1191369627 Q * ftx Ping timeout: 480 seconds
1191369684 Q * dowdle Remote host closed the connection
1191369837 J * vrwttnmtu ~eryktyktu@82-69-161-137.dsl.in-addr.zen.co.uk
1191369849 M * vrwttnmtu Hello :)
1191369876 M * daniel_hozac hi
1191369881 M * vrwttnmtu Heya
1191369884 M * vrwttnmtu Long time, no speak
1191369903 M * daniel_hozac indeed.
1191369950 M * vrwttnmtu I suppose that, short of IPv6, it does everything I need to, and don't need to keep tinkering with it..
1191369960 M * vrwttnmtu Although.....
1191369965 M * vrwttnmtu :)
1191369973 M * daniel_hozac IPv6 is supported in 2.3.
1191370009 M * vrwttnmtu Well, we've moved servers from our nice v6 datacentre, to a v4 only, and I can't be bothered to tinker with tunnels
1191370021 M * vrwttnmtu No-one seemed to be bothered without the v6 (apart from me)
1191370037 M * vrwttnmtu Do you know about dlimits?
1191370055 M * daniel_hozac sure.
1191370065 M * vrwttnmtu Well: mount | grep home
1191370065 M * vrwttnmtu /dev/cciss/c0d0p7 on /home type xfs (rw,noatime,tagxid)
1191370074 M * daniel_hozac there you go.
1191370078 M * vrwttnmtu ?
1191370085 M * daniel_hozac disk limits aren't supported on XFS.
1191370104 M * vrwttnmtu Awww. I read something in IRC logs a few years ago about people asking about it
1191370114 M * vrwttnmtu But hoped that it would be supported by now
1191370133 M * daniel_hozac well, no demand -> no implementation.
1191370145 M * vrwttnmtu demand++;
1191370147 M * vrwttnmtu :)
1191370162 M * daniel_hozac i assume you're willing to test it?
1191370191 M * vrwttnmtu Depends - will it break, and make me have to drive 250 km? :)
1191370206 M * daniel_hozac that's always a risk...
1191370240 M * vrwttnmtu I suppose it's a case of: how much work is it for you guys, and how much trouble could it cause for me if it doesn't work
1191370247 M * vrwttnmtu How hard is it your end?
1191370292 M * vrwttnmtu Is it just a utils upgrade, or is it major kernel surgery?
1191370369 M * vrwttnmtu I read in the "Hall of Fame":
1191370371 M * vrwttnmtu Jan Rekorajski (PL)
1191370371 M * vrwttnmtu     * testing xid tagging, barrier and iunlink on
1191370371 M * vrwttnmtu     all currently supported fs (ext2/3,xfs,reiserfs) 
1191370389 M * daniel_hozac i wouldn't call it major...
1191370421 M * daniel_hozac yes, xid tagging and barrier/iunlink is as far as the XFS support goes right now.
1191370452 M * vrwttnmtu i actually have no idea where the df command gets the "used" figure from
1191370466 M * daniel_hozac kernel.
1191370474 M * vrwttnmtu If XFS is doing the tagging, does that mean that it's already "keeping score"?
1191370485 M * vrwttnmtu And that the vserver stuff just has to return that value?
1191370510 M * daniel_hozac no.
1191370520 M * daniel_hozac tagging isn't directly related to disk limits at all.
1191370549 M * daniel_hozac disk limits do depend on the tagging however.
1191370572 M * vrwttnmtu I assumed that when I wrote a file of 1M, the tagging was what notified the kernel to add 1M onto the "used" variable
1191370580 M * daniel_hozac yep.
1191370628 M * vrwttnmtu So what would have to happen - vserver catch the call to the "getusedspace" call, and do something funky with it?
1191370709 M * daniel_hozac well, the first step is to add the accounting.
1191370747 M * vrwttnmtu accounting != tagging?
1191370782 M * daniel_hozac tagging is just like uid and gid.
1191370843 M * daniel_hozac it's only used for permission checks, and to implement the disk limits.
1191370859 M * vrwttnmtu I suppose I can get my home machine running a vserver kernel again
1191370862 M * vrwttnmtu For testing
1191370965 M * vrwttnmtu I've used XFS for ages now
1191370984 M * vrwttnmtu Soon after SGI opened it up
1191371002 M * vrwttnmtu I'm surprised not more people use it?
1191371146 M * vrwttnmtu OK, I have to run along now anyway
1191371151 M * vrwttnmtu I'll pop back in tomorrow sometime
1191371165 A * vrwttnmtu -> Zzz
1191371166 M * vrwttnmtu :)
1191371228 Q * vrwttnmtu Quit: Flee! Flee to the hills!
1191383140 J * kernelnewbies ~Administr@123.116.96.134
1191386712 J * ktwilight_ ~ktwilight@42.198-66-87.adsl-static.isp.belgacom.be
1191386712 J * the009killer ~the007kil@60.242.138.31
1191386972 Q * the007killer Ping timeout: 480 seconds
1191386972 N * the009killer the007killer
1191386987 Q * ktwilight Ping timeout: 480 seconds
1191387551 J * sabbath ~snowblind@onda-200-243-251-194.ondainternet.com.br
1191387636 J * virtuoso_ ~s0t0na@ppp91-122-25-62.pppoe.avangard-dsl.ru
1191387731 J * virtuoso1 ~s0t0na@ppp91-122-25-141.pppoe.avangard-dsl.ru
1191388043 Q * virtuoso Ping timeout: 480 seconds
1191388143 Q * virtuoso_ Ping timeout: 480 seconds
1191388781 Q * Punkie Quit: ChatZilla 0.9.78.1 [Firefox 2.0.0.7/2007091417]
1191388988 J * kir_home ~kir@81.5.101.166
1191389639 Q * kir_home Ping timeout: 480 seconds
1191390020 J * kir_home ~kir@81.5.101.166
1191390479 Q * click Ping timeout: 480 seconds
1191391179 J * DavidS ~david@85.125.165.34
1191392037 J * virtuoso ~s0t0na@ppp91-122-94-227.pppoe.avangard-dsl.ru
1191392225 J * _gh_ ~gerrit@c-67-169-199-103.hsd1.or.comcast.net
1191392448 Q * virtuoso1 Ping timeout: 480 seconds
1191392448 J * JonB ~NoSuchUse@kg1-20.kollegiegaarden.dk
1191392801 J * click click@ti511110a080-3536.bb.online.no
1191393397 Q * quasisane Remote host closed the connection
1191393676 J * quasisane ~sanep@c-76-118-191-64.hsd1.nh.comcast.net
1191393931 Q * quasisane Remote host closed the connection
1191394256 J * quasisane ~sanep@c-76-118-191-64.hsd1.nh.comcast.net
1191394261 Q * igraltist Remote host closed the connection
1191395342 Q * kir_home Ping timeout: 480 seconds
1191395801 Q * JonB Quit: This computer has gone to sleep
1191395859 J * kir_home ~kir@81.5.101.166
1191395879 J * JonB ~NoSuchUse@kg1-20.kollegiegaarden.dk
1191396021 J * igraltist ~user4@kasten-edv.de
1191396287 Q * hparker Quit: m00
1191397138 J * TrueBrain truelight@81.171.98.110
1191397184 M * TrueBrain Hi all; I have a tiny problem: on one of my hosts all of a sudden in the VPSes running 'ps' doesn't show anything... and when restarting a VPS, 'top' tells me /proc isn't mounted (but /proc has content). Any hints?
1191397274 M * TrueBrain ('vps' btw does show the processes)
1191397973 N * Bertl_zZ Bertl
1191397984 M * Bertl morning folks!
1191398026 M * Bertl TrueBrain: all of a sudden doesn't sound good, what did you change?
1191398038 M * TrueBrain Bertl: the worst part: nothing in the last few days
1191398041 M * TrueBrain and it was okay yesterday
1191398100 M * Bertl okay, try the following command and see if that shows something: 'chcontext --xid 666 -- ps auxwww'
1191398108 M * Bertl (please use paste.linux-vserver.org for everything longer than 3 lines)
1191398121 M * TrueBrain my lucky day:
1191398122 M * TrueBrain USER       PID PU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
1191398122 M * TrueBrain root     11274  0.0  0.0   4192   780 pts/6    R+   07:55   0:00 ps auxwww
1191398150 M * Bertl okay, so it seems that 'ps' itself is working ...
1191398168 M * Bertl now let's see inside a guest, like this:
1191398231 M * Bertl vserver <name> exec ps auxwww
1191398251 M * TrueBrain # vserver dns exec ps auxwww
1191398251 M * TrueBrain USER       PID PU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
1191398272 M * TrueBrain (which is all he shows)
1191398279 M * Bertl okay, let's try the following then:
1191398294 M * TrueBrain hmm, OOM Killer did kicked in yesterday, I don't know if that can cause this?
1191398334 M * Bertl vserver dns exec ls -lra /proc/
1191398343 Q * kir_home Ping timeout: 480 seconds
1191398413 M * TrueBrain http://paste.linux-vserver.org/6847
1191398503 M * Bertl so that looks fine too, let's strace the ps then like this:
1191398527 M * Bertl vserver dns exec strace -fF -o ps.trace ps auxwww
1191398536 M * Bertl (then upload the ps.trace output)
1191398547 J * dna ~dna@p54BCE691.dip.t-dialin.net
1191398555 M * TrueBrain means I need to have strace first ;)
1191398605 N * phedny Guest628
1191398611 J * phedny ~mark@ip56538143.direct-adsl.nl
1191398759 M * TrueBrain maybe strange question, but can it be that the uptime is a problem? (it is running for 197 days now)
1191398771 Q * Guest628 Read error: Connection reset by peer
1191398898 M * TrueBrain Bertl: that command doesn't give me a ps.trace file
1191398912 M * TrueBrain oh
1191398913 M * TrueBrain lol
1191398914 M * TrueBrain nevermind
1191398917 M * TrueBrain not in the dir I expected :p
1191399027 M * neuralis Bertl: 'morning
1191399045 M * Bertl neuralis: hey!
1191399073 M * Bertl TrueBrain: no idea, your ps obviously reads the process information quite fine, but decides not to output something ...
1191399092 M * Bertl TrueBrain: looks like a bug in your ps binary to me ...
1191399099 M * TrueBrain 3 distros
1191399100 M * TrueBrain all fail
1191399114 M * Bertl that indeed sounds strange
1191399128 M * TrueBrain and it worked fine till 9 hours ago, I just gathered :)
1191399160 M * Bertl let's do some more tests then ...
1191399161 Q * JonB Quit: This computer has gone to sleep
1191399172 M * TrueBrain 'top' btw also fails
1191399188 M * TrueBrain top: /proc is not mounted, required for output data
1191399205 M * Bertl could you strace -fF that one too and upload the output?
1191399507 J * besonen_mobile_ ~besonen_m@71-220-231-201.eugn.qwest.net
1191399534 J * Hollow_ ~hollow@proteus.croup.de
1191399625 J * Punkie ~Punkie@87.236.192.11
1191399631 M * TrueBrain you got the PM Bertl?
1191399728 M * Bertl yep, tx
1191399747 J * dilinger_ ~dilinger@mail.queued.net
1191399758 J * neuralis_ ~krstic@solarsail.hcs.harvard.edu
1191399770 J * _Hunger Hunger.hu@Hunger.hu
1191399794 M * Bertl TrueBrain: hmm, that is interesting information
1191399796 Q * _gh_ resistance.oftc.net xenon.oftc.net
1191399796 Q * the007killer resistance.oftc.net xenon.oftc.net
1191399796 Q * besonen_mobile resistance.oftc.net xenon.oftc.net
1191399796 Q * hardwire resistance.oftc.net xenon.oftc.net
1191399796 Q * Hunger resistance.oftc.net xenon.oftc.net
1191399796 Q * MooingLemur resistance.oftc.net xenon.oftc.net
1191399796 Q * Hollow resistance.oftc.net xenon.oftc.net
1191399796 Q * dilinger resistance.oftc.net xenon.oftc.net
1191399796 Q * neuralis resistance.oftc.net xenon.oftc.net
1191399804 M * Bertl TrueBrain: try the following:
1191399834 M * Bertl vserver dns exec ls -la /proc/self
1191399839 N * Hollow_ Hollow
1191399842 N * neuralis_ neuralis
1191399848 J * hardwire ~bip@rdbck-2318.palmer.mtaonline.net
1191399853 M * TrueBrain lrwxrwxrwx 1 root root 64 Oct  3 08:24 /proc/self -> 27039
1191399865 N * phedny Guest760
1191399871 J * phedny ~mark@ip56538143.direct-adsl.nl
1191400167 N * phedny Guest762
1191400173 J * phedny ~mark@ip56538143.direct-adsl.nl
1191400277 Q * Guest760 Ping timeout: 480 seconds
1191400373 Q * Guest762 Ping timeout: 480 seconds
1191400410 J * MooingLemur ~troy@shells195.pinchaser.com
1191400436 J * _gh_ ~gerrit@c-67-169-199-103.hsd1.or.comcast.net
1191400706 M * TrueBrain Btw, something completely different I have on all my servers: sometimes when I do: vserver <name> enter, I end up with the disksystem of an other VPS
1191400726 M * TrueBrain is this a known problem? (using server2 2.6.19-vs2.2.0-rc11-gentoo)
1191400773 N * dilinger_ dilinger
1191400840 M * Bertl TrueBrain: no, sorry, will look into that shortly
1191400854 Q * FireEgl Ping timeout: 480 seconds
1191400906 M * TrueBrain is there a simple way to see which process is using a lot of IO time?
1191401620 J * Pazzo ~ugelt@reserved-225136.rol.raiffeisen.net
1191401830 M * Pazzo hi @ll! AFAIR chattr isn't available inside a vserver guest as of security issues when using vunify & co. I don't need this feature, but I REALLY need chattr to be allowed inside a guest.
1191401834 M * Pazzo So my questions:
1191401847 M * Pazzo a) is there a flag allowing me to grant chattr to a guest?
1191401869 M * Pazzo b) are there any security-related problems caused by this?
1191401877 M * Pazzo Thanks :-)
1191402266 M * TrueBrain Bertl: after a full reboot, the server is fine again
1191402325 J * JonB ~NoSuchUse@130.227.63.19
1191402326 M * TrueBrain tnx for your time anyway :)
1191402715 P * kernelnewbies 
1191402959 Q * dna Read error: Connection reset by peer
1191402993 J * dna ~dna@p54BCE691.dip.t-dialin.net
1191403485 J * Julius ~julius@p57B27D7B.dip.t-dialin.net
1191404151 M * JonB Bertl: about my problem yesterday. did you have any hints or solutions?
1191404198 M * Bertl JonB: please remind me what the problem was?
1191404237 M * Bertl TrueBrain: what kernel version do you use on that machine?
1191404277 M * TrueBrain 2.6.19-vs2.2.0-rc11-gentoo
1191404326 M * Bertl okay, so you might consider upgrading
1191404388 M * TrueBrain Yeah, I should, but doing that remotely is tricky, so I have to wait till I go to the DataCenter :)
1191404427 M * JonB Bertl: http://paste.linux-vserver.org/6848
1191404500 M * Bertl ah, the bad address part, what kernel is that?
1191404591 M * JonB 2.6.22.9-vs2.2.0.3 + 214 from debian sid
1191404668 M * Bertl daniel_hozac: the post install scripts are run inside the guest context, but does anything wait for context completion before/after that?
1191404905 M * daniel_hozac they stop the guest too.
1191404954 M * daniel_hozac there is a time limit though, the context will only be alive for 15 seconds.
1191405219 M * Bertl yeah, what I'm thinking about is the following case
1191405243 M * Bertl - guest context gets created and ends
1191405261 M * Bertl - script creates the same context and enters it
1191405289 M * Bertl when the first end didn't really finish (because the process was not freed yet)
1191405303 M * Bertl then I could imagine that we hit a context in shutdown
1191405322 M * Bertl JonB: is that somewhat reproduceable?
1191405336 M * daniel_hozac i think a high load should be all that's needed.
1191405350 M * Bertl JonB: if so, could you make sure that you have Linux-VServer debugging enabled on your kernel?
1191405375 M * Bertl JonB: a debug run with the proper debug flags enabled should clarify that and confirm the theory
1191405420 M * JonB right
1191405449 M * JonB i will recompile .9-vs .4 with debug flags and reboot at some point
1191405615 M * JonB it was reproduceable all the times i tried. Load might ahve been high.load is low now, and i will try again
1191405644 M * JonB is it a problem to run a production server with vserver debugging compiled into the kernel?
1191405677 M * Bertl it will cause a small overhead
1191405707 J * pmenier ~pmenier@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr
1191405740 M * Bertl wb pmenier!
1191405763 M * pmenier Hi Bertl
1191406363 J * ktwilight ~ktwilight@155.77-66-87.adsl-dyn.isp.belgacom.be
1191406372 Q * hardwire Ping timeout: 480 seconds
1191406523 J * hardwire ~bip@rdbck-5815.wasilla.mtaonline.net
1191406576 J * meandtheshell ~markus@85.127.105.233
1191406739 Q * ktwilight_ Ping timeout: 480 seconds
1191407546 J * ktwilight_ ~ktwilight@170.122-66-87.adsl-dyn.isp.belgacom.be
1191407943 Q * ktwilight Ping timeout: 480 seconds
1191408022 M * JonB Bertl: vserver history tracking?
1191408044 M * JonB Bertl: scheduling monitor
1191408069 M * daniel_hozac the scheduling monitor shouldn't be necessary.
1191408177 M * JonB but history? and how big a history? i have 10-20 guests
1191408208 M * Pazzo hi Bertl, daniel_hozac!
1191408217 M * daniel_hozac hello Pazzo.
1191408224 M * Pazzo Bertl: 2.6.20.20 is running fine, thanks again
1191408228 M * daniel_hozac JonB: i don't think history is that interesting either.
1191408277 M * JonB okay
1191408324 M * Pazzo Can anyone give mi a little hint regarding my chattr-question  2 hours ago? (10:56, GMT+01:00)
1191408326 M * Bertl Pazzo: excellent! thanks for the feedback!
1191408341 M * Bertl Pazzo: care to restate it?
1191408354 M * Pazzo sure:
1191408360 M * Pazzo hi @ll! AFAIR chattr isn't available inside a vserver guest as of security issues when using vunify & co. I don't need this feature, but I REALLY need chattr to be allowed inside a guest.
1191408365 M * Pazzo So my questions:
1191408365 M * daniel_hozac CAP_LINUX_IMMUTABLE
1191408369 M * Pazzo  a) is there a flag allowing me to grant chattr to a guest?
1191408373 M * Pazzo b) are there any security-related problems caused by this?
1191408376 M * Pazzo Thanks :-)
1191408390 M * Pazzo daniel_hozac: THNX!!
1191408399 M * Pazzo what about b) ?
1191408409 M * Bertl yes, security related issues if you have an unified guest
1191408424 M * Bertl and on older kernels with the barrier (if legacy code is enabled)
1191408450 M * Pazzo Bertl: otherwise (if not using vunify and not using old kernels) there should be no problem, right?
1191408464 M * Bertl i.e. I would make sure that the guest does not share any files with others and I would 'try' to remove the barrier from inside
1191408475 M * Pazzo CONFIG_VSERVER_LEGACY=y
1191408485 M * Pazzo # CONFIG_VSERVER_LEGACY_VERSION is not set
1191408519 M * Bertl simply set the barrier attribute in a dir inside the guest
1191408523 M * Pazzo Bertl: are there some "barrier-removal-hack"-instructions on the wiki?
1191408537 M * Bertl and see if you can remove/eliminate it
1191408547 M * Pazzo does CONFIG_VSERVER_LEGACY=y mean that a guest can escape???
1191408547 M * Bertl (from inside the guest that is)
1191408567 M * Bertl I would assume so, (if it has too many caps) but it is untested
1191408578 M * Pazzo (I should be using namespaces)
1191408596 M * Pazzo is CAP_LINUX_IMMUTABLE "too many"?
1191408614 M * Bertl could be, it's more than the 'considered secure' default
1191408616 M * daniel_hozac namespaces only protect the host. other guests are still up for grabs.
1191408622 A * Pazzo is getting confused
1191408662 M * Pazzo I thought since using recent utils & patch 2.0+ I should be save from guests trying to escape!?
1191408696 M * daniel_hozac unless you provide a means for them to escape, yes.
1191408706 M * Pazzo -> <Pazzo> Bertl: are there some "barrier-removal-hack"-instructions on the wiki?
1191408710 M * Pazzo a means?
1191408725 M * daniel_hozac CAP_LINUX_IMMUTABLE and legacy could be just what's needed...
1191408735 M * Pazzo :-(
1191408739 J * ktwilight ~ktwilight@171.111-66-87.adsl-dyn.isp.belgacom.be
1191408791 A * Pazzo has to leave now - will be back later...
1191408806 M * Pazzo In the meantime: thanks for clarification!
1191408810 M * Pazzo ehm... 
1191408833 M * Pazzo yeah... it's not THAT clear, but now I know more than I did before ;-)
1191408836 M * Pazzo thanks!
1191408841 N * Pazzo PazzoOoooo
1191408846 M * Bertl if you need more, just ask ...
1191408923 Q * dna Read error: Connection reset by peer
1191408947 J * dna ~dna@p54BCE691.dip.t-dialin.net
1191409144 Q * ktwilight_ Ping timeout: 480 seconds
1191409164 J * ktwilight_ ~ktwilight@160.223-66-87.adsl-static.isp.belgacom.be
1191409263 Q * ktwilight Ping timeout: 480 seconds
1191409963 J * ktwilight ~ktwilight@94.96-67-87.adsl-dyn.isp.belgacom.be
1191410343 Q * ktwilight_ Ping timeout: 480 seconds
1191410426 J * romke romke@acrux.romke.net
1191410570 M * romke hi, anyone knows how to unsubscribe old vserver mailing list since http://list.linux-vserver.org/mailman/ and mailman-owner@list.linux-vserver.org are dead?
1191410651 M * daniel_hozac why? do you get anything from it?
1191410672 M * romke yep, monthly reminder of membership
1191410692 M * daniel_hozac that's... strange.
1191410752 M * romke "This is a reminder, sent out once a month, about your
1191410753 M * romke list.linux-vserver.org mailing list memberships.  It includes your
1191410753 M * romke subscription info and how to use it to change it or unsubscribe from a
1191410754 M * romke list."
1191410766 M * daniel_hozac i've not received anything for a really long time.
1191410784 M * daniel_hozac i guess you could email martin and ask him to doit.
1191410798 M * Bertl I'm getting those too
1191410879 M * romke daniel_hozac: and his email address is/
1191410999 J * vrwttnmtu ~eryktyktu@82-69-161-137.dsl.in-addr.zen.co.uk
1191411024 M * JonB Bertl: now i only get alot of those identical lines. But it seems to finish and start just fine http://paste.linux-vserver.org/6849
1191411054 M * daniel_hozac romke: martin at list-petersen dot dk
1191411064 M * romke thx
1191411164 J * ktwilight_ ~ktwilight@101.65-66-87.adsl-dyn.isp.belgacom.be
1191411164 Q * ktwilight Read error: Connection reset by peer
1191411253 J * ktwilight ~ktwilight@72.78-66-87.adsl-dyn.isp.belgacom.be
1191411341 M * Bertl wb vrwttnmtu!
1191411388 M * Loki|muh would be hard to pronounce this nickname
1191411432 M * Loki|muh ... at least in a language I know
1191411451 M * vrwttnmtu Hey Bertl 
1191411454 M * vrwttnmtu Long time
1191411460 M * vrwttnmtu Hope everything is well :)
1191411483 M * Bertl yeah, all fine here, and for you?
1191411507 M * vrwttnmtu Yep, alles gut. :)
1191411532 M * vrwttnmtu I just popped in last night to ask why I couldn't get XFS working with dlimits.
1191411539 M * vrwttnmtu And daniel_hozac put me straight on it :)
1191411588 M * Bertl ah, yeah, dlimit support is missing there
1191411610 M * Bertl mostly because we agreed that there is no real point in doing xfs dlimits
1191411616 M * vrwttnmtu Oh?
1191411626 M * Bertl xfs already support so called 'projects'
1191411644 M * Bertl which, if used properly, do almost the same job, AFAIKT
1191411648 Q * ktwilight_ Ping timeout: 480 seconds
1191411676 M * vrwttnmtu I used XFS just because it had good ACL support, and I thought it might be useful in the future
1191411680 M * vrwttnmtu But I'll look at projects
1191411690 M * vrwttnmtu I have seen them in the xfs_quota -x command
1191411702 M * Bertl yeah, let us know how it goes ...
1191411703 J * ktwilight_ ~ktwilight@74.202-66-87.adsl-static.isp.belgacom.be
1191411711 M * vrwttnmtu It's u/g/p - user/group/project
1191411715 M * daniel_hozac how does "good" ACL support differ from "bad" ACL support?
1191411718 M * vrwttnmtu I'll have a look at it and let you know
1191411733 M * vrwttnmtu Good = in there from the start, not tacked on, widely used, etc etc
1191411743 M * Bertl daniel_hozac: you know, the dark and the light side of the force? :)
1191411753 Q * ktwilight Ping timeout: 480 seconds
1191411870 M * daniel_hozac hehe
1191411891 M * daniel_hozac IMHO all of XFS seems to be more of a tacked on thing.
1191411922 M * Bertl yes, the problem with xfs (from the code PoV) is that it is not a linux filesystem
1191411926 M * daniel_hozac right.
1191411937 M * Bertl i.e. it wasn't integrated properly, just wrapped over and over again
1191411953 M * Bertl and this gives many levels of code indirection
1191411966 M * Bertl (and duplicate structures, etc)
1191412100 M * vrwttnmtu Aaah, I don't look at things from the code perspective
1191412113 M * vrwttnmtu My thinking was like this:
1191412123 M * vrwttnmtu ReiserFS - reputedly better for lots of small files
1191412131 M * vrwttnmtu Ext3 - nasty tack-on to ext2
1191412140 M * vrwttnmtu XFS - tried, tested
1191412149 M * vrwttnmtu And better for large files
1191412156 M * Bertl vfat - used by milions :)
1191412167 M * vrwttnmtu The journalling isn't up to much though :)
1191412242 M * daniel_hozac and XFS is a nasty tack-on to Linux? :)
1191412310 M * vrwttnmtu I'm sensing not much love for XFS here :)
1191412325 M * vrwttnmtu Bertl, what is needed for the prjquota fstab entry
1191412327 M * vrwttnmtu ?
1191412332 M * Bertl nah, I'm quite indifferent, and probably would prefer xfs over reiserfs
1191412391 J * ktwilight ~ktwilight@34.220-66-87.adsl-static.isp.belgacom.be
1191412747 Q * ktwilight_ Ping timeout: 480 seconds
1191412777 M * fb Bertl: there's one advantage of reiserfs -- a fs can be shrinked
1191412794 M * vrwttnmtu fb, Aye, that's true
1191412801 M * fb i think only ext2/3 has this feature too
1191412893 M * daniel_hozac yep.
1191412911 M * Bertl I think all the 'features' present in other (generic purpose) filesystems available on linux have been integrated into ext3/4 by now
1191412945 M * Bertl the large number of small files issue has been addressed by the htree stuff
1191412974 M * Bertl the acl/permission mechanisms have been generalized some time ago
1191412981 M * vrwttnmtu So what fs do Bertl and daniel_hozac (and anyone else) use for VPS hosts?
1191412991 M * fb Bertl: i have bad experiences with ext3
1191413000 M * Bertl I'm usually sticking with ext3 for several reasons
1191413002 M * daniel_hozac i use ext3.
1191413015 M * fb it seems to be extremally vulnerable to a broken ram
1191413019 M * Bertl - it is well tested (as default linux filesystem)
1191413037 M * Bertl - it has a clear recovery path (ext2) when something goes wrong
1191413068 M * Bertl - it supports all the 'linux' features
1191413078 M * fb unfortunately it didn't work after system crash in my case ;)
1191413092 M * JonB Bertl: the guests i build now which still has those errors is not as finished as those i built days ago. no apt-get package list which they used to have
1191413122 M * fb i had two such crashes in a short period of time, both caused by a ram failure
1191413131 M * fb and both were fatal to a filesystem
1191413153 M * daniel_hozac how can any fs be resilient against RAM failure?
1191413192 M * fb daniel_hozac: my point is, i used xfs in parallel, and on more user filesystems (as a mail spool)
1191413207 M * fb and those fs'es stayed intact
1191413223 P * Scurz 
1191413275 M * daniel_hozac and you had files there to prove it?
1191413293 M * fb you mean?
1191413307 M * daniel_hozac mail spool sounds like temporary data.
1191413319 M * fb  /home was on ext3 and /var/spool/cyrus was on xfs
1191413332 M * fb  /home was barely used
1191413372 M * fb and mail was mainly accessed using imap
1191413384 M * fb so it was not temporary at all :)
1191413566 J * ktwilight_ ~ktwilight@70.204-66-87.adsl-static.isp.belgacom.be
1191413566 Q * ktwilight Read error: Connection reset by peer
1191413599 J * julius_ ~julius@p57B27A41.dip.t-dialin.net
1191413652 M * fb but then again, i'm not fs expert, and those two losses might be pure coincidence ;)
1191413721 Q * dna Read error: Connection reset by peer
1191413745 J * dna ~dna@p54BCE691.dip.t-dialin.net
1191414048 Q * Julius Ping timeout: 480 seconds
1191414214 M * vrwttnmtu Bertl, Just got prjquota working
1191414226 M * vrwttnmtu It's quite nice
1191414242 M * vrwttnmtu Where's the Wiki for this? I'll whack some notes up
1191414326 M * daniel_hozac linux-vserver.org?
1191414482 N * phedny Guest779
1191414488 J * phedny ~mark@ip56538143.direct-adsl.nl
1191414651 Q * sabbath Quit: deixa a doidera bater.. pra nunca mais esquecer :P
1191414793 J * ktwilight ~ktwilight@125.76-66-87.adsl-dyn.isp.belgacom.be
1191414893 Q * Guest779 Ping timeout: 480 seconds
1191415054 M * vrwttnmtu http://linux-vserver.org/XFS
1191415057 J * ema ~ema@rtfm.galliera.it
1191415091 Q * Aiken Quit: Leaving
1191415147 Q * ktwilight_ Ping timeout: 480 seconds
1191415153 M * Bertl vrwttnmtu: excellent!
1191415236 M * PazzoOoooo re
1191415238 M * JonB new job anyone? http://jobs.perl.org/job/6883 notice the last paragraf
1191415239 N * PazzoOoooo Pazzo
1191415489 M * vrwttnmtu Bertl, do you have any thoughts on why the df -h output in the vserver should show the correct "Size", the correct "Used", but still the avail of the whole drive?
1191415500 M * vrwttnmtu (at the bottom of the XFS wiki page)
1191415531 M * daniel_hozac looks like a bug.
1191415550 M * vrwttnmtu In df, vserver, or xfs?
1191415554 M * Bertl you probably need to hack the kernel into doing the right thing for project quota, if that is the question?
1191415570 M * vrwttnmtu Filesystem            Size  Used Avail Use% Mounted on
1191415571 M * vrwttnmtu /dev/hdv1             5.0G  3.0G   17G  21% /
1191415585 M * vrwttnmtu One would have thought that Avail was Size - Used.
1191415602 M * daniel_hozac XFS, of course.
1191415605 M * vrwttnmtu :)
1191415638 M * vrwttnmtu Because I can just see a user moaning that they've only got 100M free, but yet the drive has 17GB free, or whatever
1191415954 Q * dna Quit: Verlassend
1191415996 J * ktwilight_ ~ktwilight@40.82-66-87.adsl-dyn.isp.belgacom.be
1191416348 Q * ktwilight Ping timeout: 480 seconds
1191417167 J * ktwilight ~ktwilight@34.111-66-87.adsl-dyn.isp.belgacom.be
1191417548 Q * ktwilight_ Ping timeout: 480 seconds
1191418396 J * ktwilight_ ~ktwilight@128.107-66-87.adsl-dyn.isp.belgacom.be
1191418453 Q * ktwilight Read error: Connection reset by peer
1191419195 J * fb_ fback@red.fback.net
1191419196 Q * fb Read error: Connection reset by peer
1191419333 J * kir_home ~kir@81.5.101.0
1191419571 J * ktwilight ~ktwilight@47.73-66-87.adsl-dyn.isp.belgacom.be
1191419722 J * catlee ~catlee@Z-pc1-959-S1.gw2.tor1.rogerstelecom.net
1191419949 Q * ktwilight_ Ping timeout: 480 seconds
1191420148 M * catlee Hello
1191420157 M * JonB hi
1191420274 M * catlee just reading up on binding to network interfaces...
1191420282 M * catlee I've got a host w/ a single guest
1191420300 M * Bertl sounds good, there is no 'binding' to interfaces :)
1191420328 M * catlee both the host and the guest try and start a process that binds to the same port on all interfaces
1191420335 M * catlee this is causing problems :)
1191420369 M * Bertl not quite unexpected, what is it what you want to achieve?
1191420379 M * Bertl a single guest, which can reach the internet?
1191420402 M * catlee the guest is a build environment
1191420418 M * Bertl so you access it from the host then?
1191420423 M * catlee yes
1191420436 M * Bertl in this case, does it need any IP at all=
1191420439 M * Bertl s/all/?
1191420442 M * catlee hmm
1191420453 M * Bertl or you could give it a private ip
1191420465 M * Bertl and keep host services from binding that ip
1191420469 M * catlee it should be accessible from the LAN as well
1191420543 M * catlee hmm, well, maybe not
1191420557 M * catlee the idea is to have a separate vserver for various linux distributions
1191420583 M * Bertl makes sense, I would suggest to give them private ips
1191420592 M * Bertl e.g. 10.0.0.1, 10.0.0.2 ...
1191420602 M * catlee however, the problem is that the build requires a process to be running that listens on a certain port
1191420615 M * Bertl then, if you really want to allow access to a specific one, you can use S/DNAT
1191420704 M * catlee I think I'd still have the same problem...I guess I need to prevent the host from binding to that port on all interfaces
1191420712 M * catlee then the guests should be fine
1191420753 M * Bertl yes, you want to change some host services from binding to 0.0.0.0 to a specific host adress
1191420768 M * JonB Bertl: hardlinking /etc/passwd between 2 guests is broken once you add a user in one of them. Aka, as you said, they make a new file
1191420771 J * ktwilight_ ~ktwilight@83.98-67-87.adsl-dyn.isp.belgacom.be
1191420775 M * catlee how does the loopback device get handled?
1191420785 M * Bertl catlee: you can use wrapper scripts/chbind for most services except for your access service (i.e. sshd or so)
1191420802 M * Bertl catlee: depends on the kernel version and config
1191420813 Q * kir_home Ping timeout: 480 seconds
1191420852 M * catlee 2.6.21
1191420863 J * kir_home ~kir@81.5.101.0
1191420868 M * Bertl okay, and the Linux-VServer patch?
1191420885 M * catlee not sure...it's debian's vserver kernel
1191420907 M * catlee how can I tell?
1191420946 M * Bertl cat /proc/virtual/info (is as close as you can get :)
1191420955 J * Darkglow ~pdesnoyer@208.71.184.41
1191420964 M * catlee Version: 0002:0200
1191420989 M * Bertl so that is our stable branch, which means 127.0.0.1 will get remapped to the first assigned ip
1191421020 M * mnemoc is this differenet in 2.3?
1191421022 M * Darkglow quick one about setattr --barrier... in the howto, it says to do it on every guests directory... but when I do that, I cannot access my guests.. So... I should only setattr --barrier my /vservers dir ?
1191421043 M * Darkglow (it's a Bertl comment that mentions to do it on every guest ;-)
1191421049 M * Bertl mnemoc: yes, in 2.3.x we remap to the lback address
1191421051 M * catlee so in this case 127.0.0.1 on my guest is equivalent to the LAN ip that I've assigned to eth1:eth1?
1191421068 M * Bertl Darkglow: you set the barrier like this:
1191421079 M * Bertl Darkglow: setattr --barrier /path/to/guest/..
1191421087 M * Bertl Darkglow: note the '..' which is literally
1191421088 M * mnemoc Bertl: ic, thanks :)
1191421116 M * Darkglow Oh... and how do I remove a --barrier ? (to fix my mess ;-)
1191421140 M * Bertl setattr --~barrier /path/to/mess :)
1191421149 Q * ktwilight Ping timeout: 480 seconds
1191421252 M * Darkglow so if all my vservers are in /vservers, then setattr --barrier /vservers does the same thing... cool
1191421304 J * FireEgl FireEgl@4.0.0.0.1.0.0.0.c.d.4.8.0.c.5.0.1.0.0.2.ip6.arpa
1191421304 M * Darkglow (I would mention that the .. has to be there, I guess I won't be the first to miss it ;-)
1191421346 M * Bertl yeah, please do so ...
1191421438 M * Darkglow Done ;-)
1191421629 M * vrwttnmtu Bertl, when did the advice become to set a barrier for each guest, not just on the /vservers dir?
1191421670 M * JonB what does this barrier do ?
1191421672 M * Darkglow In fact, I think he mentions that for the case where you would have 2 different "root" dirs for vservers right ?
1191421694 M * vrwttnmtu Aaah, OK
1191421712 M * vrwttnmtu So one dir which all the vservers are under, and 1 barrier command
1191421728 M * Darkglow because you have to set it to /path/to/guest/.. where .. points to 1 dir below the guest... :-) 
1191421732 M * Bertl vrwttnmtu: that was always so :)
1191421752 M * Bertl Darkglow: above, and not necessarily :)
1191421755 M * Darkglow I guess it's just me ;-) I got confused by your comment ;-)
1191421767 M * Darkglow right right... ;-)
1191421780 M * Bertl e.g. if you do funny stuff with (bind) mounts, then
1191421795 M * Bertl /path/to/x/.. can easily be different from /path/to
1191421799 M * vrwttnmtu OK, I'm confused now. If I've got /vservers/guest1, /vservers/guest2, /vservers/guest3, what's the recommended barrier approach
1191421821 M * Bertl setattr --barrier /vservers/guest1/.. /vservers/guest2/.. ...
1191421828 M * vrwttnmtu Urgh.
1191421836 M * vrwttnmtu More administration
1191421841 M * Bertl of course, if all of them have identical setuo
1191421849 M * vrwttnmtu What's the reason for that?
1191421850 M * Bertl *setup, then one command is enough
1191421867 M * vrwttnmtu What do you mean my "setup"?
1191421869 M * Bertl what if //vservers/guest2 is a bind mount somewhere esle
1191421869 M * vrwttnmtu by
1191421882 M * Bertl or even a symbolic link to /data/guest2
1191421897 M * Bertl then you want /data to carry the barrier
1191421906 M * vrwttnmtu No, assume it's /dev/sda4 mounted to /vservers, and all the vservers are in that /vservers dir, no links, no magic, no trickery. :)
1191421922 M * Bertl in this case (a very special case :) you just to
1191421930 M * Bertl setattr --barrier /vservers/guest1/.. 
1191421941 M * vrwttnmtu ?
1191421949 M * vrwttnmtu Just for one guest?
1191421960 M * Bertl jep, as all will use the same dir then
1191421970 J * ktwilight ~ktwilight@184.209-66-87.adsl-static.isp.belgacom.be
1191421975 M * Bertl (which without any trickery, is /vservers/)
1191422013 Q * kir_home Ping timeout: 480 seconds
1191422049 M * vrwttnmtu Wow. I'm confused. I set it on /vservers/guest1/.. ?
1191422066 M * Bertl which boils down (in your special case) to /vservers/
1191422112 M * Bertl but note that the tools should do that automatically for you (when you create a new guest)
1191422252 M * vrwttnmtu I don't use the tools to create guests - cd /etc/vservers ; cp oldvserver newvserver -Rfv - and then fix the links, etc
1191422299 M * Bertl well, if you feel like it ... I'd use vserver <name> build -m clone for that
1191422336 M * catlee Can each vserver guest have its own display?
1191422348 M * catlee doesn't have to be a real display
1191422352 M * vrwttnmtu So just to completely confirm: setting a barrier on /vservers/ isn't the same as setting on /vservers/guest1/.. ?
1191422353 Q * ktwilight_ Ping timeout: 480 seconds
1191422359 M * catlee but it needs to support GL
1191422359 M * Bertl catlee: define 'display'
1191422381 M * Bertl vrwttnmtu: is not necessarily the same as ....
1191422386 M * catlee programs can connect to $DISPLAY 
1191422401 M * Bertl ah, you mean X forwarding, yes that is fine inside guests
1191422416 M * Bertl you can also create some kind of vnc X server for each one
1191422425 M * Bertl then you can connect via VNC to your guests
1191422435 M * catlee hmm, yeah, that's more what I was thinking of
1191422449 M * catlee Wonder if you can get software GL working inside a VNC X server?
1191422555 M * Bertl should work fine
1191422617 M * vrwttnmtu Bertl, Another question. I used to run a webserver on the host so that I could have an admin interface that allowed users to log in, and run sudo vserver <theirname> restart in case they had hit memory limits.
1191422637 M * vrwttnmtu However, following the good advice, I no longer run anything on the hosts, apart from SSH
1191422646 M * JonB is there a tool that shows me the status of all vservers? 
1191422648 M * vrwttnmtu So the admin webserver is now in a guest
1191422696 M * vrwttnmtu What is the best, safest, securest way to now restart a guest from within another guest?
1191422720 M * Bertl probably an ssh command (restricted mode) issued from the admin server
1191422728 M * JonB vserver-stat, though it gives more infothan i suspekted
1191422750 M * vrwttnmtu Bertl, that's what I thought.
1191422770 M * vrwttnmtu ssh foo@host sudo vserver <name> restart
1191422774 M * vrwttnmtu With keys, etc
1191422926 J * dowdle ~dowdle@scott.coe.montana.edu
1191422928 Q * Punkie Quit: Odcházím
1191423026 M * mugwump vrwttnmtu: make a wrapper script.  sudo either lets you run a command with any arguments, or only one defined set
1191423063 M * mugwump I would also consider using a forced command ssh key
1191423078 M * vrwttnmtu Yep, that's what I'm just doing
1191423175 J * ktwilight_ ~ktwilight@104.115-66-87.adsl-dyn.isp.belgacom.be
1191423553 Q * ktwilight Ping timeout: 480 seconds
1191424375 J * ktwilight ~ktwilight@213.93-66-87.adsl-dyn.isp.belgacom.be
1191424481 Q * ema Quit: leaving
1191424597 J * hparker ~hparker@linux.homershut.net
1191424754 Q * ktwilight_ Ping timeout: 480 seconds
1191425346 Q * balbir Read error: Operation timed out
1191425493 J * ema ~ema@rtfm.galliera.it
1191425575 J * ktwilight_ ~ktwilight@186.94-66-87.adsl-dyn.isp.belgacom.be
1191425579 Q * ktwilight_ 
1191425828 Q * JonB Ping timeout: 480 seconds
1191425953 Q * ktwilight Ping timeout: 480 seconds
1191426157 Q * Darkglow Quit: Konversation terminated!
1191426405 N * ensc Guest789
1191426415 J * ensc ~irc-ensc@84.180.218.237
1191426498 Q * Guest789 Ping timeout: 480 seconds
1191426537 Q * DavidS Quit: Leaving.
1191428362 J * JonB ~NoSuchUse@kg1-20.kollegiegaarden.dk
1191428421 J * bonbons ~bonbons@2001:960:7ab:0:20b:5dff:fec7:6b33
1191430270 Q * JonB Quit: This computer has gone to sleep
1191430879 Q * pmenier Quit: pmenier
1191431163 J * balbir ~balbir@122.167.79.239
1191431397 Q * catlee Quit: Ex-Chat
1191431429 Q * romke Quit: leaving
1191431524 Q * ema Quit: leaving
1191431783 J * Piet ~piet@tor.noreply.org
1191432483 Q * Pazzo Quit: ...
1191432579 M * fb_ do you make use of IPC namespaces?
1191432666 M * daniel_hozac yes.
1191432667 M * daniel_hozac and uts.
1191432677 M * daniel_hozac have been since they were added to the kernel.
1191432679 J * ktwilight ~ktwilight@186.94-66-87.adsl-dyn.isp.belgacom.be
1191432936 J * ktwilight_ ~ktwilight@59.104-67-87.adsl-dyn.isp.belgacom.be
1191433036 Q * ktwilight_ 
1191433179 Q * ktwilight Ping timeout: 480 seconds
1191433252 M * djbclark I want to make a FC7 vserver; what build method would people suggest?
1191433282 M * daniel_hozac yum
1191433283 M * djbclark or I guess it's just "Fedora 7
1191433285 M * djbclark " now
1191433292 M * djbclark daniel_hozac: thanks
1191433653 M * vrwttnmtu ktwilight needs a more stable net connection
1191434674 J * coderanger_ ~coderange@taz-01.dynamic2.rpi.edu
1191434829 M * djbclark So I am on an FC7 box, so I copied over the /etc/yum.repos.d to /etc/vservers/.distributions, but now get the error messages shown in http://pastebin.be/5629
1191434892 M * daniel_hozac any particular reason you're not using 0.30.214 which already includes support for f7?
1191435118 M * daniel_hozac anyway, ln -s /usr/lib*/util-vserver/distributions/redhat/{initpre,initpost,rc.sysinit} /etc/vservers/.distributions/f7 should get you going...
1191435133 J * ftx ~ftx@hlfx53-2b-142.ns.sympatico.ca
1191435268 M * djbclark daniel_hozac: probably because it's not part of f7... but I can go build from source, thanks for the tip :)
1191435286 M * daniel_hozac hmm, it's not?
1191435297 M * daniel_hozac ensc: would you mind pushing it?
1191435311 M * djbclark daniel_hozac: nope. it goes up to fc6, and all of the stuff seems to be with apt, not with yum.
1191435339 M * daniel_hozac what?
1191435603 M * djbclark specifically, it looks like I'll put in pastebin in a sec...
1191435710 M * djbclark http://pastebin.be/5633
1191435738 M * daniel_hozac woah, F7 is stuck on 0.30.212?
1191435748 M * djbclark guess so
1191435766 M * daniel_hozac ensc: ping?
1191435795 A * djbclark goes to download latest vserver-tools source...
1191435973 M * djbclark ah cool you can just rpmbuild -ta it :)
1191435981 M * daniel_hozac that's the idea...
1191436062 M * djbclark daniel_hozac: BTW I'm the new sys admin with OLPC. I think you (or others here) know a bunch of my collegues.
1191436123 M * daniel_hozac i know you are ;)
1191436265 J * ktwilight ~ktwilight@59.104-67-87.adsl-dyn.isp.belgacom.be
1191436332 N * _Hunger Hunger
1191436333 Q * ftx Ping timeout: 480 seconds
1191436409 J * ktwilight_ ~ktwilight@9.211-66-87.adsl-static.isp.belgacom.be
1191436768 Q * ktwilight Ping timeout: 480 seconds
1191436770 Q * meandtheshell Quit: Leaving.
1191436949 Q * ktwilight_ Quit: dead
1191437315 M * daniel_hozac Bertl: should we start reverting some of the patches used to debug arekm's issue?
1191437317 M * djbclark daniel_hozac: .214 doesn't have f7 either. Maybe you are thinking of svn head? I can try that...
1191437325 M * daniel_hozac djbclark: 0.30.214 does have f7.
1191437349 M * daniel_hozac # rpm -qf /usr/lib64/util-vserver/distributions/f7/
1191437350 M * daniel_hozac util-vserver-build-0.30.214-0.pre2602.fc7
1191437380 M * daniel_hozac (that's not even the final 0.30.214 version)
1191437611 M * djbclark hmm.... maybe the[root@solar .distributions]# rpm -qa | grep util-vserver-0
1191437613 M * djbclark util-vserver-0.30.214-0.1.fc7
1191437615 M * djbclark [root@solar .distributions]# ls
1191437617 M * djbclark f7  fc1  fc2  fc3  fc4  fc5  fc6  rh9  suse91
1191437644 M * djbclark [root@solar .distributions]# I did remove the old RPMs and /etc/vserver dir manually before... I'll go look at the actuall dist code I downloaded...
1191437695 J * FHTech ~Miranda@62.140.244.26
1191437700 M * FHTech Hello
1191437704 M * djbclark yup so it's in the tarball, maybe just not in the .spec file...
1191437742 M * FHTech Tell please, how at installation util-vserver it is possible to set value vserver-Rootdir?
1191437777 M * daniel_hozac djbclark: uh, it's right there, no?
1191437799 M * daniel_hozac FHTech: --with-vrootdir, as per ./configure --help
1191437842 M * djbclark daniel_hozac: yeah it's listed in the -qpi output, maybe something is overwriting it or there is some other weirdness... looking into it now.
1191437857 M * daniel_hozac djbclark: what?
1191437860 M * FHTech daniel_hozac: Thanks
1191437869 Q * FHTech 
1191437881 M * daniel_hozac djbclark: you just showed us you have it. what's the problem you're trying to solve?
1191437884 M * djbclark Ah probably this:
1191437886 M * djbclark    6:util-vserver-build     ########################################### [ 75%]
1191437888 M * djbclark /vservers/.hash: Function not implemented
1191437940 M * daniel_hozac nope.
1191437958 M * daniel_hozac that just means your /vservers filesystem doesn't support the barrier attribute.
1191438193 M * djbclark yeah something is really f-ed... I rpm -qpli the .rpm and it shows it, but it doesn't get installed.
1191438208 M * daniel_hozac what makes you say that?
1191438216 M * djbclark sec
1191438219 J * JonB ~NoSuchUse@kg1-20.kollegiegaarden.dk
1191438228 M * daniel_hozac what you pasted above shows it, so i assume you're using something else?
1191438250 M * daniel_hozac (to determine it, that is)
1191438469 M * djbclark http://pastebin.be/5635
1191438506 M * djbclark Although actually looks like the stuff I want is in /usr/lib64/util-vserver/distributions/f7 , so maybe it will just work - sec...
1191438509 M * daniel_hozac and the problem is...?
1191438583 M * djbclark in the .rpm there is /etc/vservers/.distributions/f7/apt/sources.list , but it doesn't actually get installed. I was unaware that the location of the distro stuff changed / or was always in /usr/lib[64].
1191438640 M * daniel_hozac what makes you say it doesn't get installed?
1191438650 Q * quasisane Remote host closed the connection
1191438653 M * daniel_hozac your paste clearly shows /etc/vservers/.distributions/f7 exists...
1191438700 M * daniel_hozac as for the location, the data installed by the RPMs has always gone in pkglibdir.
1191438713 M * djbclark d'oh... mental scanning error... was looking for fc7 lol... I owe you a beer :)
1191438750 M * daniel_hozac ;)
1191438823 M * djbclark So I think today is my day to look as stupid in #vserver as possible:
1191438824 M * djbclark # vserver solar64 build -m yum --interface eth0 --hostname=solar64 -- -d f7
1191438826 M * djbclark /etc/vservers/.defaults/vdirbase/solar64: Function not implemented
1191438859 M * djbclark ah old syntax, -m now
1191438873 M * djbclark (or not)
1191438875 M * daniel_hozac are you running a Linux-VServer kernel?
1191438895 M * daniel_hozac or rather, one that supports the Linux-VServer attributes on the filesystem you're trying to install?
1191438943 M * djbclark Yes, it is compiled with vserver, but I might have not included some stuff vserver needs.
1191438956 M * djbclark 2.6.22.6solar1-grsec2.1.11-vs2.2.0.3
1191438978 M * m_stone daniel_hozac: ping
1191438978 A * djbclark reads that last bit more carefully.. so XFS isn't supported?
1191438989 A * djbclark googles
1191438992 M * m_stone what flags does vc_ctx_migrate() take?
1191439020 M * daniel_hozac VC_VXM_*, i.e. SET_REAPER and SET_INIT.
1191439069 M * daniel_hozac djbclark: XFS is partially supported, the barrier should be part of that...
1191439069 M * m_stone daniel_hozac: basically, I'm having trouble examining a process inside a container.
1191439086 M * daniel_hozac okay? what kind of trouble?
1191439096 M * djbclark daniel_hozac: Is the partial support that it can be used for data but not OS?
1191439113 M * m_stone daniel_hozac: I tried chcontext --xid NNN -- /bin/bash   and vcontext --migrate --xid 100 -- /bin/bash  but those both died with errors about invalid arguments.
1191439115 A * djbclark goes and makes ext3 for vserver OS images
1191439132 M * m_stone daniel_hozac: then I attempted to use vc_ctx_migrate() directly from my python binding, but was unable to work out the right flags :)
1191439134 M * daniel_hozac djbclark: no, that it doesn't work for COW or disk limits.
1191439156 M * daniel_hozac m_stone: just to migrate into the contexts you don't need any flags.
1191439169 M * daniel_hozac m_stone: you only need the flags to do special things, like become the new init for the context.
1191439190 M * m_stone daniel_hozac: that's what I thought, but I called vc_ctx_migrate(100, 0) and got EINVAL.
1191439207 Q * JonB Quit: This computer has gone to sleep
1191439218 P * TrueBrain So long and tnx for all the fish
1191439219 M * daniel_hozac m_stone: what kernel?
1191439221 M * djbclark daniel_hozac: If one chooses to forgo those features for data?
1191439237 M * m_stone vserver-stat reports that context 100 contains several processes.
1191439246 M * m_stone daniel_hozac: an out of date one, of course. :)
1191439252 M * djbclark daniel_hozac: We are doing builds and small file performance matters a lot, hence the thought of using XFS where possible.
1191439270 M * m_stone daniel_hozac: hmm.
1191439284 M * m_stone daniel_hozac: perhaps the migrate syscall doesn't take any arguments on this kernel.
1191439291 M * m_stone daniel_hozac: I'll investigate.
1191439324 M * daniel_hozac that should just mean it doesn't care about it, it wouldn't return EINVAL.
1191439336 M * m_stone daniel_hozac: let me verify the EINVAL then.
1191439344 M * m_stone daniel_hozac: I could have misreported it.
1191439348 J * yarihm ~yarihm@84-75-130-73.dclient.hispeed.ch
1191439362 M * daniel_hozac m_stone: AFAICT, the only thing that might return EINVAL is the nsproxy unsharing.
1191439386 M * daniel_hozac m_stone: what utils are you using? outdated, too?
1191439395 M * m_stone daniel_hozac: it is definitely returning einval
1191439400 M * m_stone daniel_hozac: no, 0.30.214
1191439427 M * daniel_hozac vserver debugging in the kernel?
1191439440 M * daniel_hozac does vcmd work?
1191439442 M * m_stone daniel_hozac: good idea, I'll turn it on.
1191439449 M * m_stone daniel_hozac: haven't tried vcmd yet, but it has worked in the past.
1191439494 M * m_stone daniel_hozac: also, thanks for the rapid assistance.
1191439506 M * daniel_hozac heh, you're welcome.
1191439517 M * daniel_hozac i guess i have an idea of what i could be... how are you creating the context?
1191439555 M * daniel_hozac are you using the util's vc_ctx_create, or the syscall directly?
1191439652 M * m_stone vc_syscall(VC_CMD('VPROC', 1, 1), 100, VC_VXF_STATE_SETUP | VC_VXF_STATE_INIT | VC_VXF_STATE_ADMIN
1191439662 M * daniel_hozac right.
1191439686 M * daniel_hozac the util's vc_ctx_create does a bit of behind-the-scenes lifting, to create and set the uts and IPC spaces.
1191439688 M * m_stone then we turn off STATE_SETUP .
1191439707 M * m_stone daniel_hozac: say more please.
1191439713 M * daniel_hozac and vc_ctx_migrate tries to migrate into those spaces.
1191439720 M * m_stone heh.
1191439722 M * daniel_hozac that's what i'm guessing your EINVAL comes from.
1191439731 M * m_stone that sounds quite plausible.
1191439737 M * m_stone so I can use the syscall directly?
1191439742 M * m_stone and we think that might work?
1191439744 M * daniel_hozac yeah, should work.
1191439746 M * m_stone great.
1191439758 M * daniel_hozac why aren't you using the util's vc_ctx_create?
1191439796 M * m_stone because, at the time we moved to using the syscall, util-vserver-lib was targetting the wrong version of the syscall.
1191439841 M * daniel_hozac but you've updated the utils now, no?
1191439853 M * m_stone daniel_hozac: not in the stable builds.
1191439868 M * m_stone daniel_hozac: I updated them here on this particular machine because I needed better debugging tools. :)
1191439895 M * m_stone daniel_hozac: we're going to update soon - I've already modified the pyvserver rpm to that effect - but it's not in the stable build yet.
1191439905 M * m_stone daniel_hozac: it will be in the unstable build we make today or tomorrow though.
1191439950 M * daniel_hozac sounds like a plan...
1191439974 M * Bertl  
1191439989 M * m_stone daniel_hozac: in any case, thanks for explaining the extra work that vc_ctx_create does.
1191439991 M * daniel_hozac hello Bertl ;)
1191439998 M * m_stone Bertl: heya! :)
1191440008 M * Bertl  hey, my keyboard fell down :/
1191440014 M * m_stone Bertl: your cumulative patches have worked beautifully for me so far. thanks!
1191440042 M * Bertl m_stone: excellent! will provide a 0.4.7 tonight (some more fixes)
1191440083 M * daniel_hozac Bertl: probably got lost in the backlog, but i was just wondering whether we should start reverting the test patches you did for arekm?
1191440085 M * m_stone Bertl: great.
1191440116 M * Bertl yeah, most of them are already gone on my branch
1191440117 M * m_stone Bertl: working with your patches got much easier as soon as I understood how git-am worked.
1191440137 M * daniel_hozac Bertl: okay, nice.
1191440150 M * Bertl m_stone: great, please explain it to me when you find some spare time
1191440155 M * m_stone Bertl: certainly.
1191440331 M * daniel_hozac m_stone: so, how automated is the pylibvserver generation?
1191440350 M * m_stone daniel_hozac: zero.
1191440364 M * daniel_hozac okay, so not something i want to merge into the utils then... :)
1191440373 M * m_stone daniel_hozac: currently correct.
1191440409 M * m_stone daniel_hozac: pylibvserver's purpose in life is to provide the kernel API (and some of util-vserver-lib) to pyvserver
1191440434 M * m_stone pyvserver is a "pythonic" presentation of vserver's functionality.
1191440465 M * daniel_hozac classes and such?
1191440471 M * m_stone correct.
1191440479 M * m_stone and default flags, etc.
1191440501 M * m_stone pylibvserver is currently i386, OLPC's-vserver-patch specific.
1191440511 M * m_stone I'm not averse to that changing, but am not presently able to do the work myself.
1191440527 M * m_stone http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=pyvserver/pylibvserver/pylibvserver.py;h=2a37c8a2aab6b106898ad054a84aa3bc21406f19;hb=dcaa7963ad968c305605130dd70e195a0efc9e90
1191440533 M * m_stone http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=pyvserver/pyvserver/context.py;h=f48693d0c4cde18f93ad6d722cd14df81ea80c43;hb=dcaa7963ad968c305605130dd70e195a0efc9e90
1191440541 M * m_stone those are the two important files.
1191440555 M * m_stone so you can see the state we're at.
1191440590 M * daniel_hozac well, i'd love to have Python bindings in the utils.
1191440611 M * daniel_hozac but keeping the API in two places seems prone to breakage.
1191440664 M * m_stone daniel_hozac: IMHO, the right way to do this might be to use a language-neutral IDL to concisely define the API for each version, then to generate all the language-specific bindings from that description.
1191440692 M * daniel_hozac that's a lot of fancy words.
1191440692 M * daniel_hozac :P
1191440703 M * m_stone daniel_hozac: not really.
1191440705 M * daniel_hozac in practice, does that mean swig or similar?
1191440765 M * m_stone daniel_hozac: SWIG is a tool that serves that purpose but it attempts to do so in a fully general fashion; e.g. it tries to make all of C (and some of C++) available to a specific set of languages.
1191440793 M * m_stone however, I was suggesting something slightly different.
1191440838 M * daniel_hozac XML for the API? i'd rather not.
1191440843 M * m_stone afk for 10 minutes.
1191440851 M * m_stone I'll be happy to continue the conversation when I return.
1191440863 M * daniel_hozac okay.
1191441393 M * m_stone back
1191441409 M * daniel_hozac wb!
1191441440 M * m_stone so, as I understand it, XML is an annoying transfer encoding for tagged trees of unicode strings.
1191441492 M * m_stone I believe that tree-structured data are probably suitable for encoding the API information we were discussing, but I intended ot make no claims (yet) about appropriate transfer encodings.
1191441654 M * m_stone what I was really suggesting was that pylibvserver-like "thin bindings" can be generated at low cost from a declarative description of what the API for a given kernel *is*.
1191441684 M * daniel_hozac hmm.
1191441685 M * m_stone high-level bindings, like util-vserver-lib (for C) and pyvserver (for python) can then be built by hand on top of those low-level bindings.
1191441697 M * m_stone that's all I was saying.
1191441699 M * m_stone :)
1191441715 M * daniel_hozac IMHO any scripting language should have no knowledge whatsoever of what the kernel is capable of.
1191441722 M * daniel_hozac that's what util-vserver-lib is for.
1191441773 M * m_stone daniel_hozac: I think I understand your position, but since we're writing large chunks of our initramfs in python, it's quite helpful to be able to talk directly to the kernel.
1191441790 M * m_stone admittedly, this is not a common use of scripting languages...
1191441800 M * daniel_hozac that means you have to upgrade two pieces of code every time you add a new kernel API.
1191441827 M * m_stone daniel_hozac: "add" a kernel API or "deprecate an old API" ?
1191441853 M * daniel_hozac take your pick, same effect either way.
1191442014 M * m_stone you have more experience here than I do.
1191442028 M * m_stone why do those to actions have the same effect?
1191442047 M * daniel_hozac well, presumably you want to use the new API, right?
1191442051 Q * julius_ Remote host closed the connection
1191442113 M * m_stone daniel_hozac: my feeling was that you want your software to keep working.
1191442120 Q * FireEgl Read error: No route to host
1191442127 M * m_stone when you learn that the new API exists, you want to make a decision about whether or not to use it.
1191442173 M * m_stone you may decide to use it, at which time you'll want a binding that makes it available.
1191442276 Q * hparker Quit: *burp*.. It's broke
1191442488 J * hparker ~hparker@linux.homershut.net
1191442490 M * m_stone daniel_hozac: have you obvserved a different usage pattern?
1191442539 M * daniel_hozac what i'm saying is that the purpose of bindings is to abstract away these things.
1191442573 M * m_stone daniel_hozac: I'm agreeing with you for high-level bindings, but disagreeing about low-level bindings.
1191442584 M * daniel_hozac why do you need low-level bindings at all?
1191442620 M * m_stone what do you propose to build the high-level bindings on?
1191442659 M * daniel_hozac util-vserver-lib?
1191442685 Q * Piet Quit: Piet
1191442692 M * m_stone daniel_hozac: (insofar as different abstractions of the VServer API are appropriate for different languages, the high-level bindings need to be custom-built, yes?)
1191442713 M * m_stone daniel_hozac: so, from my perspective, util-vserver-lib is a high-level C binding.
1191442759 M * daniel_hozac maintaining backwards compatibility in X languages just isn't feasible.
1191442764 M * m_stone i.e. it presents a smooth, idiomatic-C API on top of the kernel.
1191442804 M * daniel_hozac and really, util-vserver-lib is all but high-level. all it does is pick the best syscall available on the running kernel.
1191442822 M * m_stone isn't that what high-level means in C?
1191442872 M * daniel_hozac ...
1191442875 M * m_stone I'm not trying to be pedantic here. util-vserver-lib serves an important purpose for manipulating lots of different variations of the vserver kernel on lots of different architectures and configurations.
1191442945 M * daniel_hozac if your idea of high-level is a wrapper, how can you even do low-level? :)
1191442946 J * dna ~dna@p54BCCE36.dip.t-dialin.net
1191443015 M * m_stone daniel_hozac: my idea of low-level is, as I said, "recapitulates the kernel API"
1191443033 M * m_stone that is, the specific kernel being used.
1191443090 M * m_stone in this sense, pyvserver is a pythonic shadow of util-vserver-lib; i.e. they serve the same purpose, but pyvserver has only a fraction of the development effort expended on it that util-vserver-lib does.
1191443131 M * m_stone and it was built for *such* a peculiar situation that it doesn't even try to provide the really nice features of util-vserver-lib that I mentioned above, yet.
1191443153 M * daniel_hozac i really don't see why or how it's better to maintain multiple versions of the same thing, i.e. backwards compat.
1191443182 M * m_stone daniel_hozac: I don't think I understood your last statement.
1191443208 M * m_stone by "same thing" you mean "language-specific library providing the one particular kernel-version's API"?
1191443219 M * daniel_hozac no.
1191443233 M * daniel_hozac i mean, functions that work on a large number of kernels.
1191443249 M * m_stone you meant "language-specific library providing high-level abstractions that operate over multiple API-versions?"
1191443264 M * daniel_hozac i love the use high-level :)
1191443269 M * m_stone maybe rephrasing "high-level" to "language-appropriate"
1191443276 M * m_stone daniel_hozac: I thought the same thing after I typed it. :)
1191443284 M * daniel_hozac i don't see how it relates to the language at all.
1191443290 M * daniel_hozac it just abstracts away kernel knowledge.
1191443323 M * daniel_hozac i don't know about you, but i'm not fond of writing the same functions over and over in a multitude of languages.
1191443340 M * mnemoc swig?
1191443343 M * m_stone daniel_hozac: I'm peculiar that way. I like to think it terms of lots of different languages. :)
1191443363 M * daniel_hozac mnemoc: or something like it, yes.
1191443371 M * m_stone daniel_hozac: my point is that the appropriate API for this thing is different in Forth, Haskell, Python, and C.
1191443374 M * daniel_hozac last time i tried swig was less than successful though.
1191443383 M * mnemoc :(
1191443384 M * m_stone daniel_hozac: it tries to solve a very hard problem.
1191443390 M * daniel_hozac m_stone: but the util-vserver-lib API is practically the same as the kernel.
1191443394 M * m_stone as you say, it isn't there yet.
1191443439 M * daniel_hozac m_stone: you just automatically get support for a wide array of kernels, rather than one in particular that you happen to be running at the time.
1191443515 M * daniel_hozac i don't see why it's necessary to duplicate the backwards compatibility code in every single language.
1191443616 M * mnemoc can'T you assume new applications will only run on recient installations?
1191443646 M * mnemoc i.e. you can ignore backwards compatibility
1191443652 M * daniel_hozac really?
1191443661 M * daniel_hozac in that case, util-vserver 0.30.214+ wouldn't work on 2.2.
1191443671 M * m_stone mnemoc: depends on why you're building your software.
1191443679 M * mnemoc ok ok :(
1191443700 M * m_stone mnemoc: if it's so that as many people as possible can use your software then no, you can't afford to give up compatibility with older kernels.
1191443779 M * m_stone daniel_hozac: I think the real story here is just that OLPC's vserver patch got out of sync with util-vserver-lib and it was easier for us to work around the gaps at the python level than it was to do so at the util-vserver-lib level.
1191443882 M * daniel_hozac sure, i understand that. yet you're proposing to do the same thing in a more permanent manner, which i don't see the point of?
1191443939 M * m_stone sorry, that was my way of reconsidering, from a longer-term perspective, our current position.
1191443986 M * m_stone my next sentence was going to be that, from that perspective, the right thing to do was simply to work more closely with you to bring the OLPC kernel and util-lib-vserver into sync so that we can drop the kernel-specific workarounds.
1191444003 M * m_stone in our mutual copious free time, of course. ;)
1191444027 M * daniel_hozac well, trunk was pretty much always in sync, IIRC.
1191444035 J * Punkie ~Punkie@home.pekelny.net
1191444037 J * Aiken ~james@ppp121-45-249-108.lns2.bne4.internode.on.net
1191444086 J * FireEgl FireEgl@4.0.0.0.1.0.0.0.c.d.4.8.0.c.5.0.1.0.0.2.ip6.arpa
1191444090 M * m_stone daniel_hozac: it sometimes takes a few weeks for Fedora's version of util-vserver-lib to catch up with trunk util-vserver-lib.
1191444129 M * daniel_hozac you can always roll your own, no?
1191444130 M * m_stone at the time, I knew so little about the Fedora architecture that I was simply unprepared to help with the packaging.
1191444136 M * m_stone daniel_hozac: now, I probably can.
1191444314 M * m_stone does this plan sound correct to you?
1191444337 M * daniel_hozac which plan?
1191444375 M * m_stone that the long-term goal should be for pylibvserver to talk to the kernel through util-vserver-lib.
1191444411 M * m_stone thus making it portable across vserver kernels and making pyvserver potentially distributable alongside util-vserver
1191444438 M * daniel_hozac isn't that what i've been saying all along? :)
1191444468 J * ktwilight ~ktwilight@9.211-66-87.adsl-static.isp.belgacom.be
1191444470 M * m_stone daniel_hozac: of course it is: you were just helping me re-examine my position in the matter. :)
1191444493 M * m_stone and I came to the conclusion that your plan was the best one with which to proceed.
1191444547 M * daniel_hozac :)
1191444591 M * daniel_hozac glad i could help.
1191446296 Q * bonbons Quit: Leaving
1191446439 P * vrwttnmtu I'm leaving you now.
1191447177 Q * phreak`` Quit: refitting my screen
1191447315 J * phreak`` ~phreak``@deimos.barfoo.org
1191447766 N * phedny Guest815
1191447774 J * phedny ~mark@ip56538143.direct-adsl.nl
1191448173 Q * Guest815 Ping timeout: 480 seconds
1191448446 Q * Guy- Remote host closed the connection
1191448525 Q * coderanger_ Quit: coderanger_
1191448712 J * ftx ~ftx@hlfx49-142177099059.ns.sympatico.ca
1191450086 J * ingentis ~sigmaxc@xdsl-87-78-108-186.netcologne.de
1191450583 J * allo ~harry@sc.a.la
1191450586 M * allo hi
1191450590 M * daniel_hozac hello
1191450599 M * Bertl hey allo!
1191450604 M * allo is there a way to identify on the host, the traffic from a vserver?
1191450629 M * allo -i eth0:dummy0 does not work on iptables.
1191450647 M * allo -s 192.168.1.1 does not match, too.
1191450662 M * Bertl well, that depends on your guest config, no?
1191450666 M * allo it seems the outgoing traffic is on eth0 and not on eth0:dummy0?
1191450676 M * daniel_hozac aliases are not interfaces.
1191450692 M * allo seems like that. but how do i match the traffic?
1191450719 M * daniel_hozac IP addresses work fine for me...
1191450727 M * allo for input or output?
1191450756 M * daniel_hozac both?
1191450760 M * allo i had a -A OUTPUT rule when it was a chroot. but now i want to use a vserver instead, and it does not work for me.
1191450768 M * allo daniel_hozac: can i have a sample rule?
1191450825 M * daniel_hozac -A OUTPUT -s 192.168.100.100 -j www_out
1191450899 M * allo indeed, now it works ...
1191450945 M * allo hm, i tested the OUTPUT rule only with the not working -i line
1191450952 M * allo thx, anyway
1191450961 M * daniel_hozac OUTPUT with -i?
1191450984 M * allo hm, no this does not work ...
1191450987 P * ingentis 
1191451003 M * allo but your solution works, so its ok. 
1191451813 J * ingentis ~sigmaxc@xdsl-87-78-108-186.netcologne.de
1191451845 P * ingentis 
1191451905 J * ingentis ~sigmaxc@xdsl-87-78-108-186.netcologne.de
1191451909 P * ingentis 
1191452198 J * ingentis ~sigmaxc@xdsl-87-78-108-186.netcologne.de
1191452273 M * ingentis Hello!  I'm trying to run X inside a vserver, according to http://oldwiki.linux-vserver.org/Vservers+and+X;  has anybody of you already done this?
1191452312 M * ingentis In principle it works, my problem is: if I am trying to switch to another console (e.g. Alt-F2), I lose my keyboard.
1191452401 Q * allo Quit: leaving
1191452455 J * Guy- ~korn@elan.rulez.org
1191452500 M * Bertl ingentis: yes, that was reported a week ago, IIRC, but not really resolved
1191452523 Q * dna Quit: Verlassend
1191452542 M * Bertl ingentis: do you have any idea what X is trying to do (and what part of it fails)?
1191452555 M * daniel_hozac ingentis: what kernel?
1191452579 M * ingentis I'm using Debian 4.0 etch; kernel 2.6.18
1191452636 M * ingentis In fact I'm even not sure which the keyboard device is. Is it /dev/psaux?
1191452664 M * Bertl probably /dev/input/something
1191452700 M * Bertl last week it sounded like an incomplete console switch
1191452704 M * ingentis On the real host there is /dev/input/ts0 (and /dev/input/ts1 if I plug in a usb keyboard).
1191452729 M * Bertl interestingly, the switching via switchto/chvt worked as expected
1191452741 M * ingentis However, in the wiki there was not written anything about these device nodes, so I didn't do it.
1191452769 M * ingentis Bertl: You mean that it switched to tty7, the gdm screen?
1191452828 M * Bertl yes, on logon via network (ssh) the console could be changed
1191452836 M * Bertl (including the X11 tty)
1191452886 M * Bertl note: I have absolutely no idea what X11 is doing on ALT-F1/2, besides switching the console :)
1191452896 Q * hparker Quit: Quit
1191452897 Q * ktwilight Ping timeout: 480 seconds
1191452960 M * ingentis I just tried to create a /dev/input/ts0 device inside the vserver; did not change the problem.
1191453039 M * ingentis In fact I have no idea who at all grabs the keyboard events. :-) If I hit a key, how does the system decide whom to pass it to?
1191453059 J * hparker ~hparker@linux.homershut.net
1191453060 M * ingentis I mean, which virtual console (or X)?
1191453064 M * Bertl the kernel does that
1191453081 M * Bertl there is a specific ioctl to 'switch' between ttys
1191453120 M * ingentis So the kernel has a list of ttys, configured in /etc/inittab; when X starts (regardless whether on real host or inside vserver) it is added to that list?
1191453246 M * ingentis I also tried to remove /dev/tty7 on the real host (thought there might be confusion from that), did not change anything.
1191453352 M * Bertl yes, the kernel has a (somewhat dynamic) list of ttys
1191453405 M * ingentis Bertl: If you remember roughly when this topic appeared last week I would like to search in the archive. (do you remember some keywords?)
1191453442 M * Bertl http://irc.13thfloor.at/LOG/2007-09/LOG_2007-09-25.txt
1191453494 M * ingentis merci
1191453551 M * Bertl I think I need some sleep .. off to bed now, maybe back lateron ...
1191453563 M * Bertl have a good one everyone!
1191453568 N * Bertl Bertl_zZ
1191453569 M * ingentis thanks already, bye
1191453569 J * the007killer ~the007kil@60.242.138.31
1191453578 M * the007killer hi everyone
1191453631 M * daniel_hozac hello
1191453648 M * the007killer how's it going?
1191453726 J * ktwilight ~ktwilight@57.92-66-87.adsl-dyn.isp.belgacom.be
1191453728 M * daniel_hozac fine. and you?
1191453734 M * the007killer im good.
1191453744 M * the007killer my friend daniel15 told me to come and ask a question here
1191453845 M * daniel_hozac oh?
1191453861 M * the007killer i have a vserver with a cpanel installation on it
1191453867 J * ktwilight_ ~ktwilight@154.89-66-87.adsl-dyn.isp.belgacom.be
1191453881 M * the007killer and the quota's arn't working
1191453889 M * the007killer i can't seem to get them to work either
1191453890 J * coderanger_ ~coderange@road-runner-01.dynamic2.rpi.edu
1191453978 M * daniel_hozac are they enabled properly on the host system?
1191453988 M * daniel_hozac does your guest have the required capabilities?
1191454001 M * the007killer how would i find out?
1191454023 M * daniel_hozac cat /proc/virtual/<id>/status on the host.
1191454024 M * the007killer i own the whole server so i can do anything
1191454088 M * the007killer # cat /proc/virtual/40002/status
1191454089 M * the007killer UseCnt: 283
1191454089 M * the007killer Tasks:  98
1191454089 M * the007killer Flags:  0000001602020010
1191454089 M * the007killer BCaps:  00000000344c05ff
1191454090 M * the007killer CCaps:  0000000000100101
1191454090 M * the007killer Spaces: 0c020200
1191454118 M * daniel_hozac that looks about right.
1191454168 M * the007killer ok
1191454195 M * daniel_hozac what filesystem are you using?
1191454248 Q * ktwilight Ping timeout: 480 seconds
1191454259 M * the007killer ext3
1191454283 M * daniel_hozac how are you mounting it? from the guest's fstab?
1191454298 M * daniel_hozac does /etc/mtab on the guest contain usrquota,grpquota?
1191454327 M * the007killer yes
1191454373 M * daniel_hozac does /proc/mounts also contain it?
1191454392 M * the007killer no
1191454406 M * the007killer rootfs / rootfs rw 0 0
1191454406 M * the007killer /dev/root / ext3 rw,data=ordered 0 0
1191454406 M * the007killer none /proc proc rw,nodiratime,nodev 0 0
1191454406 M * the007killer none /tmp tmpfs rw,nodev 0 0
1191454407 M * the007killer none /dev/pts devpts rw 0 0
1191454420 M * daniel_hozac please use paste.linux-vserver.org for anything longer than 3 lines.
1191454426 M * the007killer kk
1191454446 M * daniel_hozac but i guess that's your problem then. you'll have to add usrquota,grpquota to whatever is mounting the filesystem.
1191454486 M * the007killer ok
1191454552 M * the007killer thankyou for your help
1191455713 Q * coderanger_ Quit: coderanger_
1191455923 Q * ftx Ping timeout: 480 seconds
1191455953 J * coderanger_ ~coderange@road-runner-01.dynamic2.rpi.edu