1180742974 Q * meandtheshell Quit: Leaving.
1180743249 Q * Aiken Quit: Leaving
1180745134 J * eyck_ ~eyck@nat.nowanet.pl
1180747517 M * slack101 baldy: you there ?
1180747571 Q * bzed Quit: Leaving
1180749365 J * DoberMann_ ~james@AToulouse-156-1-153-112.w90-38.abo.wanadoo.fr
1180749469 Q * DoberMann[ZZZzzz] Ping timeout: 480 seconds
1180751338 J * Aiken ~james@ppp233-152.lns1.bne4.internode.on.net
1180752093 N * dilinger nelhige
1180752137 N * nelhige djb
1180752174 N * djb dilinger
1180770672 N * Bertl_zZ Bertl
1180770686 M * Bertl morning folks!
1180770748 M * [PUPPETS]Gonzo hi bertl :)
1180770894 Q * Nam Remote host closed the connection
1180770928 N * BobR_zZ BobR
1180771093 N * BobR BobR_afk
1180772709 M * Bertl hey [PUPPETS]Gonzo! how's going! LTNS!
1180772751 M * [PUPPETS]Gonzo LTNS?
1180772757 M * [PUPPETS]Gonzo And I am fine. How are you?
1180773106 J * bonbons ~bonbons@ppp-111-46.adsl.restena.lu
1180773687 J * dna ~naucki@p54bcd754.dip.t-dialin.net
1180773765 M * Bertl Long Time No See! :)
1180773781 M * Bertl I'm fine too, tx!
1180773948 M * tanjix 'vserver ... suexec' is supported for running vservers only; aborting...
1180773958 M * tanjix older vserver versions allowed it for non-running vsevers too
1180773962 M * tanjix can this be changed?
1180773963 M * Bertl yep
1180773977 M * tanjix where? :)
1180773980 M * Bertl but I doubt it will, because it already _was_ changed :)
1180773996 M * Bertl there is a recovery function, if you really need that
1180774009 M * Bertl but note: it isn't advised to 'enter' non running guests
1180774013 M * tanjix in some cases i need it yes; how can i use this recovery?
1180774039 M * tanjix why shoud i not 'enter'?
1180774057 M * Bertl because there _is_nothing_ to enter
1180774073 M * tanjix mh?
1180774080 M * tanjix the complete directory structuer is there?
1180774091 M * Bertl yep, you can join that with 'chroot'
1180774111 M * tanjix chroot /vservers/<guest>?
1180774116 M * Bertl the thing is, a guest/context consists of processes mapped in in bunch of spaces
1180774130 M * Bertl depending on what you want to do, you have to join those spaces
1180774149 M * Bertl a guest which is not running has no processes, thus you cannot join it properly
1180774167 M * Bertl 'vserver --help' shows:
1180774173 M * Bertl Possible commands are:
1180774173 M * Bertl     start [--rescue [--rescue-init]] [<rescue-cmd> <args>*]
1180774173 M * Bertl                 ... starts the specified vserver
1180774478 J * zLinux_ ~zLinux@88.213.34.48
1180774574 Q * zLinux[] Ping timeout: 480 seconds
1180775084 J * lylix ~eric@dynamic-acs-24-154-33-109.zoominternet.net
1180775338 N * DoberMann_ DoberMann
1180776218 N * BobR_afk BobR
1180776301 N * BobR BobR_afk
1180777837 M * Bertl off for now ... back later
1180777840 N * Bertl Bertl_oO
1180779134 N * BobR_afk BobR_oO
1180782525 J * meandtheshell ~markus@85-124-36-155.dynamic.xdsl-line.inode.at
1180783336 J * zLinux[] ~zLinux@88.213.35.119
1180783463 Q * zLinux_ Ping timeout: 480 seconds
1180784231 J * ema ~ema@rtfm.galliera.it
1180784432 Q * phedny Read error: Connection reset by peer
1180784518 J * phedny ~mark@ip56538143.direct-adsl.nl
1180785433 J * bzed ~bzed@dslb-084-059-105-167.pools.arcor-ip.net
1180786162 Q * Aiken Quit: Leaving
1180786911 N * DoberMann DoberMann[PullA]
1180787291 J * onox ~onox@kalfjeslab.demon.nl
1180787988 Q * dna Quit: Verlassend
1180790048 Q * meandtheshell Quit: Leaving.
1180790318 J * meandtheshell ~markus@85-124-36-134.dynamic.xdsl-line.inode.at
1180792794 J * {marcz} ~marc@81.56.187.30
1180793017 Q * {marcz} 
1180795492 J * SoftIce ~bongo@vc-196-207-45-253.3g.vodacom.co.za
1180795600 M * SoftIce good afternoone! been awhile since i've been a pain and bored you with my questions, but got a question. debian box right, with the linux-image-2.6-vserver-k7 image right, now debian has a patch kernel-patch-grsecurity2, right now what is the best way you would sugest i apply this patch as it looks like it wants the kernel source package, and if i download that then i would presume i wouldn't have the vserver patch ?
1180795623 M * SoftIce or is there a work around one knows of to keep this debian kernel (vserver) and apply the grsec patch to it?
1180795851 M * onox SoftIce: there's not something like an vsgrsec package?
1180795884 M * SoftIce hmm let me double check
1180795939 M * SoftIce nope
1180796054 M * daniel_hozac just build a vanilla kernel.
1180796119 M * SoftIce daniel_hozac: and patch it seperatly with vserver and then with grsec?
1180796124 M * daniel_hozac no.
1180796129 M * SoftIce oh?
1180796131 M * daniel_hozac and patch it with harry's patch.
1180796158 M * SoftIce ok, great. let me look at people.*vserver*
1180796199 M * SoftIce daniel_hozac: you opinion, would you sugest I stick the debian etch 2.6.18 kernel? or use a newer release?
1180796235 M * daniel_hozac as that would limit you to an old version of vserver, i'd obviously suggest you go at least 2.6.19.
1180796340 M * SoftIce ok great. 
1180796563 M * nkukard daniel_hozac, get the lockfile patch i sent to you and ensc ?
1180796609 M * daniel_hozac yeah, looks fine to me.
1180796643 M * nkukard i don't see how and why that cannot be upstreamed
1180796656 M * nkukard just need ensc to give me the go-ahead to submit to author
1180796702 M * daniel_hozac he did that yesterday, no?
1180796735 M * SoftIce is this the latest 2.6.19 kernel linux-2.6.19.7.tar.bz2    ?
1180796739 M * SoftIce dated
1180796746 M * SoftIce linux-2.6.19.7.tar.bz2   
1180796748 M * SoftIce err
1180796748 M * nkukard daniel_hozac, not on the lockfile patch  ;)
1180796752 M * SoftIce 03-Mar-2007
1180796767 M * daniel_hozac SoftIce: yes.
1180796773 M * SoftIce daniel_hozac thank you
1180796775 M * nkukard SoftIce, latest stable i run awell is 2.6.19.7
1180796796 M * nkukard oh daniel_hozac, i have a patch for u ..... kernel 2.6.19.7+grsec+swsusp2
1180796844 M * nkukard oh +vserver
1180796850 M * SoftIce swsup ?
1180796859 M * daniel_hozac sounds like something for harry.
1180796873 M * sid3windr :)
1180796874 M * nkukard daniel_hozac, want me to upload?
1180796905 M * daniel_hozac sure... though i'm not sure what swsusp does anymore.
1180796913 M * sid3windr hibernation support
1180796924 M * sid3windr putting your server to sleep eh :p
1180796928 M * SoftIce who uses hibernation ?
1180796933 M * daniel_hozac isn't that in vanilla?
1180796944 M * daniel_hozac or am i just being a spoiled Fedora user again? :
1180796945 M * daniel_hozac )
1180796961 M * nkukard daniel_hozac, swsup is, not swsusp2  ;)
1180796965 M * SoftIce hah, daniel_hozac you use rhel at all? i see they shiped the new release
1180796966 M * nkukard agg, its an extra patch for u guys
1180796968 M * nkukard ;)
1180796996 M * daniel_hozac and swsusp2 is better because...?
1180797012 M * daniel_hozac SoftIce: no, but i use CentOS...
1180797028 M * nkukard http://www.suspend2.net/
1180797038 M * SoftIce daniel_hozac and do you use apt or yum ?
1180797048 M * nkukard http://www.suspend2.net/features   <= comparison table
1180797054 M * daniel_hozac SoftIce: yum of course.
1180797074 M * SoftIce nkukard excuse my ignorance but who uses hibernation with a server?
1180797082 M * sid3windr I was wondering the same :)
1180797094 M * nkukard SoftIce, some distro's may patch their kernels with latest swsusp
1180797121 M * SoftIce their kernel? i thought this patch was for a vanilla kernel
1180797147 M * nkukard hey man, i just spun it for fun ..  ;)
1180797158 M * nkukard and offering it for anyone interested
1180797165 M * nkukard i personally do testing on my notebook
1180797166 M * daniel_hozac VServer isn't only for servers either.
1180797172 A * nkukard agrees with daniel_hozac 
1180797181 M * sid3windr then don't call it vserver!
1180797184 A * sid3windr grins sheepishly
1180797188 A * nkukard <= notebook .... i muck around with vserver to test stuff
1180797188 M * sid3windr linux-vlinux !
1180797189 M * SoftIce hehe
1180797190 M * SoftIce :)
1180797193 M * daniel_hozac yes, we'll have to rename it ASAP.
1180797206 M * nkukard incredibly-cool-virtualization!
1180797208 M * nkukard ICV!
1180797211 M * SoftIce k, quickly send through new sitemap to google
1180797211 M * sid3windr =)
1180797311 M * SoftIce hmf, how affective is nessus? I know of a few vulnerabilities in 1 system I scanned yet nessus came up clean
1180797345 Q * doener Ping timeout: 480 seconds
1180797389 M * SoftIce Connecting to people.linux-vserver.org|78.47.240.170|:80... *waits* :)
1180797589 J * doener ~doener@host.magicwars.de
1180797835 M * SoftIce hmmm, can somebody tell me how patch -p1 --dry-run actually works? 
1180797865 J * dna ~naucki@p54BCE29F.dip.t-dialin.net
1180797886 M * daniel_hozac it reads the patch and just pretends to do stuff.
1180797908 M * SoftIce but how does it pretend to write the file and not actually writing to know if it worked or never?
1180797917 M * SoftIce does it just like use a sed function but without writing?
1180797931 M * daniel_hozac it doesn't write the file at all.
1180797936 M * daniel_hozac it just tests to see if the patch is applicable.
1180797944 M * SoftIce ahh, i see
1180797982 Q * ema Quit: leaving
1180798056 M * SoftIce thanks
1180798469 M * SoftIce daniel_hozac: hmmm, i'm scared to apply to many grsec modules? what is the safest options with maximum restrictions
1180798482 M * daniel_hozac see harry's README.
1180798490 M * SoftIce thanks
1180798538 M * onox SoftIce: you can turn off grsec restrictions with sysctl
1180798542 M * SoftIce README-2.6                   18-Dec-2003 15:48    0  :)
1180798558 M * SoftIce onox: yes but i'm talking about with regards to booting? don't want a kernel panic
1180798578 M * SoftIce not alot of info in that readme
1180798584 M * onox SoftIce: why would you get a kernel panic?
1180798591 M * daniel_hozac should tell you exactly what options to use.
1180798618 M * SoftIce onox: i've had it in the past
1180798648 M * arachnist Dwa szczury jedzą taśmę filmową: - Dobry film - mówi jeden - No, ale książka była lepsza
1180798685 M * onox I have disabled only kernel.grsecurity.chroot_caps
1180798707 M * onox + grsec_lock :p
1180798713 M * arachnist whoops
1180798714 M * arachnist not here
1180798741 M * SoftIce onox: so you use sec level high? then just disable some settings?
1180799065 J * _nkukard_ ~nkukard@dsl-240-17-72.telkomadsl.co.za
1180799455 Q * nkukard Ping timeout: 480 seconds
1180800070 Q * ensc Ping timeout: 480 seconds
1180800151 M * SoftIce i wish there was a fake -pre-boot strict, that would try and initiate a kernel and see if it would boot or not :P
1180800157 M * SoftIce strict/script
1180800242 M * Bertl_oO nap attack ... off to bed .. back later, I hope :)
1180800247 N * Bertl_oO Bertl_zZ
1180800281 M * onox SoftIce: that's what I do
1180800305 M * onox s/do/use
1180800555 M * onox Bertl_zZ: is going to sleep?
1180800575 M * sid3windr yup
1180800581 M * onox SoftIce: do you have a machine that is miles away?
1180800590 M * onox headless?
1180800656 M * sid3windr those are the only ones where it always goes wrong ;)
1180800683 M * SoftIce sid3windr: too true :)
1180800687 M * SoftIce onox: yup
1180801020 Q * phedny Read error: Connection reset by peer
1180801158 J * ensc ~irc-ensc@p54B4CE44.dip.t-dialin.net
1180801523 Q * dna Quit: Verlassend
1180804179 Q * infowolfe Read error: Connection reset by peer
1180804214 J * infowolfe ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net
1180804487 J * phedny ~mark@ip56538143.direct-adsl.nl
1180806091 Q * infowolfe Quit: Leaving
1180806100 J * infowolfe ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net
1180806137 Q * infowolfe 
1180806184 J * infowolfe ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net
1180806219 Q * infowolfe 
1180806234 J * infowolfe ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net
1180807308 Q * infowolfe Quit: Leaving
1180807315 J * infowolfe ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net
1180808563 M * SoftIce daniel_hozac: arg, i forgot what you said, when using default= in grub (menu.lst) each kernel has a safe-mode right, now say for instance you have kernel, kernel safe, kernel, kernel safe, kernel what would that be (default=3) ? or does the safe include a option ?
1180808589 M * daniel_hozac grub doesn't care what you call them.
1180808626 M * daniel_hozac just count the lines with title in them starting at 0.
1180808667 M * SoftIce so safe would be an option ? and 0 would = 1 ?
1180808691 M * SoftIce well 0 == 1 i mean
1180808735 M * daniel_hozac you start counting at 0.
1180808794 M * SoftIce thanks
1180809250 Q * onox Read error: Connection reset by peer
1180810091 Q * slack101 Read error: Connection reset by peer
1180811534 J * ahuman ~oem@ool-43557e7c.dyn.optonline.net
1180812217 M * baldy vhost04:~# vserver h4vs10 start
1180812217 M * baldy vsched: non-numeric value specified for '--priority_bias'
1180812224 M * baldy any1 a idea what it can mean?
1180812450 M * daniel_hozac that you have dummy on the last line of /etc/vservers/<guest>/schedule
1180812562 M * baldy afer removeing it
1180812563 M * baldy Bad content in '/etc/vservers/h4vs10/schedule'; aborting...
1180812636 M * daniel_hozac it should be the priority bias.
1180812685 M * baldy whats the normal input of this file?
1180812692 M * baldy i have
1180812694 M * baldy 32
1180812694 M * baldy 500
1180812694 M * baldy 200
1180812694 M * baldy 1000
1180812703 M * baldy and "dummy" is deleted
1180812779 M * daniel_hozac as i said, it should be the priority bias. if you don't know what it is, just put 0.
1180812983 M * baldy only 0 nothink else?
1180813011 M * baldy vhost04:~# cat /etc/vservers/h4vs10/schedule
1180813011 M * baldy 0
1180813015 M * baldy Bad content in '/etc/vservers/h4vs10/schedule'; aborting...
1180813015 M * baldy Failed to start vserver 'h4vs10'
1180813065 M * baldy ++ local fill_rate interval tokens tokens_min tokens_max prio_bias
1180813264 J * Guy- 0DJCtr5Bf3@chardonnay.math.bme.hu
1180813302 J * Blissex ~Blissex@82-69-39-138.dsl.in-addr.zen.co.uk
1180813351 M * daniel_hozac not only 0, of course.
1180813354 M * daniel_hozac 0 would be the last line.
1180813361 M * daniel_hozac (which is the priority bias)
1180813648 M * baldy mh schedule removed.. now it works
1180814039 Q * infowolfe Ping timeout: 480 seconds
1180814340 M * daniel_hozac but your guest can now use however much CPU it wants...
1180814439 M * SoftIce hmm, what is the dangers of say symbolic linking a file in the host to a jail to be viewed through the jails http server?
1180814516 M * daniel_hozac what?
1180814540 M * SoftIce daniel_hozac: say I run snort on the host and i want to view those logs through a web server
1180814548 M * SoftIce but i don't run a web server on the host only the vserver
1180814571 M * SoftIce would it be safe to sym link the log file from the host to the vservers (web) directory 
1180814582 M * SoftIce and then view it remotly.
1180814601 M * daniel_hozac as log files should just be appended to, i don't see a problem... but generally, you should avoid that sort of thing.
1180814610 M * daniel_hozac (i.e. sharing files between services on the host and a guest)
1180814629 M * daniel_hozac unless the guest doesn't have write access.
1180814645 M * SoftIce and how would be the best way to implement that?
1180814654 M * daniel_hozac mount --bind -o ro
1180814676 M * SoftIce ahh just the directory of those log files
1180814686 M * SoftIce was thinking about some flags like on fbsd nosch, etc
1180814702 M * arachnist it's noschg
1180814711 M * arachnist ;>
1180814729 M * SoftIce sorry i forgot the g :P
1180814758 M * SoftIce are there such options in linux ?
1180814804 M * arachnist afaik the extended attributes should provide such a thing
1180814842 M * arachnist but i haven't played much with linux security honestly
1180814967 J * ktwilight_ ~ktwilight@155.69-66-87.adsl-dyn.isp.belgacom.be
1180815007 J * onox ~onox@kalfjeslab.demon.nl
1180815072 J * infowolfe ~infowolfe@c-67-164-195-129.hsd1.ut.comcast.net
1180815377 Q * ktwilight Ping timeout: 480 seconds
1180815661 M * daniel_hozac what does it do?
1180815830 M * arachnist schg thing is a flag that makes a file immutable, with sysctl kern.securelevel >= 1 you can't turn off the flag from a file
1180815877 M * daniel_hozac so sort of like the immutable flag on Linux (though that can be removed by root)?
1180815912 M * arachnist well, with kern.securelevel < 1 the flag can be removed by root
1180816274 M * SoftIce well it all depends on what your kernel level is set at
1180816288 M * SoftIce some require reboot
1180816446 M * SoftIce anyway, night! thanks for the help again daniel_hozac
1180816450 Q * SoftIce Quit: .
1180816744 J * tuxmania ~bonbons@ppp-111-100.adsl.restena.lu
1180817059 Q * bonbons Ping timeout: 480 seconds
1180817066 N * tuxmania bonbons
1180817079 M * baldy vcontext: vc_ctx_create(): File exists do u know which file i means?
1180817102 M * bonbons it probably means the context
1180817135 M * baldy i moved a VPS to another server
1180817143 M * bonbons check in /proc/virtual/ if you already have a dir with the matching number
1180817145 M * baldy and now i get this error
1180817146 M * sid3windr and the context id of that one was already in use?
1180817290 M * baldy ahh oke 7008 exists
1180817303 M * baldy let me check which vps is useing it
1180817411 M * baldy oke works
1180817412 M * baldy thx
1180818545 Q * _nkukard_ Quit: Leaving
1180818679 J * nkukard ~nkukard@dsl-240-17-72.telkomadsl.co.za
1180818797 M * trippeh Is 2.6.21-vs2.2.0-rc1 considered stable? Other than mainline bugs - of course
1180818805 M * daniel_hozac no.
1180818813 M * daniel_hozac it's got at least one known bug.
1180818832 M * trippeh 2.6.20-vs.2.2.0 has behaved very good - is this bug new to 2.6.21?
1180818864 M * daniel_hozac well, it's basically a reintroduction of a bug we fixed in 2.6.20-vs2.2.0-rc19.
1180818869 M * daniel_hozac (or was it 20?)
1180818887 M * trippeh Hm. The TTY stuff?
1180818912 M * daniel_hozac yep.
1180818936 M * derjohn bonbons, hi! did you run over the percpu "exhaustion", too? 
1180818966 M * bonbons no, never hit it myself
1180819613 M * nkukard ok ... lets see
1180819639 M * nkukard there an easy way to do cpu limits? hhehe read the manual ... pretty rough stuff  :)
1180819721 J * dna ~naucki@p54BCEA58.dip.t-dialin.net
1180819771 A * nkukard reads again
1180819944 A * nkukard pulls a few hairs out
1180820039 A * nkukard googles
1180820222 M * daniel_hozac hmm?
1180820236 M * daniel_hozac just create the sched directory and set the values you need there.
1180820290 M * nkukard daniel_hozac, can you point me to the docs?
1180820295 M * nkukard i'm raking through the site
1180820311 M * daniel_hozac http://www.nongnu.org/util-vserver/doc/conf/configuration.html#sched
1180820332 M * daniel_hozac http://linux-vserver.org/CPU_Scheduler
1180820365 M * nkukard now i need to try figure out how to set something simple up  :)
1180820580 Q * Blissex Remote host closed the connection
1180820947 J * Aiken ~james@ppp233-152.lns1.bne4.internode.on.net
1180821134 M * nkukard so 
1180821191 M * nkukard fill rate of 1 an interval of 1 would be 100% cpu allocation?
1180821200 M * daniel_hozac yep.
1180821205 A * nkukard reads more
1180821229 M * nkukard fill rate of 1 and interval of 2 would be 50% cpu allocation?
1180821236 M * daniel_hozac yep.
1180821242 A * nkukard smiles
1180821262 M * nkukard what measurement is the token in btw?
1180821276 M * daniel_hozac a jiffie.
1180821276 M * nkukard context switch?
1180821278 M * nkukard ah
1180821291 M * nkukard and the interval, jiffie ticks?
1180821304 M * daniel_hozac yes.
1180821306 Q * dna Quit: Verlassend
1180821314 M * harry allways the q
1180821314 A * nkukard getting the hang of this he thinks
1180821321 M * harry how about multi cpu machines
1180821327 M * harry how about hyperthreading?
1180821338 M * nkukard ooooo
1180821355 M * nkukard do all cpu's work off the same jiffie tick or separate per cpu?
1180821364 A * nkukard reads the part in the doc about multi cpu
1180821375 M * nkukard ... So, if you have four CPUs and you want one context to get an average of one whole CPU to itself, then you would set fill-rate to 1 and interval to 4. ...
1180821387 M * nkukard 1/4 of all the resource
1180821398 M * nkukard harry, there is also cpu-id dirs i think ... from what i read
1180821418 M * nkukard so you can allocate a certain cpu's resources ... i stand to be corrected though  :)
1180821548 M * nkukard daniel_hozac, so to start off ... i can just set the fill-rate and interval, don't need to set anything else unless i want to fine tune?
1180821556 M * daniel_hozac right.
1180821601 M * daniel_hozac if you just want to limit a guest to a CPU, you could use CPU sets.
1180821613 M * daniel_hozac cpusets, i mean.
1180821640 A * nkukard nods ... what i just read  :)
1180821643 M * nkukard really really cool
1180821678 M * nkukard i must just wrap my head around this math ... i can then guarantee certain services priority over non-critical ones
1180821843 M * nkukard daniel_hozac, how would one use the bucket max size?
1180821850 M * nkukard what i mean is
1180821861 M * nkukard in my above 50% allocation ... how would I use bucket max size?
1180821914 M * daniel_hozac that lets you give the context a burst.
1180821945 M * nkukard ok ...
1180821946 M * daniel_hozac i.e. if it hasn't run for a while, it's allowed to run for x ticks before it goes back to 50%.
1180821954 M * nkukard ah
1180821962 M * nkukard so if i set that to say 100
1180821968 M * nkukard it would give it 100 free jiffies
1180821979 M * daniel_hozac pretty much, yeah.
1180822001 M * nkukard jiffies/sec is how many hz the os runs at, right?
1180822011 M * daniel_hozac yup.
1180822034 M * nkukard so, if my HZ is 100 ... and i set the bucket max size to 1000, thats basically 10s of burst time
1180822058 M * daniel_hozac right.
1180822063 M * nkukard thanks man
1180822123 M * nkukard tokens-min
1180822126 M * nkukard hrmmmmm
1180822135 M * nkukard what does "unhold the context" mean?
1180822147 M * nkukard penalty?
1180822153 M * daniel_hozac when the context runs out of tokens, it gets put on hold.
1180822173 M * nkukard until the tokens hit tokens-min?
1180822174 M * daniel_hozac the processes will not be rescheduled until the bucket has at least tokens-min tokens.
1180822187 M * nkukard so its a penalty in sorts?
1180822195 M * daniel_hozac i suppose.
1180822204 M * nkukard how would *you* use it?
1180822242 M * daniel_hozac well, you could just use it to get some improved performance.
1180822275 M * daniel_hozac most things can't do much during just one tick.
1180822307 M * daniel_hozac so it might make more sense to wait until there are at least 10 ticks available.
1180822336 M * daniel_hozac but sure, using it as a penalty works too.
1180822395 M * nkukard gr8
1180823093 M * derjohn when stopping a vserver on a 2.6.20.12 / 2.2.0 host, there vserver doesnt stop completely, an init and one more process is hanging in D state. That process isnt killable with kill -9. what could be the cause ?
1180823205 M * daniel_hozac dmesg?
1180823216 M * daniel_hozac what's the other process?
1180823246 M * derjohn Filesystem "dm-2": Disabling barriers, not supported by the underlying device
1180823246 M * derjohn XFS mounting filesystem dm-2
1180823254 M * derjohn besides that, nothing special.
1180823278 M * daniel_hozac no oops or anything?
1180823292 M * derjohn the guest is dapper (i386) on a debian etch (amd64)
1180823313 M * daniel_hozac what utils are you using?
1180823315 M * derjohn nope, no oops nothing. but the ususal "please investigate manually" message
1180823318 M * waldi derjohn: which kernel?
1180823366 M * derjohn daniel_hozac, 0.30.212 (etch)
1180823382 M * derjohn waldi, a self compiled 2.6.20.12 / amd64.
1180823383 M * daniel_hozac any vshelper processes lingering on the host?
1180823435 M * derjohn waldi, the machine is a dual opteron tyan gt20 which does not boot on 2.6.18 debian, even apm=off and noacpi dont help.
1180823490 M * derjohn daniel_hozac, hm, interesting: root      5595  100  0.0   3088  1044 ?        R<   00:22   8:41      \_ /sbin/modprobe -q -- net_pf_10
1180823494 M * lylix what is the upper limit on the network counters (cacct) before resetting to 0?
1180823500 M * derjohn that one is "hanging".
1180823530 M * derjohn lylix, you mean on interfaces generally ? 32 bit on a 32 bit host ...
1180823531 M * daniel_hozac lylix: should be long, IIRC.
1180824403 Q * onox Quit: leaving
1180824709 Q * ahuman Quit: Leaving
1180825234 M * derjohn "modprobe -q -- net_pf_10" looks like having to do with ipv6. this khelper process took 99% CPU. I decided to load ipv6 before the guests are up (to prevent the kheler executing that modprobe). I stopped and strated the guests serveral times and nothing hang yet.
1180825418 J * tuxmania ~bonbons@ppp-111-188.adsl.restena.lu
1180825744 Q * bonbons Ping timeout: 480 seconds
1180828426 Q * tuxmania Quit: Leaving