1191888931 Q * onox Quit: leaving 1191890451 Q * balbir Read error: Operation timed out 1191891184 J * balbir ~balbir@122.167.73.147 1191893017 J * coderanger_ ~coderange@static-64-246-144-38.albyny.csvoip.net 1191895170 Q * coderanger_ Ping timeout: 480 seconds 1191900029 M * almak quit 1191900033 M * almak bye 1191900057 Q * almak Quit: Leaving 1191903306 M * daniel_hozac Wonka: usual place, http://vserver.13thfloor.at/Experimental/ 1191903368 Q * Piet Quit: Piet 1191903793 Q * hparker Quit: peer reset by connection 1191904045 Q * balbir Read error: Connection reset by peer 1191905157 J * balbir ~balbir@122.167.100.47 1191907455 N * neuralis_ neuralis 1191909269 J * dna ~dna@208-199-dsl.kielnet.net 1191910401 J * virtuoso_ ~s0t0na@ppp91-122-59-9.pppoe.avangard-dsl.ru 1191910808 Q * virtuoso Ping timeout: 480 seconds 1191911495 J * JonB ~NoSuchUse@kg1-61.kollegiegaarden.dk 1191912241 M * Wonka daniel_hozac: thanks 1191912249 M * Wonka *build* 1191913158 Q * JonB Quit: This computer has gone to sleep 1191914925 J * morten ~morten@mail.geek-it.de 1191914929 M * morten mornin'! 1191914941 J * JonB ~NoSuchUse@kg1-61.kollegiegaarden.dk 1191915065 Q * morten 1191915077 J * morten ~morten@mail.geek-it.de 1191916286 Q * JonB Quit: This computer has gone to sleep 1191916792 N * Bertl_zZ Bertl_oO 1191916796 M * Bertl_oO morning folks! 1191916804 M * opuk yello' 1191917312 J * JonB ~NoSuchUse@kg1-61.kollegiegaarden.dk 1191917787 J * DavidS ~david@vpn.uni-ak.ac.at 1191917972 M * morten Bertl_oO : mornin' :-) 1191918933 N * virtuoso_ virtuoso 1191919433 A * Supaplex dispenses his left over caffiene into Bertl_oO 1191919719 M * JonB through a cup or hypodermic needle? 1191919847 Q * JonB Quit: Leaving 1191919893 M * bXi how can one have leftover caffiene? 1191920595 N * Bertl_oO Bertl 1191920668 J * JonB ~NoSuchUse@kg1-61.kollegiegaarden.dk 1191920678 M * Bertl I'm not sure if I should be happy about the fact that Supaplex treats me like a kitchen-sink :) 1191920709 M * JonB Bertl: well, at least you woke up ;-) 1191920758 M * Bertl I woke up more than an hour ago (when I said 'morning folks') 1191920778 M * JonB okay 1191920800 J * gonmelo_ ~n1t3@ip70-177-5-36.sb.sd.cox.net 1191920808 M * Bertl welcome gonmelo_! 1191920813 M * gonmelo_ Um... hey. 1191920827 Q * gonmelo_ 1191920838 J * gonmelo_ ~n1t3@ip70-177-5-36.sb.sd.cox.net 1191920842 Q * gonmelo Read error: Connection reset by peer 1191920843 Q * gonmelo_ 1191920999 M * harry oink 1191921001 M * harry 52 307 2.1G 313.5M 2h02m47 17m09s46 24d19h02 nero 1191921007 M * harry nero:/# ps aux|wc -l 1191921007 M * harry 17 1191921025 M * harry 307 procs... but when i do ps aux... it only gives me 17 procs 1191921049 M * Bertl could it be that you are using Linux-VServer? :) 1191921074 M * daniel_hozac or you got the process accounting wrong? :) 1191921212 M * harry ? 1191921346 M * daniel_hozac also note that threads are accounted as tasks, IIRC. 1191921474 Q * arachnist Read error: Connection reset by peer 1191921476 J * arachnist arachnist@088156184167.who.vectranet.pl 1191921503 M * Bertl okay, off to get something to eat .. back a little later ... 1191921509 N * Bertl Bertl_oO 1191921625 M * yang Guten apetit :) 1191921694 M * bXi ape tit? 1191921695 M * bXi what 1191921820 M * harry yes... monkey tits 1191921829 M * harry that's what germans and austrians eat :) 1191922066 M * JonB i thought apetit was french 1191922494 M * sid3windr no, tat's appetit :p 1191922497 M * sid3windr *that 1191922853 J * maryy__ ~sdsa@85.101.176.17 1191922857 Q * maryy__ Excess Flood 1191923358 Q * arachnist Ping timeout: 480 seconds 1191923604 J * arachnist arachnist@088156184167.who.vectranet.pl 1191924110 Q * arachnist Ping timeout: 480 seconds 1191924110 Q * JonB Ping timeout: 480 seconds 1191924124 J * meandtheshell ~markus@85.127.118.147 1191924345 J * arachnist arachnist@088156184167.who.vectranet.pl 1191924793 J * larsivi ~larsivi@85.221.53.194 1191925367 J * bastiaan bastiaanma@routeduvel.welmers.net 1191927198 J * Julius ~julius@p57B246F9.dip.t-dialin.net 1191928065 N * Bertl_oO Bertl 1191928089 M * Bertl back now ... 1191928106 M * Bertl welcome larsivi! bastiaan! wb Julius! 1191928114 M * Julius hiho 1191928121 M * larsivi Heya Bertl :) 1191928137 M * Julius openvpn vs vserver sucks^^ 1191928139 M * larsivi I'm going to ask a question, but not until the server I'm going to ask about is back up : 1191928140 M * larsivi :P 1191928221 M * daniel_hozac Julius: i thought you got it working yesterday? 1191928248 J * ntrs_ ~ntrs@79.125.229.53 1191928260 M * Julius not really 1191928269 M * Julius client-client works fine 1191928321 M * Julius because it's completely handled by the openvpn daemon and does not require a workin tun device : 1191928330 M * Bertl and you are trying to set up a server, yes? 1191928345 M * larsivi but ok, to prepare for that time - I'm trying to move servers between two hosts (different machines, same network) - but get the line ending error when trying to start up in the new host 1191928361 M * Julius yes 1191928384 M * Bertl larsivi: line ending error? 1191928389 M * Julius it allows client to client connections but is supposed to server jabber etc.. 1191928395 M * Julius serve 1191928422 M * Bertl Julius: well, openvpn in real server mode adds/removes routes and such stuff 1191928431 M * Julius i know 1191928437 M * Julius i wrote startup scripts to do that 1191928456 M * Julius and added ifconfig-noexec, route-noexec to the config 1191928487 M * larsivi Bertl: WARNING: '/etc/vservers/bsc1/vdir/var/maven2/org/codehaus/plexus/plexus-utils/1.1/plexus-utils-1.1.jar.sha1' does not end on newline 1191928492 M * Bertl Julius: okay, and what exactly is the problem? 1191928518 P * friendly12345 1191928521 M * Julius client to server connections don't work 1191928540 M * Julius but only in one direction 1191928545 M * Julius client to server was all right 1191928549 M * Bertl and if you start it with a chroot, it works? 1191928556 M * daniel_hozac larsivi: how did you build that guest? 1191928568 M * Julius I'll try 1191928582 M * larsivi daniel_hozac: newvserver with etch 1191928596 M * larsivi then moved using rsync 1191928623 M * Bertl well, first, you better avoid newvserver 1191928627 M * daniel_hozac larsivi: well, seems like you didn't use the necessary rsync options. 1191928662 M * larsivi Bertl: probably, but the tutorial I used back then used newvserver 1191928696 M * larsivi daniel_hozac: not unlikely, I used a command found in some forum post, but I believe it was old 1191928716 M * Bertl try rsync -axHSDP ... 1191928718 M * larsivi the reason for trying that at all was that vserver-copy also failed (with Internal error trying to specify --vsroot) 1191928724 M * daniel_hozac larsivi: well, for some reason, the /etc/vservers//vdir is no longer a symlink. 1191928745 M * Bertl larsivi: vserver-copy should not be used directly 1191928754 M * daniel_hozac vserver-copy shouldn't be used at all :) 1191928761 M * Bertl okay :) 1191928765 M * larsivi I got the feeling :D 1191928766 M * daniel_hozac it's for legacy configs. 1191928780 M * larsivi vserver is installed from Debian etch, btw 1191928806 M * Bertl you might consider updating to backports 1191928821 M * larsivi I thought the dupvserver would be fine, but it can't do a differnt host 1191928843 M * daniel_hozac vserver ... build -m rsync will copy the guest, but not the config. 1191928843 M * Bertl what's dupvserver? 1191928848 M * daniel_hozac another Debian script :) 1191928876 M * Bertl let me guess, ola? 1191928902 M * larsivi vserver-copy and dupvserver seems to be very different internally 1191928988 M * larsivi can I rsync from two different paths at the same time, that is both /var/lib/vservers and /etc/vservers ? I guess not doing that is the reason for the symlinks failing 1191929009 M * Bertl larsivi: well, I know you are the victim here, but let me point out that none of the 'debian specific' scripts and tools are very useful, nor really maintained, so if you have problem with them, you have to complain to the debian maintainers 1191929025 M * Bertl larsivi: OTOH, util-vserver is perfectly capable of doing all what you want 1191929043 M * Bertl larsivi: more than that, it is tested, maintained and available on all dirstributions 1191929043 M * larsivi Bertl: yes, I'm not complaining about the debian scripts, just the vserver stuff ;) 1191929045 M * Julius i just checked and openvpn doesn't work properly in the 1191929047 M * Julius chroot 1191929121 M * larsivi Bertl: would you recommend upgrading to lenny for the host? 1191929126 M * Bertl larsivi: but that's the point, you _should_ be complaining about the scripts :) 1191929155 M * Bertl larsivi: AFAIK, all you need is in backports 1191929207 M * Bertl Julius: so it is not Linux-VServer related, probably some config issue? 1191929255 M * Bertl larsivi: regarding the rsync, do it in two separate steps 1191929259 M * Julius hm 1191929272 M * Bertl larsivi: or, as daniel suggested, use the vserver - build -m rsync method 1191929276 M * Julius i didn't correct the ip addresses :) 1191929293 M * Julius and the same config with slightly different interfaces/ips works fine for the host 1191929395 M * bastiaan I am trying to get vserver with ipv6 work on debian stable, but no succes for now... 1191929495 M * Julius inet addr:10.8.0.1 P-t-P:10.8.0.1 <- that's weird 1191929519 M * Bertl bastiaan: how so? 1191929548 M * bastiaan Bertl: for now util-vserver doesn't work properly with ipv6 interfaces 1191929557 M * bastiaan I use 0.30.212 1191929570 M * bastiaan 214 doesn't work here 1191929593 M * Bertl well, 0.30.212 is too old 1191929610 M * Bertl why doesn't 0.30.214 (from backports) work for you? 1191929620 M * bastiaan from backports... OK 1191929625 M * bastiaan I'll try, good hint 1191929650 M * bastiaan (I'v been compiling 214 and got strange errors when I tried to start vservers) 1191929707 M * Bertl could you upload them e.g. to paste.linux-vserver.org? 1191929719 M * Bertl (best together with 'vserver-info - SYSINFO') 1191929798 J * JonB ~NoSuchUse@192.38.8.25 1191929806 M * bastiaan Bertl: great! it works! 1191929826 M * bastiaan Bertl: the errors I got? 1191929834 M * Bertl yes, please 1191929885 M * Julius how do i define point-to-point connections in the interfaces config? 1191929888 M * bastiaan http://paste.linux-vserver.org/6937 1191929902 M * bastiaan Bertl: http://paste.linux-vserver.org/6937 1191930010 M * bastiaan please wait for SYSINFO... 1191930030 M * Julius bertl:http://phpfi.com/267845 1191930056 M * daniel_hozac Julius: you don't. 1191930075 M * Julius okay 1191930077 M * daniel_hozac bastiaan: don't use dynamic contexts. 1191930084 M * daniel_hozac they're deprecated for years. 1191930105 M * Julius i bet i made an incredibly stupid mistake 1191930175 M * bastiaan daniel_hozac: I already heard so :) 1191930214 M * bastiaan daniel_hozac: can you explain what exactlyu dynamic contexts are? 1191930234 M * Bertl Julius: I think for a server setup, you want something like: 1191930244 M * Bertl inet addr:10.8.0.1 P-t-P:10.8.0.2 1191930268 M * Bertl where actually IPs like 10.8.0.3,4,5 are used for the endpoints 1191930293 M * bastiaan Bertl: http://stofzuiger.vhl.welmers.net/~bastiaan/vserver/SYSINFO 1191930303 M * Bertl bastiaan: dynamic contexts are something we suffered from for years, till we got rid of them :) 1191930316 M * bastiaan Bertl: something to do with UIDs/GIDs? 1191930332 M * Bertl bastiaan: 111 connection refused? 1191930373 M * Bertl bastiaan: basically context numbers which get allocated (almost) randomly on every guest start, gives all kind of issues and races 1191930375 M * bastiaan somehow my apache server crashes all the time 1191930389 M * Bertl Use dietlibc: no (you have been warned) 1191930401 M * bastiaan Bertl: could you please try again? 1191930440 M * bastiaan Bertl: (loading that SYSINFO) 1191930479 M * Bertl the line I pasted was already from there :) 1191930505 M * bastiaan okay 1191930520 M * bastiaan How can I get rid of them... 1191930595 M * Bertl bastiaan: 'them' being the dynamic contexts? 1191930645 J * rgl ~rgl@84.90.232.200 1191930647 M * Bertl daniel_hozac: morten just informed me that guests can cross connect over lback ips, shouldn't that be checked/blocked already? 1191930650 A * rgl waves 1191930657 M * larsivi Bertl: in which backports should I find 214 ? 1191930675 M * bastiaan Bertl: yes 1191930691 M * bastiaan larsivi: here for me: ftp://ftp.nl.debian.org/debian/pool/main/u/util-vserver/util-vserver_0.30.214-3_i386.deb 1191930697 M * Bertl bastiaan: that is quite easy, just _assign_ a context id for your guest 1191930701 M * bastiaan larsivi: WRONG oop 1191930702 M * bastiaan s 1191930715 M * bastiaan larsivi: this link: http://backports.org/debian/pool/main/u/util-vserver/util-vserver_0.30.214-3~bpo.1_i386.deb 1191930743 M * larsivi bastiaan: so enabling backports.org with etch-backports should be enough, right? 1191930805 M * Bertl I think so, better ask in #debian to make sure though 1191930815 Q * ntrs_ Ping timeout: 480 seconds 1191930815 M * daniel_hozac Bertl: hmmm... i would've thought so. 1191930818 M * bastiaan larsivi: I think so, but I just left my apt sources.list alone and installed that deb with dpkg -i 1191930849 M * Bertl daniel_hozac: also, morten just informed me that we do not map lback ips back on e.g. bind answers 1191930861 M * larsivi bastiaan: thanks 1191930868 M * daniel_hozac Bertl: hmm? 1191930869 M * Bertl daniel_hozac: will look into that shortly 1191930883 M * Bertl morten: care to provide your test data here once again? 1191930898 M * morten sure 1191930899 M * morten :-) 1191930968 M * daniel_hozac but yes, the mapping of lback to 127.0.0.1 is missing in a number of places, some of which already have TODOs :) 1191930995 M * morten For example, a guest could connect to 127.156.72.1 port 25 (which is the postfix running on another guest)... This is a security issue.. for example: Postfix on Debian got a standart rule... permit_mynetworks :-) and mynetworks is 127.0.0.0/8 ... so a guest could abuse another guest for sending mails... 1191931017 M * morten that's issue no.1 1191931020 M * morten second one is: 1191931025 M * daniel_hozac well, this is not really a new problem. 1191931036 M * daniel_hozac we've always allowed guests to connect to eachother. 1191931059 M * daniel_hozac i use iptables for that ;) 1191931151 M * morten second issue is... reply packets from virutal loopback are coming from "real/hidden" lo ip... 1191931173 M * daniel_hozac which syscalls? 1191931197 M * morten xxx@guest2:~/rs/downloads$ dig @localhost google.de 1191931198 M * morten ;; reply from unexpected source: 127.156.72.1#53, expected 127.0.0.1#53 1191931272 M * daniel_hozac yeah, that's missing the virtualization. 1191931295 M * morten daniel_hozac: hm, allowing guests connecting to each other over the hidden loopback ips is wanted by design? why's that? normally a guest don't know the "real" loopback address of the other... 1191931296 M * daniel_hozac Bertl: net/ipv4/udp.c:882 if you haven't found it already... 1191931315 M * daniel_hozac morten: _now_ it should be disallowed. 1191931331 M * daniel_hozac morten: lback is a really new feature. it's not complete yet. 1191931405 M * morten by the way.. i still use 2.6.22.9-vs2.3.0.26.4 which was the first patch (including the delta lo patch) that made lo functions really usable for me :-) 1191931437 M * morten but i guess you remember that ;-) 1191931474 M * morten daniel_hozac : ok, i see.. no real problem for me, but people should be aware of... 1191931494 M * Bertl will be fixed in the next release ... 1191931514 M * Bertl morten: thanks for bringing that to our attention! 1191931520 M * morten but those who use experimental sources, should read the hole source from ^ to $ ... :-) 1191931532 M * Bertl always :) 1191931568 M * morten Bertl : no problem.. i'm still impressed from your good support! 1191931609 M * Bertl glad to hear 1191931677 M * Bertl daniel_hozac: we want to do an nx_map_sock_lback() there, right? 1191931814 Q * daniel_hozac Ping timeout: 480 seconds 1191932192 J * daniel_hozac ~daniel@c-051472d5.08-230-73746f22.cust.bredbandsbolaget.se 1191932199 M * Bertl wb daniel_hozac! 1191932229 M * daniel_hozac thanks! 1191932329 M * Bertl so, regarding the cross talk allowed 1191932361 M * Bertl I think this is perfectly fine for 'normal' ips, but we should make at least a kernel option to enable an lback blocker or so 1191932368 M * daniel_hozac exactly. 1191932378 M * Bertl especially as I think it should be trivial, as we can make that check something like: 1191932392 M * Bertl if in 127.0.0.0/8 then only allow 127.0.0.1 1191932396 J * Piet ~piet@tor.noreply.org 1191932408 M * daniel_hozac right. 1191932409 M * Bertl and only for the lookup case 1191932421 M * Bertl s/lookup/deliver skb/ 1191932465 M * Bertl okay, so we make that a kernel config option which is default on, yes? 1191932478 M * daniel_hozac definitely. 1191933070 M * zbyniu hello 1191933090 M * zbyniu 2 problems, 1 solved :) 1191933112 M * Bertl let's hear ... 1191933113 M * zbyniu sed -i '8180,8196s/*mount_opt/mopt->mount_opt/' patch-2.6.23-rc9-vs2.3.0-pre2.diff 1191933146 M * Bertl okay, yeah, I stubled across that one yesterday 1191933150 M * Bertl *stumbled 1191933310 M * zbyniu second: xid disappeared from struct user_struct 1191933328 M * zbyniu but it is called in ipc/mqueue.c:265 1191933446 Q * Aiken Quit: Leaving 1191933501 M * Bertl okay, that was reported yesterday too, I'm thinking about a fix there, not sure we actually want/need the mqueue limits anymore 1191933518 M * Bertl zbyniu: anyway, thanks for the feedback! 1191933548 M * zbyniu i know it is first iteration on 2.6.23, just testing ;-) 1191933613 M * Bertl yes, it's good to get feedback as early as possible 1191933844 M * zbyniu Bertl: fs/xfs/xfs_inode.c:817: error: `XFS_DIFLAG_IUNLINK' undeclared is also vs related? 1191933854 M * Bertl yes 1191933872 M * Bertl we had to move that, is now XFS_DIFLAG2_IUNLINK 1191933883 M * Bertl but needs some love to make it work again 1191933967 J * hparker ~hparker@linux.homershut.net 1191934031 Q * rgl Quit: Enough 1191934074 J * ema ~ema@rtfm.galliera.it 1191934300 M * zbyniu drivers/block/vroot.c: In function `vroot_exit': 1191934301 M * zbyniu drivers/block/vroot.c:260: error: void value not ignored as it ought to be 1191934306 Q * balbir Read error: Operation timed out 1191934308 M * zbyniu last one ;) 1191934314 M * zbyniu known? 1191934320 M * daniel_hozac it is now :) 1191934325 M * Bertl nah, that one is new 1191934401 M * Bertl interesting what can go wrong with unregister_blkdev()? 1191934421 M * Bertl ah, no, got it backwards :) 1191934457 M * Bertl okay, the vroot issue is fixed in my tree now! thanks! 1191934496 M * zbyniu ok :) 1191934532 M * Bertl if you feel like playing around a little, you can try to fix up the xfs stuff, it shouldn't be too hard 1191934560 M * Bertl (i.e. I already did it half ways, but needs to test for the proper flags) 1191934704 J * gebura ~gebura@173.201.101-84.rev.gaoland.net 1191934706 M * gebura hi all 1191934710 M * Bertl wb gebura! 1191934710 M * zbyniu ok, i'll look at that 1191934724 M * Bertl zbyniu: let me know if you have questions ... 1191934745 M * gebura Bertl, i don't think you will remember of me after 1 month :) 1191934774 M * Bertl if I wouldn't remeber, I'd written 'welcome' not 'wb' :) 1191934894 M * zbyniu Bertl: ok, now i must commit my changes, too many changes for cache in my head ;) 1191935002 M * zbyniu daniel_hozac: sed -e "s/return 1/return true/" -e "s/return 0/return false/" delta-owner-xid-feat02.diff 1191935064 J * balbir ~balbir@122.167.67.180 1191935339 M * daniel_hozac zbyniu: noop? 1191935572 Q * rene Quit: leaving 1191936400 J * Yvo yvonne@vpn195.rz.uni-mannheim.de 1191936647 M * Bertl wb Yvo! 1191936653 M * Bertl hey balbir! 1191936701 Q * Piet Remote host closed the connection 1191936717 Q * balbir Ping timeout: 480 seconds 1191936758 M * zbyniu daniel_hozac: noop, but not conflicting with 2.6.23 :) 1191936784 M * Bertl so bools made it into 2.6.23? interesting ... 1191937171 M * Yvo hi Bertl ;-) 1191937193 M * daniel_hozac zbyniu: well, you notice what version that patch is against, right? :) 1191937275 Q * larsivi Quit: Konversation terminated! 1191937452 J * balbir ~balbir@122.167.68.124 1191937759 Q * morten Quit: cya later 1191937835 M * zbyniu daniel_hozac: ok 1191937868 M * zbyniu daniel_hozac: sed -e "s/return 1/return true/" -e "s/return 0/return false/" ~/public_html/delta-owner-xid-feat02.diff > ~/public_html/delta-owner-xid-feat02-2.6.23-rc9.diff 1191937886 M * zbyniu proper "patch"? ;-)) 1191937894 M * Bertl yep, perfect :) 1191937929 M * Bertl not that I see what true and false have to do in the kernel 1191938027 A * zbyniu not commenting, just patching like chimpanzee ;-> 1191938039 M * Bertl lol 1191938075 P * Yvo 1191938076 M * Bertl daniel_hozac: is there sufficient userspace support for the owner match? 1191938127 J * ntrs_ ~ntrs@79.125.230.27 1191938145 M * Bertl wb ntrs_! 1191938188 M * zbyniu Bertl: yes, works on iptables 1.3.8 without changes 1191938212 M * zbyniu Bertl: http://people.linux-vserver.org/~dhozac/p/m/iptables-1.3.5-owner-xid.patch 1191938255 M * Bertl nice, do we have that linked somewhere on the wiki? 1191938321 M * zbyniu i don't know 1191938379 M * Bertl don't worry, daniel_hozac will know 1191938467 M * ntrs_ zbyniu, what works on iptables 1.3.8 without changes? Sorry I missed the previous conversation. 1191938544 M * ntrs_ Bertl, same question. 1191938571 M * zbyniu ntrs_: patch adding --xid --nid to owner match 1191938619 M * ntrs_ zbyniu, ah I see, so you can filter packets owned by a particular xid? 1191938665 M * zbyniu ntrs_: yes 1191938689 M * Bertl ntrs_: xid and nid as it seems 1191938769 M * ntrs_ what is the difference between 2.2.0.3 and 2.2.0.4? anything critical? 1191938814 M * Bertl yes and no, we fixed a long outstanding bug with posix timers (see ML posting) 1191938862 M * Bertl we do not really know of an exploit from guest side (yet) but definitely the host can cause errors in ref counting which might lead to a BUG_ON() kernel halt 1191938999 M * daniel_hozac Bertl: i don't think so. 1191939082 M * daniel_hozac (re: owner match) 1191939101 M * Bertl the linked or the support part :) 1191939122 M * daniel_hozac linked. 1191939135 M * Bertl I think we should put that somewhere, sounds useful to me 1191939180 M * daniel_hozac sure... 1191939304 Q * the-dude Ping timeout: 480 seconds 1191941075 Q * meandtheshell Quit: Leaving. 1191941799 J * the-dude ~martijn@senturparks.xs4all.nl 1191941916 J * Yvo ~yvonne@91.64.217.106 1191943028 M * matti Bertl: :) 1191943032 M * matti daniel_hozac: :) 1191943354 J * lilalinux ~plasma@dslb-084-058-253-035.pools.arcor-ip.net 1191943752 J * Pony_ ~NoSuchUse@192.38.8.25 1191943752 Q * JonB Read error: Connection reset by peer 1191943805 M * Yvo I tried to configure postfix according to this manual: http://www.postfix.org/VIRTUAL_README.html#virtual_alias 1191943954 M * Yvo I've got a second domain and I would like to send mails to user@secondDomain to the same directories as those to the first domain, users are always unix-users on this server 1191943963 M * Bertl it seems there is a #postfix channel on freenode 1191943966 Q * gebura Quit: Quitte 1191943984 M * hparker It even has a few helpful folks 1191943991 M * Yvo hmmm 1191944124 J * dowdle ~chatzilla@71-37-184-31.hlna.qwest.net 1191944241 M * Yvo there's really a channel only for postfix^^ 1191944243 M * dowdle Bertl: Good morning (where I am anyway). I'm out of town for a doctors appointment for my 15 year old son... but we'll be back home tonight... and I'll be back online tomorrow... but I did want to doublecheck to see if you got the emails I sent you. No hurry on the reply though. 1191944329 M * Bertl hey dowdle! I did _not_ receive email from you yet 1191944344 M * dowdle Yikes. I wonder why. Perhaps in your spam folder? 1191944360 M * Bertl dowdle: it might be that your host is on some spam list, but in this case, you should have received a message 1191944372 M * Bertl dowdle: where did you send the email to? 1191944385 M * dowdle The address for you listed on the developers page. 1191944406 M * Bertl that should be fine, any hints/headers/origin for me to check in the mail logs? 1191944417 M * dowdle herbert@13thfloor.at 1191944427 M * dowdle Came from dowdle@montanalinux.org. 1191944462 M * dowdle I can send you a link to the questions in HTML: http://scott.coe.montana.edu/vserver-interview-questions.html 1191944489 M * dowdle I sent a followup email asking for any pictures you might want to appear in the final product. 1191944498 Q * Chr0nicles Read error: Connection reset by peer 1191944523 M * dowdle I see the pictures on the developer's page but they are kinda of small... so if you have any other pictures... or pictures with you and some of your development team... those would be great. 1191944656 M * dowdle I feel like I could have done a better job on the questions. 1191944687 M * dowdle Feel free to throw out and/or add any questions you'd like. 1191944780 N * ensc Guest1334 1191944790 J * ensc ~irc-ensc@p54B4CB68.dip.t-dialin.net 1191944896 J * julius_ ~julius@p57B266F1.dip.t-dialin.net 1191944900 Q * Guest1334 Ping timeout: 480 seconds 1191944918 M * dowdle There is a link in the quesiton about chroot to an article on LWN and that particular content might not be avialable to non-subscribers until Thursday?!? 1191944935 M * dowdle Bertl: But you may have already seen the discussion to which it refers. 1191944938 M * daniel_hozac that's LWN for you :) 1191945008 M * dowdle daniel_hozan: LWN fan or non-fan? It's the best site of its kind that I'm aware of. 1191945017 Q * eSa| Ping timeout: 480 seconds 1191945041 M * daniel_hozac i'm pretty much indifferent... 1191945041 M * dowdle I'm using Mozilla Chat on my father-in-law's machine. Weird. 1191945127 M * dowdle Jon Corbet is himself a kernel developer and author of a book about kernel module development. I got to meet him a couple of years ago when there was an annual Linux conference in Denver but that has since gone away. I believe he did the driver for the video camera on the OLPC as well. 1191945160 M * daniel_hozac i assume he is the author of most (all?) LWN articles? 1191945194 M * daniel_hozac my knowledge of LWN is limited to the URL and that things only become available after a week for non-subscribers ;) 1191945260 M * dowdle But yeah, LWN has a subscription model to pay for their continued operation of the site. All of their content is released to the public (aka non-subscribers) one week after publication... but not all of their articles are pay articles... just the featured content. Yeah, Jon writes most everything kernel related but there is a handful of folks who also are on the payrole who contribute... 1191945261 M * dowdle ...content... like Jake Edge who is the security section person. 1191945332 Q * Julius Ping timeout: 480 seconds 1191945465 M * Bertl dowdle: nice set of questions ... will try to answer them over the next few days 1191945497 M * dowdle Bertl: Ok, GREAT! I appreciate it. Take your time and make me look good. :) 1191945525 M * dowdle I wish I would have come up with more questions about everyone here within the community. 1191945534 M * Bertl yeah, I might even be able to provide a few questions you hadn't though about before 1191945553 M * Bertl (if that is something you are looking for) 1191945726 M * dowdle Bertl: Yes definitely. 1191945786 M * dowdle I know that given more usage time with Linux-VServer, I could have come up with additional questions... as well as better technical questions. 1191945845 M * daniel_hozac ensc: ping? 1191945857 M * dowdle I know the technical stuff (kernel development and programming) is what really interests you guys... so sorry for my lack in that area. 1191945903 M * dowdle BTW, Kir added a question or two to his interview. :) 1191945925 M * daniel_hozac Bertl: i'd like to get the device mapping fully functional and integrated into 2.3... how would you prefer the per-guest mappings be handled? in the main hash xid tagged, or separate hashes? 1191946030 M * Bertl hmm, good question ... give me a few minutes to think about 1191946060 M * dowdle Bertl: Oh, and certainly... if any of your co-developers want to join in and give their own answers... go for it. 1191946194 M * Bertl okay, I'll try to answer them and put them up for discussion for non-personal points 1191946220 M * dowdle Bertl: Great. I hope I don' t eat into your time too much. 1191946286 J * bonbons ~bonbons@2001:960:7ab:0:20b:5dff:fec7:6b33 1191946298 J * pmenier ~pmenier@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr 1191946325 M * dowdle Once it's wrapped up and published, I'll post the story on all of the major Linux new sites and most of them tend to carry a burb for it (like lxer.com, lwn, linuxtoday, etc). I never make it to slashdot though but that might be a good thing. I don't think my site could handle that anyway. 1191946380 M * dowdle So I'd expect to get about 4 or 5 thousand reads in a couple of weeks. Not too bad for a small website in Montana... 1191946430 M * daniel_hozac that's probably more than my website has had in total, since i first created it in 2002 :) 1191946446 M * daniel_hozac (then again, i don't actually have any content) 1191947142 Q * jmcaricand Quit: ERC Version 5.0.2 $Revision: 1.726.2.11 $ (IRC client for Emacs) 1191947462 M * Bertl daniel_hozac: regarding the mapping: IIRC, we talked about a structure which would only record deviations from defaults 1191947528 M * Bertl so probably, the best way would be some kind of hash/list per context, which is consulted for the mapping 1191947550 M * Bertl the question is now, where does this list/hash come from 1191947582 M * daniel_hozac hmm? the vxi, no? 1191947736 M * Bertl okay, so you want to (pre)create it in kernel space (note: we also had models asking userspace on demand) 1191947766 M * daniel_hozac like a policy daemon? 1191947777 M * Bertl yes, for example 1191947807 M * Bertl note: in this case we can use a global hash 1191947836 M * Bertl we could also make the hash global if the actual matching is a little smarter 1191947840 M * daniel_hozac hmm? how so? 1191947861 M * daniel_hozac in what way would it be smarter? 1191947877 M * Bertl well, we definitely need 'defaults' to make the hash smaller 1191947899 M * Bertl we might also want to have a default set (known good, global?) 1191947905 M * daniel_hozac defaults meaning host-wide? 1191947909 M * Bertl yes 1191947925 M * daniel_hozac right, that's where we're at with the current implementation. 1191947954 M * Bertl okay, so the lookup/setup is like that: 1191947994 M * Bertl major:minor:type -> (special, xid) -> (global) -> default 1191948011 M * Bertl i.e. check for a hash entry of [major,minor,type,xid] 1191948025 M * Bertl if that fails, check for [major,minor,type] 1191948031 M * Bertl if that fails, use default 1191948053 M * daniel_hozac and in this instance, default means hard-coded? 1191948079 M * Bertl no, I'd suggest that both, the global and default can be configured per host 1191948110 M * daniel_hozac ah, yes, a configurable default (i.e. last resort) is something i implemented way back when, but that's not in my current patch... 1191948130 M * daniel_hozac i also think there should be a per-guest default. 1191948151 M * daniel_hozac to be able to say that one particular guest does not get the privileges. 1191948171 M * Bertl yes, per guest default, and then global default 1191948185 M * Bertl that sounds reasonable to me 1191948188 M * daniel_hozac hmm, i think the per-guest default should be before global. 1191948212 M * Bertl no, that won't work 1191948224 M * daniel_hozac oh? 1191948237 M * Bertl well, you will always end up with the guest default then 1191948251 M * daniel_hozac well, the guest default would need to have an "unset" value. 1191948258 J * fatgoose ~samuel@76-10-156-251.dsl.teksavvy.com 1191948260 M * daniel_hozac in which case it's ignored. 1191948313 M * daniel_hozac this is to allow for things like: all guests can access these devices which map to these devices, except this one. 1191948362 M * daniel_hozac (i'm thinking of things like automated build systems which also run a web server or similar) 1191948745 M * Bertl okay, let's go over that once again when we have some code to talk about, I'm quite indifferent atm, but the actual implementation might change that 1191948768 M * daniel_hozac okay. 1191949087 Q * pmenier Quit: pmenier 1191949540 Q * balbir Ping timeout: 480 seconds 1191949649 M * Yvo etc/versvers/name - is that the hostname of the virtual server? 1191949676 M * Bertl nope, that one should be in etc/versvers/uts/node 1191949711 M * Bertl *nodename 1191949815 M * Bertl I'm talking nonsense 1191949822 M * Yvo ok, and what should be the "name"? 1191949827 M * Bertl /etc/vservers/ is the config dir 1191949835 M * Bertl the guest is referred to as 1191949846 M * Yvo oh, sorry 1191949849 M * Bertl the hostname is then in /etc/vservers//uts/nodename 1191949865 M * Yvo /etc/vservers/vsname/name 1191949895 M * Yvo I was also talking nonsence ;-) 1191949984 J * Wonka_ foobar@wonka.toppoint.de 1191949997 M * Bertl http://www.nongnu.org/util-vserver/doc/conf/configuration.html 1191950034 M * Bertl wb Wonka_! 1191950056 M * Yvo great link! thx! 1191950109 M * Wonka Bertl: i'll be gone in a few seconds... Vserver-reboot coming up ;) 1191950143 Q * Wonka Quit: rebooting Vserver host machine... 1191950144 N * Wonka_ Wonka 1191950531 Q * lilalinux Remote host closed the connection 1191951384 Q * ema Quit: leaving 1191951837 J * Wonka_ produziert@chaos.in-kiel.de 1191951921 Q * Wonka Quit: vserver rebooted 1191951921 N * Wonka_ Wonka 1191953517 Q * Pony_ Quit: This computer has gone to sleep 1191953615 Q * bragon_ Ping timeout: 480 seconds 1191953671 J * Pony_ ~NoSuchUse@192.38.8.25 1191953876 Q * Pony_ 1191954193 J * bragon ~bragon@2001:7a8:aa58::1 1191954326 M * dowdle This is a little dated but here's a video of Jon Corbet giving a "Kernel Report" from Jan 2007: http://en.sevenload.com/videos/9oQR4ns/Linux-Kernel-report-2007 1191954458 J * Pony_ ~NoSuchUse@192.38.8.25 1191954726 M * Bertl welcome Pony_! 1191955089 J * ema ~ema@rtfm.galliera.it 1191955169 M * Pony_ thanks Bertl 1191955538 M * Bertl okay, off to bed .. kind of tired today ... 1191955544 M * Bertl have a good one everyone! cya! 1191955549 N * Bertl Bertl_zZ 1191955842 J * Piet ~piet@tor.noreply.org 1191955914 M * Yvo so early? good night, Bertl! 1191955946 N * Pony_ JonB 1191956024 M * JonB Yvo: he might be in a different world (timezone) 1191956200 M * daniel_hozac he is. he's in BUT. 1191956373 Q * Piet Remote host closed the connection 1191956569 Q * JonB Quit: This computer has gone to sleep 1191956724 M * Yvo BUT? 1191956738 M * dowdle Watching that talk by Jon Corbet that I linked to earlier. He has a section on containers. Whoo hoo... and yes, he has Linux-VServer mentioned on his slide. 1191956861 M * DavidS Yvo: Bertl Universal Time, I presume 1191957047 M * daniel_hozac correct :) 1191957466 M * Yvo lol 1191957498 J * Piet ~piet@tor.noreply.org 1191957778 P * dowdle heading back home now. I have thought of some additional questions and will be adding them soon. 1191958711 J * faheem ~faheem@152.16.8.94 1191959517 Q * blizz Ping timeout: 480 seconds 1191959533 M * faheem I can't get networking on the most recent vserver I created. This machine is behind a firewall, so that may be the problem. However, I noticed that /etc/hosts was not created inside the vserver. Odd. 1191959574 M * faheem This is not a nameserver issue. resolv.conf appears to be correct. 1191959658 M * daniel_hozac and, does ping -I google.com on the host work? 1191959667 M * daniel_hozac how did you configure the guest's networking? 1191959741 M * faheem daniel_hozac: no, ping -I google.com does not work. 1191959762 J * blizz ~stephan@evilhackerdu.de 1191959807 M * faheem vserver msi build -m debootstrap --hostname msi.duke.earth --rootdir /mnt/msi --interface eth0:192.168.1.100/24 -- -d etch -m http://debian.csail.mit.edu/debian/ -- --resolve-deps --arch amd64 1191959814 M * faheem is the command I used. 1191959834 M * faheem ip a is now showing 1191959835 M * faheem inet 152.16.96.118/24 brd 152.16.96.255 scope global eth0 1191959835 M * faheem inet 192.168.1.100/24 brd 192.168.1.255 scope global eth0 1191959846 M * daniel_hozac have you configured NAT? 1191959875 M * faheem daniel_hozac: No. 1191959884 M * daniel_hozac so how do you expect it to work? :) 1191959886 M * faheem On the host, you mean? 1191959906 M * faheem daniel_hozac: Um, Ok. I'll give it a try. 1191959942 M * faheem thanks. 1191961311 Q * dna Quit: Verlassend 1191961469 J * esa ~esa@ip-87-238-2-45.adsl.cheapnet.it 1191961478 N * esa eSa| 1191961621 Q * DavidS Quit: Leaving. 1191962551 J * meandtheshell ~markus@85.127.117.208 1191963314 J * Aiken ~james@ppp59-167-97-168.lns3.bne1.internode.on.net 1191963537 M * bastiaan anyone who know how to umount /tmp in a vserver? 1191963554 M * bastiaan a mfs of 16MB is mounted here which is too small... 1191963615 M * bonbons bastiaan: edit fstab for the guest under /etc/vservers// 1191963635 M * bastiaan okay... can it be umounted without stopping the vserver? 1191963636 M * bonbons you may either enlargen the tmpfs (size=128m) or just drop it 1191963649 M * bastiaan I'll just drop it 1191963672 M * bonbons it can, assuming nothing inside guest has files open on /tmp... vnamespace is the magic command for this 1191963680 M * bastiaan great 1191963725 J * yarihm ~yarihm@84-75-130-73.dclient.hispeed.ch 1191963756 M * bonbons the following should do it (well, if you have not too much privacy enabled for the guest): vnamespace --enter -- umount /tmp 1191963939 Q * bonbons Quit: Leaving 1191964355 Q * ntrs_ Ping timeout: 480 seconds 1191965293 Q * ema Quit: leaving 1191965310 Q * julius_ Ping timeout: 480 seconds 1191965896 J * bastiaan_ ~bastiaan@sh.vhl.welmers.net 1191965996 Q * yarihm Quit: Leaving 1191967586 M * matti Eh. 1191968162 M * Supaplex Bertl_zZ: what are you dreaming about? :) 1191968317 Q * meandtheshell Quit: Leaving. 1191968485 J * ntrs_ ~ntrs@79.125.230.27 1191968507 M * Yvo I'm sure he's dreaming about a virtual server ;-) 1191969519 Q * ntrs_ Ping timeout: 480 seconds 1191970760 J * needel ~needel@189.158.32.188 1191970818 M * needel :D 1191971341 Q * needel Quit: Leaving 1191973413 P * Yvo 1191973753 Q * faheem_ Quit: Changing server 1191973784 J * faheem_ ~faheem@cpe-065-190-207-119.nc.res.rr.com 1191974362 J * meandtheshell ~markus@85.127.117.208