1194825612 J * Infinito ~argos@201-3-21-63.gnace701.dsl.brasiltelecom.net.br 1194826085 N * AStorm Guest334 1194826090 J * AStorm ~astralsto@tor-irc.dnsbl.oftc.net 1194826207 Q * Guest334 Remote host closed the connection 1194827359 Q * meandtheshell Quit: Leaving. 1194829036 Q * mire_ Ping timeout: 480 seconds 1194830779 J * hparker ~hparker@linux.homershut.net 1194831429 Q * Infinito Quit: Leaving 1194832698 Q * hparker Quit: peer reset by connection 1194839094 Q * rorem- Ping timeout: 480 seconds 1194840091 J * rorem- ~roremtank@bzq-219-46-202.isdn.bezeqint.net 1194841507 Q * AStorm Ping timeout: 480 seconds 1194841522 J * AStorm ~astralsto@tor-irc.dnsbl.oftc.net 1194842292 Q * igraltist Ping timeout: 480 seconds 1194843927 Q * arachnist Ping timeout: 480 seconds 1194844087 J * balbir ~balbir@122.167.211.2 1194844425 J * arachnist arachnist@088156184167.who.vectranet.pl 1194844758 N * AStorm Guest359 1194844761 J * AStorm ~astralsto@tor-irc.dnsbl.oftc.net 1194844777 Q * Guest359 Ping timeout: 480 seconds 1194847646 J * DLange ~dlange@p57A31491.dip0.t-ipconnect.de 1194847819 Q * grobie Ping timeout: 480 seconds 1194848159 J * grobie ~grobie@master.schnuckelig.eu 1194848469 J * JonB ~NoSuchUse@kg0-199.kollegiegaarden.dk 1194851212 Q * AStorm Ping timeout: 480 seconds 1194851219 J * AStorm ~astralsto@tor-irc.dnsbl.oftc.net 1194853037 Q * JonB Quit: This computer has gone to sleep 1194853952 N * Bertl_zZ Bertl 1194853956 M * Bertl morning folks! 1194854221 Q * AStorm Remote host closed the connection 1194854290 J * AStorm ~astralsto@tor-irc.dnsbl.oftc.net 1194854441 M * fb morning Bertl! 1194855224 N * AStorm Guest368 1194855227 J * AStorm ~astralsto@tor-irc.dnsbl.oftc.net 1194855232 Q * Guest368 Ping timeout: 480 seconds 1194855459 J * JonB ~NoSuchUse@kg0-199.kollegiegaarden.dk 1194855882 Q * ex Ping timeout: 480 seconds 1194856523 J * larsivi ~larsivi@85.221.53.194 1194856770 J * ntrs ~ntrs@79.125.245.231 1194856780 J * Pazzo ~ugelt@reserved-225136.rol.raiffeisen.net 1194857324 J * DavidS ~david@vpn.uni-ak.ac.at 1194857467 Q * dsoul Ping timeout: 480 seconds 1194857709 J * dna ~dna@116-237-dsl.kielnet.net 1194858062 Q * JonB Ping timeout: 480 seconds 1194858177 J * balbir_ ~balbir@122.167.211.2 1194858602 Q * balbir Ping timeout: 480 seconds 1194858843 J * ex ex@valis.net.pl 1194858871 M * Bertl wb Pazzo! ex! et.al. 1194859637 N * DavidS DavidS|Vienna 1194859646 M * DavidS|Vienna Hi Bertl! 1194859881 M * Bertl hey DavidS|Vienna! 1194860120 J * JonB ~NoSuchUse@130.227.63.19 1194860240 M * JonB Bertl: i need GB sized /tmp. If i remove the none /tmp tmpfs size=16m,mode=1777 0 0 1194860240 M * JonB line from fstab, then tmp will still work, right? 1194860272 M * Bertl yes, and that is what you should do, if fixing the broken app which requires this is not an option :) 1194860288 M * JonB Bertl: the broken app is CVS/SVN 1194860310 M * JonB when people commit something it stores it in tmp 1194860318 M * Bertl I doubt that this cannot set a proper tmp path 1194860342 M * DavidS|Vienna Bertl: do you like heurigen? If you have time, I'd be delighted if you could come to my big 13-months-married-42-days-dipl-ing party at St.Peter Pfarrheurigen 1194860358 M * JonB Bertl: it probably can, but what is wrong with using /tmp for that? 1194860364 M * Bertl DavidS|Vienna: which day? 1194860377 M * DavidS|Vienna JonB: it's o+w 1194860386 M * Bertl JonB: IMHO /tmp should be reserved for _small_ temporary files 1194860389 M * DavidS|Vienna Bertl: tomorrow starting at 17:30, open end 1194860398 M * JonB Bertl: okay 1194860412 M * Bertl DavidS|Vienna: will see what I can do, no promises though 1194860820 M * DavidS|Vienna I would be delighted 1194860933 Q * bragon Ping timeout: 480 seconds 1194861939 J * virtuoso_ ~s0t0na@ppp91-122-102-90.pppoe.avangard-dsl.ru 1194862347 Q * virtuoso Ping timeout: 480 seconds 1194862368 J * Punkie ~Punkie@goc.coolhousing.net 1194862586 M * Punkie Hello, I have a problem. When somebody runs in guest ntpd, I cant use ntpdate on host. Can I handle anyhow with it? 1194862630 M * Bertl hey Punkie! 1194862638 M * Punkie hi Bertl :) 1194862647 M * Bertl first, it doesn't make too much sense to run ntpd inside a guest 1194862677 M * Punkie no it doest'n, but how can I explain it to them? :( 1194862686 M * Bertl putting that aside, what kernel version do you use? 1194862709 M * Punkie 2.6.22.9-vs2.3.0.26 1194862761 M * Punkie on other server is old 2.6.19.3-vs2.2.0-rc13 1194862770 M * Bertl hmm, strange, could you strace -fF -o ntpdate the command? 1194862784 M * Bertl (when it fails, and upload the output somewhere) 1194862796 M * JonB is it not enough to run ntp inside the guest? wont the host clockscew be syncronized too? 1194862824 M * Bertl well, usually you run ntpd on the host, and that's it 1194862843 M * Bertl with newer kernels, you can also run it inside a guest and actually have a different time there 1194862871 M * Bertl by default, it doesn't make sens to run it inside a guest, as it will not be able to change the time 1194862967 M * JonB okay 1194862991 M * Punkie Bertl: http://quark.fereng.cz/ntpdate.str 1194863127 M * Bertl hmm, well, that's basically an ntpdate issue 1194863141 M * Bertl but you can work around that easily, try the following: 1194863192 M * Bertl chbind --ip -- ntpdate ... 1194863220 M * Bertl sorry, you want 1194863235 M * Bertl chbind --nid 42 --ip -- ntpdate ... 1194863252 M * Bertl adjust the host ip 1194863414 J * mire_ ~mire@39-171-222-85.adsl.verat.net 1194863511 M * Punkie the problem is same :-| 1194863540 M * Bertl really? is some guest using your host ip? 1194863595 M * Punkie no 1194863626 M * Bertl well, with the guest using one IP and the host using a different one, it is supposed to work quite fine 1194863651 M * Bertl trying here now, sec 1194863683 J * fs fs@213.178.77.98 1194863712 M * Bertl wb fs! 1194863724 M * fs hi =) 1194863880 M * JonB can i hashify running servers? 1194863889 M * Bertl yes 1194863896 M * JonB okay 1194863949 M * Punkie Bertl: soory, I was wrong, it is working, I used bad nid 1194863959 M * Punkie thanks a lot :) 1194863970 M * Bertl okay, cool! 1194863980 M * Punkie :) 1194864046 M * Bertl I think, using the -u option should work too 1194864110 M * Bertl you might want to add this to the Wiki/FAQ 1194864114 M * Punkie yes, you are right :) 1194864122 M * Punkie it is working 1194864154 M * Punkie OK, I will add it, but my english is not very well ;) 1194864159 M * AStorm yes, ntpdate binds to wildcard by default 1194864189 M * Bertl more important, I didn't see an option to specify an ip 1194864340 M * JonB making devices in a guest, should i do that from the host? using regular mknod? 1194864364 M * Bertl yes, that is usually the best approach (besides using cp -va) 1194864369 M * JonB thanks 1194864385 M * Bertl but be careful, not to give sensitive devices to a guest 1194864515 M * JonB i need ttyS0 and ttyS1 for my UPS monitoring 1194864532 M * JonB other than that i most likely also need some USB device 1194864534 M * Bertl serial devices are usually fine 1194864602 M * JonB good 1194865050 M * Supaplex I think I'll go count the dots on the insides of my eye lids. 1194865248 M * Bertl Supaplex: how many days so far? 1194865937 J * bragon ~bragon@2001:7a8:aa58::1 1194866251 Q * bragon Remote host closed the connection 1194866260 J * bragon_ ~bragon@2001:7a8:aa58::1 1194866518 J * lilalinux ~plasma@80.69.41.3 1194866564 Q * bragon_ Remote host closed the connection 1194866639 J * bragon ~bragon@2001:7a8:aa58::1 1194866942 Q * bragon Remote host closed the connection 1194866949 J * bragon ~bragon@2001:7a8:aa58::1 1194867907 M * Bertl okay, off for now .. back later 1194867912 N * Bertl Bertl_oO 1194867943 Q * lilalinux Remote host closed the connection 1194868119 Q * AStorm Remote host closed the connection 1194868176 J * AStorm ~astralsto@tor-irc.dnsbl.oftc.net 1194868286 P * friendly12345 1194868543 J * lilalinux ~plasma@80.69.41.3 1194868597 Q * bragon Ping timeout: 480 seconds 1194868800 Q * DavidS|Vienna Quit: Leaving. 1194869957 Q * DLange Quit: Bye, bye. Hasta luego. 1194870197 M * JonB has anyone tried using USB UPS'ses inside a guest running nut? 1194870582 J * nkukard ~nkukard@196.212.73.74 1194870600 M * nkukard weird ... just updated some host system files and I now get thsi ... rpm-fake.so: failed to initialize communication with resolver trying to do a vyum update 1194870750 M * JonB how big a security problem would it be to have sysfs mounted inside a guest? 1194870945 J * meandtheshell ~sa@85.127.115.176 1194872201 Q * nou Remote host closed the connection 1194873949 J * nou Chaton@causse.larzac.fr.eu.org 1194875440 Q * JonB Quit: Leaving 1194875453 Q * mire_ Ping timeout: 480 seconds 1194875705 J * ema ~ema@rtfm.galliera.it 1194875929 J * JonB ~NoSuchUse@130.227.63.19 1194876212 J * hparker ~hparker@linux.homershut.net 1194876585 J * hallyn_ ~xa@adsl-75-2-68-242.dsl.chcgil.sbcglobal.net 1194876617 J * gebura ~gebura@77.192.186.197 1194876638 M * gebura hi 1194876982 Q * hallyn Ping timeout: 480 seconds 1194877370 J * mire_ ~mire@39-171-222-85.adsl.verat.net 1194877671 Q * hallyn_ Quit: leaving 1194877684 J * hallyn ~xa@adsl-75-2-68-242.dsl.chcgil.sbcglobal.net 1194878023 Q * larsivi Quit: Konversation terminated! 1194878257 M * AStorm JonB: could possibly be exploitable 1194878259 M * AStorm depending on sysfs bugs 1194878269 M * AStorm or driver bugs 1194878296 M * AStorm exposes some drivers to attacker 1194878321 M * AStorm it's also usually trivial to DoS a machine using sysfs 1194878464 M * JonB AStorm: okay 1194878485 M * JonB AStorm: so... how do i get my UPS software to run 1194878545 M * AStorm hmmm, maybe bind mount the needed directory of sysfs? 1194878555 M * AStorm but then, why do you want to run that in a guest? 1194878594 M * JonB becuase i have other computers that connects to the UPS software across the network 1194878607 M * JonB i dont like network services inside the host 1194878673 M * JonB i am not even sure that i need sysfs 1194878675 M * AStorm heh 1194878693 M * AStorm this trick with bind mounted sysfs might work 1194878697 M * JonB it's just that nut-usb depended on udev and udev complained about no sysfs 1194878701 M * JonB bind mounted? 1194878715 M * AStorm even better if you don't need to write to it 1194878724 M * AStorm then you can use a readonly bind mount 1194878728 M * gebura JonB, maybe can you try the using a simplier serial cable 1194878730 M * JonB oh 1194878740 M * gebura -the 1194878751 M * JonB gebura: the machine only has one serial cable, but i have 3 UPSses 1194878758 M * AStorm but you _don't_ need sysfs 1194878765 M * AStorm and ignore udev warnings, it's totally pointless 1194878772 M * AStorm just create the device node on your own 1194878783 M * AStorm if someone deps on that, he's braindead 1194878804 M * AStorm the ups driver should have nothing to do with udev itself 1194878812 M * gebura JonB, as far i remember nut can work in a client server design, couldn't you use it (for example with a simple box with a serial card (-> so many serial port) sharing ups informations to local network ? 1194878820 M * AStorm even if it uses dynamic minor numbers 1194878825 M * JonB gebura: it can 1194878860 M * JonB AStorm: okay, but i wonder if the usb driver will always have the same name available 1194878885 M * AStorm the name is not important 1194878899 M * AStorm you can set that in the host 1194878910 M * AStorm (the driver itself) 1194878919 M * AStorm then copy the device nodes in pre-start script 1194878958 M * JonB AStorm: pre-start guest? 1194878968 M * AStorm what? 1194878984 M * AStorm I said the script. vserver launches a script before starting the guest 1194878986 M * JonB AStorm: i need to create the /dev entries somehow, but if i dont know what their name are, how can i create them inside the guest /dev 1194878992 M * JonB AStorm: okay, that script 1194878995 M * AStorm it's described in the flower page 1194878997 M * JonB AStorm: i figured that as well 1194879001 M * JonB AStorm: i will look 1194879014 M * AStorm JonB: in host you do know the name 1194879022 M * JonB AStorm: i do 1194879032 M * AStorm btw, the driver itself should be in it, even if it's user space 1194879044 M * JonB should be in what? 1194879060 M * AStorm the network server should be in the guest 1194879064 M * AStorm but not the driver 1194879091 M * AStorm the host can run udev just fine :> 1194879197 M * JonB i prefer having a regular nut setup where the nut userland usb driver runs in the same guest as the nut network daemon 1194879241 M * AStorm the network daemon doesn't have to know that the driver is running elsewhere 1194879253 M * AStorm it just sees the device nodes (which are copied from the host) 1194879271 M * AStorm unless it uses some proc or sysfs entries 1194879281 M * AStorm I mean, the daemon 1194879329 M * AStorm hmm, though security implications are a bit different 1194879346 M * AStorm if there's a bug in nut user space driver, it can allow access to the host 1194879363 M * AStorm but I think it shouldn't have any exploitable holes 1194879374 M * AStorm not much worse than any other driver 1194879392 M * JonB AStorm: i had it up and running inside a guest for the single serial port 1194879394 M * JonB works fine 1194879575 M * fb hm, how to increase number of opened files for a specific guest? 1194879599 M * fb i thought via /etc/vserver/{guest}/rlimits/nofiles 1194879621 M * fb *nofile 1194879640 J * fatgoose ~samuel@76-10-149-199.dsl.teksavvy.com 1194879642 M * fb but it doesn't work, limit is still default 1194879885 M * fb ah, stupid me 1194879891 M * Bertl_oO that is correct, I assume you are hitting a different limit 1194879903 M * Bertl_oO i.e. the ulimits maybe? 1194879907 M * fb exactly, enforced by init scripts 1194880319 J * kwowt ~kwowt@BSN-61-115-149.dial-up.dsl.siol.net 1194880320 M * kwowt hi 1194880343 M * kwowt is it possible to limit vserver users cpu and RAM usage? 1194880504 Q * hallyn Ping timeout: 480 seconds 1194880507 Q * JonB Ping timeout: 480 seconds 1194880547 M * gebura kwowt, not as you say but you can give a vserver a nice value (like the nice command) and/or ulimit value 1194880567 M * kwowt vlimit ? 1194881732 M * Bertl_oO kwowt: you can limit a lot of different things, including CPU and MEMORY 1194881764 M * Bertl_oO give me a second to grab you the wiki pages :) 1194881863 M * Bertl_oO http://linux-vserver.org/CPU_Scheduler 1194881873 M * Bertl_oO http://linux-vserver.org/Resource_Limits 1194881879 M * Bertl_oO http://linux-vserver.org/Memory_Limits 1194881905 J * jordi ~jordi@115.Red-213-96-69.staticIP.rima-tde.net 1194881912 Q * Punkie Quit: Odcházím 1194881920 M * Bertl_oO of course, you can in addition to that, use ulimits and relative nice values too 1194881926 N * Bertl_oO Bertl 1194881931 M * Bertl welcome jordi! 1194881976 M * jordi hey! :) 1194881989 M * jordi what a nice channel. :) 1194882023 M * Bertl what can we do for you? 1194882043 M * jordi what can we do you for? 1194882057 M * jordi ok, so I have a Debian etch vserver on a etch host 1194882072 M * jordi and I installed logcheck in the guest 1194882099 M * Bertl okay 1194882101 M * jordi everytime logcheck's cronjob runs (every hour if not mistaken), I get a limits warning in the logs 1194882103 M * kwowt Bertl thanks 1194882110 M * kwowt i'm already playin with vlimit 1194882122 M * jordi Nov 12 15:02:02 rproxy pam_limits[5128]: setrlimit limit #11 to soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0 1194882126 M * jordi Nov 12 15:02:02 rproxy pam_limits[5128]: setrlimit limit #12 to soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0 1194882127 M * Bertl jordi: probably a pam issue 1194882132 M * jordi Bertl: yeah 1194882151 M * Bertl you have several ways to handle that, depending on what you want to achieve 1194882155 M * jordi I'd like to know if someone has fiddled with this limit to find what's a value that makes it shut up, without removing it entiorely 1194882163 M * jordi I want it not to hit the limit 1194882208 M * Bertl http://linux-vserver.org/Capabilities_and_Flags 1194882228 M * Bertl check out IGNEG_NICE, probably the easiest way to fix this 1194882264 M * Bertl hmm, wait, it's trying to raise another limit 1194882368 M * Bertl to allow pam to raise the limit (to infinity as it is done here) 1194882374 M * jordi yep 1194882383 M * Bertl you need to give both, unlimited resources for #11 and #12 1194882411 M * Bertl alternatively (the better approach, IMHO) you can make pam _not_ to raise the limits above the guest limits 1194882433 M * jordi what are the implications of that one? 1194882435 M * kwowt is there a way to see how much memory a ctx is using? 1194882455 M * jordi kwowt: vserver-stat? 1194882461 M * kwowt oh 1194882461 M * Bertl kwowt: for most limits, check /proc/virtual/ 1194882487 N * tokkee_ tokkee 1194882524 M * Bertl jordi: the implications of raising the guest limits to 'unlimited' are, that the guest can use more of those resources, lowering the pam limits on the other hand, should have no implications 1194882637 Q * dna Read error: Connection reset by peer 1194882661 J * dna ~dna@116-237-dsl.kielnet.net 1194883149 Q * lilalinux Remote host closed the connection 1194883605 Q * balbir_ Ping timeout: 480 seconds 1194883756 J * larsivi ~larsivi@101.84-48-201.nextgentel.com 1194883940 M * jordi Bertl: I see. How can I get that done, making pam not raise limts? 1194884078 M * Bertl probably the simplest way for a test, is rebmoving the pam_limit entry completely 1194884101 M * Bertl for the correct solution, you want to look for something like /etc/pam/limits or so 1194884139 J * DLange ~dlange@p57A31491.dip0.t-ipconnect.de 1194884147 M * Bertl okay, dinnertime .. back shortly ... 1194884151 N * Bertl Bertl_oO 1194884225 M * jordi Bertl_oO: laters 1194884262 Q * fb Ping timeout: 480 seconds 1194884562 J * fb ~fback@red.fback.net 1194884663 J * JonB ~NoSuchUse@kg0-199.kollegiegaarden.dk 1194884993 Q * gebura Quit: Quitte 1194886358 N * Bertl_oO Bertl 1194886364 M * Bertl back now ... 1194886369 M * Bertl dowdle_: ping? 1194886414 M * dowdle_ Greetings. 1194886417 N * dowdle_ dowdle 1194886435 M * dowdle Bertl: What's up? 1194886449 M * Bertl hey, I got home a few hours ago, and could test the camera for the first time :) 1194886458 M * Bertl dowdle: great stuff! thanks again! 1194886498 M * Bertl dowdle: btw, you did nothing wrong with the package 1194886546 M * dowdle Bertl: So you just got unjustly ripped off? :( 1194886547 M * Bertl dowdle: I figured that in Austria, only gifts up to 45 EUR (~66 USD) are free 1194886564 M * dowdle So, we should have claimed less value? 1194886591 M * Bertl yes, next time you send something to austria (or probably germany too) stay below that limit :) 1194886607 M * dowdle Ok. 1194886638 M * Bertl currently one of my cats is posing in front of the camera :) 1194886647 M * dowdle Bertl: The interview so far has had 2,743 reads although about 50 of those were me editing it. :) There are quite a few comments here too: http://lwn.net/Articles/257989/ 1194886757 Q * fb Ping timeout: 480 seconds 1194886775 M * dowdle Bertl: There were some negative things said about certain parts of the interview... but I think it mostly shows people care. 1194886779 J * dsoul darksoul@vice.ii.uj.edu.pl 1194886939 M * Bertl yeah, interesting comments, especially if you know the persons behind them :) 1194887008 N * ensc Guest407 1194887018 J * ensc ~irc-ensc@p54B4D885.dip.t-dialin.net 1194887127 Q * Guest407 Ping timeout: 480 seconds 1194887156 M * dowdle Bertl: It just points out differences in goals. 1194887224 M * dowdle Bertl: I know this isn't going to sound as crediable as I would like, but I spent a few days with Kir at LinuxWorld and he is a really nice guy... with a pretty edgy sense of humor (I have one of those too). 1194887260 M * dowdle I hope his comments weren't seen as an attack. I didn't take them that way. 1194887305 M * dowdle And that "the enemy" comment, I hope... was honestly playful too. 1194887520 M * dowdle I hope my response is something close to what you would have said yourself. 1194887569 J * sauron ~zeus16384@12.20.4.100 1194887595 M * Bertl welcome sauron! 1194887600 M * sauron hi guys long time i havent been here. hope everyone great! I have a big question... 1194887614 M * sauron hi Bertl! I saw your interview!!! cool! 1194887649 M * sauron so basically my pain... I want vserver up on Red Hat Enterprise Linux 4..... 1194887682 M * Bertl okay 1194887686 M * sauron and since there is no rpm etc, I patched+ compiled kernel to 2.6.22.9-vs2.2.0.4 1194887695 M * sauron and compiled util-vserver fine 1194887702 M * sauron but I dont have yum there nor apt-get 1194887707 M * Bertl credit for the interview goes to dowdle, btw ... 1194887722 M * sauron so at a loss.... only tried legacy vserver creteion... that seemed to hum away fine.. but vserver wont' startup 1194887735 M * Bertl sauron: check with testme.sh that everything works as expected 1194887755 M * Bertl if that reports all fine, you can at least install a debian guest out of the box 1194887766 M * sauron yes 1194887770 M * sauron [000]# succeeded. 1194887773 M * sauron some 8 times 1194887776 M * Bertl okay 1194887794 M * sauron I was thinking of brute force copying over my debian client that I created in my local hox 1194887819 M * Bertl no need to do so, debian guests work without any host packages 1194887824 M * dowdle sauron: You can get apt-for-rpm (or whatever it is called) for RHEL4 from DAG I think... although I've not used it. 1194887825 M * sauron wow 1194887840 M * Bertl sauron: just do something like: 1194887850 M * sauron ah, prob is server is fully armed with firewall etc. 1194887862 M * dowdle sauron: But I don't think vserver maintains a 2.6.9.x branch that RHEL4 uses... so you'd definitely have to use a different tree. 1194887865 M * sauron so its nightmare for me to get approval to acces internet from there. but I can try it sure 1194887867 M * Bertl vserver etch32 build -m debootstrap --context 10104 --hostname etch32.debian.org --interface eth1:10.1.4.32/24 -- -d etch -m http://ftp.debian.org/debian -- --arch i386 1194887902 M * Bertl adjust the various arguments to your specific case 1194887903 M * sauron Bertl: so that all would be done internally? no need to isntall any RPM? 1194887925 M * Bertl yep, debootstrap is fetched, all you need is network acces (can be firewalled) 1194887930 M * Bertl *access 1194887944 M * sauron Cool. I'll check this. yes. i have to get IP access as it is blocked now. 1194887974 M * sauron what is DAG by the way? 1194888020 M * sauron i checked around and did not see apt nor yum for RHEL so that's where I tripped also. and fedora ones wont install without a bunch of other pkgs 1194888041 J * _gh_ ~gerrit@c-67-169-199-103.hsd1.or.comcast.net 1194888047 M * Bertl welcome _gh_! 1194888053 M * dowdle sauron: A third-party repo for RHEL. 1194888091 M * sauron dowdle aah. i see thanks. I am not liking RHEL too much but we use it at work 1194888124 M * dowdle sauron: Well, RHEL4 is about 2.5 years old. RHEL5 has yum. 1194888151 M * Bertl actually Dag is the person maintaining that repository ... :) 1194888164 M * dowdle sauron: You could probably use CentoS 4 yum packages on RHEL 4... so you could add yum to RHEL4 but I haven't done it. 1194888188 M * dowdle Bertl: Yes, and DAG is also a CentOS developer. 1194888196 M * sauron Bertl :) I tried dag.org and dag.com but I went to end of the world or something :) 1194888205 M * dowdle Dag is (more than) three... three things in one. 1194888220 M * dowdle sauron: Try "dag repo 1194888222 M * Bertl http://dag.wieers.com/ 1194888224 M * dowdle " and see what you get. 1194888227 M * sauron ah cool 1194888274 M * sauron wow. interesting. 1194888282 M * dowdle They were working on "rpmforge" but I'm not sure if that stalled or what. And there is also EPEL. 1194888299 M * sauron but if debian works I will already be jumping for joy 1194888343 M * sauron I always learn something here. you are GREAT 1194888376 M * sauron btw the that debootstrap command seems to work. looks I still have IP access. just one of our engineers told me I dont... 1194888439 M * sauron btw, I didn't see vhashify in this util-vserver util-vserver-0.30.214.tar.bz2 1194888455 M * Bertl maybe you are missing the beecrypt library 1194888456 M * sauron is that still under dev? 1194888493 M * Bertl you probably even got a message tellung you exactly this 1194888510 M * Bertl (and that vhashify will not be built) when you did the configure :) 1194888539 M * sauron ok. shame on me.. probably I did not notice. 1194888569 M * sauron but many thanks as looks i have an etch32 vserver up :] 1194888577 M * Bertl congrats! 1194888608 M * sauron :) thanks! I just have't touched this for a bit and didn't know what to do. 1194888648 M * sauron this server I got is much bettter, 8G memo and some 100GB HDD so I will be able to create a few of my test servers I hope 1194888674 M * Bertl arekm: "wasn't able to deliver ..." what have you been drinking? 1194888674 Q * _gh_ Ping timeout: 480 seconds 1194888698 M * dowdle Here's an interesting article from Dag although OT: http://dag.wieers.com/blog/content/why-is-there-no-open-source-sles 1194888731 Q * JonB Quit: This computer has gone to sleep 1194888829 M * arekm Bertl: you say that's false claim? afaik you were busy with other stuff than new kernel 1194888853 M * Bertl arekm: we have a few pre releases up there since 2.6.23 was released 1194888878 M * Bertl arekm: what _is_ true is that we probably won't do a stable release for 2.6.23 1194888919 J * bragon ~bragon@2001:7a8:aa58::1 1194888984 M * Bertl i.e. the stable branch will skip the broken 2.6.23 and continue with 2.6.24 1194888988 M * arekm Bertl: I see. 1194889010 M * Bertl but thanks for the positive comment on OS level virtualization 1194889199 M * arekm will 2.6.24 vserver version be using new (pid) namespace stuff ? 1194889248 M * Bertl as it looks like, it will use the user namespace and provide an option to use the pid namespace as alternative to the pid isolation (lightweight variant) 1194889306 M * Bertl (given that the pid spaces will work in 2.6.24 :) 1194889666 M * sauron I'll be back guys many thanks for ur help! 1194889679 M * Bertl you're welcome! 1194889719 M * arekm Bertl: mainline isn't such bad thing ;-) 1194889758 M * Bertl well, they were planned for 2.6.21 IIRC :) 1194889813 M * dowdle arekm: From my perspective (and I'm mostly an outsider), all of the work required to put vserver into mainline would change the very nature of the project. 1194889843 M * arekm dowdle: and the nature is what exactly? 1194889889 M * dowdle arekm: Well, there is how I perceive it, and how it actually is from the developers point of view. I don't know how relevant my view on it would be. 1194889892 M * Bertl arekm: does pld use unmodified mainline kernels? 1194889990 M * arekm Bertl: unfortunately not. Updating all that patches is huge effort at every release (and for pld it's a pain, there is no company behind pld or pld team) 1194890016 M * dowdle arekm: To me, Linux-VServer is a group of friendly and commited developers who enjoy the journey they are taking together. A lot of the enjoyment would probably evaporate if they had to change the design and implimentation they've continue to come up with together, the meet the sometimes arbitrary seeming demains of mainline. 1194890034 M * Bertl arekm: very similar to Linux-VServer .. but why does pld use patched kernels at all? 1194890043 J * _gh_ ~gerrit@c-67-169-199-103.hsd1.or.comcast.net 1194890080 M * dowdle err... demains = demands 1194890098 M * arekm Bertl: because we want grsec, vserver, suspend2, apparmor, pax, unionfs, netfilter pom, squashfs and so on :) 1194890106 M * zbyniu Bertl: because we are maniacs! ;-) 1194890139 M * Bertl arekm: and might that be because mainline sucks in this regard? :) 1194890172 M * arekm Bertl: the other point of view is: because external projects don't merge with mainline which sucks ;-) 1194890191 M * Bertl arekm: ah, but why doesn't pld do that work (of merging)? 1194890235 M * arekm Bertl: lack of knowledge and people. Not that we wouldn't do it if we could 1194890272 M * Bertl but you expect other folks to do that for you, and spend endless time for a merge? 1194890322 M * arekm Bertl: not "expect". we encourage 1194890332 M * dowdle arekm: And how many stories are there of people who spent years trying to get into mainline only to call it quits in frustration? 1194890368 M * arekm dowdle: too many probably 1194890378 M * dowdle I'm not saying that trying to get into mainline isn't a good thing... just that it isn't a battle for everyone. 1194890451 M * Bertl it is even worse, because nowadays, by natural selection, the commercial linux projects have a better chance to 'win' the upstream battle than non commercials, regardless of the quality of the project 1194890482 M * Bertl redhat has no real problem to get the kitchen-sink merged 1194890501 Q * nkukard Quit: Leaving 1194890502 M * arekm novell on the other hand has such problems (apparmor as a example) 1194890509 M * dowdle Bertl: Only because they (commercial projects seem to have more people and funds... and those people aren't concerned with their work no longer being fun. 1194890512 M * zbyniu of course it is only political reason to merge 1194890531 M * Bertl google or IBM have the time to submit the 101th variation on the same stupid patch, to finally get the second version included :) 1194890532 M * zbyniu arekm: beacause selinux team is too strong 1194890561 M * zbyniu they can kill every other security system 1194890600 M * dowdle zbyniu: I think you are over exaggerating there. Linus said some very negative things about selinux trying to be the only security thingie. 1194890630 M * dowdle Bertl: I'm sure I'm not telling you anything you haven't already known for years. : 1194890632 M * dowdle :) 1194890642 M * zbyniu if "other system" is not using LSM, they screem to use it 1194890644 M * dowdle Argh... I'm not fond of my wife's keyboard. 1194890724 Q * _gh_ Ping timeout: 480 seconds 1194890728 M * zbyniu but if it is using LSM api, selinux guys can _change_ api to not fit "other system" requirements 1194890798 M * zbyniu dowdle: I saw that, but look at fights with selinux guys 1194890884 A * arekm predicts that vserver will be like suspend2. Using tons of mainline os level virtualization code + providing nice own stuff 1194890898 M * dowdle zbyniu: At least they (the SELinux developers) have convinced themselves. :) But seriously, there are a quite a few people unhappy with the basic premise of AppArmor besides just the SELinux guys. 1194890917 M * Bertl arekm: well, that's what we already do (to some extend :) 1194890981 M * arekm Bertl: so I predict that the usage range will increase with each functionality appearing in mainline ;) 1194891066 M * dowdle arekm: I know there seem to be some quick spirts of mainline adding group control code... but they still have plenty of time for pit stops that drag it out. There is talk about delaying much of the code to 2.6.25 and beyond. 1194891078 M * dowdle Err... spirts = spurts 1194891106 M * zbyniu dowdle: yes, they think that their way is only. If project is similar to selinux, they want to rewrite it to be selinux policy 1194891167 M * zbyniu if premises are completly diffrent, they think it is impossible to be good 1194891191 M * dowdle zbyniu: They could be right but I have no way of knowing. :) 1194891198 A * arekm gets impression that apparmor will be finally merged. 1194891213 M * zbyniu dowdle: they are NOT ;) 1194891228 M * dowdle zbyniu: And you know enough to know yourself? 1194891264 A * arekm uses single apparmor functionality. apache vhosts filesystem separation :-) 1194891281 M * zbyniu dowdle: I think so :) 1194891342 M * dowdle I'm always impressed by Bertl's ability to keep his mouth shut in certain situtations. :) 1194891437 A * arekm wonders if network namespace will be really like separate network stack. With own routing table, firewall and so on 1194891511 M * dowdle I'm guessing the control group developers with the most influence will from Google... but such guesses are of little value. 1194891523 M * dowdle Er... will from = will be from 1194891532 M * arekm will or are, davem merged something about that already 1194891663 M * dowdle Well, I'm going to shut up now and get out of the way of our wonderful developers... who probably want to past in diff URLs. :) 1194891837 M * dowdle Err... past = paste 1194891847 M * dowdle I should have shut up some time ago. :) 1194893024 J * arachnis1 arachnist@088156187175.who.vectranet.pl 1194893282 Q * arachnist Ping timeout: 480 seconds 1194893282 N * arachnis1 arachnist 1194893426 M * kwowt is there a way to have precompiled LAMP or something on my vserver, so each user doesnt have to install and compile his own apache etc. 1194893500 M * Bertl sure, why not 1194893528 M * kwowt is there an easy way to do it? :p 1194893537 A * dowdle notes that sometimes Bertl sounds like a magic 8-ball. 1194893545 M * kwowt ;) 1194893660 M * Bertl dowdle: Outlook not so good :) 1194893725 M * Bertl kwowt: what distro do you use for your guests? 1194893803 M * kwowt gentoo 1194893821 M * Bertl so why not use the binary packages for apache and friends? 1194893848 M * Bertl i.e. provide a binary repository (you could mount it into each guest, for example) 1194893941 J * _gh_ ~gerrit@c-67-169-199-103.hsd1.or.comcast.net 1194893966 J * Alikus ~alikus@217.150.200.212 1194894043 Q * ema Quit: leaving 1194894205 M * Bertl welcome Alikus! 1194894244 M * Bertl dowdle: btw, I just figured that we can stop developing Linux-VServer ... (cit) "Oracle VM is server virtualization software which fully supports both Oracle and non-Oracle applications, and is three times more efficient than other server virtualization products." [http://www.oracle.com/technologies/virtualization/index.html] 1194894258 M * Alikus Bertl: hello :) tnx 1194894505 M * dowdle Bertl: I'm wondering if that is just a rebranded "Red Hat Virtualization" which is a rebranded "Xen". I wouldn't trust Oracle with girl scout cookies. Their whole lie for coming out with Unbreakable/Enterprise Linux is to lower the cost for Oracle users... and like freaking Oracle is $250K for a quad socket box? 1194894584 M * Bertl well, of course it is xen, was a joke :) 1194894664 M * dowdle Bertl: How is Xen three times more efficient than other server virtualization products? Nevermind, it was written by the marketing folks. :) 1194894884 Q * ntrs Ping timeout: 480 seconds 1194895107 Q * Alikus Quit: Konversation terminated! 1194895289 J * fb fback@red.fback.net 1194895693 N * AStorm Guest423 1194895694 J * AStorm ~astralsto@59.54.54.217 1194895716 Q * Guest423 Remote host closed the connection 1194895719 M * Bertl wb fb! AStorm! 1194896271 Q * Pazzo Quit: Ex-Chat 1194896389 M * AStorm Bertl: you don't have to greet me because of my flaky connection :-) 1194896438 M * Bertl AStorm: hehe, well, maybe you get famous and can then setup a proper irc bouncer or so :) 1194896482 M * AStorm Bertl: uhm, I just donate bandwidh to Tor 1194896521 M * Bertl and that makes your connection flaky? 1194896548 M * AStorm yes and no 1194896569 M * AStorm it means I've to connect through tor to make tracing harder for everyone 1194896764 M * the-me where can I find the "more than 16 ips per vserver" patch for the actual stable vserver branch? 1194896917 M * Bertl I think we have it on the wiki (linked) 1194896960 M * Bertl http://vserver.13thfloor.at/Experimental/VARIOUS/delta-2.6.9-vs1.9.3-net64.diff 1194896978 M * Bertl note: you also need to patch util-vserver 1194897387 Q * AStorm Ping timeout: 480 seconds 1194897628 J * igraltist ~user4@kasten-edv.de 1194897894 J * AStorm ~astralsto@tor-irc.dnsbl.oftc.net 1194898104 J * fatgoose_ ~samuel@76-10-149-199.dsl.teksavvy.com 1194898484 Q * fatgoose Ping timeout: 480 seconds 1194899348 M * ard X11 connection rejected because of wrong authentication. 1194899368 M * ard anyone knows what I am missing with ssh -X ? 1194899374 M * ard to a vserver 1194899377 M * Bertl probably a config issue 1194899388 M * Bertl i.e. localhost option of sshd 1194899388 M * ard yes :-) 1194899401 A * ard put localhost in /etc/hosts 1194899416 M * Bertl could also be missing/broken xauth 1194899421 M * ard but I think you are correct... 1194899437 M * ard it breaks on the source ip I guess 1194899446 Q * _gh_ Quit: Client exiting 1194899507 M * ard yes! 1194899510 M * ard got it! 1194899522 M * Bertl :) it's a FAQ :) 1194899528 M * ard it is??? 1194899533 A * ard blushes... 1194899582 M * ard I actually have a substitude xauth to overcome the XAUTHORITY being on a nfs home dir 1194899589 M * ard s/d/t 1194899609 M * ard but after that I forgot to set the correct XAUTHORITY :-) 1194899675 A * ard now has a qemu server within a vserver 1194899687 M * ard that makes site testing more clean 1194899692 M * Bertl hehe, nice, via vnc? 1194899701 M * ard plain X11 now :-) 1194899768 M * ard all our pc's come with XP licenses, and that's the first thing we erase :-) 1194899783 M * Bertl lol, you should sell them 1194899809 M * Bertl (or request a refun) 1194899814 M * Bertl *refund 1194899815 M * ard We can't order without because we "buy" them from our internal desktopmanagement department 1194899834 M * Bertl ah, synergies :) 1194899842 M * ard yeah :-( 1194899843 A * ard sighs 1194899862 M * ard weird... 1194899868 M * ard qemu: invalid option -- '-kernel-kqemu' 1194899882 M * ard in the non-vserver environment it didn't say that... 1194899889 A * ard has to check that... 1194899908 M * ard anyway, time for home... 21:38 here O/~ 1194899926 M * Bertl you probably ahve insufficient permissions to use the kernel mappings 1194900009 Q * grobie Remote host closed the connection 1194900011 J * grobie ~grobie@master.schnuckelig.eu 1194900403 Q * grobie Remote host closed the connection 1194900404 Q * yarihm Quit: This computer has gone to sleep 1194900412 J * grobie ~grobie@master.schnuckelig.eu 1194900564 Q * larsivi Remote host closed the connection 1194900586 J * larsivi ~larsivi@101.84-48-201.nextgentel.com 1194902304 J * ntrs ~ntrs@79.125.224.194 1194902771 J * quote ~kwowt@BSN-61-15-206.dial-up.dsl.siol.net 1194902792 J * JonB ~NoSuchUse@kg1-20.kollegiegaarden.dk 1194902802 M * Bertl ah, now I get 'kwowt':) 1194902882 M * dowdle Bertl: Please share. 1194902893 M * Bertl quote ~ kwowt 1194902965 M * Bertl looks almost onomatopoetic to me :) 1194903107 Q * kwowt Ping timeout: 480 seconds 1194903380 M * quote lol 1194903382 M * quote :P 1194903410 M * ard hmmzz.. 1194903463 Q * bragon Ping timeout: 480 seconds 1194903471 M * ard qemu with kqemu support doesn't work from a 32 bit environment on a 64 bit kernel... 1194903516 J * Infinito argos@200-140-68-125.gnace701.dsl.brasiltelecom.net.br 1194903527 M * Bertl welcome Infinito! 1194903536 M * Infinito hey 1194903541 M * Infinito thx 1194903551 M * Infinito are you a bot ? 1194903563 M * Infinito eh.. whatever :) 1194903567 M * Bertl ar you sure you are _not_ a bot? 1194903623 M * Infinito eh... 1194903625 M * ard well, Infinito has a point there... 1194903626 M * Infinito :p 1194903635 M * ard Bertl and daniel_hozac are *too* fast to be human :-) 1194903648 J * bragon ~bragon@2001:7a8:aa58::1 1194903686 M * quote :D 1194903710 P * sauron 1194903764 M * Bertl Infinito: http://xkcd.com/329/ :) 1194903805 M * Infinito lol 1194904197 Q * DLange Quit: Goodnight, everybody. Sleep well. Greets to the vserver team! 1194904361 M * Bertl that's a part message! 1194904554 M * ard qemu-system-x86_64 -kernel-kqemu -monitor stdio qemuimg -m 768 -usb -smb /home/ard/win 1194904558 M * ard works better :-) 1194904571 M * ard with kqemu support seems 1194904666 M * Bertl okay 1194904688 M * ard hmmm... trying that remote maybe isn't that good of an idea :-) 1194904781 M * ard or it is competing with a distributed-net in another server :-) 1194904825 M * ard Hmmm... 1194904869 M * ard I guess updates are synchronous... it starts, it takes about 10% cpu time but it goes over 2 ssh tunnels to an adsl connection :-) 1194904891 M * Bertl try the vnc interface 1194904917 A * ard waits for the start->stop button to appear :-) 1194904936 M * ard but it works with kqemu within a vserver... 1194904956 M * ard on to the next "within a vserver" project :-) 1194905056 Q * meandtheshell Quit: Leaving. 1194905082 M * Bertl ard: journey onward :) 1194905084 M * ard Bertl : my next project is the famous X-server :-) 1194905145 M * ard but I guess I stumbled upon /proc hiding stuff :-( 1194905179 M * Bertl nah, if you really want to run a hardware x server in a guest, read the wiki page first 1194905200 A * ard did... :-) 1194905206 M * Bertl but I would suggest to leave X with hardware access on the host 1194905221 M * Bertl (x11 over vnc or similar is perfectly fine for a guest) 1194905249 M * ard I am only trying to see what I can do :-)... 1194905272 M * ard If possible I want the root environment to be as clean as possible... 1194905337 M * ard for x-server use I usually run debian unstable... and the slightes upgrade installs tons of needless packages :-( 1194905343 M * Bertl the problem with X11 is that it (still) needs all kinds of hardware access (like memory, pci, io registers, bios) 1194905347 M * ard w00t... the [start] menu is there 1194905375 M * ard it's not intended for safety, just to keep the base very clean 1194905395 M * ard having a chrooted environment is almost what I want... 1194905411 M * ard but with the ip address filtering and process scheduling stuff 1194905432 M * quote =) 1194905656 Q * JonB Quit: This computer has gone to sleep 1194905743 M * ard http://oldwiki.linux-vserver.org/MoreUbuntu is what I need :-). It touches every config file that I need to change... 1194905783 M * Bertl well, I wonder what happened to the MoreUbuntu project 1194905902 Q * dna Quit: Verlassend 1194905978 M * ard faheem: the most beatiful part is, is that I can run ypbind on the root server without using it, and every client will be able to be a nis-client without having ypbind 1194905988 A * ard really wonders why 1194906002 M * ard that should have been: ah ... 1194906060 J * DavidS ~david@85.125.165.34 1194906141 M * dowdle clear 1194906143 M * dowdle Opps 1194906179 A * ard sees that's because portmap is running on the root server 1194906190 M * Bertl dowdle: you know, you can use CTRL-L too :) 1194906221 M * dowdle Depending on the client 1194906232 M * dowdle In IRC. 1194906237 M * dowdle I use control-l for bash. 1194906283 M * dowdle Bertl: Let's see if you knew this one... if you typo while typing in a password, what keystroke can you hit to start over? 1194906359 M * dowdle I use it all the time if someone si watching me type my password... just random stuff, the special combo, real password. 1194906468 M * dowdle The answer is control-u. Try it sometime. 1194906477 M * Bertl I use CTRL-W, but I know there should be an erase line too 1194906542 M * Bertl ah, CTRL-U will try to remember that one 1194906711 M * DavidS it's the companion of ctrl-k: kill_to_eol 1194908000 Q * Infinito Quit: Quitte 1194908553 Q * larsivi Quit: Konversation terminated! 1194908862 Q * ensc Ping timeout: 480 seconds 1194908946 J * marcfiu ~mef@aegis.CS.Princeton.EDU 1194908955 M * Bertl wb marcfiu! 1194908963 M * marcfiu hi 1194908967 Q * bragon Ping timeout: 480 seconds 1194908976 M * marcfiu daniel_hozac made it safely to Princeton. 1194908986 M * Bertl excellent news! 1194909019 M * marcfiu unfortunately the wireless router in the house he lives is on the top floor and the signal does not make it to his room. 1194909027 M * marcfiu This will be fixed either tonight or tomorrow. :) 1194909044 M * marcfiu Any way, he should be back online providing his services to the vserver channel no later than tomorrow. :) 1194909052 J * ensc ~irc-ensc@p54B4D885.dip.t-dialin.net 1194909056 M * marcfiu ok.. have to head home... 1194909057 M * marcfiu cheers 1194909064 M * Bertl cya, thanks for the info! 1194909070 Q * marcfiu Quit: Leaving. 1194910894 J * friendly12345 ~friendly@ppp59-167-168-145.lns1.mel4.internode.on.net 1194911337 Q * DavidS Quit: Leaving. 1194911338 Q * AStorm Read error: Connection reset by peer 1194911386 J * fatgoose ~samuel@76-10-149-199.dsl.teksavvy.com 1194911475 J * AStorm ~astralsto@tor-irc.dnsbl.oftc.net 1194911652 P * Solaris satan made me do it 1194911787 Q * fatgoose_ Ping timeout: 480 seconds