1202860805 J * chigital ~chigital@p5B0C5D55.dip.t-dialin.net 1202860828 Q * hparker Quit: Quit 1202861182 Q * dna_ Quit: Verlassend 1202861310 J * hparker ~hparker@linux.homershut.net 1202861330 Q * Medivh Server closed connection 1202861396 J * Medivh ck@dolphin.serverbox.de 1202861577 Q * jescheng Remote host closed the connection 1202861592 J * jescheng ~jescheng@proxy-sjc-1.cisco.com 1202863179 Q * dowdle Remote host closed the connection 1202863215 Q * trippeh Server closed connection 1202863221 J * trippeh atomt@uff.ugh.no 1202863940 Q * Bertl Server closed connection 1202863944 J * Bertl herbert@IRC.13thfloor.at 1202864861 J * transaci1 ~transacid@transacid.de 1202864861 Q * transacid Remote host closed the connection 1202866471 Q * otaku42 Server closed connection 1202866474 J * otaku42 ~otaku42@torvalds.h4ckr.net 1202866507 N * otaku42 Guest1333 1202866781 Q * hparker Quit: Quit 1202867991 Q * xdr_ Ping timeout: 480 seconds 1202868557 Q * michiel` Server closed connection 1202868562 J * michiel` ~michiel@145.33.144.200 1202869004 Q * BobR_oO Server closed connection 1202869006 J * BobR_oO odie@IRC.13thfloor.at 1202869333 Q * micah Server closed connection 1202869334 J * micah ~micah@micah.riseup.net 1202869792 Q * mountie Server closed connection 1202869808 J * mountie ~mountie@trb229.travel-net.com 1202870224 Q * friendly12345 Remote host closed the connection 1202870458 J * friendly12345 ~friendly@ppp121-44-198-55.lns3.mel4.internode.on.net 1202871881 Q * ivan Remote host closed the connection 1202872249 Q * balbir Ping timeout: 480 seconds 1202872594 Q * svenk Server closed connection 1202872597 J * svenk ~sven@213.73.89.36 1202872782 J * quasisane ~sanep@c-76-118-191-64.hsd1.nh.comcast.net 1202872935 J * balbir ~balbir@122.167.223.236 1202872968 J * er ~sapan@59.176.20.178 1202872988 M * er hi 1202873042 M * Bertl hey er! 1202873054 M * Bertl how's going? 1202873060 M * er hi bertl, surprised that you're still up:) 1202873081 M * Bertl yeah, kind of still working ... unfortunately 1202873134 M * er ok -yep, that sux 1202873236 M * er I'm trying to resolve this issue in the latest PL kernel (feel free to ignore this for now if you're busy) 1202873248 M * er are UDP and TCP ports isolated in the recent versions of vserver? 1202873355 M * er the report we have is that when a guest tries to bind to a port that another guest has bound to, it does not receive an error 1202873395 J * thesourcerer ~philipp@N157P021.adsl.highway.telekom.at 1202873646 Q * sourcerer Ping timeout: 480 seconds 1202873696 M * Bertl er: on non-PL Linux-VServer kernels, that should give an error 1202873722 M * Bertl er: IIRC, for PL it was (at least a discussed) feature not to do those checks 1202873823 M * er Bertl: yes. I actually disabled the VNET patch based on that suspicion, but I could have missed something. I'll look around a bit more. 1202873844 M * er thanks, though 1202874130 M * Bertl np 1202874781 Q * er Ping timeout: 480 seconds 1202875002 J * philipp ~philipp@N001P023.adsl.highway.telekom.at 1202875011 J * er ~sapan@59.176.20.178 1202875266 Q * thesourcerer Ping timeout: 480 seconds 1202876304 Q * philipp Remote host closed the connection 1202877094 J * aj_ ~aj@e180213217.adsl.alicedsl.de 1202877163 J * _gh_ ~gerrit@c-67-169-199-103.hsd1.or.comcast.net 1202877411 J * doener_ ~doener@i577BB070.versanet.de 1202877461 Q * derjohn_mobil Ping timeout: 480 seconds 1202877822 Q * doener Ping timeout: 480 seconds 1202878491 M * Bertl okay, off to bed now .. have a good one everyone! 1202878497 N * Bertl Bertl_zZ 1202879086 N * Guest1333 otaku42 1202880605 J * geektopia ~geektopia@61.29.125.10 1202880615 Q * er Quit: er 1202880851 Q * matthew_ Server closed connection 1202880864 J * matthew_ ~matthew@81.168.74.31 1202881668 Q * geektopia Quit: Ex-Chat 1202881763 Q * nebuchadnezzar Server closed connection 1202882402 Q * jescheng Remote host closed the connection 1202882413 J * jescheng ~jescheng@proxy-sjc-1.cisco.com 1202883260 Q * C14r_ Server closed connection 1202883261 J * C14r ~C14r@h58173.serverkompetenz.net 1202884771 Q * daniel_hozac Server closed connection 1202884784 J * daniel_hozac ~daniel@ssh.hozac.com 1202885357 J * JonB ~NoSuchUse@77.75.164.169 1202885531 J * xdr ~xdr@gote2.173.cust.blixtvik.net 1202885585 Q * xdr 1202885585 J * xdr ~xdr@gote2.173.cust.blixtvik.net 1202885591 Q * JonB 1202886676 Q * mnemoc Server closed connection 1202886690 J * mnemoc ~amery@kilo105.server4you.de 1202887004 Q * aj_ Ping timeout: 480 seconds 1202887326 J * _bjh_ ~bjh@84.112.154.154 1202887666 Q * derjohn Quit: by(t)e 1202887943 J * dna ~dna@84-247-dsl.kielnet.net 1202888631 Q * dna Quit: Verlassend 1202889038 J * ktwilight_ ~ktwilight@17.216-66-87.adsl-static.isp.belgacom.be 1202889324 Q * ktwilight Ping timeout: 480 seconds 1202890991 Q * chigital Ping timeout: 480 seconds 1202891046 M * gebura hi 1202891340 J * derjohn_mobil ~aj@pD9E8A3B7.dip0.t-ipconnect.de 1202891556 J * WDTY ~root@82-171-214-117.dsl.ip.tiscali.nl 1202891977 J * Punkie ~Punkie@goc.coolhousing.net 1202892688 Q * derjohn_mobil Ping timeout: 480 seconds 1202892787 J * DLange ~dlange@p57A31057.dip0.t-ipconnect.de 1202892914 N * mattzerah`afk mattzerah 1202893312 Q * phedny Server closed connection 1202893327 J * phedny ~mark@010-022-128-083.dynamic.caiway.nl 1202893337 J * JonB ~NoSuchUse@77.75.164.169 1202893377 J * derjohn_mobil ~aj@80.69.42.51 1202893694 Q * JonB Quit: This computer has gone to sleep 1202893920 N * DoberMann[ZZZzzz] DoberMann 1202893982 J * padde ~padde@patrick-nagel.net 1202894405 Q * padde Quit: leaving 1202894425 J * padde ~padde@patrick-nagel.net 1202894468 M * padde sorry for the quit/join spam 1202894479 N * mattzerah mattzerah`afk 1202894971 Q * harry Server closed connection 1202894972 J * harry ~harry@d54C363EF.access.telenet.be 1202895037 Q * SadMan Ping timeout: 480 seconds 1202895070 N * mattzerah`afk mattzerah 1202895709 Q * pusling Server closed connection 1202895716 J * pusling pusling@77.75.162.71 1202895758 M * padde is vserver 2.3.0.32 production ready? it says 'devel' in the topic, but it's the only available version in the dhozac-vserver repository for CentOS 1202895774 M * harry is there no 2.2 ??? 1202895794 M * harry i still don't support it in grsec because it's devel :) 1202895836 N * transaci1 transacid 1202895848 M * padde harry: umm, from what i saw, no. in gentoo 2.2 is still marked as testing, and 2.3 is hard-masked ;) I find that a bit odd 1202895902 M * padde harry: http://rpm.hozac.com/dhozac/centos/5/vserver/x86_64/ 1202895959 M * harry well... don't know the gentoo story ;) 1202895997 N * mattzerah mattzerah`away 1202896134 M * zbyniu 2.3 works fine, also with grsec 1202896303 M * harry Linux cerberus.enzoverder.be 2.6.22.18-grsec2.1.11-vs2.2.0.6 #1 Wed Feb 13 10:47:06 CET 2008 x86_64 x86_64 x86_64 GNU/Linux 1202896306 M * harry wiiiiiiiii :) 1202896315 M * harry zbyniu: what patch do you use for that? 1202896356 M * zbyniu harry: pld-linux.org 1202896397 M * zbyniu i write patches vs+grsec 1202896408 M * harry in that case: hey there collegue :0 1202896409 M * harry ;) 1202896423 M * zbyniu yep :) 1202896628 J * enkahel__ ~enkahel@ACaen-257-1-72-64.w86-220.abo.wanadoo.fr 1202896635 Q * click_ Server closed connection 1202896637 J * click click@ti511110a080-5777.bb.online.no 1202896903 J * tudenbart ~willi@xdsl-81-173-171-41.netcologne.de 1202897028 J * derjohn ~derjohn@80.69.41.3 1202897033 Q * enkahel_ Ping timeout: 480 seconds 1202897051 Q * ex Server closed connection 1202897062 J * ex ex@valis.net.pl 1202897161 J * nkukard ~nkukard@196.212.73.74 1202897327 J * JonB ~NoSuchUse@77.75.164.169 1202897341 Q * dothebart Ping timeout: 480 seconds 1202897528 Q * FireEgl Quit: Leaving... 1202897626 Q * derjohn Remote host closed the connection 1202897652 J * derjohn ~derjohn@80.69.41.3 1202897745 J * Mufasa_nb ~mufasa@196.212.73.74 1202897843 M * Mufasa_nb chroot-sh: open("/etc/apt/sources.list"): No such file or directory 1202897843 M * Mufasa_nb <--- i keep getting that error trying to install a debian vserver. where is it looking for that file ? 1202897883 Q * tokkee Server closed connection 1202897884 J * tokkee tokkee@ssh.faui2k3.org 1202897937 M * padde Mufasa_nb: if you get it while doing a 'vserver ... build' then i guess it's trying to open that file from your host, to be able to download the packages 1202897964 M * padde (just a theory, because i'm a noob in vserver ;) ) 1202897987 M * Mufasa_nb thats what i thought, i setup a valid sources.list file in that directory as well, still the same error 1202898057 M * padde hm.. don't know then. i'm just building a centos guest - hope i have better luck ;) 1202898367 M * gebura what is your host ? 1202898382 M * gebura what distrib is on ? 1202898421 M * Mufasa_nb idms 1202898453 M * Mufasa_nb it uses rpm/yum for package management 1202898454 M * nkukard gebura, Mufasa_nb is one of the packagers trying to get vservers to work installing a deb vserver 1202898531 M * gebura ok 1202898542 M * gebura do you have a /etc/apt/source.list file ? 1202898547 M * Mufasa_nb yum 1202898550 M * Mufasa_nb yup* 1202898575 M * gebura sorry i didn't understand, yes ? no ? 1202898588 M * Mufasa_nb yes its there 1202898600 N * mattzerah`away mattzerah 1202898602 N * mattzerah mattzerah`away 1202898618 N * mattzerah`away mattzerah 1202898656 N * mattzerah mattzerah`away 1202898711 M * gebura is open("/etc/apt/sources.list") the first error you get ? 1202898727 M * gebura could you pass the output in a pastebin like paste.debian.net ? 1202898731 M * gebura past 1202898734 M * gebura paste 1202898736 M * gebura grr :) 1202898880 J * FireEgl Proteus@adsl-147-90-184.bhm.bellsouth.net 1202898886 M * gebura have you the problem only with debian guest or others too ? 1202899451 M * Mufasa_nb http://paste.debian.net/49079 so far only tried with debian 1202899833 M * gebura hum very verbose 1202899879 M * gebura daniel_hozac, where can we find the test.sh script ? 1202899906 M * gebura Mufasa_nb, can you also paste the "vserver-info" command result ? 1202900016 P * friendly12345 1202900040 M * Mufasa_nb http://paste.debian.net/49080 <-- vserver-info 1202900070 Q * kiorky Server closed connection 1202900076 Q * larsivi Quit: Konversation terminated! 1202900084 J * kiorky ~kiorky@cryptelium.net 1202900169 Q * bzed Server closed connection 1202900170 J * bzed ~bzed@devel.recluse.de 1202900877 Q * gebura Quit: Quitte 1202900906 J * gebura ~gebura@77.192.186.197 1202900945 Q * weasel Quit: Reconnecting 1202900950 J * weasel weasel@weasel.chair.oftc.net 1202902187 M * daniel_hozac padde: i've been using 2.3 in production for months. 1202902204 M * padde daniel_hozac: i see. thanks for the info :) 1202902211 Q * Aiken Quit: Leaving 1202902242 J * virtuoso_ ~s0t0na@ppp91-122-160-235.pppoe.avangard-dsl.ru 1202902652 Q * virtuoso Ping timeout: 480 seconds 1202902977 N * yang_ yang 1202903261 Q * Punkie Quit: Odcházím 1202903716 Q * nkukard Quit: Leaving 1202904067 M * padde hm... after 'vyum myvserver -- install openssh' i still don't have an sshd installed in the vserver... 1202904229 M * padde oh, because i didn't install the -server ;) 1202904247 M * padde man, i hate yum 1202904619 Q * Adrinael_ Quit: Maintenance 1202904989 J * dna ~dna@119-198-dsl.kielnet.net 1202905116 J * Punkie ~Punkie@goc.coolhousing.net 1202905164 J * Adrinael adrinael@rid7.kyla.fi 1202905564 Q * arthur Server closed connection 1202905585 J * arthur ~arthur@ada.lri.fr 1202906077 Q * JonB Quit: This computer has gone to sleep 1202906360 Q * Mufasa_nb Quit: Leaving 1202906884 M * bXi does one of you know what gentoo ebuild contains the lockfile command? 1202906919 M * daniel_hozac try procmail. 1202907090 M * Hollow bXi: the debian package search is quite handy for this ;) 1202907095 J * awk ~awk@security.web.za 1202907097 M * awk hello 1202907122 Q * derjohn_mobil Ping timeout: 480 seconds 1202907356 J * CyberMonk hacker@2001:5c0:84dc:1:2::39 1202907842 J * JonB ~NoSuchUse@77.75.164.169 1202908874 Q * meebey Server closed connection 1202908877 J * meebey meebey@booster.qnetp.net 1202909308 Q * trippeh Read error: Connection reset by peer 1202909424 M * Hollow daniel_hozac: does the latest stable fix the root exploit? 1202909440 M * daniel_hozac 2.6.22.18? yes. 1202909456 M * Hollow ok, will do a new ebuild now 1202909585 J * ema ~ema@rtfm.galliera.it 1202909750 J * ntrs ~ntrs@vs079.rosehosting.com 1202909900 J * trippeh atomt@uff.ugh.no 1202910959 Q * slydder_office Server closed connection 1202910975 J * Slydder ~chuck@194.59.17.53 1202912041 N * Bertl_zZ Bertl 1202912056 M * Bertl morning folks! 1202912381 M * gebura hi Bertl ! 1202912392 M * gebura long sleep ;) 1202913503 M * Bertl still sleepy :) 1202913689 M * JonB Bertl: try some speed 1202913869 J * Weirdo ~truelight@145.118.72.134 1202913888 M * Weirdo Hollow: do you know if there is a gentoo ebuild with 2.6.22.18 for vserver? 1202913893 M * Bertl wb Weirdo! 1202913977 M * arachnist Weirdo: 1202913978 M * arachnist 143023 | Hollow | daniel_hozac: does the latest stable fix the root exploit? 1202913981 M * arachnist 143039 | daniel_hozac | 2.6.22.18? yes. 1202913984 M * arachnist 143056 | Hollow | ok, will do a new ebuild now 1202913992 M * Weirdo arachnist: tnx :) 1202913993 Q * ||Cobra|| Remote host closed the connection 1202914000 M * Weirdo as the current latest is based on 2.6.22.10 :( 1202914004 Q * balbir Ping timeout: 480 seconds 1202914164 M * Weirdo there isn't even a genpatch for 2.6.22.18 :( 1202914611 J * jmcaricand jm@d90-144-110-144.cust.tele2.fr 1202914678 Q * jsambrook Quit: Leaving. 1202914692 J * balbir ~balbir@122.167.198.85 1202914726 Q * Weirdo Quit: Tnx for the fish 1202914853 J * jsambrook ~jsambrook@aelfric.plus.com 1202914853 J * pmenier ~pme@193.251.7.5 1202914854 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl 1202914897 M * padde humm... how can i have a route in the host that's not usable / visible in the guest? 1202914909 M * daniel_hozac use source routing. 1202914919 Q * jsambrook Read error: Connection reset by peer 1202914951 M * padde care to elaborate? ;) a link would do :D 1202914985 J * jsambrook ~jsambrook@aelfric.plus.com 1202915021 Q * jsambrook 1202915151 M * daniel_hozac http://archives.linux-vserver.org/200311/0470.html 1202915187 M * padde cool, thanks a lot :) 1202915231 J * jsambrook ~jsambrook@aelfric.plus.com 1202915411 J * ntrs_ ~ntrs@vs079.rosehosting.com 1202915832 Q * ntrs Ping timeout: 480 seconds 1202916006 M * padde daniel_hozac: perhaps you meant this? http://archives.linux-vserver.org/200311/0462.html ;) anyway I found it through your link, by clicking on thread view ;) 1202916307 M * Bertl okay, off for now, bbl 1202916313 N * Bertl Bertl_oO 1202916427 Q * JonB Quit: This computer has gone to sleep 1202917050 Q * zbyniu Read error: Connection reset by peer 1202917084 Q * jsambrook Remote host closed the connection 1202917143 J * jsambrook ~jsambrook@aelfric.plus.com 1202917183 M * gebura was some peoples aware of kerrighed ( kerrighed.org ) and try to vserver with ? 1202917184 J * zbyniu ~zbyniu@host13-188.crowley.pl 1202917203 M * gebura must be interesting 1202917218 M * gebura a cluster that can host vservers 1202917354 A * cehteh suggested that years ago, mosix then 1202917390 M * cehteh have a expensive ultra reliable hardware as front vserver and many cheap pc's as processing nodes in the back 1202917494 Q * Punkie Quit: Odcházím 1202917506 M * gebura but openmosix is dead :( 1202917532 M * cehteh yeah 1202917551 M * cehteh you could try that with kerrighed now :) 1202917566 A * cehteh doesnt need it and doesnt have the hardware for that 1202917622 J * nebuchadnezzar ~nebu@zion.asgardr.info 1202917766 J * JonB ~NoSuchUse@77.75.164.169 1202917846 J * PowerKe_ ~tom@d54C13E4B.access.telenet.be 1202917949 J * pmjdebru1jn ~pmjdebrui@jester.pcode.nl 1202917952 Q * PowerKe Ping timeout: 480 seconds 1202917975 Q * pmjdebruijn Read error: Connection reset by peer 1202918507 Q * waldi Quit: reboot 1202918612 J * fatgoose ~samuel@76-10-149-199.dsl.teksavvy.com 1202918902 Q * JonB Quit: This computer has gone to sleep 1202919147 Q * gebura Remote host closed the connection 1202919189 J * waldi ~waldi@bblank.thinkmo.de 1202919424 Q * WDTY Remote host closed the connection 1202919519 M * jmcaricand Hi. I've a server in production with a kernel 2.6.20 and vserver patch 2.2.0 (10 guests). I saw these is a bug in linux 2.6.17-24. I want to upgrade :-). Do you have suggestions ? 1202919665 J * JonB ~NoSuchUse@77.75.164.169 1202919753 Q * puck Ping timeout: 480 seconds 1202919879 J * gebura ~gebura@77.192.186.197 1202919996 Q * Daniello Remote host closed the connection 1202920218 Q * _bjh_ Quit: leaving 1202920415 J * hparker ~hparker@linux.homershut.net 1202920622 M * arachnist jmcaricand: latest stable fixes that 1202920679 M * jmcaricand arachnist: 2.6.22.18 + vs2.2.0.6 ? 1202920741 M * arachnist jmcaricand: if what daniel_hozac said is true, yes 1202920811 M * jmcaricand arachnist: Thank a lot. 1202920818 M * arachnist n/p 1202921360 Q * gebura Quit: Quitte 1202921989 Q * bragon Ping timeout: 480 seconds 1202922033 Q * JonB Ping timeout: 480 seconds 1202922114 M * trippeh Is CVE-2008-0163 fixed in 2.2.0.6? I'm not seeing any references in the changelog 1202922227 M * arachnist 143023 | Hollow | daniel_hozac: does the latest stable fix the root exploit? 1202922230 M * arachnist 143039 | daniel_hozac | 2.6.22.18? yes. 1202922284 M * trippeh CVE-2008-0163 is not the root exploit. 1202922333 M * trippeh CVE-2008-0163 is a vserver bug, not mainline 1202922367 J * Daniello daniello@Hmm.iglu.sk 1202922415 M * daniel_hozac it's a Debian issue. none of the trees i have on my laptop (dating back to 2.6.17) are vulnerable. 1202922443 M * trippeh Oh. So mainline + vserver patch is in the clear? 1202922463 M * daniel_hozac yes. 1202922485 M * trippeh Ok! :) 1202922497 M * yang is it important that CTX have low numbers ? By default debootstrap assigned mine to 40000 1202922505 Q * arekm Server closed connection 1202922507 J * arekm arekm@carme.pld-linux.org 1202922520 M * daniel_hozac yang: anything less than 49152 is fine... 1202922595 M * yang I also wonder if IPv6 is supported by deefault now in debian's 0.30.214-6 1202922617 M * daniel_hozac that was added in 0.30.213, IIRC. 1202922622 M * yang ok 1202922918 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1202923008 J * bragon ~bragon@2001:7a8:aa58::1 1202923122 J * derjohn_mobil ~aj@lm01.laternamagica.net 1202923459 J * alex_ ~alex@62-249-237-101.no-dns-yet.enta.net 1202923462 M * alex_ hey lads :) 1202923545 M * alex_ im noticing a few little issues with my linux VPS vserver running 2.6.22-2-vserver-k7 (debian) -> util-vserver: 0.30.213; 1202923573 M * alex_ im getting some courierpop3login: fork: Cannot allocate memory issues 1202923598 M * alex_ although ive allocated around768megs of memory i dont think vservers freeing it up properly... ill post my memory settings in 1min 1202923666 Q * derjohn_mobil Ping timeout: 480 seconds 1202923829 J * JonB ~NoSuchUse@77.75.164.169 1202923829 Q * JonB 1202924950 Q * hijacker Server closed connection 1202924962 J * hijacker ~hijacker@213.91.163.5 1202925610 Q * pmenier Quit: Konversation terminated! 1202925756 J * Punkie ~punkie@home.pekelny.net 1202926298 J * mEDI_S ~medi@snipah.com 1202926316 M * Bertl_oO alex_: sounds interesting, but if something isn't freeing up memory, then it is your userspace 1202926343 M * Bertl_oO alex_: anyway, /proc/virtual//limits should give some ideas (use paste.linux-vserver.org) 1202926351 N * Bertl_oO Bertl 1202926480 M * alex_ Bertl, ok 1202926488 M * alex_ im actually using openvcp web interface to admin this :) 1202926511 M * alex_ but ill pasty my conf 1202926511 M * alex_ 1min 1202926556 M * alex_ i dont have a limits in /proc/virtual//limits 1202926557 M * alex_ :F 1202926580 M * alex_ ah .. heh 1202926582 M * alex_ yes i do :P 1202926633 M * daniel_hozac ENOMEM sounds like an as limit set too low. 1202926644 M * alex_ Bertl, : http://nopaste.snit.ch/12318 1202926647 M * alex_ daniel_hozac, http://nopaste.snit.ch/12318 1202926665 M * alex_ i got this unable to allocate memory fork business once a while 1202926694 M * daniel_hozac and that'll be why. you'll want to increase that VM/AS limit. 1202926720 M * alex_ hmmm 1202926734 M * Bertl daniel_hozac: and why do we not see any limit hit? 1202926742 M * alex_ rs -> minimum / soft / hard limits? 1202926768 M * alex_ rs = as i mean 1202926771 M * daniel_hozac Bertl: hmm, good point. 1202926832 M * alex_ i can pull up other allocation issues 1202926843 M * alex_ they are 99% of them forks ... 1202926849 M * alex_ related to postfix ... 1202926876 M * Bertl 133 processes max doesn't sound that much to me either 1202926894 M * Bertl did you restart the guest recently (or clear the limits)? 1202926972 M * alex_ hmm hang on 1202926978 M * alex_ how do i find out im using the correct xid? 1202926988 M * alex_ i have some hits on another /proc / limits ... 1202927025 M * Bertl vserver-stat (or check your config :) 1202927043 M * alex_ right 1202927044 M * daniel_hozac /proc/virtual/`vserver-info CONTEXT`/limits 1202927046 M * alex_ ok got it 1min 1202927064 M * alex_ ah yes. 1202927067 M * alex_ hits :) 1202927069 M * alex_ 1min i pasty 1202927076 J * dowdle ~dowdle@scott.coe.montana.edu 1202927078 M * Bertl (please use paste.linux-vserver.org for everything longer than 3 lines) 1202927083 M * alex_ yeap :) 1202927110 M * alex_ http://paste.linux-vserver.org/11751 1202927140 M * Bertl yep, that's a bunch of VM hits 1202927144 M * alex_ hmmmm 1202927155 M * alex_ its very strange becayse ive set my : 1202927164 M * alex_ minimum/soft/hard 1202927170 M * alex_ rss = 512 / 768 / 1024 1202927171 M * alex_ and 1202927178 M * alex_ as = 512/768 / 1024 1202927187 M * alex_ everything else is default or aka -1 1202927189 M * daniel_hozac which you definitely don't want. 1202927203 M * alex_ right ... i remember reading the wiki on this 1202927216 M * daniel_hozac AS will be 3-10x RSS, typically. 1202927221 M * alex_ i couldnt get my head around it, could you point me in the right direction? 1202927248 M * alex_ right, i would like to assign this machine 1gb ram ... 1202927259 M * Bertl VM != RAM 1202927263 M * alex_ heh :P 1202927277 M * alex_ right . 1202927291 M * alex_ ideas? 1202927398 M * alex_ whats interesting, ive set for those settings i listed about 1202927405 M * alex_ but .proc/limits show only 256 ? 1202927460 M * alex_ any ideas on what as and rss settings i should use? 1202927519 M * daniel_hozac as i said, AS should be 3-10 times RSS. 1202927548 Q * ema Quit: leaving 1202927578 M * alex_ right 1202927608 M * alex_ so will these settings be ok? 1202927621 M * alex_ rss = 128 / 256/ 1024 1202927623 M * alex_ and as: 1202927638 M * alex_ as = 384 / 768 / 3072? 1202927732 M * daniel_hozac maybe, it depends on what your guest is doing... 1202927740 M * alex_ just mail, apache 1202927746 M * alex_ for aounrd 20 mail boxes.... 1202927749 M * daniel_hozac i don't really see the point of limiting AS, but i guess that's just me. 1202927751 M * alex_ a few websites :) 1202927755 M * alex_ ok 1202927766 M * Bertl daniel_hozac: denial of service (resources) 1202927785 M * Bertl but alex_ is the first one to use the minimum settings I guess :) 1202927802 M * daniel_hozac using too many vmas, or what? 1202927815 M * Bertl yep, something like that 1202927883 M * alex_ when i do a free on the server i get this : 1202927901 M * alex_ http://paste.linux-vserver.org/11752 1202927913 M * alex_ 1sec ill combine that with /proc limties 1202927915 M * alex_ limits* 1202927925 Q * mEDI_S Quit: mEDI_S 1202927925 J * mEDI_S ~medi@snipah.com 1202927958 M * alex_ http://paste.linux-vserver.org/11753 1202927960 M * alex_ take a look 1202927981 M * alex_ does RSS report what "free" shows? 1202928028 M * daniel_hozac other way around, but yes. 1202928116 M * alex_ ah right... 1202928146 M * alex_ then , how come with AS set with those examples above... free shows these "low" numbers? 1202928168 M * alex_ sorry RSS* 1202928191 M * alex_ ahhhh 1202928195 M * alex_ nevermind 1202928204 M * alex_ ive figured it out heh 1202928449 M * alex_ cool, thanks 1202928453 M * alex_ all figured out 1202928520 M * Bertl excellent! 1202928864 J * emmy29 ~emmy29@ANantes-257-1-94-126.w90-25.abo.wanadoo.fr 1202928985 Q * emmy29 1202930620 J * Aiken ~james@ppp59-167-117-30.lns3.bne4.internode.on.net 1202930628 M * Bertl wb Aiken! 1202930656 M * Aiken hi 1202930766 J * Pony_ ~NoSuchUse@77.75.164.169 1202930853 Q * DLange Quit: Bye, bye. Hasta luego. 1202932067 Q * mick_work Ping timeout: 480 seconds 1202932138 M * brc Are vserver's kernel normally affected by the new kernel vulnerability? 1202932143 M * brc https://bugzilla.redhat.com/show_bug.cgi?id=432229 1202932157 M * Pony_ the vmsplice? 1202932179 M * Bertl probably, updating to 2.6.22.18 is advised 1202932314 Q * Pony_ Quit: This computer has gone to sleep 1202932332 M * TrueBrain is there a Gentoo ebuild for 2.3 against 2.6.22.18? (or at least with this big fat hole closed ;)) 1202932473 M * brc Yes. I am thinking about tryuing that kernel module somente provided on bugzilla 1202932476 M * brc Good workaround 1202932721 J * mick_work ~clamwin@adsl-068-157-089-099.sip.bct.bellsouth.net 1202932790 M * brc Bertl, would that exploit give a VPS hacker access to the hardware node ? 1202932819 M * daniel_hozac the bug can, yes. 1202932821 M * brc i mean, if someone inside the vps could exploit it in a way that would get access to the hardware node 1202932831 M * brc Daniel! LTNS :D 1202932842 M * daniel_hozac indeed, hi. 1202933054 J * ftx ~ftx@dslb-084-060-211-073.pools.arcor-ip.net 1202933638 Q * kaner Server closed connection 1202933639 J * kaner kaner@zzz.strace.org 1202933673 M * trippeh brc: It runs arbitrary code in kernel space. Of course it can. 1202933717 M * trippeh The currently published exploits doesn't target that scenario however. 1202933725 M * trippeh But "fixing" that is probably trivial. 1202933731 M * brc ok 1202933742 M * brc thanks for the explanation 1202934091 M * Bertl as far as I can tell, the exploit would have to be very tricky to get host root 1202934101 M * Bertl but it should be trivial to get guest root 1202934121 M * daniel_hozac it figures out where current is and changes the uid/gid. 1202934138 M * daniel_hozac changing the xid/vxi/nxi/nxi as well shouldn't be much of a problem. 1202934148 M * daniel_hozac s/nxi/nid/1 1202934692 Q * jmcaricand Quit: KVIrc 3.2.4 Anomalies http://www.kvirc.net/ 1202934794 M * Bertl daniel_hozac: without symbols or kmem? 1202934835 M * daniel_hozac yeah, there was some syscall return stacking peeking going on, IIRC. i didn't examine it too closely. 1202934842 M * daniel_hozac -ing 1202934903 M * Bertl okay ... 1202934915 M * Bertl well, was just a guess 1202935692 M * ntrs_ Is there an easy howto on how to run either X or VNC inside a guest? 1202935728 M * daniel_hozac an X server or clients? 1202935755 M * ntrs_ an X desktop environment or VNC 1202935756 J * derjohn_mobil ~aj@80.69.42.51 1202935757 M * ktwilight_ ntrs_, correct me if i'm wrong, but it'd be suitable to run virtualbox for X environments. 1202935778 M * daniel_hozac well, you can run a desktop environment using e.g. ssh -Y 1202935789 M * ntrs_ ktwilight_, what is virtualbox? 1202935824 M * Bertl http://oldwiki.linux-vserver.org/Vservers+and+X 1202935827 M * ktwilight_ it's a virtual machine, like vserver, but has a stronger emphasis on desktop usage 1202935841 M * Bertl ktwilight_: that is completely wrong 1202935859 M * ktwilight_ oops 1202935876 M * ktwilight_ do enlighten me Bertl 1202935889 M * Bertl correct is that virtua(l)box is a virtual machine like QEMU 1202935906 M * Bertl and it is quite fast, when it utilizes kvm 1202935910 M * ntrs_ Bertl, that's exactly what I don't want 1202935911 M * ktwilight_ ah, k 1202935929 M * Bertl Linux-VServer OTOH, is based on isolation (virtualization on the OS layer) 1202935933 M * ntrs_ Bertl, X via VNC perhaps? 1202935950 M * daniel_hozac Xvfb and a VNC server should work well too. 1202935959 M * Bertl ntrs_: both works fine, you can run x11vnc or similar too 1202935976 M * Bertl (and use a 'dummy display' X server) 1202936038 M * ntrs_ Ok, Bertl and how exactly do I do that? Is there a howto for that? 1202936054 M * Bertl first, what is what you actually want to do 1202936101 M * ntrs_ allow a guest to run an x desktop environment. 1202936143 M * daniel_hozac it's really no different than any other headless system. 1202936195 M * Bertl like a detached session, you can connect and leave running? 1202936215 M * ntrs_ Bertl, I guess. 1202936242 M * Bertl or just to send applications to an X terminal? 1202936248 M * ntrs_ Bertl, yes, you connect, do your thing, then either logout or disconnect and leave the session running. 1202936261 M * ntrs_ No, not just send applications to an x terminal. 1202936265 M * Bertl i.c., well in this case, VNC is the best choice 1202936270 M * ntrs_ I agree 1202936277 M * ntrs_ I just need some sort of howto 1202936376 M * daniel_hozac you should just need to install a VNC server and set it up. 1202936408 M * Bertl xvnc 1202936415 M * ntrs_ daniel_hozac, ok, just any vnc server installation howto will work? do I need to allow some special capabilities on the guest? 1202936420 M * daniel_hozac no. 1202936441 M * Bertl http://www.cl.cam.ac.uk/research/dtg/attarchive/vnc/xvnc.html 1202936457 J * larsivi ~larsivi@144.84-48-50.nextgentel.com 1202936458 M * daniel_hozac as long as you don't want to run an X server on the hardware, it doesn't matter that it's a guest. 1202936486 M * ntrs_ I see 1202936488 M * ntrs_ Ok 1202936503 Q * fatgoose Remote host closed the connection 1202936511 M * Bertl ntrs_: your guest distro should even provide some package usually x11-server-xnvnc 1202936515 J * fatgoose ~samuel@76-10-149-199.dsl.teksavvy.com 1202936516 M * Bertl *xvnc 1202936530 M * ntrs_ Bertl, ok, I will check for that 1202937069 J * ntrs ~ntrs@vs079.rosehosting.com 1202937293 J * Pony_ ~NoSuchUse@77.75.164.169 1202937463 Q * ntrs_ Ping timeout: 480 seconds 1202937570 M * nebuchadnezzar it seems to have a security problem on 2.6 kernel series :-/ 1202937594 M * Bertl a new one? 1202937613 M * nebuchadnezzar http://www.us.debian.org/security/2008/dsa-1494 1202937633 M * nebuchadnezzar regarding to this DSA, it seems to be vserver specific no ? 1202937653 M * daniel_hozac CVE-2008-0163, yes. 1202937655 M * Bertl ah, yes, more than that, it is very 'debian specific' :) 1202937705 M * Bertl the other two are genuine mainline issues 1202937783 M * nebuchadnezzar ok, I'll compile a 2.6.22.18 which seems to fix the issues 1202937813 J * clara30 ~clara30@ANantes-257-1-94-126.w90-25.abo.wanadoo.fr 1202937889 Q * clara30 1202938175 Q * bonbons Quit: Leaving 1202938190 M * snooze is it possible to get an ip-address for a guest by dhcp when dhcpcd is already "using" the one and only interface on the server? 1202938214 M * Bertl yes, as dhcp 'clients' use a different port 1202938233 M * Bertl ah, dhcp_c_d .. sorry 1202938239 M * snooze yeah 1202938247 M * Bertl yes, you can get the guest IPs _for_ the guests 1202938258 M * Bertl not sure that dhcpcd can do that though 1202938291 M * snooze because i wont be able to give them static addresses (except internal 192.168.* ones and likewise) 1202938323 M * Bertl that could be fine as well, you can map them to real addresses via iptables 1202938343 M * snooze hm 1202938353 M * snooze i'd still need to get several ip-addresses by dhcp 1202938365 M * snooze and with only one network interface that seems.. difficult? 1202938398 M * Bertl nah, that is what dhcp client ids are for 1202938447 M * snooze oh? details :) 1202938460 M * Bertl http://www.dhcp-handbook.com/dhcp_faq.html#wiaci 1202938477 Q * mattzerah`away Read error: Connection reset by peer 1202938496 Q * fatgoose Quit: fatgoose 1202938549 M * snooze do you know if that works with, well, most dhcp servers running out there? 1202938568 M * snooze and not just some special ones you setup your self 1202938574 M * Bertl well, I do know that it works with all the dhcp servers I use :) 1202938593 M * Bertl I have no idea what is used 'out there' 1202938657 M * snooze hehe 1202938668 M * snooze well good to know it really might be possible anyway 1202939760 J * fatgoose ~samuel@76-10-149-199.dsl.teksavvy.com 1202940319 M * Bertl off to bed .. have a good one everyone! 1202940324 N * Bertl Bertl_zZ 1202940365 M * nebuchadnezzar night Bertl_zZ 1202940519 N * DoberMann DoberMann[ZZZzzz] 1202940559 Q * ftx Remote host closed the connection 1202941475 Q * Pony_ Quit: This computer has gone to sleep 1202941765 Q * larsivi Quit: Konversation terminated! 1202941886 J * larsivi ~larsivi@144.84-48-50.nextgentel.com 1202942323 Q * alfs_ resistance.oftc.net unununium.oftc.net 1202942323 Q * eviljonny resistance.oftc.net unununium.oftc.net 1202942680 J * eviljonny ~eviljonny@loki.eviljonnys.com 1202942680 J * alfs_ ~alfs@sa-pc.cs.kau.se 1202942814 Q * fatgoose cation.oftc.net resistance.oftc.net 1202942814 Q * ntrs cation.oftc.net resistance.oftc.net 1202942814 Q * mick_work cation.oftc.net resistance.oftc.net 1202942814 Q * dowdle cation.oftc.net resistance.oftc.net 1202942814 Q * pusling cation.oftc.net resistance.oftc.net 1202942814 Q * _gh_ cation.oftc.net resistance.oftc.net 1202942814 Q * FloodServ cation.oftc.net resistance.oftc.net 1202942814 Q * nwf cation.oftc.net resistance.oftc.net 1202942814 Q * Mooo cation.oftc.net resistance.oftc.net 1202942814 Q * Hunger cation.oftc.net resistance.oftc.net 1202942814 Q * hparker cation.oftc.net resistance.oftc.net 1202942814 Q * awk cation.oftc.net resistance.oftc.net 1202942814 Q * dna cation.oftc.net resistance.oftc.net 1202942814 Q * quasisane cation.oftc.net resistance.oftc.net 1202942814 Q * mountie cation.oftc.net resistance.oftc.net 1202942814 Q * bored2sleep cation.oftc.net resistance.oftc.net 1202942814 Q * brc cation.oftc.net resistance.oftc.net 1202942814 Q * besonen_mobile_ cation.oftc.net resistance.oftc.net 1202942814 Q * Hollow cation.oftc.net resistance.oftc.net 1202942814 Q * daniel_hozac cation.oftc.net resistance.oftc.net 1202942814 Q * nou cation.oftc.net resistance.oftc.net 1202942814 Q * vasko cation.oftc.net resistance.oftc.net 1202942814 Q * ag- cation.oftc.net resistance.oftc.net 1202942814 Q * morfoh cation.oftc.net resistance.oftc.net 1202942814 Q * eyck cation.oftc.net resistance.oftc.net 1202942814 Q * cohan cation.oftc.net resistance.oftc.net 1202942814 Q * Alteisen cation.oftc.net resistance.oftc.net 1202942814 Q * bXi cation.oftc.net resistance.oftc.net 1202942814 Q * arachnist cation.oftc.net resistance.oftc.net 1202942814 Q * nox cation.oftc.net resistance.oftc.net 1202942814 Q * stephan cation.oftc.net resistance.oftc.net 1202942814 Q * baldy cation.oftc.net resistance.oftc.net 1202942814 Q * opuk cation.oftc.net resistance.oftc.net 1202942814 Q * esa cation.oftc.net resistance.oftc.net 1202942814 Q * cehteh cation.oftc.net resistance.oftc.net 1202942814 Q * Loki|muh cation.oftc.net resistance.oftc.net 1202942814 Q * Guy- cation.oftc.net resistance.oftc.net 1202942814 Q * DoberMann[ZZZzzz] cation.oftc.net resistance.oftc.net 1202942814 Q * sannes cation.oftc.net resistance.oftc.net 1202942814 Q * sladen cation.oftc.net resistance.oftc.net 1202942814 Q * matti cation.oftc.net resistance.oftc.net 1202942814 Q * Radiance cation.oftc.net resistance.oftc.net 1202942814 Q * snooze cation.oftc.net resistance.oftc.net 1202942814 Q * the-me cation.oftc.net resistance.oftc.net 1202942814 Q * TrueBrain cation.oftc.net resistance.oftc.net 1202942814 Q * ard cation.oftc.net resistance.oftc.net 1202942814 Q * AndrewLee cation.oftc.net resistance.oftc.net 1202942814 Q * yang cation.oftc.net resistance.oftc.net 1202942814 Q * infowolfe cation.oftc.net resistance.oftc.net 1202942814 Q * Supaplex cation.oftc.net resistance.oftc.net 1202942814 Q * Aiken cation.oftc.net resistance.oftc.net 1202942814 Q * FireEgl cation.oftc.net resistance.oftc.net 1202942814 Q * jescheng cation.oftc.net resistance.oftc.net 1202942814 Q * micah cation.oftc.net resistance.oftc.net 1202942814 Q * emag cation.oftc.net resistance.oftc.net 1202942814 Q * houkouonchi cation.oftc.net resistance.oftc.net 1202942814 Q * tam cation.oftc.net resistance.oftc.net 1202942814 Q * balbir cation.oftc.net resistance.oftc.net 1202942838 J * Hunger Hunger.hu@Hunger.hu 1202942838 J * Mooo ~troy@shells195.pinchaser.com 1202942838 J * nwf ~nwf@76.161.226.43 1202942838 J * FloodServ services@services.oftc.net 1202942841 J * Aiken ~james@ppp59-167-117-30.lns3.bne4.internode.on.net 1202942841 J * _gh_ ~gerrit@c-67-169-199-103.hsd1.or.comcast.net 1202942841 J * pusling pusling@77.75.162.71 1202942841 J * dowdle ~dowdle@scott.coe.montana.edu 1202942841 J * mick_work ~clamwin@adsl-068-157-089-099.sip.bct.bellsouth.net 1202942841 J * ntrs ~ntrs@vs079.rosehosting.com 1202942841 J * fatgoose ~samuel@76-10-149-199.dsl.teksavvy.com 1202942841 J * Hollow ~hollow@proteus.croup.de 1202942841 J * besonen_mobile_ ~besonen_m@71-220-198-145.eugn.qwest.net 1202942841 J * brc bruce@megarapido.cliquerapido.com.br 1202942841 J * bored2sleep ~bored2sle@66-111-53-150.static.sagonet.net 1202942841 J * mountie ~mountie@trb229.travel-net.com 1202942841 J * quasisane ~sanep@c-76-118-191-64.hsd1.nh.comcast.net 1202942841 J * dna ~dna@119-198-dsl.kielnet.net 1202942841 J * awk ~awk@security.web.za 1202942841 J * hparker ~hparker@linux.homershut.net 1202942841 J * balbir ~balbir@122.167.198.85 1202942841 J * FireEgl Proteus@adsl-147-90-184.bhm.bellsouth.net 1202942841 J * jescheng ~jescheng@proxy-sjc-1.cisco.com 1202942841 J * micah ~micah@micah.riseup.net 1202942841 J * emag ~Itoc5OI6@gurski.org 1202942841 J * houkouonchi ~linux@65-116-251-178.dia.static.qwest.net 1202942841 J * tam ~assmastr@gw.nettam.com 1202942874 J * dothebart ~willi@xdsl-213-196-225-177.netcologne.de 1202942893 Q * emag Ping timeout: 480 seconds 1202942900 J * vasko ~vasko@unreal.rainside.sk 1202942900 J * ag- ~ag@fedaykin.roxor.cx 1202942900 J * yang ~yang@yang.netrep.oftc.net 1202942900 J * morfoh ~morfoh@kilo105.server4you.de 1202942900 J * eyck a6pSz6EV@nat06.nowanet.pl 1202942900 J * sladen paul@starsky.19inch.net 1202942900 J * TrueBrain truelight@openttd.org 1202942900 J * cohan ~cohan@koniczek.de 1202942900 J * Alteisen alteisen@shell.chaostreff-dortmund.de 1202942900 J * bXi bluepunk@irssi.co.uk 1202942900 J * AndrewLee ~andrew@flat.iis.sinica.edu.tw 1202942900 J * arachnist arachnist@088156188145.who.vectranet.pl 1202942900 J * the-me Patrick@Linux-Dev.org 1202942900 J * nox ~nox@nox.user.oftc.net 1202942900 J * stephan ~stephan@evilhackerdu.de 1202942900 J * baldy baldy@weltkugel.baldy.biz 1202942900 J * opuk ~kupo@c213-100-138-228.swipnet.se 1202942900 J * matti matti@acrux.romke.net 1202942900 J * esa ~esa@ip-87-238-2-45.static.adsl.cheapnet.it 1202942900 J * cehteh ~ct@pipapo.org 1202942900 J * sannes ace@har.sagt.no 1202942900 J * Radiance 8bacde80be@193.16.154.187 1202942900 J * snooze ~o@1-1-4-40a.gkp.gbg.bostream.se 1202942900 J * Loki|muh loki@satanix.de 1202942900 J * Guy- ~korn@elan.rulez.org 1202942900 J * ard ~ard@gw-tweakb16.kwaak.net 1202942900 J * DoberMann[ZZZzzz] ~james@cap31-6-88-180-72-76.fbx.proxad.net 1202942924 J * Supaplex supaplex@166-70-62-194.ip.xmission.com 1202942924 J * infowolfe ~infowolfe@home.dsl.hardcore-linux.net 1202942938 J * daniel_hozac ~daniel@ssh.hozac.com 1202942938 J * nou Chaton@causse.larzac.fr.eu.org 1202943066 Q * nwf Remote host closed the connection 1202943095 J * nwf ~nwf@76.161.226.43 1202943222 Q * derjohn_mobil Ping timeout: 480 seconds 1202943240 J * Pitbulll Pitbulll@79.119.156.248 1202943244 P * Pitbulll 1202943258 Q * dna Quit: Verlassend 1202943301 Q * tudenbart Ping timeout: 480 seconds 1202943877 J * derjohn_mobil ~aj@e180213217.adsl.alicedsl.de 1202944006 Q * Radiance Remote host closed the connection 1202944664 Q * larsivi Remote host closed the connection 1202944724 Q * hparker Quit: bbiab 1202946362 J * hparker ~hparker@linux.homershut.net