1176423783 J * infowolfe ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net
1176424126 J * Johnnie ~jdlewis@c-67-163-247-109.hsd1.pa.comcast.net
1176424913 Q * Johnnie Remote host closed the connection
1176425897 J * _mcp ~hightower@wolk-project.de
1176425897 Q * mcp Read error: Connection reset by peer
1176426624 Q * infowolfe Ping timeout: 480 seconds
1176427622 J * infowolfe ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net
1176428858 Q * Piet__ Quit: Piet__
1176428900 Q * lilalinux Remote host closed the connection
1176429344 J * infowolfe_ ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net
1176429357 Q * infowolfe Ping timeout: 480 seconds
1176430121 Q * meandtheshell Quit: Leaving.
1176430503 Q * mattzerah Remote host closed the connection
1176430509 J * mattzerah ~matt@121.50.222.55
1176432034 J * zLinux ~zLinux@88.213.62.190
1176432146 Q * bzed Quit: Leaving
1176433732 J * ktwilight_ ~ktwilight@4.117-66-87.adsl-dyn.isp.belgacom.be
1176434079 Q * bronson Quit: Ex-Chat
1176434144 Q * ktwilight Ping timeout: 480 seconds
1176436093 J * rwrwerw ~rewrew@91.150.71.9
1176436175 N * _[PUPPETS]Gonzo [PUPPETS]Gonzo
1176437689 Q * rwrwerw Read error: Connection reset by peer
1176438360 Q * softi42 Ping timeout: 480 seconds
1176438986 J * softi42 ~softi@p549D597F.dip.t-dialin.net
1176440406 J * mcp ~hightower@wolk-project.de
1176440539 Q * _mcp Read error: Connection reset by peer
1176442135 Q * shedi Ping timeout: 480 seconds
1176443358 J * shedi ~siggi@ftth-237-144.hive.is
1176443981 Q * shedi Ping timeout: 480 seconds
1176444265 J * shedi ~siggi@ftth-237-144.hive.is
1176444339 N * DoberMann_ DoberMann
1176444841 M * quiksilv is there any reason why a vserver guest shouldnt run a vserver-enabled kernel?
1176444993 J * phreak`` ~phreak``@deimos.barfoo.org
1176445155 Q * shedi Ping timeout: 480 seconds
1176445421 J * shedi ~siggi@ftth-237-144.hive.is
1176446426 N * DoberMann DoberMann[PullA]
1176446427 Q * shedi Ping timeout: 480 seconds
1176447495 M * daniel_hozac quiksilv: what?
1176447503 M * daniel_hozac quiksilv: guests do not have their own kernels.
1176447615 J * goon ~goon@211.95.166.57
1176447789 J * shedi ~siggi@ftth-237-144.hive.is
1176447847 Q * goon Quit: Leaving
1176448296 M * quiksilv ah shit - duh
1176448315 M * quiksilv i just was browsing around and did uname and the i saw the vserver extension and thought hmmm
1176448321 M * quiksilv but thats a no brainer :)
1176448408 J * DavidS ~david@chello062178045213.16.11.tuwien.teleweb.at
1176448762 Q * quiksilv 
1176449009 J * dna ~naucki@194-206-dsl.kielnet.net
1176450419 M * Hollow DavidS: is it normal that i have about 1000 memlockd processes? :)
1176450601 M * DavidS Hollow: I have absolutely, totally no idea. I'm just a messenger :)
1176450610 M * DavidS (but I guess that's no good sign)
1176450613 M * Hollow ok :)
1176450696 M * Hollow DavidS: seems like my inittab entry was kind of broken .. starting it by hand only leaves one process .. whatever
1176451028 J * SoftIce ~phil@dsl-244-251-28.telkomadsl.co.za
1176451032 M * SoftIce bonjour
1176451058 M * daniel_hozac hello
1176451070 M * SoftIce fancy seeing you here daniel_hozac :)
1176451499 M * SoftIce alll hail the data gods, please bless south africa with some serious international b/w ;_;
1176451566 M * Hollow daniel_hozac: i think initVariables() in debootstrap method is broken
1176451582 M * Hollow test -n "${mirror-unset} || ...
1176451590 M * Hollow the part after || is never called
1176451927 M * daniel_hozac should probably be just $mirror, no?
1176451950 J * ramon ~ramon___@185.Red-83-46-173.dynamicIP.rima-tde.net
1176451958 M * Hollow daniel_hozac: think so too
1176451963 M * ramon Hello.
1176451979 M * daniel_hozac hi
1176452023 M * ramon I am starting with Vserver. I tried creating a small virtual machine where /sbin/init is just a small shell script. It starts, but it cannot shutdown.
1176452054 M * ramon What is the interface between VServer and init for notifying shutdown? SIGTERM?
1176452055 M * daniel_hozac wh not?
1176452071 M * daniel_hozac SIGINT is the ctrl+alt+del signal.
1176452082 M * ramon vserver machine stop says it timeouts. Finally it issues SIGKILL.
1176452126 M * ramon So the script must be programmed to handle SIGINT, must not it?
1176452154 M * daniel_hozac sure.
1176452175 M * ramon Other issue, is that if my /sbin/init script simply terminates (for instance, a script echo Hello), the stop scripts are not executed.
1176452224 M * daniel_hozac right.
1176452235 M * daniel_hozac i'm going to fix that....
1176452549 M * ramon Thank you very much.
1176452566 M * ramon It would be good to have a bug tracking system.
1176452675 M * daniel_hozac we do.
1176452719 M * daniel_hozac http://savannah.nongnu.org/bugs/?group=util-vserver
1176452779 M * ramon Ah, it is in savannah, thanks.
1176452889 M * Hollow daniel_hozac: updated http://home.xnull.de/work/vserver/util-vserver/distrib-etch-feat01.diff (+tested)
1176452994 M * ramon I guess the processes of the virtual machine can be viewed in the main machine /proc, can't they? I rrun pstree, but I  cannot identify them.
1176453025 M * SoftIce not as far as i'm aware, i thought it ran completely individual to the parent
1176453037 M * Hollow you can view all processes in context 1
1176453041 M * Hollow the host is context 0
1176453053 M * Hollow (vps migrates to context 1)
1176453062 M * SoftIce or what ever context you specify
1176453068 M * Hollow yeah
1176453131 M * ramon Yes, but vps --help : Usage:  vps <ps-opts>*
1176453150 M * ramon man vps: no option about contexts.
1176453160 M * daniel_hozac it doesn't have an option for that.
1176453166 M * ramon I see. vps 1.
1176453170 M * Hollow ah ok
1176453207 M * ramon It would be good if vps --help shows something about contexts.
1176453229 M * daniel_hozac why?
1176453250 M * ramon Because otherwise I have no idea of how to invoke vps.
1176453256 M * daniel_hozac like you would ps?
1176453265 M * daniel_hozac it's just a ps-wrapper.
1176453319 M * ramon And how does it work? ps uses /proc. So vps must somehow show ps a virtualized /proc.
1176453336 M * Hollow [10:30] <Hollow> you can view all processes in context 1
1176453351 M * ramon vps --help could show: Usage: vps <context number> <ps options>
1176453362 M * Hollow vps does not support an xid option
1176453410 M * daniel_hozac it would be a lie...
1176453415 M * ramon Ah, I see.
1176453423 M * Hollow vps migrates to context 1, executes ps with your options, parses the output to find the PID column, insert an XID column before it and prints the output
1176453515 M * Hollow and the NAME column too 
1176453557 Q * mcp Remote host closed the connection
1176453609 J * mcp ~hightower@wolk-project.de
1176453853 M * daniel_hozac was the fstab needed?
1176453863 M * Hollow ah, right .. need to test that
1176453877 M * ramon I see that the postpost script is executed in the directory of the shell script that I use to invoke "vserver machine stop",  instead of the /etc/vserver/<machine name>
1176453929 M * daniel_hozac postpost what?
1176453952 M * ramon postpost-stop
1176453989 M * daniel_hozac hmm, should be executed in the guest's root, IMHO.
1176454024 M * ramon you mean in /etc/vserver/<machine>, do you?
1176454041 M * daniel_hozac no, /vservers/<guest>
1176454089 M * Hollow daniel_hozac: ok, not necessary, works as expected without .. patch updated
1176454119 M * ramon Well, the prepre-start script is executed with the current directory /etc/vserver/<machine name>, and I am using it to mount (bind) host directories.
1176454134 M * Hollow why not use fstab?
1176454138 M * daniel_hozac the start scripts are different.
1176454162 M * ramon I tried, but the fstab seems to be executed in a context that cannot see host directories.
1176454192 M * Hollow works pretty good here :)
1176454219 M * ramon I tried something like the Unix fstab, say for mounting a java JRE in a machine (/opt/j2se in the host), placing "/opt/j2se   /java   none   bind,ro" in fstab
1176454234 M * ramon Sorry.
1176454262 M * Hollow looks ok to me
1176454268 M * daniel_hozac same.
1176454272 M * daniel_hozac could be the missing fields.
1176454285 M * Hollow yeah, dunno how picky secure-mount is :)
1176454316 M * Hollow try adding 0 0 at the end
1176454322 M * ramon I was using the prepre-start script for that. 
1176454519 M * daniel_hozac Hollow: +# run the above commands from within the server; s/above/below/?
1176454552 M * ramon I guess I must use an absolute directory of the physical machine for the first field, and a directory of the virtual machine for the second, must I?
1176454574 M * daniel_hozac Hollow: other than that, it looks fine to me.
1176454578 M * Hollow daniel_hozac: erm, yeah .. the contents of vserver-config.sh were inside the initpost script before, above the vserver start command ..
1176454578 M * daniel_hozac ramon: yes.
1176454596 M * Hollow but i figured it wouldbe better to not use too much cat <<EOF etc
1176454659 M * Hollow daniel_hozac: will commit it then
1176454667 M * daniel_hozac yep, thanks!
1176454741 M * Hollow oh, right .. my new ssh key
1176454747 M * Hollow this was the dumbest action ever
1176454763 M * Hollow i accidently overwrote my ssh keys everywhere, since i have shared nfs home since a few days
1176454771 M * Hollow and my host only allowed ssh-key-login
1176454844 M * ramon I have now only two small issue. The mounts of the virtual machine are seen in the virtual machine only, not in the physical machine. This is a good default, but no the best for my problem. 
1176454846 M * daniel_hozac hehe, d'oh!
1176454868 J * tso ~tso@a2125.adsl.pool.eol.hu
1176454880 M * ramon Other is that the init shell script is not still seeing SIGINT, but that's my problem.
1176454892 J * bzed ~bzed@dslb-084-059-112-037.pools.arcor-ip.net
1176454921 M * daniel_hozac ramon: why do you need the host to see it?
1176454975 Q * sladen Ping timeout: 480 seconds
1176454982 M * ramon Mostly for easy of use. It is not neccessary, but for I find it more intuitive for me to see them. Let me explain
1176455037 J * meandtheshel1 ~markus@85-124-232-65.work.xdsl-line.inode.at
1176455260 Q * SoftIce Ping timeout: 480 seconds
1176455304 Q * tso Quit: BitchX-1.1-final -- just do it.
1176455315 J * sladen paul@starsky.19inch.net
1176455330 M * ramon I am working with a customer preparing some environments for developers. Each environment has an Java application server. I want each of them running in a virtual machine for security and for having a single copy of Java and a single copy of the (Orion) application server in the machine. But the developers would prefer to see the directory structure. It is more intuitive for them to enter in /var/lib/vservers/environ1/ and see t
1176455330 M * ramon he same directories that the virtual machine is seen. Ok, I can place a readme.txt saying, "you have to go to orion-config/config.xml where you would normally go to /orion/config/config.xml", but that would give them another headache.
1176455429 M * ramon It is not a serious issue, though. I can place that mounts in the machine fstab.
1176455433 Q * ensc Killed (NickServ (GHOST command used by ensc_))
1176455444 J * ensc ~irc-ensc@p54b4f4f4.dip.t-dialin.net
1176455586 M * phedny can I use shell commands with vserver exec?
1176455606 M * phedny eg. vserver test exec ps aux | grep cron
1176455629 M * Hollow phedny: if not directly, it should work at least with bash -c 'foo | bar'
1176455646 M * phedny hmm, okay
1176455691 M * daniel_hozac phedny: that would execute grep cron on the host.
1176455716 M * daniel_hozac (and cross-context file descriptors are potentially dangerous.
1176455742 M * phedny daniel_hozac: I now, but that's what I want to change
1176455842 M * phedny I have this tool to remotelly execute commands over SSH
1176455865 M * phedny but I'm adapting it so it can send commands to a vserver guest over a SSH connection to the host context
1176456181 M * phedny okay, the basic part seems to be working, now I only have to work out shell escaping :)
1176456729 J * chand ~chand@m167.net81-64-156.noos.fr
1176456788 J * Piet hiddenserv@tor.noreply.org
1176457102 M * ramon What script hooks do I have available that are ran in the context of the host machine, when a virtual machine is started/stopped?
1176457375 M * ramon ping.
1176458136 M * daniel_hozac check the great flower page.
1176458141 M * daniel_hozac it has all of them.
1176458173 M * ramon You mean, the util-vserver help wiki page?
1176458242 M * daniel_hozac http://www.nongnu.org/util-vserver/doc/conf/configuration.html
1176458284 M * ramon Aargh, I was look for documentation only at http://linux-vserver.org/
1176458319 M * daniel_hozac an older version should be in the wiki.
1176458452 M * ramon I only see /etc/vservers/vserver-name/scripts/{pre-start, post-start
1176458457 M * ramon and similar.
1176458467 M * ramon The ones I was playing with.
1176458556 M * ramon But they are intended to be run in the guest root directory, but actually work in the guest configuration directory (prepre-start) and the current working directory of the caller (postpost-stop).
1176458741 Q * DavidS Quit: Leaving.
1176459432 M * daniel_hozac each script says which directory it will be executed in
1176459462 M * daniel_hozac e.g. prepre-start is run in the configuration directory.
1176459669 M * daniel_hozac and postpost-stop is executed in the guest's root directory here.
1176459714 M * daniel_hozac (just like it says)
1176459720 J * lilalinux ~plasma@80.69.41.3
1176459733 M * ramon Sorry, I didn't notice that the documentation in page you gave me was more up to date than the documentation in the wiki. However, I think that the postpost-stop is run in the current working directory of the caller.
1176459768 N * sannes_ sannes
1176459899 M * daniel_hozac got proof?
1176459908 M * ramon I am testing.
1176459935 M * daniel_hozac certainly not the case here.
1176460012 M * ramon Are you sure SIGINT is used to deliver stop command to init?
1176460019 M * daniel_hozac yes.
1176460043 M * ramon With regard to postpost-stop you are right.
1176460631 M * blizz is it possible to run the vserver ... build non-interactive with some kind of configfile?
1176460866 M * daniel_hozac hmm?
1176460870 M * daniel_hozac where is it interactive?
1176460880 M * Hollow in initpost :)
1176460891 M * Hollow dpkg-reconfigure passwd
1176460899 M * Hollow pops up some ncruses based interface
1176460926 M * daniel_hozac oh, well, that needs to go.
1176460948 M * Hollow k..
1176461183 M * Hollow daniel_hozac: done
1176461208 M * blizz lol
1176461227 M * daniel_hozac thanks.
1176461252 A * blizz is now known as christoph_kolumbus_of_bugs
1176461269 M * blizz you got a new patch yet, maybe? :)
1176461275 M * Hollow you have no idea ... ;)
1176461290 M * Hollow blizz: it's already in svn ;)
1176461371 M * blizz umm, can i generate myself a patch which would work with 0.30.213-rc6?
1176461380 M * Hollow sure
1176461395 M * Hollow svn diff -r 2527:2529
1176461828 M * blizz wii, thank you
1176461841 M * blizz however, gotta fix some ports first. gnah.
1176461888 M * daniel_hozac hmm?
1176461988 M * blizz my linux distribution's dietlibc port is somehow not working again
1176462037 M * Hollow hardend?
1176462088 M * daniel_hozac ubuntu?
1176462090 M * ramon As a general comment, I would suggest to make vserver composed of facilities as general and atomic as posible. I may be wrong, but I think that procfs hidding is being done in kernel level. I think that the system /proc shold show all processes, and hidding them could be implemented by remounting /proc with a filesystem wrapper.
1176462121 M * ramon The Unix concept of providing system calls as atomic as posible, so that combining them can allow one to do anything.
1176462218 M * daniel_hozac the pid namespace which will be going in to mainline soon will only show the processes in the current namespace.
1176462222 M * daniel_hozac just like it should.
1176462229 M * blizz crux linux
1176462310 M * blizz wohoo, '__guard's! what was that again. i think commenting a line in dietfeatures.h was the solution, the one which would set WANT_SSP
1176462520 M * ramon I think that contexts could be implemented completely in user space, by namespace manipulation. 
1176462528 M * ramon I would like to see the same for networking.
1176462546 M * daniel_hozac ramon: we're aiming for no overhead.
1176462560 M * daniel_hozac userspacing stuff would, well, make performance suck.
1176462576 M * ramon Not by namespace manipulation.
1176462607 M * daniel_hozac hmm?
1176462612 M * ramon Of course, namespace manipulation itself is a kernel service.
1176462700 M * ramon I am thinking about networking like in Plan9, where all operations (interfaces, socket creation, connection, ..) are done with files, and by virtualizing these files with namespaces operations, one can offer virtialization with very low cost. Except for networking and other few things, this is mostly how vserver is working.
1176462725 M * daniel_hozac never seen plan9.
1176462751 M * ramon Plan9 is an Unix like operating system created by the creators of Unix.
1176462785 M * ramon http://plan9.bell-labs.com
1176462793 M * ramon http://plan9.bell-labs.com/plan9dist/
1176462899 M * daniel_hozac yes, i know that.
1176462906 M * daniel_hozac i've just never seen it.
1176463031 M * ramon Some relevant papers are: about namespaces http://plan9.bell-labs.com/sys/doc/names.html , and "The hideous name" http://cm.bell-labs.com/cm/cs/doc/85/1-05.ps.gz
1176463167 M * ramon By virtualizing /dev/mouse  /dev/console and /dev/screen (I think), the operating system implements a window system. That is, the application thinks that it is talking to the screen /dev/screen, but the output actually goes to a window. The application thinks it is reading the physical mouse /dev/mouse , but that file is actually virtualized by the window system to multiplex mouse depending on who has the focus. And so on.
1176463191 M * ramon Perhaps the name /dev/screen is wrong, but you get the concept.
1176463208 M * daniel_hozac sure, but tons of bind mounts is not what i'd call "pretty".
1176463262 M * ramon User defined files and directories rather than bind mounts.
1176463287 M * daniel_hozac what?
1176463308 M * daniel_hozac you know this is _Linux_VServer, right?
1176463347 M * ramon Not necessary than many bind mounts. 
1176463371 M * ramon Just some file servers for each service, like you commented about procfs
1176463373 J * MadSoul ~Madll@217.196.160.253
1176463392 P * MadSoul 
1176463405 M * ramon I mean, some filesystem filters.
1176463534 M * daniel_hozac for every single filesystem?
1176463550 M * daniel_hozac and that still doesn't handle process visibility.
1176463646 M * ramon A filesystem filter for each service. Such as networking, process, and so on.
1176463679 M * ramon If a filesystem filter decides what can be viewed or not under /proc, it is handling process visibility, isn't it?
1176463686 M * daniel_hozac no.
1176463694 M * daniel_hozac kill(2) doesn't use /proc.
1176463729 M * ramon I see. That's the difference with Plan 9, where kill, socket, .. go through files.
1176463797 M * ramon A solution could be system call virtualization. That is, a method for a process to modify system calls of itself and its children.
1176463844 M * ramon So that they are translated into notifications to itself, that can be replied.
1176463860 M * daniel_hozac that wouldn't be overheady at all.
1176463864 M * daniel_hozac *cough*
1176463900 M * ramon Only socket(), kill() and a few others would have to be virtualized (I think)
1176464013 M * daniel_hozac but you'd add an additional filter _for_every_single_syscall_.
1176464014 M * ramon In the case of a kill() system call, that would require three user-kernel mode switches instead of one. But very slow? I don't think so.
1176464086 M * ramon Sorry, 4 mode switches instead of 2.
1176464102 M * ramon 6 instead of 2.
1176464125 M * ramon call notify call ret-call ret-notify ret-call
1176464244 M * ramon Well, that's enough discussion. Let's continue working.
1176464516 M * ramon Now I see why machine shutdown does not work. The shell ignores SIGINT while executing a command.
1176465174 M * ramon Another question. If my custom init exits, where will all its children go? Will they be killed automatically on virtual machine shutdown? 
1176465433 J * Ben81 ~Ben81@tipi0e.lri.fr
1176465456 M * daniel_hozac ramon: if it's shutdown sure...
1176465604 M * daniel_hozac but normally the children are just reparented to the host's init, IIRC.
1176465802 J * |Alex_ ~Alx@85.186.132.196
1176465812 N * |Alex_ |Alex
1176465817 P * |Alex 
1176465908 M * ramon That is one of the things that I find absolutely necessary in Linux: tell the kernel please do not reparent my children to init if I die. This is a security hole in batch queue systems (where a user is allowed to run CPU intensive tasks in a queue, and with limited time)
1176466177 M * ramon I am not sure if I understand you. If my vm init exits, and the vm is shutdown, the existing processes in the vm are killed, aren't they?
1176466193 M * daniel_hozac of course.
1176466204 M * daniel_hozac but the guest is not shutdown just because init dies.
1176466208 M * daniel_hozac IIRC, anyway.
1176466252 M * ramon Well, when I used as init a script echo Hello, the machine got stopped, according to vserver <machine> status
1176466279 M * ramon But that's not important.
1176466296 M * ramon vserver <machine> stop will be the method to stop servers. Thanks.
1176466776 J * DavidS ~david@85.125.165.34
1176467161 J * Tux_bubling ~tuxbublin@sat78-6-88-160-130-34.fbx.proxad.net
1176467164 M * Tux_bubling hello :)
1176467185 M * daniel_hozac hi
1176467199 M * Tux_bubling Is there prebuilt RPM of vserver kernel & utils for RHEL4 or CentOS ?
1176467217 M * daniel_hozac not that i know of.
1176467226 M * Tux_bubling sniiff :'(
1176467392 M * Tux_bubling ah seems there's some for centos and fedora
1176467484 M * Tux_bubling arrr actually not
1176467578 M * daniel_hozac i only update the ones for Fedora.
1176467582 M * daniel_hozac the CentOS RPMs are ancient.
1176467593 M * daniel_hozac (and i don't have any kernels)
1176467661 M * DavidS i was just checking which vserver patch is included in etch and it is "2.0.2.2-rc9", just FYI :)
1176467670 M * DavidS (speaking of ancient)
1176467679 Q * Ben81 Quit: Leaving
1176467685 M * daniel_hozac i know.
1176467695 M * daniel_hozac it's a shame.
1176467869 Q * Aiken Quit: Leaving
1176467906 M * Tux_bubling daniel_hozac: i see it
1176467917 M * Tux_bubling i can't blame you for the CentOS kernel
1176467941 M * Tux_bubling there's too much patches in RH/CentOS kernel.... and it's old 
1176467996 Q * mountie Remote host closed the connection
1176468049 M * Tux_bubling at least if i understood correctly, i can install any distro inside a VS ? isn't it?
1176468169 J * mountie ~mountie@trb229.travel-net.com
1176468960 M * daniel_hozac Tux_bubling: yep, pretty much
1176468966 J * ema ~ema@rtfm.galliera.it
1176469125 M * Tux_bubling daniel_hozac: something make me think there's a limitation... in each example that i see, the guest OS installed is the same as the host...
1176469155 M * Tux_bubling is it a real limitation or i could install any other distro on any guest?
1176469338 M * ramon Uff, at least my init script is working.
1176469350 M * ramon Thank you very much for your help.
1176469768 M * sannes Tux_bubling: any distro, but you may have to do some hacking
1176469982 M * Tux_bubling sannes: what i don't understand, is where you set the medio from wich you wanna install at guest creation
1176470506 Q * shedi Ping timeout: 480 seconds
1176471158 M * Tux_bubling s/medio/media/
1176471171 J * shedi ~siggi@ftth-237-144.hive.is
1176471309 M * mnemoc daniel_hozac: hi, what do you think about allocating a pts on pre-start and copying it to dev/console of the guest?
1176472086 Q * Tux_bubling Quit: leaving
1176473023 J * dos000 ~ymo@CPE000f66912f92-CM0018c0c6147e.cpe.net.cable.rogers.com
1176473026 M * dos000 howdy
1176473035 Q * sharkjaw Quit: Leaving
1176473095 M * dos000 it looks like there is kernel oops with the vserver 2.6.17.13/vs2.0.2.1 on intel pro 100 cards (e1000). But it only happens when i switch to static ip addressing
1176473132 M * dos000 anyone rings a bell ? i have been googling to find this issue.
1176473283 J * Adrinael_ adrinael@82.130.50.23
1176473625 Q * Adrinael Ping timeout: 480 seconds
1176473753 Q * Piet Remote host closed the connection
1176473943 J * Piet hiddenserv@tor.noreply.org
1176474377 M * Borg- dos000: what kind of ups?
1176474486 M * dos000 Borg-: the server is in a data center. i will paste their response ...
1176474504 M * Borg- 0c:04.0 Ethernet controller: Intel Corporation 82546EB Gigabit Ethernet Controller (Copper) (rev 01)
1176474512 M * Borg- I have this one.. on my host
1176474517 M * daniel_hozac mnemoc: should work fine, no?
1176474541 M * mnemoc daniel_hozac: yes, but i mean to integrate that on util-vserver
1176474566 M * dos000 Borg-: for the record even lspci does not recognize it
1176474574 M * mnemoc daniel_hozac: and keeping officially something on etc/vserver/$foo we can use from the host to catch it
1176474655 M * dos000 all i get is thernet controller: Intel Corp.: Unknown device 107c (rev 05). btw  that even happens when i switch to non vserver 2.6.16-2-686
1176474727 M * daniel_hozac dos000: so not a problem with vserver, is it?
1176474758 M * daniel_hozac mnemoc: you mean like screen?
1176474771 M * mnemoc daniel_hozac: yes ,-)
1176474775 M * daniel_hozac because, i _really_ don't feel like reimplementing that ;)
1176474789 M * mnemoc screen /etc/vserver/$foo/console
1176474795 M * dos000 i also have noticed that some of my interfaces will just disapear. the vser seems up (via vserver-stat) but i just cant access that vserver anymore. and yes i have net.ipv4.conf.all.promote_secondaries=1 thanks to bertl
1176474817 M * Borg- dos000: maybe you just forgot to compile support for that card? ;)
1176474847 M * dos000 Borg-: the module is there tho ... the device is loaded !
1176474863 M * Borg- weird..
1176474911 M * dos000 Borg-: the device should get detected right in lspci at least ?
1176474911 M * daniel_hozac dos000: so if you boot the box, ip addr add <address>/<prefix> dev ethX triggers the oops?
1176474928 M * daniel_hozac dos000: and why aren't you testing on a recent kernel?
1176474942 M * dos000 daniel_hozac: yes. booting in dhcp just seems fine. beside the disapearance of the interfaces.
1176474953 M * dos000 daniel_hozac: i al compiling latest now
1176474995 M * dos000 daniel_hozac: sorry. the oops are generated if i try to switch to a static ip on the host.
1176475009 M * dos000 the kernel nerver boots.
1176475053 M * daniel_hozac so when you have the DHCP lease, it works fine?
1176475056 M * Borg- dos000: yeah. it should be listed on lspci properly when kernel have properl drivers for device
1176475066 M * daniel_hozac e.g. ip addr add ... doesn't trigger it at all?
1176475074 M * daniel_hozac Borg-: no it shouldn't. lspci has nothing to do with drivers.
1176475085 M * dos000 daniel_hozac: apparently .. but i am suspecting something funny. 
1176475108 M * Borg- daniel_hozac: really? I always get unknown devices for kernels w/o suport for device.. and fine reading for kernel w/ support
1176475136 M * daniel_hozac Borg-: then you must have a really strange lspci, as the one in recent pciutils uses pci.ids.
1176475163 M * Borg- hmm.. 
1176475166 M * dos000 i am running in debian sarge. not sure which lspci i have
1176475199 M * daniel_hozac sarge's pci.ids is most likely horribly out of date.
1176475206 M * Borg- daniel_hozac: could be :) I like to run ancient stuff
1176475215 M * daniel_hozac mine has your NIC listed as Intel 82541PI Gigabit Ethernet Controller
1176475222 M * dos000 daniel_hozac: where is pci.ids ?
1176475248 M * daniel_hozac depends on the distribution, Fedora has it in /usr/share/hwdata/pci.ids, IIRC etch has it in /usr/share/pci.ids.
1176475388 M * dos000 sarge is in /usr/share/misc/pci.ids
1176475811 M * dos000 would it be a good idea to add a default .config for every release ?
1176475822 M * daniel_hozac what?
1176475866 M * DavidS dos000: that's what distributions are for
1176475887 M * daniel_hozac or, i don't know, make defconfig?
1176475888 M * dos000 i always hunt for a kernel .config file when compiling a new kernel. i usually just take the one shipping with the latest distro like ubuntu
1176475916 M * dos000 heh
1176476016 M * dos000 daniel_hozac: defconfig would do for now !
1176476205 M * dos000 is there a way i can tell the kernel to save the logs so that i can see the kernel oops next time i boot ?
1176476242 M * daniel_hozac serial console?
1176476263 M * dos000 daniel_hozac: the server is in remote place
1176476279 M * daniel_hozac and you only have one server?
1176476284 M * dos000 yes
1176476293 M * daniel_hozac i guess you're screwed then.
1176476300 M * dos000 tow!
1176476334 M * doener netconsole?
1176476363 M * doener hm, maybe not that smart with a networking related oops...
1176476371 M * dos000 doener: netconsole ... yeah
1176476382 Q * ramon Ping timeout: 480 seconds
1176476399 M * dos000 the best would be to tell the kernel to log it locally.
1176476824 M * dos000 defconfig did not build any drivers :(
1176477114 J * ramon ~ramon___@185.Red-83-46-173.dynamicIP.rima-tde.net
1176477256 M * ramon Are there any examples of vserver configurations?
1176477266 M * sid3windr of what?
1176477276 M * waldi which sort of example?
1176477283 M * ramon The files under /etc/vservers
1176477300 M * ramon At this moment I am configuring the network of a vserver.
1176477356 M * dos000 ramon you should not need examples .. i just always take the defaults
1176477385 M * ramon For instance, I want to run a vserver bound to a specific IP address, with the rest of IPs hidden.
1176477393 M * ramon No default can guess that.
1176477817 M * dos000 just configure the interface for the vserver then
1176477880 M * dos000 vim /etc/vservers/<vsname>/interfaces/0/
1176479210 M * dos000 quick one : am i better off with 2.6.19 or 2.6.20 ?
1176479223 M * dos000 i am halfway compiling 2.6.19 now
1176479430 M * ramon Sorry, how do I "just configure the interface for the vserver"?
1176479656 J * boci^ ~boci@pool-0556.adsl.interware.hu
1176479695 M * ramon OK, I think I get it, I just did not see the IP entry, now everything seems to make sense.
1176479863 M * ramon And works.
1176480613 Q * ema Quit: leaving
1176481123 M * ramon Another minor bug.
1176481173 M * ramon When the virtual machine exists (because init exits and there is no other process), the network interface creation (actually, adding an address to an interface) is not undone. This causes an error when the virtual machine is restarted.
1176481180 M * ramon Should I post a bug report.
1176481182 M * ramon ?
1176481279 J * bonbons ~bonbons@83.222.38.145
1176481623 M * ramon ping
1176482192 M * daniel_hozac ramon: i already told you i'm going to fix that.
1176482243 M * ramon Sorry, I didn't understand that it is the same problem.
1176482255 Q * chand Quit: chand
1176482554 M * daniel_hozac btw, normally you'd add addresses while building, with --interface.
1176482929 M * ramon I can't I am building using method skeleton.
1176482990 M * blizz is there something like Trac for the subversion repository?
1176482993 M * ramon Because each virtual machine contains only readonly bind mounts of java, a java application server, and some mounts so that the server can write its logs, deploy applications and so on.
1176483008 M * daniel_hozac blizz: which one?
1176483023 M * ramon No operating system, no debootstrap, nothing. The intention is to isolate each application from the rest of the system.
1176483026 M * daniel_hozac ramon: the skeleton build method supports all of the options just the same.
1176483039 M * blizz i'm currently using svn.linux-vserver.org to create the patches for the 0.30.212-rc6 release
1176483043 M * ramon Aargh.
1176483048 M * daniel_hozac blizz: for util-vserver: http://svn.linux-vserver.org/projects/util-vserver
1176483095 M * blizz nice! thanks
1176483231 M * blizz what does setattr --barrier /vserver do?
1176483245 M * daniel_hozac it sets the barrier on /vserver.
1176483259 M * daniel_hozac which is what keeps guests from escaping.
1176483264 M * daniel_hozac (the chroot)
1176483280 M * blizz and that's a must? it's not being done automatically?
1176483301 M * hardwire magically
1176483309 M * daniel_hozac it should be done by your installation method.
1176483332 M * blizz whops. post-install script missing
1176483340 J * Piet_ hiddenserv@tor.noreply.org
1176483354 M * hardwire Piet_: yo
1176483501 M * blizz how can they escape the directory when the barrier is not set?
1176483518 M * blizz sorry for asking dumb questions..
1176483525 M * daniel_hozac mkdir /baz; chroot /baz; cd ../../..
1176483550 M * daniel_hozac as documented in chroot(2).
1176483617 M * blizz ouch!
1176483624 M * blizz i didnt know i had to use setattr
1176483629 M * blizz major security risk :)
1176483632 M * daniel_hozac yep.
1176483746 Q * Piet Ping timeout: 480 seconds
1176483922 M * blizz thad gives me the creeps..
1176483926 M * blizz *that
1176484016 N * Piet_ Piet
1176484086 M * Koffa how do you check that?
1176484101 M * daniel_hozac showattr /vservers
1176484121 M * Koffa ah show, not get :)
1176484156 M * blizz daniel_hozac, is there any way to find out if someone escaped from there sometime?
1176484167 M * daniel_hozac not really.
1176484171 M * Koffa ---bui-
1176484181 M * Koffa teh default, haven't touched it
1176484185 M * blizz i think it should be Bui
1176484194 M * daniel_hozac yep, capital letter means it's set.
1176484199 M * blizz holy..
1176484203 M * Piet hardwire: hi
1176484212 M * Koffa umm
1176484261 M * blizz Koffa, evil!
1176484264 M * Koffa kinky
1176484317 M * ramon I think I saw somewhere a command vserver <srv> copy. Am I high?
1176484331 M * daniel_hozac yes.
1176484337 M * daniel_hozac it's vserver ... build -m rsync/clone.
1176484360 M * ramon Aah.
1176484411 M * blizz and how can i unset an attr?
1176484421 M * daniel_hozac setattr --~barrier, e.g.
1176484437 M * daniel_hozac just like setattr --help says.
1176484486 M * blizz allright, i wasnt sure about the ~, sorry.
1176484527 M * Koffa weird syntax imo :
1176484528 M * Koffa :)
1176484558 J * marcfiu ~mef@aegis.CS.Princeton.EDU
1176484731 M * daniel_hozac makes perfect sense to me, as ~ is the operator to negate a bit.
1176484746 M * daniel_hozac s/a bit/an integer/
1176484753 M * daniel_hozac hey marcfiu
1176484957 M * blizz yeah. syntax is fine imho
1176485085 M * ramon May I take the freedom of including the name Daniel Hozac in our bug reporting system, acknowledging your help in this setup?
1176485103 M * daniel_hozac that's a nick.
1176485121 M * daniel_hozac my name is Daniel Hokka Zakrisson.
1176485141 M * ramon Ok.
1176485160 M * daniel_hozac (as whois, changelog, linux-vserver.org/Developers etc. say ;))
1176485221 M * ramon Yes, but I am so tired that I run the whois but forgot to look at the output.
1176485251 M * blizz how about adding a big fat warning about enabling the barrier after make install-dist?
1176485269 M * ramon Another stupid bug that I forgot to mention.
1176485328 M * ramon The "functions" script and others use function names with a dot. Bash does not accept them, though for some reason the problem is hidden until one invokes sh with -x (as I did for debuggign).
1176485348 M * ramon I replaced the "." in all function names with _.
1176485351 M * daniel_hozac umm?
1176485359 M * daniel_hozac works fine here...
1176485368 M * ramon With sh -x ?
1176485412 M * ramon This is Bash 3.1.17(1)
1176485422 M * daniel_hozac probably not with sh -x, as that's, well, sh.
1176485432 M * mjt functions with a dot in names? 
1176485436 M * daniel_hozac you're aware of vserver --debug, which set -x's, right?
1176485444 M * ramon No :-)
1176485457 M * mjt by the way, sh might be not your /bin/bash but something else
1176485466 M * ramon I did in the core way sh -x vserver ... :-)
1176485476 M * mjt lrwxrwxrwx 1 root root 4 2007-03-29 16:42 /bin/sh -> dash
1176485478 M * ramon Real programmers don't read documentation :-)
1176485481 M * daniel_hozac which shouldn't have worked for lots of other reasons.
1176485487 M * daniel_hozac real programmers read the source...
1176485497 M * daniel_hozac sh doesn't have arrays, for instance.
1176485501 M * ramon Bash complained about invalid character in identifier.
1176485508 M * daniel_hozac _sh_ complained.
1176485509 M * blizz daniel_hozac, how about the disclaimer?
1176485511 M * daniel_hozac run it in bash.
1176485529 M * daniel_hozac blizz: i'll see why it's not in the scripts first, if it's for a reason, i'll ad it.
1176485572 M * ramon The error message is exactly: <name>: not a valid identifier.
1176485585 M * blizz i think there are at least a few a lot of people who didn't set the barrier because they didnt read the README or the wikipage
1176485607 M * mjt ramon: run it in bash, not sh
1176485625 M * harry seems like my advanced routing scripts are actually useful for others too !!:)
1176485631 M * ramon Aaah.
1176485633 M * harry allways nice to hear/know that :)
1176485646 M * ramon So Bash behaves differently when called as sh rather than bash.
1176485652 M * mjt no
1176485671 M * daniel_hozac sh is enabled the sh-compatibility mode, just like it's supposed to...
1176485672 M * mjt try sh --version; bash --version
1176485682 M * mjt ah
1176485719 M * ramon I could not imagine that. It is too weird for me.
1176485729 M * daniel_hozac that sh is actually a sh-compatible shell?
1176485734 M * daniel_hozac yeah, strange...
1176485739 M * ramon :-)
1176485884 M * daniel_hozac blizz: i'd hope most of those used packages.
1176485884 M * marcfiu hey daniel_hozac, did the IPv6 support make it into vs 2.2?
1176485894 M * daniel_hozac marcfiu: no, unfortunately not.
1176485899 M * blizz daniel_hozac, me too.
1176485904 M * marcfiu daniel_hozac: thanks
1176486453 M * mjt daniel_hozac: re several day's back breaking-out-of-chroot stuff (classical chroot foo; cd ../../../..; chroot .): that's nice, but with enforced chdir (grsecurity etc patches), and/or without CAP_CHROOT, it's not possible anymore
1176486460 M * blizz daniel_hozac, is it possible that the exploits are not working even with the barrier disabled? i tried all of them on a recent 2.6 server -- didnt work
1176486465 M * blizz though they worked on a 2.4 server
1176486500 M * daniel_hozac blizz: it depends on how far you try to go.
1176486525 M * daniel_hozac blizz: if you try to go to the host, the namespace will protect you.
1176486533 M * daniel_hozac but you should be able to get to other guests just fine.
1176486559 M * daniel_hozac mjt: of course.
1176486570 M * daniel_hozac mjt: it's also not possible if you properly configure the barrier..
1176486576 M * blizz daniel_hozac, ahh, i see.
1176486737 M * daniel_hozac ensc: ping? seems i'm not getting emails for new reports at savannah. is that something i can fix?
1176487923 M * marcfiu What are the various ways that folks use VServer?
1176487925 M * marcfiu The obvious use is for web hosting.  We use it for experiment hosting on PlanetLab.  I've also heard that Herbert has used it as a demo for multiheaded X terminals.  I'm also aware of folks using it for security isolation of little "applets", which is quite different from the hosting models; an "applet" gets invoked in a separate, dynamic context and these contexts only live as long as the "applet".   This makes sense for linux-based cell phones where
1176487939 M * marcfiu Are there any other cool scenarios?
1176487959 M * Koffa ...cell phones where
1176487965 M * Koffa buggybugbug?
1176487975 M * daniel_hozac it got cut off.
1176487986 M * marcfiu We use it for experiment hosting on PlanetLab.
1176487992 M * marcfiu  I've also heard that Herbert has used it as a demo for multiheaded X terminals. 
1176488002 M * marcfiu  I'm also aware of folks using it for security isolation of little "applets", which is quite different from the hosting models; an "applet" gets invoked in a separate, dynamic context and these contexts only live as long as the "applet". 
1176488007 M * marcfiu This makes sense for linux-based cell phones where one just want to isolate foreign code.  
1176488027 M * daniel_hozac actually, i don't think Herbert was involved that much in the multiheaded X.
1176488037 M * daniel_hozac (of course, i could be totally wrong)
1176488087 Q * kir Quit: Leaving
1176488097 M * marcfiu Oh yeah, and it might also make sense on wifi gateways/servers on steroids like the asus 700ge where they are converging a bunch of separate apps onto a single appliance.
1176488099 M * daniel_hozac anywho, it looks fine to me.
1176488110 M * ramon I don't understand this:
1176488111 M * marcfiu daniel_hozac: I'm looking for more examples.
1176488124 M * ramon vserver foo -m rsync
1176488133 M * ramon vserver-build.rsync: --source argument required
1176488158 M * ramon vserver foo build -m rsync --source /etc/vservers/bar
1176488170 M * daniel_hozac ramon: -- --source.
1176488171 M * ramon vserver-build: unknown option `--source'
1176488179 M * ramon ah.
1176488241 M * daniel_hozac marcfiu: experiments, hosting and "applets" are rather large points, they cover most of the cases i've heard of.
1176488254 M * marcfiu daniel_hozac: that's what I wanted to hear.
1176488276 M * marcfiu thanks
1176488419 M * daniel_hozac you're welcome!
1176488422 M * blizz daniel_hozac, Hollow, got stuff working and secured ;-) thank you alot for your help and work!
1176488465 M * daniel_hozac it's my pleasure. thanks for testing it!
1176488522 M * ramon I also agree. VServer has contributed greatly to make this system more secure. I hope that at least the patch for mount --bind -o ro is accepted in the mainline kernel.
1176488537 M * ramon I will try to install it in all production server.
1176488560 J * SoftIce ~phil@vc-196-207-45-253.3g.vodacom.co.za
1176488565 M * SoftIce hello
1176488610 M * blizz hi
1176488636 M * daniel_hozac ramon: many people have tried, nobody has succeeded....
1176488679 M * ramon daniel_hozac: thanks for the help. I would like if your help were economically appreciated, but that is unfortunately out of my power. I am just a poorly paid system manager (though my boss charges huge amounts for my work).
1176488772 M * SoftIce anyone have any idea why i'm getting this when trying to build a kernel
1176488775 M * SoftIce http://www.pastebin.ca/438560
1176488783 M * daniel_hozac ramon: sure, i know how it goes.
1176488819 M * daniel_hozac SoftIce: well, umm, what are you trying to build? looks broken to me.
1176488826 M * daniel_hozac SoftIce: and why would you even want such an old kernel?
1176488850 M * daniel_hozac 2.6.17 isn't supported anymore.
1176488860 M * SoftIce supported?
1176488867 M * daniel_hozac you know, updated.
1176488869 M * ramon daniel_hozac: debian is using 2.6.18.
1176488877 M * daniel_hozac i know.
1176488879 M * daniel_hozac as is CentOS 5.
1176488885 M * daniel_hozac (and thus RHEL 5)
1176488887 M * ramon uname -r: 2.6.18-4-vserver-686
1176488895 M * SoftIce daniel_hozac: well the reason i'm using it is because I have the config for it
1176488903 M * SoftIce and i've had issues with my config on later kernels
1176488912 M * SoftIce so using harrys patch
1176488935 M * daniel_hozac so, rather than fixing the config, you use an old, possibly insecure kernel?
1176488965 M * ramon SoftIce: my advice (no religion intended) is to use Debian 4.0. Some reasons: vserver integrated, just install it; try to debug an initrd issue with Redhat Enterprise.
1176488995 M * SoftIce daniel_hozac: possible insecure kernel?
1176488999 M * blizz SoftIce, just extract the .18 sources, copy the old .config file into it and run make oldconfig
1176489001 M * SoftIce id say its safter to use a patch older kernel
1176489001 M * daniel_hozac Debian uses old vserver patches.
1176489010 M * SoftIce as people stop trying to write exploits for it and worry about newer kernels
1176489014 M * SoftIce isn't that a good theory ?
1176489019 M * blizz lol
1176489024 M * daniel_hozac SoftIce: you realize the new exploits most likely work on your kernel too, right?
1176489046 M * SoftIce yes, but with the grsec patch its that much harder to exploit
1176489053 M * daniel_hozac not really.
1176489076 M * SoftIce so i'm using a risk analysis equation 
1176489091 M * daniel_hozac an apparently broken one.
1176489099 M * ramon The issue with newer kernels is the risk of new bugs not yet known. 
1176489108 M * SoftIce hahaha :) I like your style
1176489117 M * SoftIce daniel_hozac: this is the very reason I dont like linux
1176489127 M * SoftIce allways having to patch / upgrade kernels and having to reboot
1176489129 M * daniel_hozac those pesky updates?
1176489150 M * daniel_hozac well, nothing's stopping you from running the same kernel for years, is there?
1176489156 M * blizz <rant>it's much better to use windows 2000 and reboot for changing the ip address *cough*</rant>
1176489169 M * SoftIce daniel_hozac: no, except for the fact that it could be exploitable
1176489182 M * daniel_hozac yeah, those darn security updates!
1176489189 M * SoftIce :P
1176489191 M * daniel_hozac who needs 'em.
1176489197 M * ramon I am leaving work now. See you.
1176489211 M * daniel_hozac cya!
1176489219 Q * ramon Quit: Saliendo
1176489224 M * SoftIce hehe, well what is the formula based on having no local users?
1176489230 M * mjt what grsec adds to make exploiting kernel bugs more difficult??
1176489240 M * DavidS "you have moved your mouse. Please restart the system to make the changes." Seriously though I think that a "system" which has regular (security) updates is much better prepared than one which hasn't see how openbsd rotated when trying to get to grips with the ssh bug
1176489265 M * SoftIce which hasn't see how openbsd rotated when trying to get to grips with the ssh bug
1176489267 M * SoftIce hehe :)
1176489296 M * mjt DavidS: that statement is printed on a paper which is sticked right under my monitor.  It reads: "You have moved the mouse. Windows needs to be restarted for the changes to take effect."
1176489309 M * mjt s/under/near/
1176489313 M * mjt damn English ;)
1176489340 M * daniel_hozac near?
1176489357 M * DavidS SoftIce: yeah, there is a ';' missing somewhere in there ;)
1176489360 M * daniel_hozac beneath seems most appropriate to me.
1176489369 M * mjt it's been here since about 1995 or so
1176489377 M * daniel_hozac (then again, i don't speak english :))
1176489395 M * SoftIce me neither, thats why i struggle to comunicate :)
1176489402 M * SoftIce its my 3rd language
1176489415 M * mjt and "SoftIce" was a good debugger for MS-DOG...
1176489432 M * SoftIce this nick was from 1997 :P
1176489443 M * SoftIce I realised why the kernel never compiled
1176489579 M * daniel_hozac oh?
1176489595 M * SoftIce yes, but to ashamed to admit it :)
1176489600 Q * shedi Ping timeout: 480 seconds
1176489603 M * daniel_hozac used the wrong patch?
1176489607 Q * dna Quit: Verlassend
1176489642 M * SoftIce ye, using a .11 patch on a 14 kernel
1176489657 M * SoftIce have not seen if it works yet, but I gather its the reason, as I had a couple offset messages
1176489692 M * daniel_hozac offsets are usually fine, as long as they're not really big and inconsistent across one file.
1176489707 M * SoftIce ahh, mine is pretty much of 2 lines, etc
1176489722 M * SoftIce nice, this new patch, no offset errors
1176489817 M * SoftIce hmm, how can I structure this string to apply yes when asked but apply a return if question doesn't have an option to apply y
1176489818 M * SoftIce  yes | make oldconfig 
1176489841 M * daniel_hozac yes ""?
1176489849 M * daniel_hozac (e.g. accept default)
1176489899 M * SoftIce :)
1176490232 J * jolie- ~sdsa@212.156.188.80
1176490235 Q * jolie- Excess Flood
1176490410 M * blizz vhashify is cool.
1176490425 M * blizz i'm slowly getting an idea of util-vserver.. ;-)
1176490621 M * SoftIce ive still got a lot to learn :P
1176490638 M * SoftIce vhashify does what?
1176490694 M * blizz vserver <name> hashify -> calculates hashes of file contents, moves those into /vservers/.hash and creates hardlinks
1176490712 M * blizz if you modify a file which has been hashed the link will be broken and so on..
1176490748 M * blizz i think that is how it works :P
1176490899 M * SoftIce neat
1176490958 M * daniel_hozac basically lets you save lots of disk/memory by sharing files across similar guests.
1176490998 M * blizz and it's safe?
1176491007 M * blizz i just wondered
1176491021 M * daniel_hozac yes, the files are made immutable so guests cannot modify them.
1176491035 M * daniel_hozac (well, neither can the host, but the host-root has the capability to remove it)
1176491061 M * blizz and if COW is enabled they wont even notice it, right?
1176491095 M * blizz moo.
1176491134 M * daniel_hozac that's the idea.
1176491242 M * blizz btw, do you know something about the vcd development?
1176491259 M * daniel_hozac well, Hollow's the man to talk to about that.
1176491268 M * daniel_hozac i've not had a chance to study/use it yet.
1176491291 M * blizz ahh, hollow's work? cool. i like the concept alot
1176491365 M * Hollow blizz: thanks, unfortunately i didn't have the time recently to fix up some stuff for a preview release, but maybe i will do some vcd development at work soon
1176491443 M * Hollow my boss just said "we need to look into that" ;)
1176491450 M * daniel_hozac hehe
1176491476 M * Hollow well.. i applied with the manual :P
1176491488 M * daniel_hozac oh, cool
1176491507 M * Hollow yeah, good documentation can be a good reference for such things .. :)
1176491533 M * blizz hm, cool
1176491643 M * Hollow now i'm even able to write about installation debian .. :))
1176491648 M * Hollow +on
1176491656 M * daniel_hozac for vcd?
1176491660 M * Hollow yeah
1176491670 M * daniel_hozac hehe.
1176491757 N * DoberMann[PullA] DoberMann
1176492085 M * blizz is it possible to specify an alternative debootstrap.deb package? it's because i want to isntall edgy eft and it's not included in debian's debootstrap
1176492127 M * daniel_hozac yep.
1176492153 M * daniel_hozac not sure how that works on e.g. Debian where there's already a debootstrap package installed though.
1176492184 M * daniel_hozac for other distributions, just echo <URL> > /etc/vservers/.defaults/apps/debootstrap/uri
1176492260 M * Hollow guess you need a debootstrap script for edgy
1176492265 M * Hollow and specify a correct mirror
1176492281 M * daniel_hozac yeah.
1176492294 M * matti :)
1176492303 M * daniel_hozac (hmm, now that you mention it won't the default mirror break on Ubuntu?)
1176492313 M * daniel_hozac +,
1176492327 M * Hollow it would break anyway if you don't specify one, since debootstrap has this mirror hardcoded as default
1176492371 M * daniel_hozac i doubt Ubuntu's debootstrap has it hardcoded.
1176492386 M * Hollow hm ..
1176492394 M * daniel_hozac (to that value, i mean)
1176492398 M * Hollow yeah
1176492474 M * Hollow  30 DEF_MIRROR="http://archive.ubuntu.com/ubuntu"
1176492475 M * Hollow :/
1176492542 M * Hollow so, either we grep for it, or we revert it entirely
1176492599 M * daniel_hozac revert, i guess?
1176492607 M * matti Hollow and Ubuntu?
1176492607 M * matti ;]
1176492628 M * daniel_hozac i really wish we had a Ubuntu maintainer.
1176492668 M * daniel_hozac i wonder how often these scripts change.
1176492676 M * daniel_hozac (these == debootstrap)
1176492684 M * SoftIce ok daniel_hozac help me :(
1176492685 M * SoftIce http://www.pastebin.ca/438649
1176492689 M * daniel_hozac i mean, would it make sense to include them in the utils?
1176492697 M * Koffa whenever new release is made?
1176492713 M * Hollow well, it seems quite a mess, since you have to search for scripts for other distros than the host if you want to debootstrap them as guest ..
1176492737 M * daniel_hozac Hollow: right, but if we include them in the utils, we could just point debootstrap there.
1176492757 M * Hollow yeah, thought of that too
1176492757 M * daniel_hozac SoftIce: you have a retarded compiler that tries to build the kernel with -fstack-protector.
1176492777 J * Blissex ~Blissex@82-69-39-138.dsl.in-addr.zen.co.uk
1176492778 M * daniel_hozac SoftIce: add -fno-stack-protector-all to your CFLAGS and it should work fine.
1176492782 M * Koffa Package: util-vserver
1176492784 M * Koffa Recommends: binutils, debootstrap
1176492944 M * Hollow daniel_hozac: does any of the other debian forks really matter beside ubuntu? i don't know any other at http://www.debian.org/misc/children-distros except knoppix..
1176492965 M * Hollow ok, i know linspire .. ;)
1176492983 M * daniel_hozac what do you have in mind?
1176492983 M * Wonka grml.org rocks also
1176492994 M * Hollow daniel_hozac: collecting the scripts :P
1176493000 M * daniel_hozac ah, ok.
1176493010 M * daniel_hozac well, Debian and Ubuntu should be fine initially, IMHO.
1176493016 M * Hollow just see if it makes sense/can be done easily
1176493021 M * Hollow yeah, think so too
1176493054 M * daniel_hozac i'm somewhat curious if we can relocate _just_ the build scripts, or if we'd have to include all of debootstrap.
1176493065 M * Hollow the etch initpost works really nice btw.. i already set up a bunch of guests at work with it :)
1176493086 M * Hollow i'll take a look how much the debootstrap script differs across debian/ubuntu
1176493093 M * Hollow and also across versions
1176493116 M * Koffa if you do eg. ubuntu don't forget the 6.04 :)
1176493159 M * Koffa (or was it 6.06, whatever)
1176493174 M * daniel_hozac 6.06 is the LTS one.
1176493210 M * Koffa yeah... delayed 6.04 :)
1176493221 M * Koffa those bastards ;)
1176493252 M * daniel_hozac Hollow: IMHO we have to relocate not only the scripts, but functions and devices.tar.gz too -> we'll need a local copy of debootstrap.
1176493274 M * Hollow devices.tar.gz?
1176493277 M * daniel_hozac micah, waldi, any Debian folks around?
1176493296 M * daniel_hozac Hollow: contains essential device nodes, i guess.
1176493343 M * SoftIce HOSTCFLAGS      = -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer -fno-stack-protector-all
1176493354 M * daniel_hozac or, hmm.
1176493366 M * daniel_hozac yeah, we should be able to use the fourth argument to debootstrap.
1176493377 M * SoftIce http://www.pastebin.ca/438665
1176493385 M * Koffa yeah dev/{ram*,loop*,kmem} go into devices...
1176493412 M * daniel_hozac SoftIce: wrong CFLAGS, and i guess you need another option...
1176493414 M * Hollow doesn't vserver-build handle device nodes anyway?
1176493419 M * daniel_hozac sure.
1176493449 M * daniel_hozac but yeah, the fourth argument should work fine if i'm reading this correctly.
1176493464 M * Hollow yep
1176493491 M * Hollow so you think it's the best idea to include debootstrap?
1176493500 M * daniel_hozac not debootstrap itself, but the scripts.
1176493504 M * Koffa debians debootstrap seems to have potato woody sarge sid warty hoary breezy etch
1176493508 M * Hollow ok ..
1176493561 Q * Blissex Read error: Connection reset by peer
1176493567 M * daniel_hozac Hollow: you don't think so?
1176493588 M * Hollow no, i somehow got the impression you want to include debootstrap itself
1176493602 M * Hollow n/m
1176493611 M * daniel_hozac well, i thought that was required at first. seems it's not.
1176493634 M * SoftIce daniel_hozac: any guess what flags I could gry?
1176493635 M * SoftIce try
1176493692 M * Hollow daniel_hozac: i think we can include all the scripts now, and look if we can/want to do initpost scripts for all/some of those too
1176493698 M * daniel_hozac SoftIce: that was my guess.
1176493712 M * Hollow s/too/later/
1176493714 M * Hollow :)
1176493736 M * daniel_hozac Hollow: yeah, i guess we'll add initposts as we go...
1176493823 M * Hollow should it go into 213? ;)
1176493829 M * daniel_hozac which?
1176493835 M * Hollow the scripts
1176493859 M * daniel_hozac hmm, good question.
1176493874 M * Hollow i was just thinking, why not remove the default mirror thing and call it a release
1176493904 M * daniel_hozac well, there are a bunch of helper issues i have to look at before it's a release, but i agree that makes sense.
1176493907 M * Hollow we can take enough time for the debootstrap thing then
1176493919 M * Hollow helper issues?
1176493942 M * daniel_hozac don't remember the details right now, i've just got them on my TODO ;)
1176493950 M * Hollow i see :)
1176494384 J * shedi ~siggi@ftth-237-144.hive.is
1176494393 M * SoftIce good gawd, I only have issues with linux :D
1176494416 M * daniel_hozac SoftIce: so try a distro which has what you need...
1176494436 M * SoftIce well I did like gentoo
1176494441 M * SoftIce as I had more control over it
1176494450 M * SoftIce ubuntu generic is fine
1176494464 M * SoftIce but go playing outside the box and it just isn't happy
1176494478 M * daniel_hozac so why aren't you using Gentoo?
1176494491 M * SoftIce aggg, I duno, I was starting to like apt :)
1176494509 M * SoftIce was forced to use ubuntu as some server im admining for asterisk stuff
1176494509 M * daniel_hozac so, try Debian?
1176494525 M * SoftIce daniel_hozac: what linux os are you most comfortable with?
1176494540 M * daniel_hozac Fedora/CentOS.
1176494545 M * Koffa SoftIce: what don't you like about ubuntu?
1176494549 M * daniel_hozac i use Fedora on all of my hosts though.
1176494563 M * SoftIce daniel_hozac: and you drive it with centos ?
1176494572 M * daniel_hozac hmm?
1176494592 M * SoftIce parent = centos, host = fedora?
1176494596 M * SoftIce errr
1176494597 M * SoftIce sorry
1176494602 M * SoftIce mixing up jails :)
1176494606 M * SoftIce host = parent, 
1176494639 M * Koffa ubuntu is just fine if you forget about all the bling-bling and use it like a Debian :)
1176494658 M * SoftIce daniel_hozac: question you will know, ive built a few ubuntu hosts now on this box im trying to get the kernel working with
1176494677 M * daniel_hozac except dietlibc is more or less broken, util-vserver is really old, etc.
1176494678 M * SoftIce can I just copy all the vservers to another drive
1176494691 M * SoftIce then install gentoo then copy back my vservers
1176494693 M * Koffa the worst thing about ubuntu atm is there's no vserver-enabled kernel for it...
1176494696 M * SoftIce and just vserver name start?
1176494705 M * Koffa luckily debian has :)
1176494709 M * SoftIce Koffa: yes, and all their packages are
1176494713 M * SoftIce old
1176494723 M * SoftIce cant get an update clamav even :P
1176494731 M * SoftIce not even with this new feisty version
1176494755 M * daniel_hozac SoftIce: if you copy the configuration, and the configuration is the same, sure.
1176494768 M * SoftIce configuration ?
1176494774 M * SoftIce meaning installation path ?
1176494785 M * daniel_hozac in the second instance of the word, yes.
1176494792 M * daniel_hozac in the first, meaning /etc/vservers/<guest>
1176494820 M * SoftIce so I just copy over /etc/vservers/* and all the other things relating to <guest_name> I can find
1176494828 M * SoftIce think its in /usr/lib/vservers/<guest>
1176494856 M * SoftIce sorry /var/lib
1176494857 M * daniel_hozac /var/lib/vservers.
1176494876 M * SoftIce so those are the only 2 directories that is needed to be copied?
1176494888 M * SoftIce great, thanks again for all your help :)
1176494922 M * daniel_hozac yep.
1176494930 M * Koffa 0.90.1 vs. 0.90.2 - major differences there?
1176494952 M * Koffa when was that .2 released?
1176494952 M * daniel_hozac uh, of what?
1176494958 M * Koffa clamav
1176494974 M * Koffa that ^^ was for SoftIce :)
1176495008 M * SoftIce when linux refers to amd64 does that also mean intel64bit OS?
1176495035 M * daniel_hozac amd64 means x86_64.
1176495048 M * Koffa SoftIce: still there?
1176495052 M * daniel_hozac which means EM64T.
1176495063 M * Wonka ack
1176495063 M * SoftIce ahhh :)
1176495065 M * SoftIce thanks
1176495075 M * SoftIce Koffa: not really sure, have not been monitoring the changelog of clamav
1176495084 M * SoftIce i just get alot of warning messages about outdated system
1176495087 J * Aiken ~james@ppp194-30.lns1.bne1.internode.on.net
1176495095 M * Wonka http://www.debian.org/ports/amd64/ says "The port consists of a kernel for all AMD 64bit CPUs with AMD64 extension and all Intel CPUs with EM64T extension, and a common 64bit userspace."#
1176495118 M * SoftIce daniel_hozac: have you done some benchmarks to see the difference in performence
1176495121 M * SoftIce and is it worth it?
1176495128 M * daniel_hozac of using amd64 over i386?
1176495145 M * daniel_hozac the added general purpose registers should give a significant performance boost.
1176495147 M * SoftIce yes
1176495227 M * SoftIce and its downward compatable ?
1176495239 M * daniel_hozac i.e. can it run 32-bit binaries? yes.
1176495246 M * daniel_hozac (if you enable that support in the kernel)
1176495261 M * SoftIce nice to know
1176495275 M * SoftIce i think i should take the time to educate myself by getting a few computer mags every month
1176495281 M * SoftIce ive drived somewhat behind on things :)
1176495284 M * SoftIce err drifted
1176495637 Q * DavidS Quit: Leaving.
1176495718 Q * meandtheshel1 Quit: Leaving.
1176496134 M * mjt hmm. looks like there will be no grsecurity patch for 2.6.20...
1176496263 M * blizz does debian's apt-get have something like ubuntu's apt-get autoremove?
1176496326 M * mjt autoremove?  You mean autoclean?
1176496345 M * blizz from the debian apt-get manpage:
1176496359 M * Koffa deborphan |xargs dpkg --purge    ?
1176496366 M * blizz oh
1176496366 M * Koffa dunno answer to your question though :)
1176496368 M * Koffa never used that
1176496382 M * blizz "autoremove is used to remove packages that were automatically installed to satisfy dependencies for some package and that are no more needed."
1176496420 M * Koffa deborphan lists just those... autoremove is some new bling-bling afaik
1176496431 M * blizz mkay, perfect
1176496434 M * blizz thanks for the one-liner
1176496449 M * Koffa of course you might want to see the list first ;)
1176496457 M * Koffa what's the syntax for autoremove?
1176496467 M * mjt I always used dpkg -P $(deborphan)
1176496468 M * blizz it's only one command
1176496473 M * mjt (same thing)
1176496489 M * mjt but that deborphan is not the same as autoremove 
1176496500 Q * SoftIce Ping timeout: 480 seconds
1176496518 M * mjt it only clears libraries, but not stuff like, say, x11-data (which isn't needed if you remove X)
1176496536 M * mjt and doesn't clear -dev packages, eitger
1176496565 M * mjt looks like this autoremove thing is done using additional fields in the dpkg status area
1176496584 M * mjt ie, to mark packages which were automatically selected as opposed to manual selection
1176496600 M * doener sounds like what aptitude does
1176496645 M * doener just that aptitude will remove orphaned packages when they become orphaned, no separate command necessary
1176496653 M * blizz yep, i've been told that aptitude is better than apt-get anyway
1176496676 M * Koffa I found it painful, ymmv :)
1176496707 A * mjt wasn't able to learn aptitude, after 2 or 3 tries...
1176496758 M * doener Koffa: you know that you can use aptitude almost like apt-get, right? i.e. "aptitude install foo", "aptitude purge bar", "aptitude upgrade" etc. work without the gui
1176496793 M * doener it's just a pita that it takes a bit to initialize its database each time you start it
1176496854 M * Koffa 'a bit'
1176496884 M * Koffa as I said, ymmv... I didn't find it necessary
1176496922 M * mjt wug. yeah, it's really slooow... ;)
1176498200 M * Hollow daniel_hozac: the difference between debians and ubuntus debootstrap are 2 hunks.. default mirror, and some strange cp vs. mv change
1176498208 M * Hollow for some log file
1176498228 M * Hollow so we're fine i guess :)
1176498541 M * blizz adding ubuntu as an "install method"?
1176498545 M * blizz *build method
1176498562 M * Hollow no, we're adding debootstrap scripts to the util-vserver source
1176498571 M * Hollow for debian and ubuntu
1176498574 M * blizz nice.
1176498597 Q * bonbons Quit: Leaving
1176499164 M * daniel_hozac Hollow: okay, thanks!
1176500853 M * ntrs daniel_hozac, how do I enable xid=1 to see all the processes in all contexts?
1176500896 M * daniel_hozac hmm?
1176500902 M * daniel_hozac that's the default.
1176500930 M * daniel_hozac (maybe not with CONFIG_VSERVER_PRIVACY... i'm not exactly sure what all it effects yet)
1176501171 M * ntrs Oh, wait, it's actually a different issue.
1176501205 M * ntrs When I use v_httpd for example to start a httpd daemon on the host, if I do "netstat -anlp" on the host I can't see the port 80 being in use.
1176501227 M * daniel_hozac as expected.
1176501238 M * daniel_hozac it's in a different network context.
1176501987 P * marcfiu 
1176502548 M * ntrs yes, but that was not like that before, and the old way was much more convenient.
1176502559 M * ntrs I don't think it should have been changed.
1176502571 M * ntrs The previous behavior was more natural and better, IMHO.
1176502586 M * daniel_hozac how is it more natural that things in nid x is visible in nid 0?
1176502596 M * daniel_hozac +englis
1176502597 M * daniel_hozac h
1176502610 M * ntrs I expect to see everything running on the host, when using commands on the host.
1176502621 M * daniel_hozac but it's not on the host.
1176502629 M * daniel_hozac not network-wise.
1176502637 M * ntrs If I wanted it in another context or network context I would create a separate guest.
1176502655 M * daniel_hozac ... v_httpd explicitly runs it in a separate network context. that's the point.
1176502702 M * ntrs ok, we will have to change all the apache config file on all guests to listen to one ip address explicitly, instead of relying on v_httpd
1176502718 M * daniel_hozac s/guests/hosts/
1176502726 M * ntrs hosts, yes, sorry.
1176502740 M * ntrs it is still fine, just more work.
1176502801 A * blizz likes debian 4.0. i'll switch from crux to etch.
1176503227 Q * lilalinux Remote host closed the connection
1176504597 N * DoberMann DoberMann[ZZZzzz]
1176505690 Q * Piet Quit: Piet
1176507033 Q * Aiken Read error: Connection reset by peer
1176507455 J * \nLigbunI ~hollow@styx.xnull.de
1176507472 Q * Hollow Read error: Connection reset by peer
1176507514 N * \nLigbunI Hollow
1176507974 J * Aiken ~james@ppp194-30.lns1.bne1.internode.on.net
1176508535 J * DoberMann_ ~james@AToulouse-156-1-117-9.w90-30.abo.wanadoo.fr
1176508641 Q * DoberMann[ZZZzzz] Ping timeout: 480 seconds