1180310454 M * olli mesg: /dev/pts/1: Operation not permitted
1180310455 M * olli bash: 7: Bad file descriptor
1180310472 M * olli possibly it is the /dev/pts/1 then
1180310488 M * daniel_hozac what util-vsever version are you using?
1180310571 M * olli This program is part of util-vserver 0.30.212
1180310589 M * daniel_hozac that's even weirder.
1180310605 M * olli Using Debian, that's the version that came with Etch
1180310658 M * daniel_hozac what architecture is iit?
1180310665 M * olli i386
1180311395 M * olli heading to bed now
1180311399 M * olli thanks anyway ;)
1180311405 Q * olli Quit: olli
1180312122 Q * yarihm Quit: Leaving
1180313044 M * Bertl  
1180313054 M * Bertl hmm .. back shortly ...
1180317319 J * DoberMann_ ~james@AToulouse-156-1-73-212.w86-196.abo.wanadoo.fr
1180317423 Q * DoberMann[ZZZzzz] Ping timeout: 480 seconds
1180323277 Q * Johnnie Quit: G'bye!
1180326273 J * Johnnie ~jdlewis@c-67-163-247-109.hsd1.pa.comcast.net
1180327325 M * Bertl 2.6.21 is fun .. it breaks quite a number of essential things, including udev :)
1180328272 M * Bertl okay, enough fun for today ... have a good one everyone! cya!
1180328278 N * Bertl Bertl_zZ
1180332405 Q * Aiken Ping timeout: 480 seconds
1180332512 J * Aiken ~james@ppp233-152.lns1.bne4.internode.on.net
1180332871 N * DoberMann_ DoberMann
1180334644 N * DoberMann DoberMann[PullA]
1180336836 N * DoberMann[PullA] DoberMann
1180336889 J * Punkie ~punkie@235-105-207-85.bluetone.cz
1180337724 J * ema ~ema@rtfm.galliera.it
1180338548 J * dna ~naucki@171-231-dsl.kielnet.net
1180339108 Q * _cob Ping timeout: 480 seconds
1180340237 Q * meandtheshell Quit: Leaving.
1180340788 Q * ema Quit: leaving
1180341401 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl
1180341757 J * zLinux ~zLinux@88.213.58.126
1180343074 J * bonbons ~bonbons@ppp-110-27.adsl.restena.lu
1180343463 J * ktwilight ~ktwilight@232.194-66-87.adsl-static.isp.belgacom.be
1180343865 Q * ktwilight_ Ping timeout: 480 seconds
1180346139 J * |jmcaricand| ~kvirc@d83-179-157-151.cust.tele2.fr
1180346735 Q * mjt Quit: reboot
1180347415 J * meandtheshell ~markus@85-125-193-181.dynamic.xdsl-line.inode.at
1180347887 J * ema ~ema@rtfm.galliera.it
1180348345 Q * mcp Read error: Connection reset by peer
1180348423 J * onox ~onox@kalfjeslab.demon.nl
1180348533 M * onox phreak``: alive?
1180348568 M * onox ./src/testsuite/vunify-test.sh: line 52: /var/tmp/portage/sys-cluster/util-vserver-svn-9999/image/: No such file or directory
1180348580 M * onox (it also happens with the normal util-vserver ebuild)
1180349240 M * onox Hollow!
1180349297 M * onox with latest revision of util-vserver and baselayout, booting is still colorless
1180349307 M * onox and starting gives me strange chars: Using existing device nodes in /dev ... Ä ok Ü
1180349317 M * daniel_hozac should be fixed in trunk.
1180349327 M * Hollow onox!
1180349333 M * onox daniel_hozac: I have revision 2542
1180349346 M * Hollow yeah, no idea why TERM=linux got into trunk
1180349349 M * Hollow it's just borked
1180349364 M * daniel_hozac phreak`` said it was the right thing to do :P
1180349373 M * onox Hollow: i don't understand why TERM=linux would fix things
1180349376 M * Hollow yeah, he told me too :P
1180349384 M * onox because with bl-2-alpha1 everything is ok
1180349396 M * Hollow well, it makes output colored again, but you get really weird chars then ...
1180349413 M * onox Hollow: no, get no colors with alpha3
1180349414 M * daniel_hozac i thought it seemed quite strange too.
1180349417 M * onox + I get strange chars
1180349417 M * Hollow onox: i guess newer baselayout check $TERM more carefully for color support
1180349422 M * onox with alpha1 everything is totally fine
1180349435 M * onox :|
1180349489 M * Hollow i hope you can live without colors for now :P
1180349492 M * onox no
1180349506 M * onox after having started a vserver
1180349517 M * onox the terminal in my host is also a little fubar
1180349542 M * Hollow with TERM=linux?
1180349543 M * onox the ~ is replaced by the german B in my PS1
1180349550 M * onox Hollow: yes
1180349568 M * Hollow as i said .. weird chars with TERM=linux ...
1180349577 M * Hollow type "reset" to get a normal terminal again
1180349582 M * onox Hollow: seriously, baselayout is causing these mess, alpha1 didn't cause any problems
1180349590 M * onox Hollow: reset fixes things
1180349595 M * Hollow sure baselayout causes the mess ;)
1180349615 M * Hollow but remember: it's still alpha software
1180349648 M * onox that's a good argument to fix it right now
1180349654 M * onox where's uberlord?
1180349665 M * Hollow no idea
1180349672 M * Hollow in #gentoo-dev probably ;)
1180350477 Q * harry Ping timeout: 480 seconds
1180351987 M * Punkie hallo, pls is there a problem with tagxid, chxid,... and xfs? I use it on ext3 and it is working well, and on xfs it count badly :(
1180352133 M * Punkie I mean dlimits in vserver...
1180352427 M * onox Punkie: what does dlimits?
1180352473 M * Punkie limit space on disk in vserver
1180352512 M * Punkie /etc/vservers/$name/dlimits/0/...
1180352545 M * Punkie http://oldwiki.linux-vserver.org/Disk+Limits
1180352794 M * onox Punkie: what does dlimits?
1180352797 M * onox oops
1180352803 M * onox wrong window :)
1180352825 M * daniel_hozac Punkie: it shouldn't count at all, IIRC.
1180352835 M * daniel_hozac i think XFS lacks it right now.
1180352872 M * Punkie :(
1180352883 M * Punkie it count only after reboot vserver
1180352907 M * Punkie thanks a lot
1180352933 J * mcp ~hightower@wolk-project.de
1180353243 J * mjt ~mjt@nat.corpit.ru
1180353433 Q * DoberMann Ping timeout: 480 seconds
1180354397 J * eth` ~eth01@cpc1-stkp3-0-0-cust298.manc.cable.ntl.com
1180354474 P * eth` 
1180354637 Q * mattzerah Quit: Leaving
1180355188 J * mattzerah ~matt@121.50.222.55
1180356623 J * bernsteinkater ~Moritz@koln-4db7fa1a.pool.einsundeins.de
1180357576 M * phreak`` onox: Hollow: because baselayout somehow assumes now that TERM is handled by something else before its getting loaded (thats what Uberlord told me)
1180357721 J * dlezcano ~dlezcano@blueice1n1.uk.ibm.com
1180357827 M * onox assumptions are the mother of all fuckups
1180357893 M * onox phreak``: I still don't understand how vserver can make my terminal fubar
1180357899 M * onox "Using existing device nodes in /dev ... Ä ok Ü"
1180357929 M * phreak`` onox: yeah, me neither .. I just know its fixed w/ b2-alpha3 and util-vserver-0.30.213
1180357942 M * onox phreak``: fixed?
1180357949 M * phreak`` onox: as in works for me
1180357950 M * onox I have the latest svn revision
1180357956 M * onox + b2-alpha3
1180357964 M * phreak`` eh, and still fscked up ?
1180357970 M * onox yes
1180357975 M * phreak`` weird
1180357999 M * onox alpha1 works great (except that msg about /sys)
1180358016 M * phreak`` what about alpha2 ?
1180358025 M * onox the same
1180358034 M * phreak`` (complaining about /sys ?)
1180358037 M * onox the same = colorless too
1180358042 M * phreak`` ah
1180358044 M * onox not sure, i'll check
1180358132 M * onox ok
1180358150 M * onox phreak``: alpha2: no strange errors, except output has no colors + strange chars
1180358171 M * onox phreak``: could it be because of unicode or something?
1180358279 M * phreak`` onox: hrm, may be
1180358288 M * phreak`` onox: your baselayout w/ unicode or without ?
1180358291 M * onox with
1180358303 M * onox but I compiled alpha1 w/ unicode too
1180358410 M * phreak`` hrm, don't know exactly, but I had those problems before switching the chroot to unicode (as in when compiled without unicode support)
1180358535 M * onox should baselayout of the host have unicode too?
1180358544 M * onox my terminal is normal non-unicode i think
1180358577 M * phreak`` onox: my host still has non-unicode
1180358593 Q * |jmcaricand| Quit: KVIrc 3.2.4 Anomalies http://www.kvirc.net/
1180358627 M * phreak`` onox: err, as do both vservers *shrug*
1180358642 A * phreak`` wonders what he changed
1180358705 Q * Aiken Quit: Leaving
1180358915 N * Bertl_zZ Bertl
1180358920 M * Bertl morning folks!
1180358974 M * mattzerah morning Bertl 
1180359117 M * onox omfg
1180359138 M * onox i fubarred my net.* scripts by executing that line in the ebuild comment of baselayout
1180359464 M * onox ERROR: interface lo does not exist
1180359804 M * phreak`` onox: heh, copy the net.vserver from /usr/lib/util-vserver/distribution/gentoo to your vserver, /etc/init.d, chmod +x it and add it into the default runlevel
1180360050 J * Blissex ~Blissex@82-69-39-138.dsl.in-addr.zen.co.uk
1180360166 J * DoberMann ~james@AToulouse-156-1-73-212.w86-196.abo.wanadoo.fr
1180360194 M * onox phreak``: thank you
1180360228 M * phreak`` onox: you're welcome ..
1180360290 M * onox net.vserver looks pretty empty
1180360308 M * daniel_hozac it's a dummy, so it should.
1180360332 M * onox daniel_hozac: why is a dummy necessary to avoid errors about unexisting eth0/lo interfaces?
1180360353 M * daniel_hozac because Gentoo has that dependency system for the initscripts.
1180360417 M * onox ah, I see "provide net", so other services think net has booted
1180360447 M * onox phreak``: am I correct if I say net.lo and net.eth0 are basically useless?
1180360463 M * phreak`` onox: yeah, they are ..
1180360505 M * phreak`` onox: the point with the dummy is, that the guest isn't even able to bring the net up, its by design done from outside by the utils
1180360529 M * onox I see
1180360567 M * onox phreak``: e2fsprogs is useless too in a vserver?
1180360593 M * phreak`` yes
1180360618 M * waldi since when does e2fsprogs not work on files?
1180360635 M * waldi okay, normaly useless
1180360641 M * onox hmm
1180360663 M * phreak`` onox: Hollow and I agreed that we didn't want to modify the 'system' target too much (in fact with baselayout-2 its down to zero packages that need modification)
1180360669 M * onox you could create a file that acts as a filesystem, so maybe e2fsprogs is useful afterall
1180360692 M * onox phreak``: zero packages?
1180360704 M * onox phreak``: what would have to be modified with old baselayout?
1180360710 M * Bertl yep, but you better don't allow the guest to mount such a file :)
1180360765 M * onox Bertl: why not?
1180360768 M * phreak`` onox: baselayout itself ;)
1180360779 M * onox lol
1180360851 M * daniel_hozac onox: because the guest would be able to create device nodes, etc.
1180360863 M * phreak`` onox: well, technically speaking syslog-ng still needs some intervention from the user, as the default config has /proc/kmesg in it, which isn't available inside the guest
1180360892 M * daniel_hozac the initpost script takes care of that, no?
1180360903 M * Bertl onox, daniel_hozac: that could be prevented by proper mount options .. I would be more worried about a broken filesystem whcihc crashes the kernel :)
1180361047 M * onox daniel_hozac: grsecurity prevents this?
1180361069 M * daniel_hozac if you say so...
1180361105 M * onox phreak``: do you have connections to devvers of emerge?
1180361315 M * phreak`` onox: as in what ? (sorry, I don't get your question)
1180361353 M * onox phreak``: as in: power to change development of emerge? :p
1180361381 M * phreak`` onox: no, you'd have to ask zmedico about that
1180361388 M * onox emerge should have the possibility to continue after some tests have failed
1180362533 J * Piet hiddenserv@tor.noreply.org
1180363068 M * onox phreak``: that image on your blog at the bottom right is pretty cool ;)
1180363081 M * phreak`` hehe :-P
1180363092 M * phreak`` onox: it makes IE cry :P
1180363162 M * onox he he :)
1180363309 A * onox is going to harvest some food
1180363513 Q * Punkie Quit: Leaving
1180363853 J * pmenier ~pme@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr
1180363903 M * pmenier Hello
1180363985 M * daniel_hozac hi
1180364131 M * pmenier just for info : my box is always up since 05/12 with patch-vs2.2.0-rc1 + delta-pid_task-fix01.diff
1180364155 M * pmenier on a kernel-2.6.21
1180364173 M * Bertl congrats!
1180364415 Q * eyck Remote host closed the connection
1180364769 M * onox what's delta-pid_task-fix01.diff?
1180364856 M * daniel_hozac a patch :)
1180364918 J * ahuman ~oem@ool-43557e7c.dyn.optonline.net
1180364920 J * Hurga nobody@p508A8941.dip0.t-ipconnect.de
1180364934 M * Hurga Hi.
1180364936 M * daniel_hozac hello
1180364951 M * onox daniel_hozac: -_-
1180364969 M * onox :D
1180367356 M * matti :)
1180368316 M * matvey „в/quit
1180368321 Q * matvey Quit: leaving
1180368467 Q * pmenier Quit: Quitte
1180368797 N * DoberMann DoberMann[PullA]
1180369420 J * duder ~dude@cpe-72-178-12-51.elp.res.rr.com
1180370314 Q * phreak`` Ping timeout: 480 seconds
1180370315 Q * Hollow Ping timeout: 480 seconds
1180370830 J * mountie_ ~mountie@CPE000f66950c89-CM000a739acaa4.cpe.net.cable.rogers.com
1180370849 N * mountie_ mountie
1180370949 Q * _mountie Ping timeout: 480 seconds
1180373178 Q * dlezcano Read error: Connection reset by peer
1180373929 Q * ||Cobra|| Ping timeout: 480 seconds
1180374381 N * DoberMann[PullA] DoberMann
1180374431 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl
1180374972 J * Hollow ~hollow@85.10.237.60
1180375258 Q * Blissex Read error: Connection reset by peer
1180375485 M * Hollow sorry for the outages folks ...
1180375496 M * Hollow remaining guests will be moved today and tomorrow
1180375500 M * Hollow so there will be another outage
1180375512 M * daniel_hozac remember to change the database password again ;)
1180375534 M * Hollow yeah, but i disabled displaying of php errors last time ..
1180375552 M * Hollow so no passwords should be leaked now
1180375560 M * Hollow except mediawiki expliciely does so :P
1180375630 M * onox Hollow: change it, i have it too :D
1180375643 M * Hollow well, you cannot do anything with it
1180375660 M * onox and why mysql? :S
1180375677 M * Hollow why not?
1180375704 M * onox because there are better databases? :p
1180375717 M * Hollow yeah, there is always something better
1180375760 M * onox mysql = BASIC of databases
1180375784 M * Hollow well, i don't need 95% of mysql's features, so why should i chose a database with a hundred more features?
1180375787 J * harry ~harry@d54C2508C.access.telenet.be
1180375817 M * Hollow and why should i hack mediawiki to support postgres just because.
1180375897 M * Hollow oh.. it seems after 10 years of development mediawiki supports postgres now...
1180375905 M * Hollow but i dont care anyway :D
1180375923 M * onox ok, most of the time mysql suffices
1180375926 M * Bertl mediawiki 1.10 seems to have native postgres support
1180375938 M * onox but prepared statements, stored procedures, triggers, indices are very nice to have
1180375956 M * Hollow well, i don't need sql for anything beside web apps... :)
1180375970 M * onox Bertl: if it just uses PDO and uses SQL'99, postgres support is not that hard
1180376040 Q * ema Quit: leaving
1180376122 M * Hollow pdo ... *giggle*
1180376132 M * onox ?
1180376139 M * Hollow this is some php database thingy right?
1180376159 M * onox PDO is a database access abstraction layer
1180376165 M * Hollow for php?
1180376169 M * onox so, no more dirty mysql_*() functions
1180376170 M * onox Hollow: yes
1180376180 M * Hollow ok .. :)
1180376205 M * onox since php 5.1 if I am correct
1180376236 A * Hollow is waiting for the day when php can be uninstalled :P
1180376248 M * Hollow same for mail server
1180376256 M * Hollow these two things have to day really really soon now
1180376260 M * Hollow *die
1180376274 M * onox ha ha :)
1180376285 M * Hollow i'm not sure yet which is worse ... mail or php
1180376286 M * Hollow :P
1180376291 M * onox i know, PHP is the BASIC of the 21st century
1180376296 M * onox Hollow: php
1180376301 M * Hollow probably
1180376304 M * Hollow since you can fight spam
1180376305 M * Hollow :P
1180376308 M * Hollow and just delete it
1180376310 M * onox Hollow: do you have access to the php install?
1180376324 M * Hollow the one on helios?
1180376341 M * onox I recommend the latest version + suhosin patch+extension
1180376392 M * Hollow i recommend emerge -C php
1180376397 M * onox lol :)
1180376417 M * onox Hollow: just don't because of mediawiki?
1180376428 M * bXi hmmm
1180376429 M * Hollow no, because of every fucking webapp
1180376430 M * Hollow :P
1180376435 M * bXi now heres an editor i might buy
1180376443 Q * Piet Ping timeout: 480 seconds
1180376452 M * onox Hollow: what kind of fucking webapps are necessary to run linux-vserver.org?
1180376452 M * onox :p
1180376453 M * onox install django or rails
1180376508 M * Hollow well, we could probably get rid of php on l-v.org machine, but i'm responsible for a lot more servers than helios :)
1180376521 M * onox hmm
1180376531 M * onox the l-v.org machine is a vserver?
1180376534 M * Hollow yep
1180376558 M * onox does the machine run other domains as well?
1180376613 M * Hollow yep
1180376620 M * onox hmm
1180376634 M * onox then put l-v.org on a different vserver? :P
1180376655 M * Hollow l-v.org is it's own vserver
1180376661 M * Hollow machine = host
1180376674 M * Hollow vserver = guest
1180376676 M * onox ah
1180376679 M * onox so?
1180376682 M * onox then unmerge php?
1180376703 M * Hollow and you convert mediawiki to django then?
1180376710 M * onox Hollow: google :)
1180376714 M * onox django|rails wiki
1180376722 M * Hollow well, i don't want to use it :)
1180376727 M * Hollow you want to :P
1180376736 M * onox Hollow: you want to use php? :)
1180376755 M * onox anyway
1180376757 M * daniel_hozac we already had one painful wikimigration which is still not done.
1180376762 M * Hollow seems like we're not coming to an end here .. :)
1180376762 M * onox get that suhosin patch :)
1180376804 M * onox Hollow: have you seen that list of security bugs on the front page of php.net?
1180376810 M * Hollow why would this help?
1180376830 M * Hollow you can't secure php, so this is rediciculous ;)
1180376857 M * onox you can harden the core somewhat
1180376887 M * onox hmm
1180376900 M * onox the php language is so lame because the php core team is lame :)
1180376912 M * onox they kicked out the security guy
1180377104 M * meandtheshell hi folks, what ciphers do you folks preferably use with dm-crypt resp. LUKS?
1180377133 M * onox i'm going to watch ocean's eleven
1180377134 M * meandtheshell standard debian kernels come with sha256 for example
1180377206 J * phreak`` ~phreak``@deimos.barfoo.org
1180377497 J * eyck ~eyck@nat.nowanet.pl
1180377584 Q * phreak`` Quit: leaving
1180377670 M * onox grrr
1180377677 M * onox someone captured the TV -_-
1180377903 M * ard that sounds pretty dutch
1180378194 M * onox lol
1180378196 M * onox ard: does it?
1180378548 M * bXi actually it does
1180378676 M * onox why?
1180379225 M * bXi we say "we kapen de tv"
1180379239 M * bXi kapen s the what pirates do to other ships (stealing m)
1180379277 J * phreak`` ~phreak``@p548bef28.dip.t-dialin.net
1180379529 Q * phreak`` 
1180381442 J * phreak`` ~phreak``@p548BEF28.dip.t-dialin.net
1180381511 Q * phreak`` 
1180381581 J * phreak`` ~phreak``@p548bef28.dip.t-dialin.net
1180381611 M * matti Guys... does anybody have Windows XP Professional with SP2 iso? I need it on pipe >= 2 Mbps. I need it to install new wirtual machine :(
1180381695 M * onox bXi: that's dutch
1180381707 M * onox Hollow: Unable to control the kernel logging device: Operation not permitted
1180381721 M * onox i turned off grsecurity's dmesg restriction
1180381737 M * onox and on a vserver built with a little older util-vserver I can start metalog
1180381866 M * Hollow you have to remove /dev/log from your configuration
1180381878 M * daniel_hozac /proc/kmsg surely?
1180381887 M * Hollow sure ..
1180381895 M * Hollow i just took the first on in my config :P
1180381903 M * daniel_hozac hehe
1180381906 M * matti Damn.
1180381913 M * Hollow hey matti :)
1180381920 M * matti Where is Windows installation CD when you need it most..
1180381923 M * matti Hi Hollow :)
1180381929 M * matti Hollow: *kisses*
1180381929 M * matti ;p
1180381956 M * Hollow the real question is: why would you ever need a windows install cd? :P
1180381962 M * matti Legal notice: I've my own serial number, but I only need CD...
1180381971 M * matti Hollow: I need to test something on Windows.
1180381975 M * Hollow bah
1180381977 M * Hollow :)
1180381996 M * matti Hollow: I need to install Windows in vmx and vmx-not aware Xen guest.
1180382007 M * matti And I cannot find freakin Cd ;]
1180382291 J * tuxmania ~bonbons@158.64.110.18
1180382317 M * onox matti: go to china town and ask random people for the windows install cd :p
1180382409 M * matti ;p
1180382417 M * onox Hollow: metalog recreates /dev/log
1180382418 J * ema ~ema@rtfm.galliera.it
1180382433 M * Hollow onox: as daniel_hozac noted it's /proc/kmsg ;)
1180382456 M * onox :|
1180382461 M * onox i cannot remove it
1180382485 M * matti Found it.
1180382488 M * matti Google r0x
1180382488 M * matti ;]
1180382597 M * Hollow onox: you should not remove /proc/kmsg, you shuold edit your syslog config to not use it
1180382668 Q * bonbons Ping timeout: 480 seconds
1180383443 M * onox strange thing is, metalog works flawlessly in my other vserver
1180384012 A * Hurga sighs because he can't reproduce his quota problem on a second server.
1180385257 M * waldi ie kommen von selbst
1180385869 Q * phreak`` Quit: leaving
1180386622 J * Aiken ~james@ppp233-152.lns1.bne4.internode.on.net
1180387128 J * yarihm ~yarihm@84-75-103-239.dclient.hispeed.ch
1180387187 Q * dna Quit: Verlassend
1180387324 Q * tuxmania Quit: Leaving
1180388056 M * tanjix is there a loopback device within a guest?
1180388171 J * mstrobert ~mstrobert@wkstn.wycliffe.ca
1180388711 J * ramon ~ramon@4.red-82-158-134.user.auna.net
1180388743 M * ramon Good night.
1180388756 M * ramon As usually I come here for some quick question.
1180388775 M * ramon What method would you suggest me to allow an unpriviledged user to enter a vserver?
1180388787 M * daniel_hozac sudo?
1180388806 M * ramon sudo? hmm.
1180388826 J * phreak`` ~phreak``@deimos.barfoo.org
1180388828 M * ramon can sudo allow me to select virtual machines? 
1180388847 M * ramon vserver is an script.
1180388856 M * daniel_hozac sudo lets you specify the command.
1180388882 M * ramon With IFS=/ many bad things could happen.
1180388928 M * onox sudo vserver monkey enter?
1180388968 M * ramon Yes, but with env IFS=/ sudo vserver monkey enter, I think that user may manipulate the script and do band things.
1180388986 M * daniel_hozac really?
1180388989 M * daniel_hozac what makes you say that?
1180389015 M * ramon IFS is the shell input token separator. By redefining IFS, the shell interprets /usr/bin/awk as the command usr bin awk.
1180389061 M * ramon Just change path so that it contains a command "usr", and get the system.
1180389071 M * ramon executing command usr under root priviledges.
1180389090 M * daniel_hozac and you've verified this is a problem, right?
1180389100 M * onox ramon: make the vserver scripts read-only?
1180389102 M * ramon I didn't actually verify it.
1180389139 M * ramon But, unless sudo blocks environment variable inheritance, it must work.
1180389155 M * ramon onox: it is not neccessary to change scriptw
1180389157 M * ramon scripts.
1180389158 M * daniel_hozac sudo lets you specify what variables to allow.
1180389170 M * ramon onox: just execute env IFS=/ sudo script
1180389190 M * ramon Not always you are teaching me things :-)
1180389234 M * ramon Only almost always.
1180389272 M * ramon Perhaps by blocking all environment variables.
1180389282 M * mnemoc you can't expect security on shell scripts
1180389287 M * ramon exactly.
1180389328 M * ramon But it would be nice if virtual machines could be owned by unpriviledged users.
1180389337 M * daniel_hozac they can.
1180389341 M * daniel_hozac it's called root, inside the guest.
1180389347 M * mnemoc :)
1180389367 M * onox ramon: why don't you set up an ssh daemon?
1180389370 M * ramon No, I mean that a normal user can create and launch virtual machines.
1180389380 M * ramon onox: that could be a solution.
1180389380 M * onox then controle access to the sshd with iptables
1180389381 M * daniel_hozac Linux isn't plan9. get over it.
1180389393 M * onox daniel_hozac: plan9?
1180389397 M * ramon I knew you were going to say that!!!
1180389409 M * mugwump ramon: see sudoers(5), option env_reset
1180389422 M * ramon No, sorry, but it is 23:00, and we are not going to discuss why Plan 9 is better :-)
1180389494 M * ramon daniel_hozac: then you should take down this project, which drives Linux to the evil direction of Plan 9 :-)
1180389516 M * onox ah,
1180389529 M * onox Plan 9 is a secret device from Bell Labs
1180389550 M * ramon Secret device with publice license.
1180389589 M * onox it's a conspiracy
1180389605 M * tanjix is there a loopback device within a guest? o what to do if one guet has one and another one not?
1180389641 M * ramon 127.0.0.1 is defined to be the first network address in the guest.
1180389669 M * ramon You can make dev lo available to the guest if you wish.
1180389708 M * tanjix how?
1180389715 M * ramon You can add to the guest device lo with whatever IP address you what to think about.
1180389721 M * daniel_hozac all host-local traffic will use lo anyway.
1180389730 M * ramon Just add a network address 127.0.0.x with dev lo.
1180389742 M * ramon yes.
1180389751 M * onox daniel_hozac: wth would they create plan9 if there are already so much other OSes?
1180389755 M * tanjix the guest does not hafe rights to use ifconfig
1180389767 M * daniel_hozac onox: you should ask ramon. he's the plan9 lover.
1180389776 M * daniel_hozac tanjix: and it shouldn't.
1180389787 M * onox ramon: same question
1180389788 M * ramon tanjix: in the /etc/vservers/<name>/interfaces/<name>
1180389790 M * daniel_hozac tanjix: what problem are you trying to solve?
1180389800 M * ramon you can declare an interface
1180389819 M * tanjix daniel_hozac: a custoemr complains about a missing lo device
1180389826 M * daniel_hozac why?
1180389842 M * ramon tanjix: just create an IP address whatever with device lo.
1180389846 M * tanjix don't know - one vserver has one - another one from him has not one
1180389887 M * daniel_hozac and why is that?
1180389892 M * ramon echo > interface; echo addr > ip; echo 255.0.0.0 > mask.
1180389892 M * ramon And you are done.
1180389893 M * ramon echo lo > interface; echo addr > ip; echo 255.0.0.0 > mask.
1180389894 M * tanjix ?
1180389907 M * daniel_hozac ramon: except it's dev.
1180389912 M * ramon Yes.
1180389974 M * ramon lo is just another network interface.
1180389988 M * ramon You can make it available to the guest like any other.
1180390018 M * ramon tanjix: have you are the great flower page?
1180390198 M * ramon But you are lucky that it is 24:09 so we won't have discussions about Plan 9 :-9
1180390223 M * ramon (Not 23:00)
1180390254 M * ramon But I am still right that anything allowed to root should be allowed to any user provided that it does affect other users :-)
1180390287 M * onox ramon: plan 9!
1180390304 M * onox ramon: why would they create plan9 if there are already so much other OSes?
1180390342 M * sid3windr ramon: the hour 24 exists? :p
1180390370 M * ramon Of course you are right. It is more useful to integrete its ideas into Linux than develop another OS. Except that some ignorant people :-) still oppose, but they will not last long. The Truth will win.
1180390730 M * ramon You are quite peaceful today.
1180390741 M * ramon Just curious what is your time at your location.
1180390892 M * ramon ping
1180390936 Q * bernsteinkater Quit: Verlassend
1180391107 J * Piet hiddenserv@tor.noreply.org
1180391224 M * daniel_hozac pong
1180391231 M * ramon :-)
1180391252 M * ramon Where are you from?
1180391270 Q * yarihm Quit: Leaving
1180391282 J * ntrs ntrs@68-188-55-120.dhcp.stls.mo.charter.com
1180391292 M * daniel_hozac Sweden.
1180391301 M * onox ramon: whois?
1180391380 M * ntrs Is there a way to pause all the guests on a host? Not stop them.
1180391418 M * ramon So it is about 3:30 AM there, I guess.
1180391418 M * ramon Assuming you are on EET.
1180391432 M * daniel_hozac huh?
1180391437 M * daniel_hozac it's 0:30.
1180391451 M * ramon for vm in /etc/vservers/*; do vserver $vm stop; done
1180391469 M * ramon Even Billg can make a for loop :-)
1180391488 M * daniel_hozac ntrs: for i in `vserver-stat | awk '/^[0-9]/ { print $1 }'`; do vattribute --xid $i --flag sched_pause; done
1180391491 M * daniel_hozac should work, IIRC.
1180391543 M * ntrs daniel_hozac, let me try that.
1180391549 M * ramon It was great when one could search more evil than the devil in Google.
1180391586 M * ntrs daniel_hozac, then, how do I continue the guest? just --flag ~sched_pause?
1180391594 M * daniel_hozac that's the idea.
1180391634 M * ntrs ok, will they still remain sched_prio or sched_hard as they were before the pause?
1180391645 M * daniel_hozac they certainly should.
1180391651 M * daniel_hozac anything else would be a bug.
1180391704 M * ramon Good night.
1180391707 M * ramon See you.
1180391712 M * ramon Go to sleep
1180391713 M * onox hmm
1180391715 Q * ema Quit: nn
1180391728 M * ramon Or for other activities. :-)
1180391734 M * onox i'm still a fucking big noob until i master those little v* programs
1180391754 Q * Hurga Remote host closed the connection
1180391769 M * ramon Didn't you know about more evil than the devil in Google?
1180391796 M * ramon It pointed to the company that you know.
1180391816 Q * ramon Quit: Abandonando
1180392116 N * DoberMann DoberMann[ZZZzzz]
1180394770 Q * onox Quit: zzzz
1180395218 J * ahumane ~oem@ool-43557e7c.dyn.optonline.net
1180395655 Q * ahuman Ping timeout: 480 seconds
1180396080 J * neuralis ~krstic@solarsail.hcs.harvard.edu