1179965702 Q * huiz Ping timeout: 480 seconds
1179966507 Q * sannes Ping timeout: 480 seconds
1179966806 J * sannes ace@har.sagt.no
1179967300 Q * baldy Ping timeout: 480 seconds
1179967500 J * meandtheshell ~markus@85-124-232-113.work.xdsl-line.inode.at
1179968332 Q * bzed Quit: Leaving
1179968852 M * slack101 anyone else up ?
1179969877 J * huiz ~gerrit@166.129.124.243
1179970428 J * ahumane ~oem@ool-43557e7c.dyn.optonline.net
1179970870 Q * ahuman Ping timeout: 480 seconds
1179972381 M * Bertl slack101: yup :)
1179973418 M * slack101 Bertl: if i access a Vserver can someone see it ?
1179973420 M * slack101 they see it 
1179975164 M * tam if you vserver <name> enter, you won't get added to utmp
1179975167 M * tam but you will show up in ps
1179975603 M * slack101 ps?
1179975619 M * slack101 and what is utmp?
1179975704 M * slack101 tam: processes ?
1179975707 M * slack101 c
1179976349 M * tam man utmp will tell you more than I can :)
1179976426 J * Aiken_ ~james@ppp233-152.lns1.bne4.internode.on.net
1179976527 J * mattzerah_ ~matt@121.50.222.55
1179976547 Q * mattzerah Remote host closed the connection
1179976547 Q * Aiken Read error: Connection reset by peer
1179976583 J * mugwump_ ~samv@watts.utsl.gen.nz
1179976583 Q * mugwump Read error: Connection reset by peer
1179978019 Q * huiz Ping timeout: 480 seconds
1179979229 J * huiz ~gerrit@166.129.136.24
1179979981 Q * ahumane Quit: Leaving
1179982887 P * kerberos satan made me do it
1179985180 Q * AndrewLee Remote host closed the connection
1179985187 J * AndrewLee ~andrew@flat.iis.sinica.edu.tw
1179986392 M * slack101 whoa big problem
1179986433 M * Bertl off to bed now ... good luck!
1179986437 M * slack101 lol
1179986444 N * Bertl Bertl_zZ
1179986452 M * slack101 it would have been better if you ddint say anything ;)
1179986523 M * slack101 ah HAH
1179986539 M * slack101 on the host machie my web server needs to be assinged its ip
1179986542 M * slack101 forgot about that 
1179986925 Q * daniel_hozac Ping timeout: 480 seconds
1179987493 Q * DoberMann[ZZZzzz] Ping timeout: 480 seconds
1179988633 J * DoberMann ~james@AToulouse-156-1-68-27.w90-16.abo.wanadoo.fr
1179988675 J * dna ~naucki@235-192-dsl.kielnet.net
1179989363 N * DoberMann DoberMann[PullA]
1179991871 J * bzed ~bzed@dslb-084-059-113-028.pools.arcor-ip.net
1179993504 J * baldy baldy@pptp.dial.ipv6-network.de
1179994471 J * Punkie ~punkie@235-105-207-85.bluetone.cz
1179995662 Q * ensc Ping timeout: 480 seconds
1179997483 M * Loki|muh is it save to give /dev/console to a vserver or can this result in a security risk?
1179997566 M * Loki|muh since all init-scripts in my edgy-guest depends on having it...
1179997746 J * lilalinux ~plasma@dslb-084-058-199-201.pools.arcor-ip.net
1179998514 M * mjt Loki|muh: you can create regular file /dev/console after all
1179998531 M * mjt or you can redirect it to /dev/ttyWhatever on host
1179998562 M * mjt what's edgy? Ubuntu?
1179998569 M * Loki|muh redirect it? how? with creating a /dev/ttyWhatever in the guest?
1179998572 M * Loki|muh yeah, its ubuntu
1179998626 M * mjt for fun - here with debian etch, it doesn't have /dev/console and everything's working just fine...
1179998661 M * mjt by creating $guest/dev/console to be the same as your /dev/ttyWhatever
1179998676 M * mjt cp -a /dev/ttyWhatever $guest/dev/console
1179998703 M * Loki|muh yeah, I experienced the same, debian works nice
1179998712 M * Loki|muh even without /dev/console
1179998724 M * mjt or cp -a /dev/ttyWhatever $guest/dev && ln -s ttyWhatever $guest/dev/console
1179998969 M * Loki|muh found the bad line
1179998981 M * Loki|muh ubuntu has a "stty onlcr </dev/console >/dev/console 2>&1" in /etc/init.d/rc
1179998991 M * Loki|muh debian has only "stty onlcr 0>&1"
1179999027 M * Loki|muh so if no /dev/console, ubuntu gets a hickup and debian works fine...
1179999038 M * waldi Loki|muh: /dev/console is not save
1179999086 M * Loki|muh waldi: thanks! can you tell me details about it?
1179999088 M * waldi you can overtake the host like with any access to root-used terms
1179999185 M * Loki|muh urghs.
1179999208 M * waldi (vserver $bla exec have the same problem ...)
1179999211 M * waldi and su
1179999254 M * Loki|muh su where? inside the guest?
1179999262 M * waldi everywhere
1179999327 M * Loki|muh hu? I don't get it. I should not use su on the host neither in the guest?
1179999958 M * waldi it is a problem but usualy everyone ignores it
1180000002 M * Loki|muh ah
1180000020 M * Loki|muh found out that the above line doesn't change anything :(
1180000067 M * Loki|muh somewhere ubuntu gets that it should use /dev/console and I don't get where this should be
1180001567 J * yang ~yang@yang.sponsor.oftc.net
1180003186 M * baldy anyone know if it is possible to have 127.0.0.1 (localhost) for each vserver?
1180004085 M * Punkie I think, it is not possible, you can try to give to each vserver adress 127.0.0.2,127.0.3...,... if somebody needs other interface than inet_face, I give them dummy iface with  private IP (10.x.x.x, 192.168.x.x)
1180005770 Q * Aiken_ Quit: Leaving
1180005915 Q * meandtheshell Quit: Leaving.
1180007206 M * DavidS baldy, Punkie: newer versions of vs map 127.0.0.1 to the first configured IP of the guest
1180007661 M * Punkie newer means 2.2.0?
1180007909 Q * shedi Quit: Leaving
1180008143 J * meandtheshell ~markus@85-124-38-177.dynamic.xdsl-line.inode.at
1180009317 M * DavidS probably
1180010401 N * Bertl_zZ Bertl
1180010402 J * David1 ~david@p57A48CC1.dip0.t-ipconnect.de
1180010407 M * Bertl morning folks!
1180010409 J * ema ~ema@rtfm.galliera.it
1180010428 M * David1 hey Bertl!
1180010458 M * Bertl David1: 'newer versions' remap 127.0.0.1 to the loopback ip :)
1180010468 M * Bertl (that means 2.3.x though :)
1180010809 Q * DavidS Ping timeout: 480 seconds
1180011318 M * baldy Bertl: oke i will update to 2.3.x and test it ;)
1180011396 M * baldy Bertl: 2.3.x patch isnt out for 2.6.21 kernel?
1180011454 M * Bertl nope, 2.3.x still needs to be updated ... had no time yet
1180011474 M * baldy :(
1180011485 M * Bertl but 2.6.21 is a little buggy anyways ... so I'd wait for 2.6.22
1180011554 N * David1 DavidS
1180011614 M * harry thank you!!!!!
1180012190 M * baldy is it?
1180012207 M * baldy oke then i will do a downgrade
1180012223 M * harry hehe
1180012238 M * harry there's a reason why i didn't make a 2.6.20+ patch with grsec yet... :)
1180012312 M * baldy is it importent to use grsec patch?
1180012318 Q * mire Ping timeout: 480 seconds
1180012498 M * baldy Bertl: vs2.3.0.12 have this localhost feature?
1180012499 M * baldy ;)
1180012799 M * harry  15:19:49 up 607 days, 21:51,  1 user,  load average: 0.33, 0.75, 0.74
1180012803 M * harry wiiiiii ;)
1180012816 M * harry baldy: depends... i think it is... others might think differently
1180012832 M * harry security is ... well... your own choice
1180012854 M * harry if you don't know what it does, how it helps... than it's the same as with a firewall... if you don't konw what it does, don't use it
1180012857 M * harry ;)
1180012863 M * harry if you know it... it enhances security
1180012872 J * mire ~mire@14-170-222-85.adsl.verat.net
1180014073 Q * cehteh Ping timeout: 480 seconds
1180014327 J * cehteh ~ct@pipapo.org
1180015993 M * Bertl baldy: yep
1180016490 Q * Punkie Quit: Leaving
1180016604 M * yang Hey Bertl, any news about the mips kernels?
1180016616 M * slack101 baldy: you up now ?
1180016629 M * slack101 baldy: i almost got the SVN installed of openVCP
1180016638 M * Bertl yang: nope, sorry, got swamped with work after my vacation ...
1180016740 M * baldy slack101: my SVN is running too
1180016764 Q * eyck Ping timeout: 480 seconds
1180017049 J * daniel_hozac ~daniel@c-051472d5.08-230-73746f22.cust.bredbandsbolaget.se
1180017309 J * eyck ~eyck@nat.nowanet.pl
1180017403 Q * ag- Quit: BRB
1180017508 M * slack101 baldy: whats new ?
1180017514 M * slack101 i never had the old one installed
1180017624 J * ag- ~ag@fedaykin.roxor.cx
1180017881 J * thessy ~thomas@nat-1.rz.uni-karlsruhe.de
1180017890 M * baldy slack101: new traffic graphs
1180017899 M * baldy other admins
1180017900 M * baldy resellers
1180017902 M * baldy and so on
1180018093 M * slack101 what you mean ?
1180018436 M * baldy install the svn version and u can see als posibilities
1180018540 M * thessy hi, whats the official way to rename a vserver guest?
1180018557 M * daniel_hozac there isn't one yet.
1180018560 M * slack101 baldy: i almost got it 
1180018577 M * thessy ok, then can i stop to search one :-)
1180018579 M * slack101 cant u jus change the folder name ?
1180018614 M * thessy of course, but i remember that you have to change it on a few places too.
1180018636 M * slack101 where?
1180018707 M * daniel_hozac /etc/vservers/<guest>, /vservers/<guest>, /etc/vservers/<guest>/name, and then all of the symlinks in /etc/vservers/<guest>.
1180018738 M * thessy and /etc/vservers/<guest>/uts/nodename?
1180018764 M * daniel_hozac sure.
1180018788 M * daniel_hozac that's not really related to the _guest's_ name though, that's just the hostname of the guest.
1180018818 M * thessy ok, thanx for the info, i will do it manually.
1180018931 M * slack101 baldy: compiled daemon
1180019079 M * Bertl daniel_hozac: what is the suggested version of util-vserver atm?
1180019086 M * daniel_hozac 0.30.213
1180019117 M * Bertl any fixes for the rpm issues in sight?
1180019163 M * Bertl (or was that already worked around?)
1180019177 M * daniel_hozac not yet... i'll look at it this weekend.
1180019192 M * Bertl excellent! tia!
1180019521 J * shedi ~siggi@ftth-237-144.hive.is
1180019876 M * ntrs Can bastille be used within a guest?
1180019899 M * daniel_hozac what is bastille and why wouldn't it be possible?
1180019913 M * Bertl a linux distro, IIRC
1180019924 M * daniel_hozac ah.
1180019956 M * Bertl http://www.bastille-linux.org/
1180019978 M * ntrs it is actually an RPM package that can be installed within a linux guest
1180020030 M * Bertl I guess it will find 99% already locked down .. so it probably depends on the tool
1180020032 M * ntrs I am very doubtfull that it will work, so I was wondering if anyone tried it before.
1180020080 M * baldy Bertl: is there a way to debug tagxid or so?
1180020085 M * baldy i install a vp
1180020086 M * baldy s
1180020089 M * baldy 200 Mb used
1180020089 M * Bertl ntrs: but shouldn't bee to hard to test ... make a new guest ... install :)
1180020103 M * baldy then i install some packets tools and so on in the vps
1180020110 M * baldy vps used is 500mb
1180020117 M * baldy when i reinstall the vps
1180020125 M * baldy it show me 500 mb again as used
1180020130 M * baldy but it must be 200mb
1180020141 M * Bertl reinstall happens on the host, right?
1180020148 M * baldy yep
1180020158 M * daniel_hozac what utils?
1180020167 M * Bertl baldy: so you are modifying files outside the guest
1180020189 M * daniel_hozac the fact that it shows any usage in that case would be a bug as well.
1180020191 M * Bertl baldy: and it might happen that the accounting goes wrong .. you might want to let the tools recalculate the space
1180020226 M * baldy daniel_hozac: 210
1180020237 M * baldy Bertl: how can i recalculate it?
1180020243 Q * infowolfe Read error: No route to host
1180020246 M * daniel_hozac (did that even support disk limits in the configuration?)
1180020259 Q * thessy Quit: using sirc version 2.211+KSIRC/1.3.12
1180020278 J * infowolfe ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net
1180020279 M * daniel_hozac ah yes, it did. that was where it was introduced...
1180020344 M * daniel_hozac so how are you deleting the guest before installing it again?
1180020359 M * baldy daniel_hozac: a webinterface is doing it :(
1180020361 M * baldy we use openvps
1180020366 M * daniel_hozac 0.30.210 did not have vserver ... delete.
1180020377 M * daniel_hozac so really, you should be talking to them, no?
1180020379 M * slack101 baldy: you do ??????/
1180020390 M * slack101 openvps ??????????/
1180020396 M * slack101 i thought it was openvcp you used ?
1180020401 M * baldy slackerm openvcp sry
1180020405 M * daniel_hozac IMHO the problem is that the cache files aren't removed with the rest of the guest.
1180020409 M * slack101 openvps is very different ;)
1180020431 M * daniel_hozac (granted, vserver ... delete doesn't do that yet either)
1180020436 M * sid3windr ????????
1180020441 M * sid3windr question marks++;
1180020602 M * Bertl daniel_hozac: ah, right, forgot about that ...
1180020633 M * Bertl daniel_hozac: hmm, what cache?
1180020641 M * daniel_hozac of the disk limits.
1180020663 M * Bertl so stop/remove/reinstall/start
1180020675 M * Bertl and you end up with the same amount as before, right?
1180020685 M * daniel_hozac exactly.
1180020723 M * baldy what can i do to recalculate the disk usage?
1180020724 J * Chainsaw ~gangster@attic.vleuten.org
1180020730 M * Bertl welcome Chainsaw!
1180020739 M * daniel_hozac remove the cache.
1180020745 M * Bertl baldy: remove the entries, and let the tools recalc
1180020778 M * Chainsaw HELLO
1180020782 M * Chainsaw heya
1180020788 M * Chainsaw im installing vserver now
1180020792 M * Chainsaw looking good m8's
1180020825 M * baldy Bertl: is there any command to do this?
1180020833 M * baldy and which files u have to delte?
1180020838 M * baldy u make me confuse
1180020839 M * daniel_hozac it's called rm -f :)
1180020857 M * baldy erm u mean
1180020863 M * baldy delete the vps
1180020866 M * baldy ?
1180020869 M * daniel_hozac no
1180020886 A * baldy is confused
1180020929 J * stefani ~stefani@flute.radonc.washington.edu
1180020929 M * baldy i dont understand which file i have to delete
1180021000 M * Chainsaw baldy
1180021003 M * Chainsaw im new
1180021007 M * Chainsaw but whats the problemo
1180021026 M * baldy 175M    h4vs10
1180021026 M * baldy vhost04:/vservers# du -h h4vs10
1180021032 M * baldy told me 175MB used
1180021033 M * daniel_hozac rm -f /etc/vservers/.defaults/cachebase/<guest>/dlimits/<xid><directory with _ instead of />
1180021045 M * baldy oke let me check this out
1180021108 M * baldy can i delte all dirs in cachebase?
1180021118 M * daniel_hozac no.
1180021162 M * baldy ls /etc/vservers/.defaults/cachebase/h4vs10/dlimits/
1180021165 M * baldy empthy
1180021171 M * baldy empty
1180021174 M * daniel_hozac so, there is no cache.
1180021658 J * eyck_ ~eyck@nat.nowanet.pl
1180021758 Q * eyck Ping timeout: 480 seconds
1180021771 M * Chainsaw i think its possible to run vserver in a vmware image 
1180021773 M * Chainsaw right?
1180021787 M * daniel_hozac yes.
1180021790 M * Chainsaw its funny
1180021794 M * Chainsaw it gives some errors
1180021798 M * Chainsaw i can ssh to it
1180021800 M * Chainsaw but when i ssh to it
1180021806 M * Chainsaw it gives me the original shell
1180021808 M * Chainsaw heh
1180021817 M * daniel_hozac when you ssh to the guest?
1180021822 M * Chainsaw yes
1180021827 M * Chainsaw the ip for the vserver
1180021827 M * daniel_hozac that simply means you didn't limit the host's sshd to the host IP addresses.
1180021841 M * Chainsaw is the /etc/vservers/servername/interfaces/0/ip file
1180021844 M * Chainsaw right?
1180021844 M * daniel_hozac so the guest's sshd fails to start as it's already bound.
1180021848 M * daniel_hozac no.
1180021854 M * baldy http://paste.linux-vserver.org/2048
1180021862 M * daniel_hozac you need ListenAddress in /etc/ssh/sshd_config on the host.
1180021877 M * baldy mhh any1 a idea why i cant compile 312 version
1180021879 M * daniel_hozac baldy: why are you compiling the legacy API?
1180021905 M * baldy thats what Bertl told me last time... some weeks ago
1180021915 M * baldy and all other systems works with this option
1180021916 M * daniel_hozac do you have ~5 year old 2.4 kernels where you want to run those utils?
1180021947 M * Chainsaw daniel_hozac
1180021950 M * baldy 0.30.212 is old?
1180021956 M * Chainsaw is there a way to install openssh in the virtual machine
1180021960 M * daniel_hozac well, yes, but that's not what i said.
1180021977 M * daniel_hozac Chainsaw: use your package management system?
1180021986 M * Chainsaw daniel_hozac > new to this
1180022021 M * baldy daniel_hozac: Available APIs: v13,net,v21 thats enough?
1180022033 M * daniel_hozac yes, there's a reason that's the default.
1180022086 M * daniel_hozac if you want non-ancient 2.4 support, use --enable-apis=NOLEGACY
1180022492 J * ahuman ~oem@ool-43557e7c.dyn.optonline.net
1180022495 M * ntrs How can I create a user that has only sftp access to a single directory and nothing above that directory, jail perhaps? 
1180022627 M * Bertl welcome ahuman!
1180022638 M * Bertl ntrs: could work .. 
1180022684 M * ntrs how do I do that?
1180022891 M * daniel_hozac baldy: you do get that error with 0.30.213 still, right?
1180023234 M * Bertl ntrs: most likely you have to change a few things in sftp
1180023276 J * bonbons ~bonbons@158.64.110.168
1180023404 M * Bertl welcome bonbons!
1180023422 M * bonbons Hey Bertl!
1180023509 Q * slack101 Quit: Konversation terminated!
1180023560 Q * lilalinux Remote host closed the connection
1180025449 N * DoberMann[PullA] DoberMann
1180027808 M * ntrs can I just jail a user in a certain dir in a guest for a regular ssh connection?
1180027867 M * mjt is there pam_chroot or something?
1180028124 M * daniel_hozac yep.
1180028161 M * ntrs so, how exactly do I jail a user in a guest, so that he can't go any higher in the directory structure?
1180028171 M * Chainsaw is it possivle to run screen in vserver
1180028176 M * daniel_hozac Chainsaw: yes.
1180028191 M * mjt ntrs: man pam_chroot perhaps? :)
1180028198 M * Chainsaw Cannot open your terminal '/dev/pts/1' - please check.
1180028200 M * daniel_hozac ntrs: it's no different from jailing users on a regular Linuxs system.
1180028221 M * daniel_hozac Chainsaw: you have old utils.
1180028226 M * Chainsaw i do?
1180028228 M * Chainsaw hmm
1180028230 M * daniel_hozac yes.
1180028364 M * hallyn daniel_hozac: hmm, so the need to "screen  </dev/tty" is obsoleted?
1180028371 M * hallyn daniel_hozac: which utils need to be updated?
1180028381 M * daniel_hozac util-vserver.
1180028388 M * hallyn oh
1180028391 M * daniel_hozac vlogin has been enabled by default since 0.30.211.
1180028407 M * hallyn what does util-vserver fix exactly?
1180028424 M * mjt ...
1180028436 M * daniel_hozac it allocates a new pty inside the guest, and forwards the input/output between them.
1180028457 M * hallyn daniel_hozac: cool, thanks.  I've been thinking about what to do with namespaces for tty's/consoles/etc
1180028464 M * hallyn daniel_hozac: I had a patch to implement unsharing of ptys
1180028495 M * daniel_hozac which makes sense.
1180028503 M * hallyn does it?  I wasn't sure whehter I was on crack
1180028524 M * hallyn I did send out the patch but since it never got any comments assumed that i was, in fact, on crack
1180028534 M * hallyn so how does /dev/console get treated by vserver?
1180028539 M * daniel_hozac not at all.
1180028545 M * daniel_hozac you're just not supposed to give it to a guest.
1180028549 M * hallyn ok
1180028562 M * hallyn is there some static tty you can always give it?
1180028573 M * daniel_hozac how do you mean?
1180028597 M * hallyn i'm not sure what i mean :)  but persumably so you could pretend you have a serial port to the vserver
1180028599 M * daniel_hozac note that the hiding of ptys which we do is largely equivalent to a namespace, IMHO.
1180028632 M * hallyn daniel_hozac: yeah, the main difference is that with unsharing ptys you have multiple /dev/pts/0's, so it's more "transparent"  (not the right word)
1180028639 M * hallyn daniel_hozac: I don't know whether anyone wants that though
1180028796 M * hallyn the next step would have been to unshare tty_drivers as well.  probably even more bogus than unsharing devpts
1180028825 M * Hollow virtual /dev/console would be nice, one that can be attached to from the host :)
1180028869 M * daniel_hozac having separate /dev/pts's is obviously a required part of a guest
1180028981 M * hallyn well, isolation for /dev/pts/? is a requirement, but is supporting completely separate /dev/pts/?
1180029008 M * daniel_hozac doesn't isolation make them virtually separate?
1180029023 M * hallyn ok i'll rephrase
1180029035 M * hallyn isolation for actual pts's, not for the devpts space
1180029035 M * daniel_hozac or, oh, you mean multiple /dev/pts/0
1180029038 M * hallyn right
1180029085 M * daniel_hozac right, i guess that's not required, but that seems to be the way most of the other mainline spaces work.
1180029089 M * Bertl hallyn: well, it depends on the PoV
1180029109 M * Bertl hallyn: for snapshoting and similar, you want the pts to be 'unique'
1180029118 M * hallyn ?
1180029139 M * Bertl if guest A has /dev/pts/0, then it will need to stick with that
1180029158 M * Bertl so if you move it to a host where another guest already has /dev/pts/0 .. you are in trouble
1180029165 M * hallyn Bertl: ok, so you're saying that for checkpoint/restart we do need separate devpts?
1180029168 M * hallyn right
1180029170 M * Bertl (just making one example)
1180029192 M * Bertl for a typical Linux-VServer setup, separate pts would be more confusing than helpful
1180029216 M * Bertl with the current isolation approach there, you get a good idea what pts belongs to what context
1180029224 M * daniel_hozac right
1180029243 M * hallyn Bertl: hmmm
1180029250 M * Bertl a completely different approach would be to have 'virtual' tty/pts for guests, which are connected to the host somehow
1180029275 M * Bertl 'think' 'virtual' virtual terminal
1180029281 M * daniel_hozac that seems somewhat overheady to me.
1180029293 M * daniel_hozac (if not performance wise, at least code wise)
1180029306 M * Bertl of course, all virtualization approaches introduce overhead
1180029309 M * hallyn Bertl: or we could take the pidspace approach,
1180029323 M * hallyn and in a child devpts, every pts has another index in the parent devpts
1180029336 M * matti Hi Bertl daniel_hozac 
1180029340 M * daniel_hozac hey matti
1180029351 M * Bertl hallyn: could work, if the parent space shows the separation properly
1180029367 M * Bertl hallyn: e.g. /dev/pts/<xid>/<pts> or so
1180029396 M * hallyn Bertl: yeah i haven't thought about how to implement that :)  hopefully it's as simple as taking two references and inserting the pts on two lists
1180029408 M * hallyn oh,
1180029422 M * hallyn no that would be more complicated (having /dev/pts/<xid>/pts)
1180029441 M * Bertl how else would you do it?
1180029445 M * daniel_hozac Bertl: couldn't we just reuse the xid tagging for that?
1180029452 M * hallyn i just figured /dev/pts/0 in a child would be /dev/pts/10 in a parent
1180029472 M * Bertl hallyn: and you don't consider that confusing? :)
1180029502 M * Bertl daniel_hozac: sure, that view would be doable ... (the one I mentioned above)
1180029503 M * hallyn a touch
1180029537 M * Bertl hallyn: that is, btw, something which really worries me about the pid space approach
1180029540 M * hallyn Bertl: i like what you laid out
1180029567 M * hallyn Bertl: and maybe it's trivial to implement by letting the parent remount a child's devpts
1180029582 M * hallyn (so, trivial to do from userspace so long as we do the right thing in kernel about the remount)
1180029607 M * hallyn Bertl: what would you prefer for pidspace?
1180029683 M * Bertl I think the best approach so far was to have two pids
1180029701 M * Bertl i.e. one 'global' pid, which is also seen on the host
1180029717 M * Bertl and a 'local' reference pid inside the guest
1180029739 M * Bertl (which can be disabled if you don't want to use snap/migration)
1180029761 M * Bertl but I also agree that this has two drawbacks ...
1180029774 M * Bertl first, it basically eliminates hierarchical structures
1180029797 M * Bertl second, it makes the pid lookups even more confusing
1180029798 Q * DavidS Quit: Leaving.
1180029837 M * Bertl an alternative to that, but significantly more work would be to extend the <pid> to <pid,xid>, and handle that for all system side purposes 
1180029860 M * Bertl in this case, it would not be necessary to map/change anything
1180029862 M * hallyn Bertl: i don't understand, isn't that what suka does?
1180029866 M * daniel_hozac how does the first approach differ from the current pid space, except for the hierarchialness?
1180029908 M * hallyn btw - curious whether you've looked at pavel's patchset, and your thoughts on it vs suka's.
1180029918 M * Bertl hallyn: I was on vacation for four weeks (last month) and I completely lost overview ...
1180029952 M * Bertl hallyn: I'm currently working on my backlog ... so I should be back on track in a few weeks
1180029989 M * Bertl hallyn: but if you can give me short overview of the current status, I surely can comment
1180030105 M * hallyn Bertl: today both suka and pavel (from openvz) posted their pidns patchsets (weird timing)
1180030120 M * daniel_hozac hehe
1180030130 M * hallyn pavel's adds a vpid to the struct pid, much like our very eraly patchsets which did a pid and a vpid, sending vpid to userspace
1180030160 M * hallyn suka's has an array of 'struct upid's', where each upid has a pid_t and pid_ns,
1180030168 M * hallyn (one array for each struct pid)
1180030184 M * hallyn the first entry is always for the tasks's "active pid ns", meaning the pid_ns in which the task can see other processes.
1180030202 M * hallyn The rest of the entries are (in order) the pid_t's for ancestor pid namespaces
1180030212 M * hallyn So the last entry will be the one for the initial pid namespace
1180030254 M * Bertl i.c. to show them in many different spaces
1180030256 M * hallyn When a task looks up another task, it finds a struct upid with pid_ns == the querying task's active pid_ns,
1180030272 M * hallyn right
1180030279 M * hallyn brb
1180030298 M * Bertl do we have any measurements regarding overhead of this approach?
1180030413 M * hallyn actually no
1180030433 M * hallyn i'd like to get signaling semantics right first
1180030441 M * Bertl okay, makes sense ...
1180030443 M * hallyn (For signaling the init of a child pidns)
1180030452 M * hallyn i figure signaling will impact perf quite a bit :)
1180030471 M * hallyn yeah i guess that'll need to be done - compare perf of the two approaches
1180030473 M * Bertl the main question for me (nowadays) is: is a hierarchical structure really worth the efford?
1180030483 Q * ema Quit: leaving
1180030489 M * hallyn well the thing is i don't think it's much effort
1180030530 M * Bertl I thought so too, especially as a hierarchy could be mapped to a flat space
1180030554 M * Bertl but, the problem comes with the visibility, which adds O(n^2) 
1180030575 M * hallyn ?
1180030609 M * Bertl if, for example, we agree on a flat mapping of various hierarchies, and we allow only the parent to manage/see the child, then it is easy
1180030612 M * hallyn pidhash is now done (i think) on the pid_t+pid_ns
1180030628 M * Bertl let me give a simple example:
1180030647 M * Bertl we have four spaces, A,B,C, and D
1180030665 M * Bertl A is the host *space, B and C are children and D is a child of C
1180030686 M * Bertl now each space has a single process (for simplification)
1180030707 J * slack101 ~jklj@cpe-75-185-118-24.insight.res.rr.com
1180030717 M * Bertl Pa(0,1), Pb(1,2), Pc(1,3) and Pd(2,4)
1180030722 M * slack101 man
1180030733 M * Bertl Px(<xid>,<pid>)
1180030736 M * slack101 this openvcp is like wired for apache
1180030751 M * slack101 and i want lighttpd
1180030767 M * Bertl hallyn: so, this is a straight forward mapping to a 2D (flat) space, right?
1180030794 M * hallyn ok, so you mean Pb(1,2) = 001002 or something?
1180030801 M * Bertl we could as well make it Pa(0,1), Pb(1,1), Pc(1,1) and Pd(2,1)
1180030819 M * Bertl (which would give each space a separate pid to work on)
1180030834 M * Bertl the first one was how Linux-VServer currently does it
1180030839 M * slack101 Order Deny,Allow
1180030839 M * slack101 Deny from all
1180030843 M * slack101 whats this do ?
1180030844 M * hallyn i'm missing something - what is Px supposed to give me?
1180030870 M * Bertl Px is just any process, (i.e. one of the four processes)
1180030907 M * Bertl if you prefer, you could write it [0,1] or P[0,1] or whatever
1180030917 M * hallyn ok but so your point is that from the host pidns you can tell which pids belong to which pidns?
1180030937 M * Bertl hallyn: by some mechanism (to be defined) yes
1180030951 M * hallyn yeah we used to have that in our early versions.  it was a nice benefit
1180030953 M * Bertl in our case, via a syscall command which can get the xid
1180030976 M * Bertl now, let's look at the visibility in regard to the hierarchy
1180030979 M * hallyn at the moment the only thing i know of to get that info is to cat /containers/nsproxy/<vserver_name>/tasks
1180030987 M * hallyn oh, well and cat /proc/$$/container
1180031015 M * hallyn i suppose ps can be taught to use that to give more info...  until then ps is not pretty, and i do lament that
1180031027 M * Bertl Pa sees Pb, Pc, and Pd, Pb only itself, and Pc sees Pd
1180031037 M * hallyn note i don't think pavel's version does what you want either
1180031048 M * hallyn so if we go with his, you might want to send a patch to do that
1180031088 M * Bertl the second and third one is easy, but the first one (Pa sees Pb, Pc, and Pd) already requires an additional indirection
1180031091 M * hallyn i've gotta go, ttyl.  if you know of anyone who wants to hack on the devpts namespaces, spur them on :)
1180031106 M * Bertl okay, have a good one! cya!
1180031113 M * hallyn Bertl: doesn't require indirection, just break down the pids at fork time, right?
1180031429 Q * slack101 Remote host closed the connection
1180031477 M * Bertl hallyn: no, it requires either that you keep NxM entries, or check some kind of array as suka's approach seems to do
1180031921 M * ntrs can I increase the number of file descriptors for a guest?
1180031950 M * ntrs I assume I can using putting something in the ulimit dir?
1180031952 M * ntrs but what?
1180031988 M * ntrs Bertl, can you help?
1180032744 M * Bertl probably ...
1180032753 M * Bertl well, depends on where the limit comes from
1180032788 M * Bertl first, if you are using older tools, the limit will be 'inherited' from the host
1180032811 M * Bertl IIRC, recent tools raise the limit first, then apply the guest limits
1180032840 M * Bertl but the limit could also come from the guest itself, when started (as it is allowed to further reduce the limits)
1180032884 M * Bertl so, yes, the ulimit dir can contain an entry for the files (according to the documentation, see details about the filename there)
1180033365 M * matti :)
1180034449 M * bXi Bertl: port vserver to symbian please :p
1180034909 Q * mountie Ping timeout: 480 seconds
1180035460 Q * bonbons Ping timeout: 480 seconds
1180035481 J * mountie ~mountie@trb229.travel-net.com
1180035869 Q * Chainsaw 
1180036133 Q * dna Quit: Verlassend
1180036663 J * bonbons ~bonbons@ppp-110-168.adsl.restena.lu
1180037052 M * Bertl bXi: download url for the source?
1180037550 M * bXi hehe
1180038420 J * Chainsaw ~gangster@attic.vleuten.org
1180038443 M * Chainsaw i broke smth
1180038454 M * Chainsaw vc_new_s_context():function not implemented
1180038462 M * Chainsaw :P
1180038466 M * Chainsaw ./proc/uptime can not be accessed
1180038482 M * daniel_hozac you booted a non-vserver kernel?
1180038490 M * Chainsaw that might have helped
1180038500 M * Chainsaw lemme check,i think i delled it from grub
1180038529 M * Chainsaw nevermind :P thnx m8.
1180038548 M * daniel_hozac you're welcome.
1180039209 J * ex ex@valis.net.pl
1180039254 P * stefani I'm Parting (the water)
1180039614 J * tuxmania ~bonbons@158.64.110.27
1180039935 Q * bonbons Ping timeout: 480 seconds
1180041163 Q * huiz Ping timeout: 480 seconds
1180041367 M * ntrs What is the correct parameter name to increase the number of open files in /etc/vservers/guest/ulimits?
1180041382 M * ntrs ulimit -n basically
1180041633 J * Aiken ~james@ppp233-152.lns1.bne4.internode.on.net
1180041685 Q * shedi Quit: Leaving
1180041699 M * Bertl /etc/vservers/vserver-name/ulimits
1180041700 M * Bertl     *
1180041701 M * Bertl           o A directory with ulimits. Possible resources are cpu, data, fsize, locks, memlock, nofile, nproc, rss and/or stack.
1180041730 M * Bertl so you want 'nofiles' or 'nofiles.hard' and 'nofiles.soft'
1180041837 M * Bertl (from: http://linux-vserver.org/util-vserver:Documentation)
1180042086 Q * meandtheshell Quit: Leaving.
1180042288 M * ntrs ok, thanks, so nofile is the one I need.
1180042551 M * Bertl np
1180043700 N * DoberMann DoberMann[ZZZzzz]
1180044129 Q * tuxmania Quit: Leaving
1180046755 J * huiz ~gerrit@166.129.162.95
1180046910 M * Bertl  
1180046975 M * mugwump_ ​
1180046977 M * mugwump_ bah
1180046991 M * mugwump_ I must have recode on this channel or something
1180051179 J * onox ~onox@kalfjeslab.demon.nl