1200614514 Q * dowdle Remote host closed the connection 1200614802 Q * jescheng Remote host closed the connection 1200614814 J * jescheng ~jescheng@proxy-sjc-2.cisco.com 1200615862 J * onox ~onox@kalfjeslab.demon.nl 1200615870 M * onox I have a big IO problem 1200615882 M * Bertl how so? 1200616000 M * onox well, eclipse just went crazy 1200616011 M * onox and now my single-cpu is waiting all the time on IO 1200616023 M * onox 01:26:40 up 1:58, 3 users, load average: 41.36, 40.88, 34.46 1200616038 M * onox question is: how do I get rid of this load? :) 1200616042 M * onox killall doesn't seem to work 1200616050 M * daniel_hozac dmesg 1200616052 M * onox alt+sysrq+e neither 1200616062 M * Bertl onox: sounds like trashing to me 1200616088 M * Bertl eclipse is java related? 1200616109 M * onox yes 1200616127 M * onox daniel_hozac: lots of sigsegv sent by grsec to java 1200616128 M * Bertl and how much memory and swap do you have? 1200616143 M * Bertl ah, grsec is involved too? 1200616150 M * onox 1,5G memory, no swap (never ever needed on my laptop) 1200616152 M * onox grsec: signal 11 sent to /usr/opt/sun-jdk-1.5.0.13/bin/java[java:4489] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/opt/sun-jdk-1.5.0.13/bin/java[java:3400] uid/euid:1000/1000 gid/egid:1000/1000 1200616183 M * daniel_hozac you use Java. you need swap. 1200616184 M * onox dmesg also shows the following: 1200616184 M * daniel_hozac :) 1200616186 M * Bertl onox: well, without swap, java can easily crash your system anytme 1200616189 M * onox 1200616189 M * Bertl *anytime 1200616194 M * onox Bad page state in process 'java' 1200616194 M * onox page:c15b7820 flags:0x40000001 mapping:00000000 mapcount:0 count:0 1200616194 M * onox Trying to fix it up, but a reboot is needed 1200616194 M * onox Backtrace: [<0004d3c1>] bad_page+0x61/0x90 [<0004de67>] free_hot_cold_page+0x87/0x1c0 [<000575c9>] do_wp_page+0x239/0x430 [<000589d0>] __handle_mm_fault+0x320/0x390 [<000153bc>] do_page_fault+0x1dc/0x880 [<0006f0ba>] copy_strings+0xba/0x200 [<00103db9>] __copy_to_user_ll+0x19/0x30 [<00103ecb>] copy_to_user+0x3b/0x50 [<00030002>] posix_cpu_timer_set+0xe2/0x3d0 [<000151e0>] do_page_fault+0x0/0x880 1200616199 M * Bertl (please use paste.linux-vserver.org for everything longer than 3 lines) 1200616200 M * onox [<029e65a>[] error_code+0x7a/0x80 [<00100000>] prio_tree_insert+0xd0/0x190 [<00010246>] acpi_restore_state_mem+0x46/0xe00 ======================= 1200616203 M * onox 1200616212 M * onox Bertl: i'm lucky, it were 2 lines :) 1200616226 M * daniel_hozac more like 5 1200616276 M * Bertl well, can't say anything about grsec and 'bad oage states' ... 1200616280 M * Bertl *page 1200616299 M * onox Bertl: ever right now, memory is 31% in use by programs + 25% in use as cache 1200616362 M * onox ok, but do you know how to kill java? 1200616368 M * onox killall java doesn't work 1200616390 M * Bertl it did cause a kernel stack dump, so it is unkillable now 1200616403 M * Bertl i.e. you have to reboot, as the message told you 1200616431 M * onox bleh, stupid java 1200616598 M * onox could this be caused by SEGMEXEC? 1200616613 M * onox which only gives me 1,5G address space 1200616639 M * daniel_hozac seems likely. 1200616690 M * onox ok, bye everyone :p 1200616706 Q * onox Quit: java suxorz 1200616825 J * onox ~onox@kalfjeslab.demon.nl 1200617156 M * onox damn it, again 1200617157 Q * onox Quit: leaving 1200617992 M * geektopia Are any of you vserver fans headed to linuxconf.au? 1200618015 M * Bertl maybe Aiken? 1200618159 M * geektopia Hi Bertl, while your around can I ask what is the meaning of the 2 integers for each of FillRate and Interval in /proc/virtual//sched? 1200618190 M * Bertl http://linux-vserver.org/CPU_Scheduler 1200618619 M * geektopia Yes, thats what I'm asking about. The docs mention for example "FillRate Number of tokens filled into the bucket at each interval", my question is why are there two numbers instead of just on? 1200618635 M * Bertl R1/T1 and T2/T2 1200618659 M * Bertl one for the hard scheduling and one pair for the idle time scheduling 1200618784 M * geektopia OK, is that so we can specify different 'sharing ratios' for heavy vs light load? 1200618804 M * Bertl more for competing vs. fair, but yes 1200618836 M * geektopia I don't quite get what you mean by R1/T1 T2/T2? What do the Rs and Ts represent? 1200618867 M * Bertl that is, what the page I gave you explains in great detail 1200618905 M * Bertl it's rate and interval, the basic TB ingredients 1200618911 M * geektopia Ah, aplogies I'm looking at http://linux-vserver.org/ProcFS#sched 1200618980 M * geektopia Yeah, that makes more sense now - cheers! 1200618987 M * Bertl you're welcome! 1200619435 Q * phizeek Ping timeout: 480 seconds 1200620737 Q * yarihm Ping timeout: 480 seconds 1200621598 M * Bertl okay, off to bed now ... have a good one everyone! 1200621603 N * Bertl Bertl_zZ 1200630743 J * aj_ ~aj@e180195040.adsl.alicedsl.de 1200631056 Q * derjohn_mobil Ping timeout: 480 seconds 1200632050 J * balbir ~balbir@122.167.94.134 1200632897 J * barbys ~User@91.135.210.36 1200632897 Q * mire_ Read error: Operation timed out 1200632968 M * barbys Hello all 1200633215 Q * barbys Quit: InetTools IRC 1.6.3 îò ÕÀÎÑà. PS: !!!! >>> ÁÐÎÑÀÅÌ ÊÓÐÈÒÜ <<< !!!! 1200635180 Q * friendly12345 Quit: Leaving. 1200635486 P * undefined 1200635615 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1200636015 Q * jescheng Remote host closed the connection 1200636036 J * jescheng ~jescheng@proxy-sjc-2.cisco.com 1200636433 Q * geektopia Quit: Ex-Chat 1200636982 Q * tam Ping timeout: 480 seconds 1200637213 J * tam ~tam@gw.nettam.com 1200637472 J * sharkjaw ~gab@shell.ormset.no 1200638141 Q * Punkie Quit: Leaving 1200638611 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk 1200639100 Q * quasisane Ping timeout: 480 seconds 1200639389 J * _bjh_ ~bjh@84.112.154.154 1200639985 J * Punkie ~Punkie@goc.coolhousing.net 1200640147 Q * JonB Quit: This computer has gone to sleep 1200640158 J * Slydder ~chuck@194.59.17.53 1200640165 M * Slydder morning all 1200640570 J * dreamind ~dreamind@C2107.campino.wh.tu-darmstadt.de 1200640610 N * dreamind Guest3541 1200640627 N * Guest3541 dreamind 1200640978 M * dreamind Hi folks :) 1200641207 J * meandtheshel1 ~sa@85-127-204-19.dynamic.adsl-line.inode.at 1200642394 Q * harry Ping timeout: 480 seconds 1200642602 Q * AStorm Quit: Fighting IRC addiction, live! 1200642656 J * harry ~harry@d54C363EF.access.telenet.be 1200643569 J * marcel ~marcel@lt3.xs4all.nl 1200643853 M * awk hello 1200643856 M * awk any work aroun dfor this 1200643870 M * awk crm:/# ntpdate ntp.is.co.za 1200643870 M * awk 18 Jan 08:11:04 ntpdate[10229]: Can't adjust the time of day: Operation not permitted 1200643877 M * awk whats the best way to update date 1200643880 M * awk ./ti,e 1200643883 M * awk time 1200644559 M * dreamind hm, inside of a vserver this is of course not possible 1200644581 M * dreamind but I 'd guess you 'd simply run ntpdate or better ntpd in the host system. 1200644583 J * gebura ~gebura@77.192.186.197 1200644619 J * larsivi ~larsivi@144.84-48-50.nextgentel.com 1200645318 M * gebura hi 1200645527 Q * dreamind Quit: dreamind 1200646489 J * dna ~dna@54-241-dsl.kielnet.net 1200646802 Q * Hunger Ping timeout: 480 seconds 1200646917 Q * tam Remote host closed the connection 1200647280 J * tam ~tam@gw.nettam.com 1200647425 Q * aj_ Ping timeout: 480 seconds 1200648060 M * awk dreamind: my host date and time is correct 1200648065 M * awk so yaa that doesnt help 1200648104 M * Loki|muh so I guess you want to give the guest the right timezone ;) 1200648536 M * awk eh 1200648538 M * awk you right 1200648538 M * awk thanks 1200648544 M * awk cant believe i nevr thought about that 1200649935 M * sid3windr :o 1200649938 M * sid3windr bertl coming to profoss 1200649961 J * arekm arekm@carme.pld-linux.org 1200650031 M * arekm Hello! /me wonders if context leak problem was finally fixed? 1200650075 M * arekm s/context/namespace/ 1200650161 M * arekm ah, it was, http://people.linux-vserver.org/~dhozac/p/k/delta-nsproxy-fix01.diff 1200650194 J * dragonheart ~dragonhea@ppp59-167-41-98.lns2.cbr1.internode.on.net 1200650214 M * arekm hm, didn't see delta-nsproxy-fix02.diff then. Is this also a leak fix? 1200650275 M * dragonheart don't know if its been mentioed - linux kernel cve-2008-0001 affects the vserver patches too 1200650388 M * dragonheart 2nd hunk of http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git;a=commitdiff;h=974a9f0b47da74e28f68b9c8645c3786aa5ace1a;hp=d0c4c9d4a2e46f052178806c4004d52cd3ae040f needs to be intergrated. the flaw exists in patch-2.6.24-rc7-vs2.2.0.5.0.7-pre.diff too 1200650533 J * ema ~ema@rtfm.galliera.it 1200650652 M * arekm daniel_hozac: were leak fixes integrated into some 2.3.0.X version for 2.6.22.x? (looks like not, I see only patch-2.6.22.10-vs2.3.0.29.diff which is old but would like to get confirmation), thanks 1200650776 J * Infinito argos@201-2-77-243.gnace701.dsl.brasiltelecom.net.br 1200650881 J * Julius ~julius@p57B2725A.dip.t-dialin.net 1200651160 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk 1200653741 N * Bertl_zZ Bertl 1200653746 M * Bertl morning folks! 1200653755 M * dragonheart gm 1200653770 M * dragonheart what's happening 1200653883 M * dragonheart i'll mention it again now that you here and don't know if its been mentioned before - linux kernel cve-2008-0001 affects the vserver patches too 1200653900 M * Bertl dragonheart: thanks for reporting, but the 2.6.24 version is a pre version, and I think mainline will fix that in 2.6.24, no? 1200653924 M * dragonheart yes but a specific part of vserver patches it 1200653940 M * Bertl (so it will be automatically fixed when we release a 2.6.24 version) 1200653967 M * Bertl arekm: it is fixed in my tree, no worries 1200654015 M * dragonheart the http://vserver.13thfloor.at/Experimental/patch-2.6.24-rc7-vs2.2.0.5.0.7-pre.diff didn't have it fixed 1200654051 M * arekm Bertl: I'm worried because I still use 2.6.22 ;-) 1200654059 M * Bertl dragonheart: but it was fixed in 2.6.24-rc7? 1200654123 M * dragonheart arekm: me to but its a oneline change 1200654154 M * arekm dragonheart: this one, yes but I wonder if other fixes are needed (like delta-nsproxy-fix02.diff) 1200654257 M * kaouete I am looking at your discussion, and wondering if I am using patch-2.6.22.10-vs2.3.0.29.diff, should I apply some supplementary fix ?? 1200654287 M * Punkie me too :) 1200654291 M * Bertl kaouete: no, but you should upgrade to the next 2.6.22.x release 1200654305 M * dragonheart arekm: havent' checked 1200654368 M * dragonheart Bertl: the way i'm reading the fix - like 5800 of patch-2.6.24-rc7-vs2.2.0.5.0.7-pre.diff should be "if (IS_COW(inode) && (acc_mode & MAY_WRITE)) {" 1200654387 M * kaouete I use 2.6.22.11 1200654407 J * lilalinux ~plasma@80.69.41.3 1200654435 M * kaouete (in fact 2.6.22-6 from debian who is a 2.6.22.11) (and i applied vs2.3.0.29 instead of vs2.2.0.5) 1200654581 M * Bertl kaouete: well, I would worry more about the essential fixes done in 2.6.22.12-15 than about the tiny information leak in the Linux-VServer patch, but as I said, next release will have it fixed 1200654598 M * kaouete :p ok 1200654698 M * Bertl actually, 2.6.22.12-16 :) 1200654733 J * ftx ~ftx@dslb-084-060-231-065.pools.arcor-ip.net 1200654740 M * Bertl wb ftx! 1200654768 Q * arekm Quit: Lost terminal 1200654792 M * dragonheart i'm just about to start playing with tuxonice with vserver. i'm try to remember to report how it goes if people care 1200654825 M * Bertl daniel_hozac: sure, what does it do? 1200654890 M * Bertl *dragonheart: ah, hibernation, what'S the difference to swsusp* 1200654928 M * dragonheart slightly differnt fork 1200654954 M * Bertl so, we have swsusp, swsusp2, and tuxonice, yes? 1200654993 M * dragonheart suspend2 == tuxonice 1200655065 M * dragonheart so as far as i can tell suspend2 forked from swsusp at at kernel version 2.5.17 1200655149 M * Bertl but isn't swsups2 the one in 2.6.x nowadays? 1200655229 M * dragonheart yes. tuxonice is a external patch 1200655258 M * dragonheart i haven't really investigated one over the other 1200655312 M * dragonheart i had tuxonince included in a distro kernel and it worked will on a laptop so i'm just sticking with it due to familarity 1200655322 M * dragonheart s/will/well/ 1200655357 M * Bertl I understand ... well, as I said, let us know how it goes 1200655378 M * dragonheart ok can do. 1200655436 M * dragonheart am i making sense on the cve thing? I feel a little head sore so forgive me if i'm not make sense/ understandign and i'll try another time 1200655449 J * arekm arekm@carme.pld-linux.org 1200655478 M * arekm Bertl: I would say "yes". namespace leak fix is needed on top of 2.3.0.29 1200655508 M * Bertl np, I got it, and as I said, it will be fixed soon (next pre version), also, if that is the real question, your fix is probably in the right direction, if you want to make sure, provide a patch and I'll check it 1200655531 M * Bertl (that was for dragonheart, but matches for arekm too :) 1200655562 M * Bertl arekm: IIRC, daniel_hozac provided an updated patch a few days ago (for you and other folks) 1200655581 M * arekm Bertl: oh, have to find some logs for this channel then 1200655610 M * arekm (to find the updated patch of course :) 1200655617 M * Bertl hmm, that is probably hard with the realtime logs on irc.13thfloor.at :) 1200655619 M * dragonheart ok thanks 1200655686 M * arekm http://people.linux-vserver.org/~dhozac/p/k/rpms/patch-2.6.22.15-vs2.3.0.29.1.diff 1200655709 M * arekm found 8) 1200655710 M * Bertl I would go for this one: http://people.linux-vserver.org/~dhozac/p/k/patch-2.6.22.16-vs2.3.0.29.1.diff 1200655772 M * sid3windr Bertl: are you coming to fosdem too? 1200655787 M * arekm hm, I wonder if there is a tool for diffing *.diff files :) 1200655807 M * ard6 Hmmm, that would be a nice reason to go too.. 1200655820 M * sid3windr :) 1200655822 M * Bertl sid3windr: I'm at profoss 21-23rd 1200655825 M * sid3windr yes, I know 1200655828 M * sid3windr hence my question ;) 1200655872 M * Bertl that is directly after that, IIRC, so probably no, have to be back on the 24th 1200655884 M * daniel_hozac arekm: interdiff. 1200656028 M * ard6 Bertl : there seems to be 30 days between profoss and fosdem :-) 1200656044 M * Bertl ah, so I remembered the month wrong :) 1200656059 M * ard6 profoss is next week :-) 1200656074 M * Bertl yes, I know :) ... 1200656098 A * ard6 thinks Bertl is on the program :-0 1200656251 M * sid3windr :) 1200656260 M * sid3windr yeah, I read that on the fosdem site ;) 1200656372 M * matti Morning :) 1200656379 M * Bertl hey matti! 1200656415 M * matti Hi Bertl :) 1200656417 M * matti How are you? 1200656757 M * arekm daniel_hozac: cool, thanks 1200656759 M * Bertl dragonheart: did you look at the IS_APPEND() path, shouldn't that get a change (flag wise) too? 1200656808 J * mattzerah ~matt@121.50.219.50 1200656840 M * Bertl wb mattzerah! 1200656847 M * mattzerah hey Bertl 1200656849 M * mattzerah how are ya ? 1200656862 M * Bertl mattzerah, matti: fine so far, thanks! 1200656875 M * mattzerah very cool 1200656884 A * mattzerah has a new job - well, i think i do anyway 1200656900 M * mattzerah which i guess is good, cause the old job (well, current job) is getting a little unstable 1200656932 M * mattzerah in house php programmer is getting a little short of work i feel - and company ins't doing so well, so i think its good to get out while i can 1200656963 M * Bertl I remember something about ships and rats ... :) 1200656975 M * dragonheart Bertl: nope - i wasn't looking too hard 1200656975 M * mattzerah hehehe 1200656982 M * mattzerah that would be the one :) 1200657026 M * Bertl mattzerah: nah, seriously, doesn't hurt if you leave while you are still needed 1200657067 M * mattzerah yea, they get to keep me 1 day a week - but if i was being honest (and not trying to keep my job) i'm probably only have one day a week of actual work these days anyway 1200657073 M * daniel_hozac dragonheart: so the idea is that mount -o ro can be bypassed with O_RDONLY|O_TRUNC, right? 1200657093 M * daniel_hozac (and same for directories) 1200657096 M * mattzerah it gets a bit boring - i try to be a programmer and i'll i'm doing is looking after empy paper in photocopiers 1200657103 M * mattzerah hey daniel_hozac 1200657107 M * daniel_hozac hey mattzerah 1200657168 M * dragonheart daniel_hozac: my understanding is a copy off https://bugzilla.redhat.com/show_bug.cgi?id=428791 1200657198 M * dragonheart i haven't followed the meanings of all kernel flags 1200657329 M * Bertl well, for me it boils down to the question: should files (not directories) test for acc_mode (instead of flags) too, or not? 1200657354 M * Bertl the mainline test would suggest no ... btw 1200657372 M * daniel_hozac i think acc_mode is correct in the COW case. 1200657380 M * daniel_hozac otherwise you can truncate files. 1200657403 M * Bertl okay, which leaves me with IS_APPEND() then 1200657422 M * Bertl in which case, I would opt for the same fix (in mainline) 1200657426 M * daniel_hozac which i think is still correct, since it checks for all the flags. 1200657454 M * Bertl ah, the truncate, yes 1200657610 Q * sharkjaw Quit: Leaving 1200657615 J * sharkjaw ~gab@shell.ormset.no 1200657714 J * mire_ ~mire@165-170-222-85.adsl.verat.net 1200657961 M * daniel_hozac so for all you worried souls, http://people.linux-vserver.org/~dhozac/p/k/patch-2.6.22.16-vs2.3.0.29.2.diff 1200657963 M * kaouete What is the best way to make a network for my vservers ? I have this conf : net <--> eth2:host:eth0 <--> local lan (eth1 is used for wifi lan like local lan) and i would like to put the vservers in 4th network, (i have shorewall on the host that can handle the routing between the networks) 1200658004 N * mattzerah mattzerah`afk 1200658088 M * dragonheart daniel_hozac: I wasn't too worried but thankyou 1200658105 A * ard6 is going to patent one-click-compile 1200658252 M * dragonheart ard6: there could be money in a one-click-bug-fix :-) 1200658314 M * daniel_hozac i think that's done already. 1200658516 Q * JonB Quit: This computer has gone to sleep 1200658575 Q * _bjh_ Quit: leaving 1200658692 M * ard6 if it's done already, I will only patent an improvement of the prior art :-) 1200658709 M * ard6 (celps -> acelps) 1200658748 M * Bertl try to get the zero-click stuff working ... it's the future :) 1200658796 M * ard6 :-) 1200658800 M * Bertl oh, wait, that is already done too .. pop-over/under/left/right 1200658839 M * arekm crap, /me already updated .29.1 for tons of local patches heh 1200658877 M * daniel_hozac it should be something like 4 hunks. 1200658886 M * daniel_hozac i.e. unlikely to affect your other patches. 1200658978 M * Bertl who knows .. if he stores them in the same location, they might talk to each other :) 1200659103 M * arekm interdiff helped 1200659296 M * Bertl daniel_hozac: http://vserver.13thfloor.at/Experimental/patch-2.6.22.16-vs2.2.0.5.2.diff 1200659317 M * Bertl (please check, AFAICT, it should match your version) 1200659379 M * daniel_hozac ah, you have the netlink stuff too. i forgot about that. 1200659388 M * daniel_hozac you're missing http://people.linux-vserver.org/~dhozac/p/k/delta-signal-fix01.diff though. 1200659415 M * Bertl ah, right, the signalling fix ... tx 1200659445 J * Hunger Hunger.hu@Hunger.hu 1200659541 M * Bertl daniel_hozac: hmm, I have a singla fix02 here, where actually was before that, funny numbering? 1200659549 M * Bertl *signal 1200659559 M * daniel_hozac hmm? 1200659610 M * Bertl your patch, for 2.6.24-rc7, similar stuff 1200659614 M * daniel_hozac ah, yes. 1200659629 M * daniel_hozac the fix01 is older than fix02 though. 1200659641 M * Bertl ah, okay :) 1200659659 M * daniel_hozac it's from nov 04, according to the directory listing :) 1200659691 M * Bertl okay, shall we call the result 2.2.0.6? 1200659701 M * arekm damn, fs/afs/cell.c stopped building somehow, magic 1200659715 M * daniel_hozac sure, makes sense. 1200659734 M * daniel_hozac probably deserves to be 2.3.0.30 too. 1200659775 J * ViRUS ~mp@p57A6F3F4.dip.t-dialin.net 1200659791 M * Bertl right 1200659807 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk 1200659834 Q * kaouete Quit: Reconnecting 1200659836 J * kaouete kkwet@crazydwarves.org 1200659873 M * kaouete what is ngnet ? is it in 2.3 or is it something that was abandonned ? 1200659977 M * ard6 vxW: [xid #0] !!! limit: ffff8100422a5078[VM,9] = 22 on exit. 1200659988 Q * Aiken Remote host closed the connection 1200659999 J * aj_ ~aj@51.42.69.80.in-addr.net-lab.net 1200660021 M * daniel_hozac kaouete: the containers are working on something equivalent. 1200660028 M * daniel_hozac +folks 1200660091 M * kaouete hm ok, in fact I don't really understand what is it ^^ but it is not important, I am just trying to understand how network works with vserver, and what are the different way to have services in vserver available from the net and/or local lan 1200660115 M * kaouete http://wiki.linux-vserver.org/RestrictingVserverNetworkingTips <= this page looks like it explain some things 1200660169 M * Bertl kaouete: the important thing is, that you realize that Linux-VServer does Layer 3 isolation and no network virtualization (as you might know from virtual machines and similar) 1200660210 M * kaouete ok 1200660256 M * Bertl so networking, except for a tiny difference regarding 127.x.x.x, is exactly the same as usual, and it all happens on the host 1200660289 M * Bertl the guests get (sub)sets of IP addresses assigned, and they can use (bind) them 1200660317 M * kaouete so the guests uses directly the adresse assigned to the host, does it ? 1200660338 M * Bertl yep, a subset of those addresses usually 1200660344 M * kaouete ok 1200660390 M * kaouete so if i use the dummy0 solution, and this interface is avalaible from the local lan (by routing in the host for example), then the local lan can access to my guests 1200660416 A * ard6 always uses lo for that :-) 1200660429 M * Bertl kaouete: yep (i.e. if that works for the host) 1200660435 M * kaouete ok 1200660455 M * kaouete ard6: how do you use lo for that ? 1200660482 M * Bertl kaouete: doesn't matter which interface you put the IP on, as long as it is known to the outside 1200660491 M * kaouete ok 1200660513 M * arekm daniel_hozac: could you see if fs/afs/ builds for you with .29.2 vserver patch? (CONFIG_AFS_FS=m) 1200660521 M * Bertl kaouete: dummy isn't used in the setup you are looking at either, otherwise the data would get lost :) 1200660532 M * kaouete I think i will use this solution : http://wiki.linux-vserver.org/Networking_vserver_guests it seems to work well with shorewall, and I will redirect for example port 80 to the guest if I want it to serve http 1200660564 M * Bertl kaouete: makes sense, DNAT ist the suggested way to go for services 1200660582 M * kaouete I hope ipv6 will soon take over the world, it will be simplier ... 1200660600 M * Bertl I doubt it ... both, actually :) 1200660600 M * Julius i thought the use of dummy interfaces wasn't recommended? 1200660601 M * daniel_hozac arekm: no. 1200660628 M * arekm bad. 1200660640 M * kaouete Julius: really ? so how do the same thing as in this howto without dummy ? 1200660647 M * kaouete by using an existing interface ? 1200660650 M * daniel_hozac it's the "select doesn't really work" bug in Kconfig. 1200660661 M * Julius i have no idea how to do it 1200660664 M * kaouete ^^ ok 1200660668 M * Julius that's one of my mafor problems... 1200660679 M * kaouete hehe, so i will stay with dummy0 :) 1200660689 M * Julius as long as it works for you 1200660704 M * Bertl Julius, kaouete: doesn't matter on which interface you put the ip 1200660746 M * kaouete Bertl: even if i need to put it in another network than the interface i put it on ? 1200660748 M * arekm any workaround/patch known? 1200660753 N * mattzerah`afk mattzerah 1200660770 M * daniel_hozac arekm: # CONFIG_AFS_FS is not set 1200660770 M * kaouete for example : eth0:192.168.1.0/24 and i want my vservers on 192.168.2.0/24 1200660793 M * Bertl kaouete: well, strictly speaking, it does matter, if you use reverse path filtering, but, in this case, the dummy approach doesn't work either 1200660811 M * daniel_hozac arekm: it requires a feature that conflicts with Linux-VServer. 1200660816 M * kaouete ^^ I don"t what it is, so i guess it is not a problem for me :) 1200660853 M * Julius I think I'll assign private network addresses to eth0 1200660878 M * arekm daniel_hozac: conflicts on which level? compile, usage? previous patch didn't have this problem visible 1200660901 M * Bertl arekm: 2.6.24 will have that fixed, utilizing user namespaces, for 2.6.22, we cannot allow to enable key retention support because of missing virtualization 1200660905 M * daniel_hozac arekm: usage, security wise. 1200660915 M * kaouete and will not there be problem with interface shot down like in the FAQ if i assign my address to eth0 with my local lan : http://wiki.linux-vserver.org/Frequently_Asked_Questions#If_I_shut_down_my_vserver_guest.2C_the_whole_Internet_interface_ethX_on_the_host_is_shut_down.__What_happened.3F 1200660924 M * daniel_hozac arekm: also limits the number of guests you can run to 50. 1200660968 M * Bertl kaouete: this only happens under certain, very unfortunate circumstances (i.e. having the primary assigned to a guest, while the host uses a secondary and promotion is turned off) 1200660976 M * kaouete ok 1200660982 M * kaouete so no problem 1200661081 M * arekm daniel_hozac: oh, and if I compile both but won't use both at the same time - do these problems still apply? 1200661117 M * Bertl yes, we will disable AFS for the time being 1200661203 M * arekm ok, not messing with Kconfig then :> 1200661207 M * daniel_hozac i really hate select. 1200661218 M * daniel_hozac just for the record. 1200661279 M * Bertl yeah, it's a little clumsy, but I think it has to work this way to resolve colisions 1200661290 M * Bertl (as unfortunate this may be for us) 1200661348 M * daniel_hozac it would seem logical to disable things where the the selectee cannot be enabled. 1200661389 M * daniel_hozac i.e. if a depends on b, and c selects a, c should depend on b too. 1200661401 M * Bertl have you considered doing a patch on that, I'm pretty sure mainline (Sam?) will accept it 1200661468 M * daniel_hozac considered, yes. but it hasn't gotten further than that yet... ;) 1200661529 M * Bertl maybe arekm likes to help :) 1200661792 M * Bertl daniel_hozac: regarding 2.3.0.30, I see a few more differences, mainly: 1200661806 M * Bertl - r->id.idiag_src[0] = nx_map_sock_lback(sk->sk_nx_info, inet->rcv_saddr); 1200661809 M * Bertl + r->id.idiag_src[0] = nx_map_sock_lback(skb->sk->sk_nx_info, inet->rcv_saddr); 1200661828 M * Bertl is there a patch for this (I missed)? 1200661856 M * Bertl and 1200661861 M * Bertl - ret = kill_pid_info(sig, info, find_pid(vx_rmap_pid(pid))); 1200661861 M * Bertl + ret = kill_pid_info(sig, info, find_pid(pid)); 1200661992 J * Hiaslboy ~wieser@143.224.23.204 1200661997 M * Bertl wb Hiaslboy! 1200662010 M * Hiaslboy HHi Bertl :-) 1200662122 M * Hiaslboy Lot of things has changed since the last time I was online. 1200662137 M * Bertl the internet got crowded? :) 1200662170 M * Hiaslboy no, but you implemented some more features for vserver :-) 1200662197 M * Bertl ah, well, happens all the time ... but daniel_hozac implemented a few ones too :) 1200662205 J * balbir_ ~balbir@122.167.94.134 1200662232 Q * balbir Ping timeout: 480 seconds 1200662279 M * Hiaslboy And you still provide the source in patches or have you moved to git too? 1200662314 M * Bertl we almost moved, but we are still using distributed patches :) 1200662454 N * mattzerah mattzerah`afk 1200662479 M * cehteh heh 1200662568 M * Hiaslboy and a long story why not? 1200662649 M * Bertl no, nothing specifically, it just didn't happen (yet) 1200662922 M * Bertl Hollow, daniel_hozac: can we remove the attachment for Ben? 1200662953 M * Bertl (before google or similar caches it) 1200663025 M * Bertl sladen: same goes for you, but I'm not sure you keep attachments at all 1200663385 N * mattzerah`afk mattzerah 1200663399 M * mattzerah night all :) 1200663418 M * mattzerah i hope to be around a little more often - wether i'm useful or not might be another matter of course :) 1200663427 M * Bertl mattzerah: have a good one! np 1200663438 Q * mattzerah Quit: GONE! 1200663582 M * daniel_hozac Bertl: i have no idea where the archives are at... 1200663614 M * daniel_hozac as for the changes, http://people.linux-vserver.org/~dhozac/p/k/delta-inetdiag-fix01.diff and http://people.linux-vserver.org/~dhozac/p/k/delta-signal-fix01.diff 1200663620 M * Bertl it doesn't seem to be too critical atm, the web interface does not show/provide it 1200663701 M * Bertl ah, the signal-fix01 is missing in your patch then, np, that's fine 1200663711 M * daniel_hozac hmm, it is? 1200663726 M * daniel_hozac ah, from .1 it is, .2 should have it. 1200663737 M * daniel_hozac i think .1 only had delta-nsproxy-fix01, i.e. the most critical patch. 1200663759 M * Bertl np, will add those two patches and the AFS fix, we should be fine then 1200663798 M * daniel_hozac yep, i think so... 1200664579 M * arekm Bertl: q: are you talking about version for .24 kernel? 1200664735 M * Bertl if you refer to the AFS stuff, yes 1200664909 M * Hiaslboy but you have not put it anywhere yet or ? 1200664927 M * Bertl what? 1200664952 M * Hiaslboy tha patches you are preparing for 2.6.24-rcs 1200664961 M * daniel_hozac usual place, http://vserver.13thfloor.at/Experimental/ 1200665039 M * Hiaslboy thank you :-) 1200665079 M * snooze wont be any vs for 2.6.23 i guess? 1200665105 M * snooze but for .24 instead? 1200665138 M * daniel_hozac yes. 1200665143 M * daniel_hozac 2.6.23 was too broken. 1200665155 M * snooze okey 1200665433 A * ard6 was off discussing proxy-arp and macvlans... 1200665462 M * Bertl always good to discuss those :) 1200665478 M * ard6 well yess, no :-) 1200665511 M * ard6 not when I am actually supposed to do something else... but it was about the next-next-generation firewalling around here 1200665550 M * ard6 some legacy firewall cluster with 30+ interfaces is going to be replaced with a mac-address failover solution based on mac-vlans 1200665657 M * Bertl ah, nice, plenty of room for new issues :) 1200665688 A * ard6 had the kernel-patch finally packaged for debian, and then somebody decided to put it into the kernel :-( 1200665732 M * Bertl those bastards ... well, will take some time till debian uses that kernel, no? 1200665862 Q * sharkjaw Quit: Leaving 1200666040 M * ard6 dunno 1200666047 A * ard6 never uses an official debian kernel :-) 1200666105 M * ard6 but my debian vlan package does have the correct mvconfig :-). 1200666259 M * Slydder finally have a fully functional Open-eXchange Epress Edition install ported to a VServer. 1200666272 M * Slydder and i must add it was a pain in the ass. 1200666303 M * ard6 some people like that... 1200666318 T * Bertl http://linux-vserver.org/ | latest stable 2.2.0.6, 2.0.3-rc3, devel 2.3.0.30, stable+grsec 2.2.0.5 | util-vserver-0.30.214 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;) 1200666323 J * doener ~doener@i577ADE22.versanet.de 1200666331 M * Bertl *vs2.2.0.6 and vs2.3.0.30 1200666337 M * Bertl wb doener! 1200666347 M * Slydder anyone heard anything about loopback support in the next version? 1200666371 M * Slydder would make my life a LOT easier when doing these strange distro ports to vservers. 1200666375 M * Bertl Slydder: Open-eXchange loopback support? 1200666389 M * ard6 you mean 127.0.0.1 support? 1200666392 M * Slydder correct 1200666399 M * Slydder 127.0.0.1 localhost 1200666409 M * Bertl works fine in all recent Linux-VServer kernels 1200666412 M * ard6 ard@c32791:~$ ip a ls dev lo|wc -l 1200666412 M * ard6 11 1200666422 M * doener heh, thanks :-) but that was just my daily disconnect ;-) 1200666423 M * Slydder ? 1200666442 M * ard6 that's why I asked :-)... 1200666477 M * Slydder local loop is supported already? 1200666495 M * ard6 But 2.3 gives you a visual 127.0.0.1 on lo, and 2.2 connects to 127.0.0.1 will connect to the first ip on the vserver 1200666497 M * doener that said, I'm going back to my AI stuff, exam next week 1200666512 M * Bertl doener: good luck and have fun! 1200666521 M * ard6 and if checked, will also lie that the source ip is 127.0.0.1 ? 1200666523 M * doener thanks and "not so sure about that" ;-) 1200666524 A * arekm saw something about .25 going to have namespaces for routes 1200666556 M * ard6 wtf? namespaces for routes? We already have 255 routing tables ... 1200666569 M * Slydder exactly what i thought. i had loopback problems earlier and i had to reconfigure OX to use a static ip instead 1200666642 M * Bertl Slydder: on vs2.2.x you put the first ip into /etc/hosts as localhost, on vs2.3.x you just enable the LBACK stuff 1200666742 Q * doener_ Ping timeout: 480 seconds 1200667063 M * Bertl okay, off for now .. bbl 1200667068 N * Bertl Bertl_oO 1200667436 M * Slydder Bertl: ? 1200667677 M * arekm Bertl_oO: update main page maybe? 1200669639 M * kaouete hm, when i try to open a gz'ed fiel with vim, I think it gunzip it somewhere, and when it is done in a vserver, it looks like it can't gunzip it because of some missing write right, does this problem sound familiar to someone ? 1200669702 M * kaouete I guess it is because it try to gunzip it in /tmp ... is there something special to do with tmp ? 1200669748 M * JonB kaouete: is tmp big enough? 1200669764 M * kaouete i guess yes, it is empty, it is 16MB but the file is not even 1MB 1200669771 M * JonB ok 1200669852 M * kaouete i get this error : "/tmp/v694001/0./usr/share/doc/apache2.2-common/examples/apache2/extra/httpd-ssl.conf.gz" E212: Can't open file for writing 1200669865 M * kaouete and if i look at /tmp there is only the v694001 dir 1200669928 Q * Punkie Quit: Odcházím 1200670090 Q * aj_ Ping timeout: 480 seconds 1200670462 M * JonB what about file permissions? 1200670532 Q * larsivi Ping timeout: 480 seconds 1200671041 M * Bertl_oO kaouete: to me it looks like /tmp/v694001/0. and /usr/share/doc/apache2.2-common/examples/apache2/extra/httpd-ssl.conf.gz, but I might be wrong there 1200671276 Q * Hiaslboy Remote host closed the connection 1200671392 N * BobR_oO_ BobR 1200671678 M * kaouete Bertl_oO: you must be right, i will check how vim works to gunzip the file :/ 1200671793 Q * Slydder Quit: Leaving. 1200671798 Q * Infinito Quit: Quitte 1200671974 M * Bertl_oO kaouete: just for reference/completeness, what kernel/util-vserver versions? 1200672007 M * kaouete Bertl_oO: 2.6.22.10 + vs2.3.0.29 + 0.30.214 1200672055 M * kaouete Bertl_oO: and on the host vim try to open th efile : /tmp/v701406/0 while in the guest vim try to open the file : /tmp/v701225/0./usr/share/doc/apache2.2-common/examples/apache2/extra/httpd-ssl.conf.gz (seen with strace) 1200672085 M * Bertl_oO so maybe a typo with the .vimrc backup path settings? 1200672117 M * kaouete hm maybe, but i didn't made a change to it, i just created this vserver and installed some packages 1200672120 M * Bertl_oO (or could be a setting in the environment too) 1200672128 M * kaouete ho yes, maybe 1200672890 J * dowdle ~dowdle@scott.coe.montana.edu 1200673383 N * BobR BobR_afk 1200673968 Q * gebura Quit: Quitte 1200674412 Q * [PUPPETS]Gonzo Ping timeout: 480 seconds 1200674418 J * yarihm ~yarihm@vpn-global-dhcp1-50.ethz.ch 1200676077 J * [PUPPETS]Gonzo gonzo@fellatio.deswahnsinns.de 1200676115 Q * hardwire Quit: Coyote finally caught me 1200676132 J * hardwire ~bip@rdbck-5851.palmer.mtaonline.net 1200676162 J * virtuoso_ ~s0t0na@ppp78-37-179-44.pppoe.avangarddsl.ru 1200676231 J * larsivi ~larsivi@144.84-48-50.nextgentel.com 1200676389 N * BobR_afk BobR_oO 1200676569 Q * virtuoso Ping timeout: 480 seconds 1200677347 Q * hardwire Quit: Coyote finally caught me 1200677384 J * hardwire ~bip@xvm-189-175.ghst.net 1200677628 Q * marcel Remote host closed the connection 1200677720 Q * hardwire Quit: Coyote finally caught me 1200677737 J * hardwire ~bip@xvm-189-175.ghst.net 1200678029 J * marcel ~marcel@lt3.xs4all.nl 1200678104 Q * JonB Ping timeout: 480 seconds 1200678259 Q * ema Quit: leaving 1200678922 Q * ftx Ping timeout: 480 seconds 1200679215 Q * jescheng Remote host closed the connection 1200679233 J * jescheng ~jescheng@proxy-sjc-2.cisco.com 1200679249 Q * yarihm Ping timeout: 480 seconds 1200679305 J * SPrinteR ~SPrinteR@91.135.210.46 1200679533 Q * lilalinux Remote host closed the connection 1200679844 J * undefined ~undefined@adsl-68-94-190-217.dsl.rcsntx.swbell.net 1200680163 J * ntrs ~ntrs@vs079.rosehosting.com 1200680481 J * JonB ~NoSuchUse@130.227.63.19 1200680957 Q * balbir_ Ping timeout: 480 seconds 1200680990 Q * SPrinteR Quit: 1200681065 J * hparker ~hparker@linux.homershut.net 1200681627 J * balbir_ ~balbir@122.167.93.180 1200681807 M * sladen Bertl_oO: what attachment? 1200681946 M * undefined sladen: i presume the one attached to the email with Message-ID: 1200683046 J * SPrinteR ~SPrinteR@91.135.210.121 1200683101 J * quasisane ~sanep@c-76-118-191-64.hsd1.nh.comcast.net 1200683325 M * SPrinteR :-DÌÀÇÀÔÀÊÀ ÏÈÏË! 1200683378 J * ema ~ema@rtfm.galliera.it 1200683478 Q * SPrinteR Quit: 1200683836 J * ntrs_ ~ntrs@vs079.rosehosting.com 1200683954 Q * ntrs Remote host closed the connection 1200684377 J * arachnis1 arachnist@088156187175.who.vectranet.pl 1200684422 Q * arachnis1 1200684845 Q * hparker Ping timeout: 480 seconds 1200686359 Q * harry Ping timeout: 480 seconds 1200686642 J * thal ~thalunil@walledcity.de 1200686646 M * thal hi 1200686677 M * JonB hi 1200686717 M * thal i copied a recent backup of one vserver to my linux-vserver host and starting the vserver with "vserver start foo" fails with "vcontext: execvp("/etc/init.d/rc"): No such file or directory 1200686717 M * thal " 1200686731 M * thal what's that? ever handled with this one? 1200686811 M * thal obviously /etc/init.d/rc on the vserver-guest is available 1200686878 M * JonB are you reusing a context? 1200686961 M * thal you mean: servername? no...the vserver-host just got rebooted 1200686980 M * JonB no 1200686983 M * JonB not server name 1200686999 M * JonB /etc/vservers//context 1200687040 M * thal there is no such file 1200687055 M * JonB let me check mine 1200687056 M * thal neither in the old backup nor in a newly created and working vserver 1200687077 M * JonB it is in the host 1200687098 M * thal i straced the vserver binary and shortly after "execve("/usr/sbin/vnamespace", ["/usr/sbin/vnamespace", "--new", "--", "/usr/sbin/vserver", "----nonamespace", "fnord", "start"], [/* 13 vars */]) = 0 1200687098 M * thal " and the resulting clone() this message apperas 1200687140 M * thal i am on the host, there is no /etc/vserver/fnord/context 1200687140 M * JonB which util-vserver version are you using? 1200687195 M * thal Version: 0.30.212-1 1200687234 M * thal Host OS Debian stable 1200687309 M * JonB are there a rc file on the host filesystem and also on the guest filesystem ? 1200687349 M * thal yes, it is identical 1200687440 M * JonB ok 1200688396 M * thal is there some kind of permission-fixing script if the acl's are fucked up? 1200688567 M * JonB i dont know 1200688599 M * JonB i would suggest trying the latest util-vserver version 1200688616 M * undefined thal: what permissions do you believe are messed up? 1200688762 M * thal undefined: /dev/ is totally empty! i am fixing this. 1200688775 M * thal undefined: the error message /etc/init.d/rc is totally (!) misleading 1200688824 J * dna_ ~dna@162-224-dsl.kielnet.net 1200688830 M * undefined thal: /dev is empty in the host or guest? 1200688835 M * thal undefined: guest 1200688857 M * undefined thal: you can copy them from another guest 1200688894 M * thal undefined: i will 1200688986 J * ntrs ~ntrs@vs079.rosehosting.com 1200689114 J * Aiken ~james@ppp121-45-194-143.lns1.bne1.internode.on.net 1200689225 Q * dna Ping timeout: 480 seconds 1200689385 Q * ntrs_ Ping timeout: 480 seconds 1200689456 Q * ema Quit: leaving 1200689689 M * undefined thal: can the guest start after fixing up its /dev? 1200689709 M * thal undefined: no. 1200689719 M * undefined thal: same error? 1200689755 M * thal undefined: unfortunately not. but i found out that something like "chroot /vserver/b0rked bserver /bin/bash" doesnt work - error message is: "bin/bash not found" - although /bin/bash is avail inside this directory 1200689760 M * thal undefined: same error yeah 1200689790 M * thal undefined: very weird 1200690063 M * thal chroot("/vservers/msh") = 0 1200690064 M * thal chdir("/") = 0 1200690064 M * thal execve("/bin/bash", ["/bin/bash"], [/* 15 vars */]) = -1 ENOENT (No such file or directory) 1200690082 M * thal really strange - a different vserver works 1200690209 M * undefined thal: ls -l /vservers/msh/bin/bash 1200690274 M * thal -rwxr-xr-x 1 root root 677184 2006-12-11 22:20 /vservers/msh/bin/bash 1200690390 M * undefined is /vservers/msh mounted noexec? 1200690432 M * thal of course not, the mountpoint is /vservres and chrooting into (e.g.) msh-fresh) works like a charm 1200690444 M * undefined just thinking out loud 1200690460 M * thal its fine, i am thankful. ineed help ;) 1200690692 M * thal alright, i get into my car heading home....wonderful friday evening, looking forward to it...laters guy 1200691468 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1200691892 Q * arachnist Read error: Connection reset by peer 1200692006 J * arachnist arachnist@088156187175.who.vectranet.pl 1200692082 J * larsivi_ ~larsivi@144.84-48-50.nextgentel.com 1200692154 Q * larsivi Ping timeout: 480 seconds 1200692163 N * larsivi_ larsivi 1200692446 Q * meandtheshel1 Quit: Leaving. 1200693371 J * yarihm ~yarihm@84-75-103-252.dclient.hispeed.ch 1200694314 Q * ViRUS Quit: Leaving 1200695976 J * aj_ ~aj@p5B23EA96.dip.t-dialin.net 1200697329 J * dna ~dna@162-224-dsl.kielnet.net 1200697700 Q * dna_ Ping timeout: 480 seconds 1200698529 J * Alexander ~IRC@homeonline.dialup.corbina.ru 1200698554 M * Alexander Hello, I sorry for my English. I use Linux-VServer and OpenVCP. All works is fine, but with CPU Scheduler problems. 1200698554 M * Alexander I use Hard Limit. Settings through OpenVCP. But not looking at these restrictions, one VPS can use 100 % CPU of a node 1200698554 M * Alexander 2.6.18-5-vserver-amd64 1200698554 M * Alexander util-vserver: version 0.30.214 1200698554 M * Alexander OpenVCP: version 0.3 1200698555 M * Alexander Example of the catalogue sched: (I wish to allow to use 10 % CPU) 1200698555 M * Alexander fill-rate: 3 1200698557 M * Alexander interval: 32 1200698557 M * Alexander priority-bias: 0 1200698559 M * Alexander tokens: 500 1200698559 M * Alexander tokens-max: 1000 1200698561 M * Alexander tokens-min: 200 1200698561 M * Alexander cat flags 1200698563 M * Alexander sched_hard 1200698563 M * Alexander virt_mem 1200698565 M * Alexander virt_uptime 1200698565 M * Alexander virt_cpu 1200698567 M * Alexander virt_load 1200698567 M * Alexander Help me please 1200698625 M * JonB i think people are sleeping 1200698641 M * JonB if you want to paste alot of text, please use paste.linux-vserver.org 1200698664 J * mattzerah ~matt@121.50.219.50 1200698753 M * Alexander thanks 1200698847 Q * marcel Remote host closed the connection 1200699193 Q * bonbons Quit: Leaving 1200699240 P * mattzerah So long, and thanks for the fish 1200699261 Q * sladen Ping timeout: 482 seconds 1200699807 J * ViRUS ~mp@p57A6F3F4.dip.t-dialin.net 1200700111 J * sladen paul@starsky.19inch.net 1200700194 Q * Alexander Quit: Alexander 1200700229 Q * JonB Ping timeout: 480 seconds