1200614514 Q * dowdle Remote host closed the connection
1200614802 Q * jescheng Remote host closed the connection
1200614814 J * jescheng ~jescheng@proxy-sjc-2.cisco.com
1200615862 J * onox ~onox@kalfjeslab.demon.nl
1200615870 M * onox I have a big IO problem
1200615882 M * Bertl how so?
1200616000 M * onox well, eclipse just went crazy
1200616011 M * onox and now my single-cpu is waiting all the time on IO
1200616023 M * onox 01:26:40 up 1:58, 3 users, load average: 41.36, 40.88, 34.46
1200616038 M * onox question is: how do I get rid of this load? :)
1200616042 M * onox killall doesn't seem to work
1200616050 M * daniel_hozac dmesg
1200616052 M * onox alt+sysrq+e neither
1200616062 M * Bertl onox: sounds like trashing to me
1200616088 M * Bertl eclipse is java related?
1200616109 M * onox yes
1200616127 M * onox daniel_hozac: lots of sigsegv sent by grsec to java
1200616128 M * Bertl and how much memory and swap do you have?
1200616143 M * Bertl ah, grsec is involved too?
1200616150 M * onox 1,5G memory, no swap (never ever needed on my laptop)
1200616152 M * onox grsec: signal 11 sent to /usr/opt/sun-jdk-1.5.0.13/bin/java[java:4489] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/opt/sun-jdk-1.5.0.13/bin/java[java:3400] uid/euid:1000/1000 gid/egid:1000/1000
1200616183 M * daniel_hozac you use Java. you need swap.
1200616184 M * onox dmesg also shows the following:
1200616184 M * daniel_hozac :)
1200616186 M * Bertl onox: well, without swap, java can easily crash your system anytme
1200616189 M * onox
1200616189 M * Bertl *anytime
1200616194 M * onox Bad page state in process 'java'
1200616194 M * onox page:c15b7820 flags:0x40000001 mapping:00000000 mapcount:0 count:0
1200616194 M * onox Trying to fix it up, but a reboot is needed
1200616194 M * onox Backtrace: [<0004d3c1>] bad_page+0x61/0x90 [<0004de67>] free_hot_cold_page+0x87/0x1c0 [<000575c9>] do_wp_page+0x239/0x430 [<000589d0>] __handle_mm_fault+0x320/0x390 [<000153bc>] do_page_fault+0x1dc/0x880 [<0006f0ba>] copy_strings+0xba/0x200 [<00103db9>] __copy_to_user_ll+0x19/0x30 [<00103ecb>] copy_to_user+0x3b/0x50 [<00030002>] posix_cpu_timer_set+0xe2/0x3d0 [<000151e0>] do_page_fault+0x0/0x880
1200616199 M * Bertl (please use paste.linux-vserver.org for everything longer than 3 lines)
1200616200 M * onox [<029e65a>[] error_code+0x7a/0x80 [<00100000>] prio_tree_insert+0xd0/0x190 [<00010246>] acpi_restore_state_mem+0x46/0xe00 =======================
1200616203 M * onox
1200616212 M * onox Bertl: i'm lucky, it were 2 lines :)
1200616226 M * daniel_hozac more like 5
1200616276 M * Bertl well, can't say anything about grsec and 'bad oage states' ...
1200616280 M * Bertl *page
1200616299 M * onox Bertl: ever right now, memory is 31% in use by programs + 25% in use as cache
1200616362 M * onox ok, but do you know how to kill java?
1200616368 M * onox killall java doesn't work
1200616390 M * Bertl it did cause a kernel stack dump, so it is unkillable now
1200616403 M * Bertl i.e. you have to reboot, as the message told you
1200616431 M * onox bleh, stupid java
1200616598 M * onox could this be caused by SEGMEXEC?
1200616613 M * onox which only gives me 1,5G address space
1200616639 M * daniel_hozac seems likely.
1200616690 M * onox ok, bye everyone :p
1200616706 Q * onox Quit: java suxorz
1200616825 J * onox ~onox@kalfjeslab.demon.nl
1200617156 M * onox damn it, again
1200617157 Q * onox Quit: leaving
1200617992 M * geektopia Are any of you vserver fans headed to linuxconf.au?
1200618015 M * Bertl maybe Aiken?
1200618159 M * geektopia Hi Bertl, while your around can I ask what is the meaning of the 2 integers for each of FillRate and Interval in /proc/virtual//sched?
1200618190 M * Bertl http://linux-vserver.org/CPU_Scheduler
1200618619 M * geektopia Yes, thats what I'm asking about. The docs mention for example "FillRate Number of tokens filled into the bucket at each interval", my question is why are there two numbers instead of just on?
1200618635 M * Bertl R1/T1 and T2/T2
1200618659 M * Bertl one for the hard scheduling and one pair for the idle time scheduling
1200618784 M * geektopia OK, is that so we can specify different 'sharing ratios' for heavy vs light load?
1200618804 M * Bertl more for competing vs. fair, but yes
1200618836 M * geektopia I don't quite get what you mean by R1/T1 T2/T2? What do the Rs and Ts represent?
1200618867 M * Bertl that is, what the page I gave you explains in great detail
1200618905 M * Bertl it's rate and interval, the basic TB ingredients
1200618911 M * geektopia Ah, aplogies I'm looking at http://linux-vserver.org/ProcFS#sched
1200618980 M * geektopia Yeah, that makes more sense now - cheers!
1200618987 M * Bertl you're welcome!
1200619435 Q * phizeek Ping timeout: 480 seconds
1200620737 Q * yarihm Ping timeout: 480 seconds
1200621598 M * Bertl okay, off to bed now ... have a good one everyone!
1200621603 N * Bertl Bertl_zZ
1200630743 J * aj_ ~aj@e180195040.adsl.alicedsl.de
1200631056 Q * derjohn_mobil Ping timeout: 480 seconds
1200632050 J * balbir ~balbir@122.167.94.134
1200632897 J * barbys ~User@91.135.210.36
1200632897 Q * mire_ Read error: Operation timed out
1200632968 M * barbys Hello all
1200633215 Q * barbys Quit: InetTools IRC 1.6.3 îò ÕÀÎÑà. PS: !!!! >>> ÁÐÎÑÀÅÌ ÊÓÐÈÒÜ <<< !!!!
1200635180 Q * friendly12345 Quit: Leaving.
1200635486 P * undefined
1200635615 Q * hparker Quit: Read error: 104 (Peer reset by connection)
1200636015 Q * jescheng Remote host closed the connection
1200636036 J * jescheng ~jescheng@proxy-sjc-2.cisco.com
1200636433 Q * geektopia Quit: Ex-Chat
1200636982 Q * tam Ping timeout: 480 seconds
1200637213 J * tam ~tam@gw.nettam.com
1200637472 J * sharkjaw ~gab@shell.ormset.no
1200638141 Q * Punkie Quit: Leaving
1200638611 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk
1200639100 Q * quasisane Ping timeout: 480 seconds
1200639389 J * _bjh_ ~bjh@84.112.154.154
1200639985 J * Punkie ~Punkie@goc.coolhousing.net
1200640147 Q * JonB Quit: This computer has gone to sleep
1200640158 J * Slydder ~chuck@194.59.17.53
1200640165 M * Slydder morning all
1200640570 J * dreamind ~dreamind@C2107.campino.wh.tu-darmstadt.de
1200640610 N * dreamind Guest3541
1200640627 N * Guest3541 dreamind
1200640978 M * dreamind Hi folks :)
1200641207 J * meandtheshel1 ~sa@85-127-204-19.dynamic.adsl-line.inode.at
1200642394 Q * harry Ping timeout: 480 seconds
1200642602 Q * AStorm Quit: Fighting IRC addiction, live!
1200642656 J * harry ~harry@d54C363EF.access.telenet.be
1200643569 J * marcel ~marcel@lt3.xs4all.nl
1200643853 M * awk hello
1200643856 M * awk any work aroun dfor this
1200643870 M * awk crm:/# ntpdate ntp.is.co.za
1200643870 M * awk 18 Jan 08:11:04 ntpdate[10229]: Can't adjust the time of day: Operation not permitted
1200643877 M * awk whats the best way to update date
1200643880 M * awk ./ti,e
1200643883 M * awk time
1200644559 M * dreamind hm, inside of a vserver this is of course not possible
1200644581 M * dreamind but I 'd guess you 'd simply run ntpdate or better ntpd in the host system.
1200644583 J * gebura ~gebura@77.192.186.197
1200644619 J * larsivi ~larsivi@144.84-48-50.nextgentel.com
1200645318 M * gebura hi
1200645527 Q * dreamind Quit: dreamind
1200646489 J * dna ~dna@54-241-dsl.kielnet.net
1200646802 Q * Hunger Ping timeout: 480 seconds
1200646917 Q * tam Remote host closed the connection
1200647280 J * tam ~tam@gw.nettam.com
1200647425 Q * aj_ Ping timeout: 480 seconds
1200648060 M * awk dreamind: my host date and time is correct
1200648065 M * awk so yaa that doesnt help
1200648104 M * Loki|muh so I guess you want to give the guest the right timezone ;)
1200648536 M * awk eh
1200648538 M * awk you right
1200648538 M * awk thanks
1200648544 M * awk cant believe i nevr thought about that
1200649935 M * sid3windr :o
1200649938 M * sid3windr bertl coming to profoss
1200649961 J * arekm arekm@carme.pld-linux.org
1200650031 M * arekm Hello! /me wonders if context leak problem was finally fixed?
1200650075 M * arekm s/context/namespace/
1200650161 M * arekm ah, it was, http://people.linux-vserver.org/~dhozac/p/k/delta-nsproxy-fix01.diff
1200650194 J * dragonheart ~dragonhea@ppp59-167-41-98.lns2.cbr1.internode.on.net
1200650214 M * arekm hm, didn't see delta-nsproxy-fix02.diff then. Is this also a leak fix?
1200650275 M * dragonheart don't know if its been mentioed - linux kernel cve-2008-0001 affects the vserver patches too
1200650388 M * dragonheart 2nd hunk of http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git;a=commitdiff;h=974a9f0b47da74e28f68b9c8645c3786aa5ace1a;hp=d0c4c9d4a2e46f052178806c4004d52cd3ae040f needs to be intergrated. the flaw exists in patch-2.6.24-rc7-vs2.2.0.5.0.7-pre.diff too
1200650533 J * ema ~ema@rtfm.galliera.it
1200650652 M * arekm daniel_hozac: were leak fixes integrated into some 2.3.0.X version for 2.6.22.x? (looks like not, I see only patch-2.6.22.10-vs2.3.0.29.diff which is old but would like to get confirmation), thanks
1200650776 J * Infinito argos@201-2-77-243.gnace701.dsl.brasiltelecom.net.br
1200650881 J * Julius ~julius@p57B2725A.dip.t-dialin.net
1200651160 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk
1200653741 N * Bertl_zZ Bertl
1200653746 M * Bertl morning folks!
1200653755 M * dragonheart gm
1200653770 M * dragonheart what's happening
1200653883 M * dragonheart i'll mention it again now that you here and don't know if its been mentioned before - linux kernel cve-2008-0001 affects the vserver patches too
1200653900 M * Bertl dragonheart: thanks for reporting, but the 2.6.24 version is a pre version, and I think mainline will fix that in 2.6.24, no?
1200653924 M * dragonheart yes but a specific part of vserver patches it
1200653940 M * Bertl (so it will be automatically fixed when we release a 2.6.24 version)
1200653967 M * Bertl arekm: it is fixed in my tree, no worries
1200654015 M * dragonheart the http://vserver.13thfloor.at/Experimental/patch-2.6.24-rc7-vs2.2.0.5.0.7-pre.diff didn't have it fixed
1200654051 M * arekm Bertl: I'm worried because I still use 2.6.22 ;-)
1200654059 M * Bertl dragonheart: but it was fixed in 2.6.24-rc7?
1200654123 M * dragonheart arekm: me to but its a oneline change
1200654154 M * arekm dragonheart: this one, yes but I wonder if other fixes are needed (like delta-nsproxy-fix02.diff)
1200654257 M * kaouete I am looking at your discussion, and wondering if I am using patch-2.6.22.10-vs2.3.0.29.diff, should I apply some supplementary fix ??
1200654287 M * Punkie me too :)
1200654291 M * Bertl kaouete: no, but you should upgrade to the next 2.6.22.x release
1200654305 M * dragonheart arekm: havent' checked
1200654368 M * dragonheart Bertl: the way i'm reading the fix - like 5800 of patch-2.6.24-rc7-vs2.2.0.5.0.7-pre.diff should be "if (IS_COW(inode) && (acc_mode & MAY_WRITE)) {"
1200654387 M * kaouete I use 2.6.22.11
1200654407 J * lilalinux ~plasma@80.69.41.3
1200654435 M * kaouete (in fact 2.6.22-6 from debian who is a 2.6.22.11) (and i applied vs2.3.0.29 instead of vs2.2.0.5)
1200654581 M * Bertl kaouete: well, I would worry more about the essential fixes done in 2.6.22.12-15 than about the tiny information leak in the Linux-VServer patch, but as I said, next release will have it fixed
1200654598 M * kaouete :p ok
1200654698 M * Bertl actually, 2.6.22.12-16 :)
1200654733 J * ftx ~ftx@dslb-084-060-231-065.pools.arcor-ip.net
1200654740 M * Bertl wb ftx!
1200654768 Q * arekm Quit: Lost terminal
1200654792 M * dragonheart i'm just about to start playing with tuxonice with vserver. i'm try to remember to report how it goes if people care
1200654825 M * Bertl daniel_hozac: sure, what does it do?
1200654890 M * Bertl *dragonheart: ah, hibernation, what'S the difference to swsusp*
1200654928 M * dragonheart slightly differnt fork
1200654954 M * Bertl so, we have swsusp, swsusp2, and tuxonice, yes?
1200654993 M * dragonheart suspend2 == tuxonice
1200655065 M * dragonheart so as far as i can tell suspend2 forked from swsusp at at kernel version 2.5.17
1200655149 M * Bertl but isn't swsups2 the one in 2.6.x nowadays?
1200655229 M * dragonheart yes. tuxonice is a external patch
1200655258 M * dragonheart i haven't really investigated one over the other
1200655312 M * dragonheart i had tuxonince included in a distro kernel and it worked will on a laptop so i'm just sticking with it due to familarity
1200655322 M * dragonheart s/will/well/
1200655357 M * Bertl I understand ... well, as I said, let us know how it goes
1200655378 M * dragonheart ok can do.
1200655436 M * dragonheart am i making sense on the cve thing? I feel a little head sore so forgive me if i'm not make sense/ understandign and i'll try another time
1200655449 J * arekm arekm@carme.pld-linux.org
1200655478 M * arekm Bertl: I would say "yes". namespace leak fix is needed on top of 2.3.0.29
1200655508 M * Bertl np, I got it, and as I said, it will be fixed soon (next pre version), also, if that is the real question, your fix is probably in the right direction, if you want to make sure, provide a patch and I'll check it
1200655531 M * Bertl (that was for dragonheart, but matches for arekm too :)
1200655562 M * Bertl arekm: IIRC, daniel_hozac provided an updated patch a few days ago (for you and other folks)
1200655581 M * arekm Bertl: oh, have to find some logs for this channel then
1200655610 M * arekm (to find the updated patch of course :)
1200655617 M * Bertl hmm, that is probably hard with the realtime logs on irc.13thfloor.at :)
1200655619 M * dragonheart ok thanks
1200655686 M * arekm http://people.linux-vserver.org/~dhozac/p/k/rpms/patch-2.6.22.15-vs2.3.0.29.1.diff
1200655709 M * arekm found 8)
1200655710 M * Bertl I would go for this one: http://people.linux-vserver.org/~dhozac/p/k/patch-2.6.22.16-vs2.3.0.29.1.diff
1200655772 M * sid3windr Bertl: are you coming to fosdem too?
1200655787 M * arekm hm, I wonder if there is a tool for diffing *.diff files :)
1200655807 M * ard6 Hmmm, that would be a nice reason to go too..
1200655820 M * sid3windr :)
1200655822 M * Bertl sid3windr: I'm at profoss 21-23rd
1200655825 M * sid3windr yes, I know
1200655828 M * sid3windr hence my question ;)
1200655872 M * Bertl that is directly after that, IIRC, so probably no, have to be back on the 24th
1200655884 M * daniel_hozac arekm: interdiff.
1200656028 M * ard6 Bertl : there seems to be 30 days between profoss and fosdem :-)
1200656044 M * Bertl ah, so I remembered the month wrong :)
1200656059 M * ard6 profoss is next week :-)
1200656074 M * Bertl yes, I know :) ...
1200656098 A * ard6 thinks Bertl is on the program :-0
1200656251 M * sid3windr :)
1200656260 M * sid3windr yeah, I read that on the fosdem site ;)
1200656372 M * matti Morning :)
1200656379 M * Bertl hey matti!
1200656415 M * matti Hi Bertl :)
1200656417 M * matti How are you?
1200656757 M * arekm daniel_hozac: cool, thanks
1200656759 M * Bertl dragonheart: did you look at the IS_APPEND() path, shouldn't that get a change (flag wise) too?
1200656808 J * mattzerah ~matt@121.50.219.50
1200656840 M * Bertl wb mattzerah!
1200656847 M * mattzerah hey Bertl
1200656849 M * mattzerah how are ya ?
1200656862 M * Bertl mattzerah, matti: fine so far, thanks!
1200656875 M * mattzerah very cool
1200656884 A * mattzerah has a new job - well, i think i do anyway
1200656900 M * mattzerah which i guess is good, cause the old job (well, current job) is getting a little unstable
1200656932 M * mattzerah in house php programmer is getting a little short of work i feel - and company ins't doing so well, so i think its good to get out while i can
1200656963 M * Bertl I remember something about ships and rats ... :)
1200656975 M * dragonheart Bertl: nope - i wasn't looking too hard
1200656975 M * mattzerah hehehe
1200656982 M * mattzerah that would be the one :)
1200657026 M * Bertl mattzerah: nah, seriously, doesn't hurt if you leave while you are still needed
1200657067 M * mattzerah yea, they get to keep me 1 day a week - but if i was being honest (and not trying to keep my job) i'm probably only have one day a week of actual work these days anyway
1200657073 M * daniel_hozac dragonheart: so the idea is that mount -o ro can be bypassed with O_RDONLY|O_TRUNC, right?
1200657093 M * daniel_hozac (and same for directories)
1200657096 M * mattzerah it gets a bit boring - i try to be a programmer and i'll i'm doing is looking after empy paper in photocopiers
1200657103 M * mattzerah hey daniel_hozac
1200657107 M * daniel_hozac hey mattzerah
1200657168 M * dragonheart daniel_hozac: my understanding is a copy off https://bugzilla.redhat.com/show_bug.cgi?id=428791
1200657198 M * dragonheart i haven't followed the meanings of all kernel flags
1200657329 M * Bertl well, for me it boils down to the question: should files (not directories) test for acc_mode (instead of flags) too, or not?
1200657354 M * Bertl the mainline test would suggest no ... btw
1200657372 M * daniel_hozac i think acc_mode is correct in the COW case.
1200657380 M * daniel_hozac otherwise you can truncate files.
1200657403 M * Bertl okay, which leaves me with IS_APPEND() then
1200657422 M * Bertl in which case, I would opt for the same fix (in mainline)
1200657426 M * daniel_hozac which i think is still correct, since it checks for all the flags.
1200657454 M * Bertl ah, the truncate, yes
1200657610 Q * sharkjaw Quit: Leaving
1200657615 J * sharkjaw ~gab@shell.ormset.no
1200657714 J * mire_ ~mire@165-170-222-85.adsl.verat.net
1200657961 M * daniel_hozac so for all you worried souls, http://people.linux-vserver.org/~dhozac/p/k/patch-2.6.22.16-vs2.3.0.29.2.diff
1200657963 M * kaouete What is the best way to make a network for my vservers ? I have this conf : net <--> eth2:host:eth0 <--> local lan (eth1 is used for wifi lan like local lan) and i would like to put the vservers in 4th network, (i have shorewall on the host that can handle the routing between the networks)
1200658004 N * mattzerah mattzerah`afk
1200658088 M * dragonheart daniel_hozac: I wasn't too worried but thankyou
1200658105 A * ard6 is going to patent one-click-compile
1200658252 M * dragonheart ard6: there could be money in a one-click-bug-fix :-)
1200658314 M * daniel_hozac i think that's done already.
1200658516 Q * JonB Quit: This computer has gone to sleep
1200658575 Q * _bjh_ Quit: leaving
1200658692 M * ard6 if it's done already, I will only patent an improvement of the prior art :-)
1200658709 M * ard6 (celps -> acelps)
1200658748 M * Bertl try to get the zero-click stuff working ... it's the future :)
1200658796 M * ard6 :-)
1200658800 M * Bertl oh, wait, that is already done too .. pop-over/under/left/right
1200658839 M * arekm crap, /me already updated .29.1 for tons of local patches heh
1200658877 M * daniel_hozac it should be something like 4 hunks.
1200658886 M * daniel_hozac i.e. unlikely to affect your other patches.
1200658978 M * Bertl who knows .. if he stores them in the same location, they might talk to each other :)
1200659103 M * arekm interdiff helped
1200659296 M * Bertl daniel_hozac: http://vserver.13thfloor.at/Experimental/patch-2.6.22.16-vs2.2.0.5.2.diff
1200659317 M * Bertl (please check, AFAICT, it should match your version)
1200659379 M * daniel_hozac ah, you have the netlink stuff too. i forgot about that.
1200659388 M * daniel_hozac you're missing http://people.linux-vserver.org/~dhozac/p/k/delta-signal-fix01.diff though.
1200659415 M * Bertl ah, right, the signalling fix ... tx
1200659445 J * Hunger Hunger.hu@Hunger.hu
1200659541 M * Bertl daniel_hozac: hmm, I have a singla fix02 here, where actually was before that, funny numbering?
1200659549 M * Bertl *signal
1200659559 M * daniel_hozac hmm?
1200659610 M * Bertl your patch, for 2.6.24-rc7, similar stuff
1200659614 M * daniel_hozac ah, yes.
1200659629 M * daniel_hozac the fix01 is older than fix02 though.
1200659641 M * Bertl ah, okay :)
1200659659 M * daniel_hozac it's from nov 04, according to the directory listing :)
1200659691 M * Bertl okay, shall we call the result 2.2.0.6?
1200659701 M * arekm damn, fs/afs/cell.c stopped building somehow, magic
1200659715 M * daniel_hozac sure, makes sense.
1200659734 M * daniel_hozac probably deserves to be 2.3.0.30 too.
1200659775 J * ViRUS ~mp@p57A6F3F4.dip.t-dialin.net
1200659791 M * Bertl right
1200659807 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk
1200659834 Q * kaouete Quit: Reconnecting
1200659836 J * kaouete kkwet@crazydwarves.org
1200659873 M * kaouete what is ngnet ? is it in 2.3 or is it something that was abandonned ?
1200659977 M * ard6 vxW: [xid #0] !!! limit: ffff8100422a5078[VM,9] = 22 on exit.
1200659988 Q * Aiken Remote host closed the connection
1200659999 J * aj_ ~aj@51.42.69.80.in-addr.net-lab.net
1200660021 M * daniel_hozac kaouete: the containers are working on something equivalent.
1200660028 M * daniel_hozac +folks
1200660091 M * kaouete hm ok, in fact I don't really understand what is it ^^ but it is not important, I am just trying to understand how network works with vserver, and what are the different way to have services in vserver available from the net and/or local lan
1200660115 M * kaouete http://wiki.linux-vserver.org/RestrictingVserverNetworkingTips <= this page looks like it explain some things
1200660169 M * Bertl kaouete: the important thing is, that you realize that Linux-VServer does Layer 3 isolation and no network virtualization (as you might know from virtual machines and similar)
1200660210 M * kaouete ok
1200660256 M * Bertl so networking, except for a tiny difference regarding 127.x.x.x, is exactly the same as usual, and it all happens on the host
1200660289 M * Bertl the guests get (sub)sets of IP addresses assigned, and they can use (bind) them
1200660317 M * kaouete so the guests uses directly the adresse assigned to the host, does it ?
1200660338 M * Bertl yep, a subset of those addresses usually
1200660344 M * kaouete ok
1200660390 M * kaouete so if i use the dummy0 solution, and this interface is avalaible from the local lan (by routing in the host for example), then the local lan can access to my guests
1200660416 A * ard6 always uses lo for that :-)
1200660429 M * Bertl kaouete: yep (i.e. if that works for the host)
1200660435 M * kaouete ok
1200660455 M * kaouete ard6: how do you use lo for that ?
1200660482 M * Bertl kaouete: doesn't matter which interface you put the IP on, as long as it is known to the outside
1200660491 M * kaouete ok
1200660513 M * arekm daniel_hozac: could you see if fs/afs/ builds for you with .29.2 vserver patch? (CONFIG_AFS_FS=m)
1200660521 M * Bertl kaouete: dummy isn't used in the setup you are looking at either, otherwise the data would get lost :)
1200660532 M * kaouete I think i will use this solution : http://wiki.linux-vserver.org/Networking_vserver_guests it seems to work well with shorewall, and I will redirect for example port 80 to the guest if I want it to serve http
1200660564 M * Bertl kaouete: makes sense, DNAT ist the suggested way to go for services
1200660582 M * kaouete I hope ipv6 will soon take over the world, it will be simplier ...
1200660600 M * Bertl I doubt it ... both, actually :)
1200660600 M * Julius i thought the use of dummy interfaces wasn't recommended?
1200660601 M * daniel_hozac arekm: no.
1200660628 M * arekm bad.
1200660640 M * kaouete Julius: really ? so how do the same thing as in this howto without dummy ?
1200660647 M * kaouete by using an existing interface ?
1200660650 M * daniel_hozac it's the "select doesn't really work" bug in Kconfig.
1200660661 M * Julius i have no idea how to do it
1200660664 M * kaouete ^^ ok
1200660668 M * Julius that's one of my mafor problems...
1200660679 M * kaouete hehe, so i will stay with dummy0 :)
1200660689 M * Julius as long as it works for you
1200660704 M * Bertl Julius, kaouete: doesn't matter on which interface you put the ip
1200660746 M * kaouete Bertl: even if i need to put it in another network than the interface i put it on ?
1200660748 M * arekm any workaround/patch known?
1200660753 N * mattzerah`afk mattzerah
1200660770 M * daniel_hozac arekm: # CONFIG_AFS_FS is not set
1200660770 M * kaouete for example : eth0:192.168.1.0/24 and i want my vservers on 192.168.2.0/24
1200660793 M * Bertl kaouete: well, strictly speaking, it does matter, if you use reverse path filtering, but, in this case, the dummy approach doesn't work either
1200660811 M * daniel_hozac arekm: it requires a feature that conflicts with Linux-VServer.
1200660816 M * kaouete ^^ I don"t what it is, so i guess it is not a problem for me :)
1200660853 M * Julius I think I'll assign private network addresses to eth0
1200660878 M * arekm daniel_hozac: conflicts on which level? compile, usage? previous patch didn't have this problem visible
1200660901 M * Bertl arekm: 2.6.24 will have that fixed, utilizing user namespaces, for 2.6.22, we cannot allow to enable key retention support because of missing virtualization
1200660905 M * daniel_hozac arekm: usage, security wise.
1200660915 M * kaouete and will not there be problem with interface shot down like in the FAQ if i assign my address to eth0 with my local lan : http://wiki.linux-vserver.org/Frequently_Asked_Questions#If_I_shut_down_my_vserver_guest.2C_the_whole_Internet_interface_ethX_on_the_host_is_shut_down.__What_happened.3F
1200660924 M * daniel_hozac arekm: also limits the number of guests you can run to 50.
1200660968 M * Bertl kaouete: this only happens under certain, very unfortunate circumstances (i.e. having the primary assigned to a guest, while the host uses a secondary and promotion is turned off)
1200660976 M * kaouete ok
1200660982 M * kaouete so no problem
1200661081 M * arekm daniel_hozac: oh, and if I compile both but won't use both at the same time - do these problems still apply?
1200661117 M * Bertl yes, we will disable AFS for the time being
1200661203 M * arekm ok, not messing with Kconfig then :>
1200661207 M * daniel_hozac i really hate select.
1200661218 M * daniel_hozac just for the record.
1200661279 M * Bertl yeah, it's a little clumsy, but I think it has to work this way to resolve colisions
1200661290 M * Bertl (as unfortunate this may be for us)
1200661348 M * daniel_hozac it would seem logical to disable things where the the selectee cannot be enabled.
1200661389 M * daniel_hozac i.e. if a depends on b, and c selects a, c should depend on b too.
1200661401 M * Bertl have you considered doing a patch on that, I'm pretty sure mainline (Sam?) will accept it
1200661468 M * daniel_hozac considered, yes. but it hasn't gotten further than that yet... ;)
1200661529 M * Bertl maybe arekm likes to help :)
1200661792 M * Bertl daniel_hozac: regarding 2.3.0.30, I see a few more differences, mainly:
1200661806 M * Bertl - r->id.idiag_src[0] = nx_map_sock_lback(sk->sk_nx_info, inet->rcv_saddr);
1200661809 M * Bertl + r->id.idiag_src[0] = nx_map_sock_lback(skb->sk->sk_nx_info, inet->rcv_saddr);
1200661828 M * Bertl is there a patch for this (I missed)?
1200661856 M * Bertl and
1200661861 M * Bertl - ret = kill_pid_info(sig, info, find_pid(vx_rmap_pid(pid)));
1200661861 M * Bertl + ret = kill_pid_info(sig, info, find_pid(pid));
1200661992 J * Hiaslboy ~wieser@143.224.23.204
1200661997 M * Bertl wb Hiaslboy!
1200662010 M * Hiaslboy HHi Bertl :-)
1200662122 M * Hiaslboy Lot of things has changed since the last time I was online.
1200662137 M * Bertl the internet got crowded? :)
1200662170 M * Hiaslboy no, but you implemented some more features for vserver :-)
1200662197 M * Bertl ah, well, happens all the time ... but daniel_hozac implemented a few ones too :)
1200662205 J * balbir_ ~balbir@122.167.94.134
1200662232 Q * balbir Ping timeout: 480 seconds
1200662279 M * Hiaslboy And you still provide the source in patches or have you moved to git too?
1200662314 M * Bertl we almost moved, but we are still using distributed patches :)
1200662454 N * mattzerah mattzerah`afk
1200662479 M * cehteh heh
1200662568 M * Hiaslboy and a long story why not?
1200662649 M * Bertl no, nothing specifically, it just didn't happen (yet)
1200662922 M * Bertl Hollow, daniel_hozac: can we remove the attachment for Ben?
1200662953 M * Bertl (before google or similar caches it)
1200663025 M * Bertl sladen: same goes for you, but I'm not sure you keep attachments at all
1200663385 N * mattzerah`afk mattzerah
1200663399 M * mattzerah night all :)
1200663418 M * mattzerah i hope to be around a little more often - wether i'm useful or not might be another matter of course :)
1200663427 M * Bertl mattzerah: have a good one! np
1200663438 Q * mattzerah Quit: GONE!
1200663582 M * daniel_hozac Bertl: i have no idea where the archives are at...
1200663614 M * daniel_hozac as for the changes, http://people.linux-vserver.org/~dhozac/p/k/delta-inetdiag-fix01.diff and http://people.linux-vserver.org/~dhozac/p/k/delta-signal-fix01.diff
1200663620 M * Bertl it doesn't seem to be too critical atm, the web interface does not show/provide it
1200663701 M * Bertl ah, the signal-fix01 is missing in your patch then, np, that's fine
1200663711 M * daniel_hozac hmm, it is?
1200663726 M * daniel_hozac ah, from .1 it is, .2 should have it.
1200663737 M * daniel_hozac i think .1 only had delta-nsproxy-fix01, i.e. the most critical patch.
1200663759 M * Bertl np, will add those two patches and the AFS fix, we should be fine then
1200663798 M * daniel_hozac yep, i think so...
1200664579 M * arekm Bertl: q: are you talking about version for .24 kernel?
1200664735 M * Bertl if you refer to the AFS stuff, yes
1200664909 M * Hiaslboy but you have not put it anywhere yet or ?
1200664927 M * Bertl what?
1200664952 M * Hiaslboy tha patches you are preparing for 2.6.24-rcs
1200664961 M * daniel_hozac usual place, http://vserver.13thfloor.at/Experimental/
1200665039 M * Hiaslboy thank you :-)
1200665079 M * snooze wont be any vs for 2.6.23 i guess?
1200665105 M * snooze but for .24 instead?
1200665138 M * daniel_hozac yes.
1200665143 M * daniel_hozac 2.6.23 was too broken.
1200665155 M * snooze okey
1200665433 A * ard6 was off discussing proxy-arp and macvlans...
1200665462 M * Bertl always good to discuss those :)
1200665478 M * ard6 well yess, no :-)
1200665511 M * ard6 not when I am actually supposed to do something else... but it was about the next-next-generation firewalling around here
1200665550 M * ard6 some legacy firewall cluster with 30+ interfaces is going to be replaced with a mac-address failover solution based on mac-vlans
1200665657 M * Bertl ah, nice, plenty of room for new issues :)
1200665688 A * ard6 had the kernel-patch finally packaged for debian, and then somebody decided to put it into the kernel :-(
1200665732 M * Bertl those bastards ... well, will take some time till debian uses that kernel, no?
1200665862 Q * sharkjaw Quit: Leaving
1200666040 M * ard6 dunno
1200666047 A * ard6 never uses an official debian kernel :-)
1200666105 M * ard6 but my debian vlan package does have the correct mvconfig :-).
1200666259 M * Slydder finally have a fully functional Open-eXchange Epress Edition install ported to a VServer.
1200666272 M * Slydder and i must add it was a pain in the ass.
1200666303 M * ard6 some people like that...
1200666318 T * Bertl http://linux-vserver.org/ | latest stable 2.2.0.6, 2.0.3-rc3, devel 2.3.0.30, stable+grsec 2.2.0.5 | util-vserver-0.30.214 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;)
1200666323 J * doener ~doener@i577ADE22.versanet.de
1200666331 M * Bertl *vs2.2.0.6 and vs2.3.0.30
1200666337 M * Bertl wb doener!
1200666347 M * Slydder anyone heard anything about loopback support in the next version?
1200666371 M * Slydder would make my life a LOT easier when doing these strange distro ports to vservers.
1200666375 M * Bertl Slydder: Open-eXchange loopback support?
1200666389 M * ard6 you mean 127.0.0.1 support?
1200666392 M * Slydder correct
1200666399 M * Slydder 127.0.0.1 localhost
1200666409 M * Bertl works fine in all recent Linux-VServer kernels
1200666412 M * ard6 ard@c32791:~$ ip a ls dev lo|wc -l
1200666412 M * ard6 11
1200666422 M * doener heh, thanks :-) but that was just my daily disconnect ;-)
1200666423 M * Slydder ?
1200666442 M * ard6 that's why I asked :-)...
1200666477 M * Slydder local loop is supported already?
1200666495 M * ard6 But 2.3 gives you a visual 127.0.0.1 on lo, and 2.2 connects to 127.0.0.1 will connect to the first ip on the vserver
1200666497 M * doener that said, I'm going back to my AI stuff, exam next week
1200666512 M * Bertl doener: good luck and have fun!
1200666521 M * ard6 and if checked, will also lie that the source ip is 127.0.0.1 ?
1200666523 M * doener thanks and "not so sure about that" ;-)
1200666524 A * arekm saw something about .25 going to have namespaces for routes
1200666556 M * ard6 wtf? namespaces for routes? We already have 255 routing tables ...
1200666569 M * Slydder exactly what i thought. i had loopback problems earlier and i had to reconfigure OX to use a static ip instead
1200666642 M * Bertl Slydder: on vs2.2.x you put the first ip into /etc/hosts as localhost, on vs2.3.x you just enable the LBACK stuff
1200666742 Q * doener_ Ping timeout: 480 seconds
1200667063 M * Bertl okay, off for now .. bbl
1200667068 N * Bertl Bertl_oO
1200667436 M * Slydder Bertl: ?
1200667677 M * arekm Bertl_oO: update main page maybe?
1200669639 M * kaouete hm, when i try to open a gz'ed fiel with vim, I think it gunzip it somewhere, and when it is done in a vserver, it looks like it can't gunzip it because of some missing write right, does this problem sound familiar to someone ?
1200669702 M * kaouete I guess it is because it try to gunzip it in /tmp ... is there something special to do with tmp ?
1200669748 M * JonB kaouete: is tmp big enough?
1200669764 M * kaouete i guess yes, it is empty, it is 16MB but the file is not even 1MB
1200669771 M * JonB ok
1200669852 M * kaouete i get this error : "/tmp/v694001/0./usr/share/doc/apache2.2-common/examples/apache2/extra/httpd-ssl.conf.gz" E212: Can't open file for writing
1200669865 M * kaouete and if i look at /tmp there is only the v694001 dir
1200669928 Q * Punkie Quit: OdcházÃm
1200670090 Q * aj_ Ping timeout: 480 seconds
1200670462 M * JonB what about file permissions?
1200670532 Q * larsivi Ping timeout: 480 seconds
1200671041 M * Bertl_oO kaouete: to me it looks like /tmp/v694001/0. and /usr/share/doc/apache2.2-common/examples/apache2/extra/httpd-ssl.conf.gz, but I might be wrong there
1200671276 Q * Hiaslboy Remote host closed the connection
1200671392 N * BobR_oO_ BobR
1200671678 M * kaouete Bertl_oO: you must be right, i will check how vim works to gunzip the file :/
1200671793 Q * Slydder Quit: Leaving.
1200671798 Q * Infinito Quit: Quitte
1200671974 M * Bertl_oO kaouete: just for reference/completeness, what kernel/util-vserver versions?
1200672007 M * kaouete Bertl_oO: 2.6.22.10 + vs2.3.0.29 + 0.30.214
1200672055 M * kaouete Bertl_oO: and on the host vim try to open th efile : /tmp/v701406/0 while in the guest vim try to open the file : /tmp/v701225/0./usr/share/doc/apache2.2-common/examples/apache2/extra/httpd-ssl.conf.gz (seen with strace)
1200672085 M * Bertl_oO so maybe a typo with the .vimrc backup path settings?
1200672117 M * kaouete hm maybe, but i didn't made a change to it, i just created this vserver and installed some packages
1200672120 M * Bertl_oO (or could be a setting in the environment too)
1200672128 M * kaouete ho yes, maybe
1200672890 J * dowdle ~dowdle@scott.coe.montana.edu
1200673383 N * BobR BobR_afk
1200673968 Q * gebura Quit: Quitte
1200674412 Q * [PUPPETS]Gonzo Ping timeout: 480 seconds
1200674418 J * yarihm ~yarihm@vpn-global-dhcp1-50.ethz.ch
1200676077 J * [PUPPETS]Gonzo gonzo@fellatio.deswahnsinns.de
1200676115 Q * hardwire Quit: Coyote finally caught me
1200676132 J * hardwire ~bip@rdbck-5851.palmer.mtaonline.net
1200676162 J * virtuoso_ ~s0t0na@ppp78-37-179-44.pppoe.avangarddsl.ru
1200676231 J * larsivi ~larsivi@144.84-48-50.nextgentel.com
1200676389 N * BobR_afk BobR_oO
1200676569 Q * virtuoso Ping timeout: 480 seconds
1200677347 Q * hardwire Quit: Coyote finally caught me
1200677384 J * hardwire ~bip@xvm-189-175.ghst.net
1200677628 Q * marcel Remote host closed the connection
1200677720 Q * hardwire Quit: Coyote finally caught me
1200677737 J * hardwire ~bip@xvm-189-175.ghst.net
1200678029 J * marcel ~marcel@lt3.xs4all.nl
1200678104 Q * JonB Ping timeout: 480 seconds
1200678259 Q * ema Quit: leaving
1200678922 Q * ftx Ping timeout: 480 seconds
1200679215 Q * jescheng Remote host closed the connection
1200679233 J * jescheng ~jescheng@proxy-sjc-2.cisco.com
1200679249 Q * yarihm Ping timeout: 480 seconds
1200679305 J * SPrinteR ~SPrinteR@91.135.210.46
1200679533 Q * lilalinux Remote host closed the connection
1200679844 J * undefined ~undefined@adsl-68-94-190-217.dsl.rcsntx.swbell.net
1200680163 J * ntrs ~ntrs@vs079.rosehosting.com
1200680481 J * JonB ~NoSuchUse@130.227.63.19
1200680957 Q * balbir_ Ping timeout: 480 seconds
1200680990 Q * SPrinteR Quit:
1200681065 J * hparker ~hparker@linux.homershut.net
1200681627 J * balbir_ ~balbir@122.167.93.180
1200681807 M * sladen Bertl_oO: what attachment?
1200681946 M * undefined sladen: i presume the one attached to the email with Message-ID:
1200683046 J * SPrinteR ~SPrinteR@91.135.210.121
1200683101 J * quasisane ~sanep@c-76-118-191-64.hsd1.nh.comcast.net
1200683325 M * SPrinteR :-DÌÀÇÀÔÀÊÀ ÏÈÏË!
1200683378 J * ema ~ema@rtfm.galliera.it
1200683478 Q * SPrinteR Quit:
1200683836 J * ntrs_ ~ntrs@vs079.rosehosting.com
1200683954 Q * ntrs Remote host closed the connection
1200684377 J * arachnis1 arachnist@088156187175.who.vectranet.pl
1200684422 Q * arachnis1
1200684845 Q * hparker Ping timeout: 480 seconds
1200686359 Q * harry Ping timeout: 480 seconds
1200686642 J * thal ~thalunil@walledcity.de
1200686646 M * thal hi
1200686677 M * JonB hi
1200686717 M * thal i copied a recent backup of one vserver to my linux-vserver host and starting the vserver with "vserver start foo" fails with "vcontext: execvp("/etc/init.d/rc"): No such file or directory
1200686717 M * thal "
1200686731 M * thal what's that? ever handled with this one?
1200686811 M * thal obviously /etc/init.d/rc on the vserver-guest is available
1200686878 M * JonB are you reusing a context?
1200686961 M * thal you mean: servername? no...the vserver-host just got rebooted
1200686980 M * JonB no
1200686983 M * JonB not server name
1200686999 M * JonB /etc/vservers//context
1200687040 M * thal there is no such file
1200687055 M * JonB let me check mine
1200687056 M * thal neither in the old backup nor in a newly created and working vserver
1200687077 M * JonB it is in the host
1200687098 M * thal i straced the vserver binary and shortly after "execve("/usr/sbin/vnamespace", ["/usr/sbin/vnamespace", "--new", "--", "/usr/sbin/vserver", "----nonamespace", "fnord", "start"], [/* 13 vars */]) = 0
1200687098 M * thal " and the resulting clone() this message apperas
1200687140 M * thal i am on the host, there is no /etc/vserver/fnord/context
1200687140 M * JonB which util-vserver version are you using?
1200687195 M * thal Version: 0.30.212-1
1200687234 M * thal Host OS Debian stable
1200687309 M * JonB are there a rc file on the host filesystem and also on the guest filesystem ?
1200687349 M * thal yes, it is identical
1200687440 M * JonB ok
1200688396 M * thal is there some kind of permission-fixing script if the acl's are fucked up?
1200688567 M * JonB i dont know
1200688599 M * JonB i would suggest trying the latest util-vserver version
1200688616 M * undefined thal: what permissions do you believe are messed up?
1200688762 M * thal undefined: /dev/ is totally empty! i am fixing this.
1200688775 M * thal undefined: the error message /etc/init.d/rc is totally (!) misleading
1200688824 J * dna_ ~dna@162-224-dsl.kielnet.net
1200688830 M * undefined thal: /dev is empty in the host or guest?
1200688835 M * thal undefined: guest
1200688857 M * undefined thal: you can copy them from another guest
1200688894 M * thal undefined: i will
1200688986 J * ntrs ~ntrs@vs079.rosehosting.com
1200689114 J * Aiken ~james@ppp121-45-194-143.lns1.bne1.internode.on.net
1200689225 Q * dna Ping timeout: 480 seconds
1200689385 Q * ntrs_ Ping timeout: 480 seconds
1200689456 Q * ema Quit: leaving
1200689689 M * undefined thal: can the guest start after fixing up its /dev?
1200689709 M * thal undefined: no.
1200689719 M * undefined thal: same error?
1200689755 M * thal undefined: unfortunately not. but i found out that something like "chroot /vserver/b0rked bserver /bin/bash" doesnt work - error message is: "bin/bash not found" - although /bin/bash is avail inside this directory
1200689760 M * thal undefined: same error yeah
1200689790 M * thal undefined: very weird
1200690063 M * thal chroot("/vservers/msh") = 0
1200690064 M * thal chdir("/") = 0
1200690064 M * thal execve("/bin/bash", ["/bin/bash"], [/* 15 vars */]) = -1 ENOENT (No such file or directory)
1200690082 M * thal really strange - a different vserver works
1200690209 M * undefined thal: ls -l /vservers/msh/bin/bash
1200690274 M * thal -rwxr-xr-x 1 root root 677184 2006-12-11 22:20 /vservers/msh/bin/bash
1200690390 M * undefined is /vservers/msh mounted noexec?
1200690432 M * thal of course not, the mountpoint is /vservres and chrooting into (e.g.) msh-fresh) works like a charm
1200690444 M * undefined just thinking out loud
1200690460 M * thal its fine, i am thankful. ineed help ;)
1200690692 M * thal alright, i get into my car heading home....wonderful friday evening, looking forward to it...laters guy
1200691468 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1200691892 Q * arachnist Read error: Connection reset by peer
1200692006 J * arachnist arachnist@088156187175.who.vectranet.pl
1200692082 J * larsivi_ ~larsivi@144.84-48-50.nextgentel.com
1200692154 Q * larsivi Ping timeout: 480 seconds
1200692163 N * larsivi_ larsivi
1200692446 Q * meandtheshel1 Quit: Leaving.
1200693371 J * yarihm ~yarihm@84-75-103-252.dclient.hispeed.ch
1200694314 Q * ViRUS Quit: Leaving
1200695976 J * aj_ ~aj@p5B23EA96.dip.t-dialin.net
1200697329 J * dna ~dna@162-224-dsl.kielnet.net
1200697700 Q * dna_ Ping timeout: 480 seconds
1200698529 J * Alexander ~IRC@homeonline.dialup.corbina.ru
1200698554 M * Alexander Hello, I sorry for my English. I use Linux-VServer and OpenVCP. All works is fine, but with CPU Scheduler problems.
1200698554 M * Alexander I use Hard Limit. Settings through OpenVCP. But not looking at these restrictions, one VPS can use 100 % CPU of a node
1200698554 M * Alexander 2.6.18-5-vserver-amd64
1200698554 M * Alexander util-vserver: version 0.30.214
1200698554 M * Alexander OpenVCP: version 0.3
1200698555 M * Alexander Example of the catalogue sched: (I wish to allow to use 10 % CPU)
1200698555 M * Alexander fill-rate: 3
1200698557 M * Alexander interval: 32
1200698557 M * Alexander priority-bias: 0
1200698559 M * Alexander tokens: 500
1200698559 M * Alexander tokens-max: 1000
1200698561 M * Alexander tokens-min: 200
1200698561 M * Alexander cat flags
1200698563 M * Alexander sched_hard
1200698563 M * Alexander virt_mem
1200698565 M * Alexander virt_uptime
1200698565 M * Alexander virt_cpu
1200698567 M * Alexander virt_load
1200698567 M * Alexander Help me please
1200698625 M * JonB i think people are sleeping
1200698641 M * JonB if you want to paste alot of text, please use paste.linux-vserver.org
1200698664 J * mattzerah ~matt@121.50.219.50
1200698753 M * Alexander thanks
1200698847 Q * marcel Remote host closed the connection
1200699193 Q * bonbons Quit: Leaving
1200699240 P * mattzerah So long, and thanks for the fish
1200699261 Q * sladen Ping timeout: 482 seconds
1200699807 J * ViRUS ~mp@p57A6F3F4.dip.t-dialin.net
1200700111 J * sladen paul@starsky.19inch.net
1200700194 Q * Alexander Quit: Alexander
1200700229 Q * JonB Ping timeout: 480 seconds