], [/* 15 vars */]) = 0 1175698868 M * mjt vserver(0xb010000, 0x1, 0, 0xbfc0fc54, 0xb7f6c400upeek: ptrace(PTRACE_PEEKUSER,24383,44,0): No such process 1175698882 M * daniel_hozac that's never allowed. 1175698896 M * mjt too bad ;) 1175698912 M * mjt by the way, will bind-mounting /dev/log into vservers work as expected? 1175698934 M * daniel_hozac i think so. 1175698947 M * daniel_hozac syslog-ng lets you set up multiple log sources though :) 1175698965 M * mjt it wont work if i use tmpfs as /dev on guests 1175698977 M * daniel_hozac true. 1175698980 M * mjt mounted when a guest is started 1175698992 M * mjt almost any syslog does that 1175699009 M * slack101 jus curious but what do you guys suggest for a guest os ? gentoo , debian ?? which 1175699021 M * mjt whichever you prefer 1175699033 M * slack101 i got gentoo on it now but hmmm 1175699036 M * mjt and really depends on your needs 1175699060 M * slack101 jus a distro with http mysql etc installed for guest os 's 1175699189 A * mjt reboots into 2.6.19.17-vs2.2.0... 1175699210 M * harry mjt: i don't believe you :p 1175699215 M * starcode What for example can i do with privacy disabled that is forbidden with vserver privacy enabled? 1175699221 M * mjt s/17/7/ ;) 1175699479 M * starcode mjt: I use a script to adjusts syslog-ng config after each vserver action. Each vserver's /dev/log is a different syslog-ng source so i can send each vservers log output to different logfiles 1175699621 M * harry mjt: now i believe you :) 1175699672 M * slack101 X bytes:340203938 (324.4 Mb) .........i havent even used the server 1 biti 1175699741 M * daniel_hozac starcode: strace a process in a guest, access device mapper devices owned by a guest, devpts, loop, /proc/locks, etc. 1175699836 M * mjt i started running mini-syslogd (forwarding) on each vserver instead. 1175699838 M * daniel_hozac starcode: or show connections from all contexts. 1175700120 M * slack101 where can i get the newest version of vserver ........one from the gentoo repos is old 1175700155 M * Hollow slack101: really? 1175700161 M * Hollow i just commited 2.2.0 yesterday 1175700227 M * slack101 vserver 0.30.212 -- manages the state of vservers 1175700245 M * Hollow 0.30.213_rc5 is also in portage 1175700249 M * Hollow but not stable of course 1175700265 M * Hollow will comit rc6 later this day 1175700269 M * slack101 i need a newer thing casue of gentoo 1175700283 M * slack101 when installing gentoo its using some old scripts or something 1175700291 M * doener is that really just called "vserver" not "util-vserver"? That would explain some of the naming confusion I've seen lately :) 1175700315 M * Hollow i guess this is from vserver --version 1175700317 M * slack101 ye util-vserver is what i need a newer version of 1175700354 M * Hollow slack101: why do you need a newer version? do you want to use baselayout-1.13 stages? 1175700369 M * doener slack101: good point 1175700370 M * slack101 the gentoo is not working right when i install 1175700379 M * doener ehrm, s/slack101/Hollow/ 1175700381 M * starcode daniel: ok, I'll give privacy=no a try 1175700396 M * slack101 Error opening file /proc/kmsg for reading (Operation not permitted) 1175700396 M * slack101 Error initializing configuration, exiting. 1175700399 J * Gennady ~gennady@ukrpost.is.com.ua 1175700405 M * Hollow fix /etc/syslog-ng/syslog-ng.conf 1175700416 M * Hollow but yes.. newer util-vserver fixes that automagically on vserver ... build 1175700428 M * Hollow but you don't _need_ it 1175700429 M * slack101 is it easy to fix manually ? 1175700432 M * Hollow yes 1175700437 M * Hollow just remove the /proc/kmsg entry 1175700448 M * slack101 from what fille ? 1175700454 M * Hollow /etc/syslog-ng/syslog-ng.conf 1175700459 M * slack101 ok jus making sure 1175700586 M * Gennady mello guys! 1175700619 M * Gennady can somebody tell me - is yum.conf used by vyum? 1175700630 M * daniel_hozac yes, the one in the guest's configuration. 1175700640 M * Gennady i have made it, but yum can't connect anyway 1175700652 M * daniel_hozac hmm? 1175700655 M * Gennady I got "Cannot find a valid baseurl for repo" 1175700696 M * Gennady Oh, sorry. I didn't told you: i want vyum connect through proxy 1175700708 M * daniel_hozac what guest OS? internal or external package management? 1175700725 M * Gennady fc 6 1175700762 M * slack101 Hollow: remove the whole entry ??? 1175700796 M * Gennady daniel_hozac: I guess internal... how to check this out? 1175700813 M * daniel_hozac what does rpm -q rpm say inside the guest? 1175700828 M * Hollow slack101: yep.. 1175700836 M * slack101 source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); }; 1175700845 M * slack101 remove that whole thing ? 1175700849 M * slack101 Hollow: ^ 1175700852 M * Hollow nah .. will become: 1175700859 M * Hollow source src { unix-stream("/dev/log"); internal(); }; 1175700860 M * jkl slack101: no 1175700873 M * Gennady daniel_hozac: rpm-4.4.2-32 1175700895 M * slack101 anything else or is that it ? 1175700897 M * daniel_hozac Gennady: so internal. 1175700917 M * daniel_hozac Gennady: is the guest able to connect to the proxy and get the file? 1175700936 M * Gennady yep, of couse 1175700936 M * slack101 ok sweet worked 1175701045 J * stefani ~stefani@tsipoor.banerian.org 1175701225 M * slack101 Hollow: now its a read only file system 1175701255 M * Hollow it? 1175701261 M * slack101 the guest os gentoo 1175701267 M * Gennady daniel_hozac: OMG! it's easy :) acl accesses 1175701324 M * Gennady withdraw a problem. thanks 1175701392 M * Hollow slack101: well, since the guest filesystem is mounted on the host you should probably take a look at /etc/fstab :) 1175701413 M * slack101 on which ? 1175701417 M * slack101 host or guest ? 1175702126 Q * mjt Read error: Connection reset by peer 1175702149 J * mjt ~mjt@nat.corpit.ru 1175702172 M * mjt Linux gate.corpit.ru 2.6.19-i686vs #2.6.19.7-grsec2.1.10-vs2.2.0 SMP Wed Apr 4 18:50:48 MSD 2007 i686 GNU/Linux 1175702331 M * slack101 Hollow: im lost and cant figure this out ...........it ddint do this when i installed debian 1175702355 M * Hollow well, nothing inside is even allowed to touch mounts, so you have to look for it in the host config 1175702386 M * slack101 i dont get why its read only though lol 1175702398 Q * chand Quit: chand 1175703020 J * bonbons ~bonbons@83.222.39.201 1175703227 J * gypsymauro ~Io@84.18.151.77 1175703228 M * gypsymauro hi 1175703268 M * gypsymauro how can I let use /dev/pty on vservers? 1175703427 Q * dghill cation.oftc.net resistance.oftc.net 1175703427 Q * bonbons cation.oftc.net resistance.oftc.net 1175703427 Q * dna cation.oftc.net resistance.oftc.net 1175703427 Q * s0undt3ch cation.oftc.net resistance.oftc.net 1175703427 Q * micah cation.oftc.net resistance.oftc.net 1175703427 Q * waldi cation.oftc.net resistance.oftc.net 1175703427 Q * zLinux cation.oftc.net resistance.oftc.net 1175703427 Q * CHTEKK cation.oftc.net resistance.oftc.net 1175703427 Q * SNy cation.oftc.net resistance.oftc.net 1175703427 Q * stefani cation.oftc.net resistance.oftc.net 1175703427 Q * virtuoso cation.oftc.net resistance.oftc.net 1175703427 Q * DreamerC cation.oftc.net resistance.oftc.net 1175703427 Q * mnemoc cation.oftc.net resistance.oftc.net 1175703427 Q * arachnist cation.oftc.net resistance.oftc.net 1175703427 Q * nebuchadnezzar cation.oftc.net resistance.oftc.net 1175703427 Q * ||Cobra|| cation.oftc.net resistance.oftc.net 1175703427 Q * Greek0 cation.oftc.net resistance.oftc.net 1175703427 Q * Loki|muh cation.oftc.net resistance.oftc.net 1175703446 M * gypsymauro I need it 'casue I done a linux server where users need to open shells 1175703453 J * stefani ~stefani@tsipoor.banerian.org 1175703453 J * virtuoso ~s0t0na@80.253.205.251 1175703453 J * DreamerC ~dreamerc@125-225-99-37.dynamic.hinet.net 1175703453 J * mnemoc ~amery@kilo105.server4you.de 1175703453 J * arachnist arachnist@088156185052.who.vectranet.pl 1175703453 J * nebuchadnezzar ~nebu@zion.asgardr.info 1175703453 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl 1175703453 J * Greek0 ~greek0@85.255.145.201 1175703453 J * Loki|muh loki@satanix.de 1175703499 J * bonbons ~bonbons@83.222.39.201 1175703499 J * dna ~naucki@130-226-dsl.kielnet.net 1175703499 J * waldi ~waldi@bblank.thinkmo.de 1175703499 J * s0undt3ch ~s0undt3ch@80.69.34.154 1175703499 J * micah ~micah@micah.riseup.net 1175703499 J * zLinux ~zLinux@88.213.58.119 1175703499 J * SNy ~mfr@bmx-chemnitz.de 1175703499 J * CHTEKK ~chtekk@84.55.211.45 1175703514 J * dghill dghill@office.mel.illuminate.com.au 1175704321 M * slack101 Hollow: im still .......... :( 1175704404 M * daniel_hozac slack101: what exactly is read only? 1175704422 M * daniel_hozac gypsymauro: why aren't you using /dev/ptmx and /dev/pts? 1175704574 J * ema ~ema@rtfm.galliera.it 1175704723 M * micah derjohn: no chance to get .213 into etch, the release is about a week away, things have been frozen for a while 1175704745 M * micah derjohn: but once thats done, i'll get .213 in sid and do a backport 1175704749 M * derjohn micah, well, thx, I was somewhat misleaded with the versioning 1175704757 M * derjohn micah, .212 seems to be ok :) 1175704784 M * derjohn micah, hm, etch will really come out ? I'll have to arrange a party ;) 1175704812 M * micah derjohn: yes, it seems so, people are working on release notes now, so it seems close 1175704831 M * derjohn stablEEtch .. wooooh ! ;O) 1175704838 M * arachnist derjohn: "this decade's debian realease" party? ;) 1175704899 Q * gypsymauro Quit: Lost terminal 1175704899 M * derjohn arachnist, century or aeon :) 1175704911 M * slack101 i actually kinda want to put slackware up on this thing 1175704988 M * arachnist slackware? it's still alive? 1175705136 M * slack101 lol 1175705155 M * slack101 the king of llinux 1175705192 M * arachnist i don't want to start a flame war, but is it actively developed, or is someone (still Patrick?) just updating packages? 1175705211 M * slack101 patrick still does packages 1175705221 M * slack101 but theres MANY sites that offer packages 1175705247 M * arachnist i mean, does anything change in except for package version numbers? 1175705272 M * slack101 obviously program updates ? 1175705323 M * slack101 they just released a new version slackware 11 to be exact 1175705339 M * arachnist i mean like, changes in the slackware's package manager (does it have any, really?) or init scripts or configuration files that are not directly related to 3rd party software 1175705639 N * DoberMann[PullA] DoberMann 1175705692 J * Piet_ hiddenserv@tor.noreply.org 1175706085 Q * Piet Ping timeout: 480 seconds 1175706317 Q * dghill Quit: Weeeeee! 1175706379 J * shedi ~siggi@ftth-237-144.hive.is 1175706611 M * slack101 arachnist: no package manager ..........jus an internal one ..........none that retriees packages 1175706830 Q * transacid Ping timeout: 480 seconds 1175707107 J * transacid ~transacid@transacid.de 1175707338 J * chand ~chand@212.99.51.254 1175707966 J * redwalk ~redwalk@firebat.aros.net 1175708095 P * redwalk Kopete 0.11.1 : http://kopete.kde.org 1175708271 J * Roey ~katz@dsl093-083-226.wdc1.dsl.speakeasy.net 1175709568 J * yarihm ~yarihm@84-75-97-207.dclient.hispeed.ch 1175709775 Q * chand Quit: chand 1175710172 M * phreak`` daniel_hozac: anything I should look out for wrt 0.30.210-rc5 -> rc6 ? 1175710209 M * harry you probably mean 0.30.213-rc6->rc6 1175710228 M * slack101 how can i go about putting slackware as my guest ? 1175710245 M * phreak`` harry: err, yeah I do :D 1175710252 M * phreak`` harry: hey Harry btw :P 1175710255 M * harry heya ;) 1175710258 A * harry gotta run now... 1175710261 M * harry time for a beer! ;) 1175710263 M * phreak`` harry: sadly .. 1175710269 M * harry miss me!!!! ;) 1175710270 M * harry :p 1175710275 M * harry i'll be back in... 4 hours :) 1175710276 M * phreak`` harry: no time for grsec yet, hrm ? :S 1175710282 M * harry ? 1175710289 M * harry off course, patches are up to date! 1175710299 M * harry check the logs why three is no 2.6.20.x patch :) 1175710302 M * harry (yesterday) 1175710308 M * phreak`` ah, k 1175710308 A * harry off now (i'm late allready) 1175710311 A * phreak`` goes checking 1175710316 M * phreak`` harry: have fun :P 1175710320 M * harry will do ;) 1175710658 M * daniel_hozac phreak``: there are about 5 commits between them, i think. 1175710694 M * slack101 how can i go about installing something in vserver ..........that is not a distro with provided templates 1175710724 M * daniel_hozac same way you'd install it into a chroot. 1175710777 M * slack101 could you explain a little ? 1175710824 M * daniel_hozac not really, but slackware should just be a matter of untarring the tarballs. 1175711179 M * slack101 yes 1175711180 M * slack101 BUT 1175711193 M * slack101 i dont want people to have access to hardware or othing like that 1175711330 J * k421k1 ~k421k1@201.236.31.174 1175711750 J * boci^ ~boci@pool-0070.adsl.interware.hu 1175711990 M * daniel_hozac so use the /dev created by the skeleton build method. 1175712260 J * kajko ~grzegorz@83.2.110.155 1175712424 N * Piet_ Piet 1175712429 Q * mnemoc Ping timeout: 480 seconds 1175712543 Q * ema Quit: leaving 1175712578 Q * kajko Quit: leaving 1175712596 J * kajko ~grzegorz@83.2.110.155 1175712854 J * mnemoc ~amery@kilo105.server4you.de 1175713009 Q * FireEgl Quit: ... 1175713414 Q * kajko Quit: leaving 1175713466 J * kajko ~grzegorz@83.2.110.155 1175713499 Q * kajko 1175714291 J * kajko ~grzegorz@83.2.110.155 1175714667 Q * kajko Quit: leaving 1175714670 J * kajko ~grzegorz@83.2.110.155 1175715220 Q * Piet Ping timeout: 480 seconds 1175715337 J * Piet hiddenserv@tor.noreply.org 1175715741 Q * kajko Quit: leaving 1175716879 J * Beuc ~yo@perso.beuc.net 1175716918 J * kajko ~grzegorz@83.2.110.155 1175717209 Q * kajko 1175717259 Q * k421k1 1175717260 J * kajko ~grzegorz@83.2.110.155 1175717280 Q * kajko 1175717539 J * kajko ~grzegorz@83.2.110.155 1175717891 Q * kajko Quit: leaving 1175717925 J * kAjko ~grzegorz@83.2.110.155 1175718063 Q * kAjko 1175718480 M * Beuc I got a BUG with 2.2-rc17, is that of interest to anybody? 1175718489 M * Beuc the strace I mean 1175718534 M * derjohn Beuc, there is RC18 - RC21 maybe the bug is already out ;) daniel_hozac or Bertl_vV might know more 1175718560 M * Beuc yeah I was about to upgrade 1175718622 M * derjohn if the bug still exists then you might have found one in an release ;) 1175718642 M * Beuc yay 1175718654 M * slack101 daniel_hozac: the /dev from gentoo ? 1175718657 M * Beuc Do you have a pastebin url to recommend? 1175718680 M * derjohn paste.linux-vserver.org maybe ;) 1175718693 M * Beuc cool :) 1175718755 M * Beuc http://paste.linux-vserver.org/1388 1175718934 Q * Beuc Quit: Leaving 1175718946 J * Beuc ~yo@perso.beuc.net 1175719124 M * Beuc Btw, I have another issue: util-vserver insist on purging /var/run/ on startup. But I have a shared MySQL socket in /var/run, mounted read-only. util-server then fails to remove /var/run/mysqld/mysql.sock and stops. Should I complain? 1175719271 M * sid3windr to the person putting a mysql socket in /var/run ;) 1175719289 M * Beuc Well it's meant to be there 1175719318 M * sid3windr hmm 1175719320 M * sid3windr you're right :$ 1175719327 M * sid3windr s/$/]/ 1175719351 M * Beuc I admit it's not supposed to be there before system start-up - but the system is not supposed to halt because it can't erase something there 1175719562 Q * meandtheshel1 Quit: Leaving. 1175719564 Q * bonbons Quit: Leaving 1175719751 M * Beuc Yet another question: is there a way to get util-vserver more verbose on startup. Currently it just says "Starting vservers of type 'default'....", nothing more :) 1175719846 M * daniel_hozac output should be on ctrl+alt+f8, IIRC. 1175719851 M * daniel_hozac or is it 12... 1175719906 M * Beuc I only have tty1, it's remote :) 1175719970 M * daniel_hozac is your paste the entire thing? 1175719982 M * daniel_hozac i.e. there's nothing above that in dmesg? 1175720007 M * Beuc daniel_hozac: I got a lot of "TCP: Treason uncloaked! Peer 131.202.210.105:1957/80 shrinks window 2017072602:2017081527. Repaired." 1175720069 M * daniel_hozac well, i meant more along the lines of oops, BUG or similar. 1175720081 M * Beuc Nope, I only have that one 1175720154 M * daniel_hozac seems to be missing the first line IMHO, but ok. 1175720164 M * daniel_hozac it doesn't look familiar to me. 1175720292 M * daniel_hozac doener, Bertl_vV: http://people.linux-vserver.org/~dhozac/p/k/delta-loginuid-feat01.diff 1175720397 M * daniel_hozac doener: or am i forgetting something, e.g. how horrible it would be to let guests change that? 1175721025 Q * jkl Ping timeout: 480 seconds 1175721089 J * Aiken ~james@ppp194-30.lns1.bne1.internode.on.net 1175721159 J * jkl jkl@c-67-173-253-237.hsd1.co.comcast.net 1175721571 P * starcode 1175721710 J * dreamind ~dreamind@C2107.campino.wh.tu-darmstadt.de 1175722170 Q * Piet Ping timeout: 480 seconds 1175722290 J * Piet hiddenserv@tor.noreply.org 1175723056 M * Beuc I got another BUG when rebooting to stable, arg 1175723240 M * Beuc http://paste.linux-vserver.org/1391 1175723439 M * slack101 grrrrr 1175723449 M * slack101 im jus put slackware on my guest os 1175723453 M * slack101 its a distro i atleast know 1175723702 M * dreamind Hi folks 1175724013 M * slack101 ok so ca i jus take my /dev from my debian and use that ? 1175724024 M * slack101 with my slackware 1175724052 M * Beuc How about some MAKEDEV? 1175724116 M * slack101 makedev? 1175724144 M * Beuc It's a script to recreate /dev 1175724150 Q * dna Quit: Verlassend 1175724190 M * Beuc eg /sbin/MAKEDEV generic-i386 1175724205 Q * CHTEKK Ping timeout: 480 seconds 1175724250 M * Beuc Last time I had to recreate one, "MAKEDEV std console pty" was enough - and light. 1175724264 M * slack101 but i do not want to give them access to hardware 1175724323 M * Beuc No hardware node is created - only tty, pts and null/zero/random/etc 1175724379 M * slack101 is that enough for a normal VPS ? 1175724399 M * Beuc For mine, yes :) 1175724417 M * slack101 i mean they can still read and write to thier part of the disk right ? 1175724435 N * blizz_ blizz 1175724474 M * Beuc Yes, the guest relies on the host for that 1175724484 M * slack101 good good 1175724684 P * stefani I'm Parting (the water) 1175725617 Q * dreamind Quit: dreamind 1175726334 J * k421k1 ~k421k1@201.236.31.174 1175726364 Q * boci^ Quit: Távozom 1175727080 J * edward ~chatzilla@mail.wildgooses.com 1175727109 M * edward Is there anyone here who can fix the mailing list signup please? 1175727144 Q * Piet Quit: Piet 1175727460 Q * duckx Remote host closed the connection 1175727490 J * flock- ~restless@l192-117-111-12.broadband.actcom.net.il 1175727562 M * flock- hi guys, are there any known problems with 2.2.0 and 2.6.20.4? There is a fix (and rewrite of some of the api) for my sata controller on my Intel board, so I have to use it. 1175728032 J * DoberMann_ ~james@AToulouse-156-1-104-226.w90-30.abo.wanadoo.fr 1175728138 Q * DoberMann Ping timeout: 480 seconds 1175728186 M * flock- okay, going to boot it and report problems if they occur 1175728193 Q * flock- Quit: Leaving 1175729463 Q * yarihm Quit: Leaving 1175729588 Q * slack101 Quit: Leaving. 1175729614 J * flock- ~restless@l192-117-111-12.broadband.actcom.net.il 1175729617 M * flock- okay, it booted;) 1175729636 M * flock- time to go to sleep, good night guys!