1205626172 Q * Infinito Quit: Leaving 1205626448 Q * maddoc Ping timeout: 480 seconds 1205626644 Q * julius_ Remote host closed the connection 1205626785 J * maddoc maddoc@social.ostruktur.com 1205627651 J * friendly12345 ~friendly@ppp121-44-204-128.lns3.mel4.internode.on.net 1205628316 Q * mrfree Ping timeout: 480 seconds 1205629378 Q * bzed Remote host closed the connection 1205629387 J * bzed ~bzed@devel.recluse.de 1205629544 J * Infinito ~argos@201-3-18-207.gnace701.dsl.brasiltelecom.net.br 1205629855 Q * rgl Quit: Saindo 1205631018 Q * Infinito Quit: Leaving 1205631453 J * virtuoso_ ~s0t0na@ppp91-122-24-13.pppoe.avangarddsl.ru 1205631864 Q * virtuoso Ping timeout: 480 seconds 1205632004 Q * docelic Quit: http://www.spinlocksolutions.com/ 1205632133 M * Bertl off to bed now ... have a good one everyone! cya! 1205632137 N * Bertl Bertl_oO 1205632162 J * virtuoso ~s0t0na@ppp91-122-25-97.pppoe.avangarddsl.ru 1205632573 Q * virtuoso_ Ping timeout: 480 seconds 1205632843 Q * mire Ping timeout: 480 seconds 1205632929 J * Infinito ~argos@201-3-18-207.gnace701.dsl.brasiltelecom.net.br 1205633109 J * virtuoso_ ~s0t0na@ppp91-122-26-81.pppoe.avangarddsl.ru 1205633518 Q * virtuoso Ping timeout: 480 seconds 1205633634 J * virtuoso ~s0t0na@ppp91-122-27-36.pppoe.avangarddsl.ru 1205634041 Q * virtuoso_ Ping timeout: 480 seconds 1205637020 J * virtuoso_ ~s0t0na@ppp91-122-26-72.pppoe.avangarddsl.ru 1205637366 J * virtuoso1 ~s0t0na@ppp91-122-27-17.pppoe.avangarddsl.ru 1205637428 Q * virtuoso Ping timeout: 480 seconds 1205637773 Q * virtuoso_ Ping timeout: 480 seconds 1205638199 J * virtuoso ~s0t0na@ppp89-110-2-38.pppoe.avangarddsl.ru 1205638608 Q * virtuoso1 Ping timeout: 480 seconds 1205639635 J * virtuoso_ ~s0t0na@ppp89-110-2-146.pppoe.avangarddsl.ru 1205639984 Q * virtuoso Ping timeout: 480 seconds 1205640649 J * virtuoso ~s0t0na@ppp91-122-27-87.pppoe.avangarddsl.ru 1205641068 Q * virtuoso_ Ping timeout: 480 seconds 1205641839 J * virtuoso_ ~s0t0na@ppp91-122-25-128.pppoe.avangarddsl.ru 1205642248 Q * virtuoso Ping timeout: 480 seconds 1205642730 J * virtuoso ~s0t0na@ppp91-122-26-138.pppoe.avangarddsl.ru 1205643158 Q * virtuoso_ Ping timeout: 480 seconds 1205643973 Q * Infinito Ping timeout: 480 seconds 1205644376 J * thrasher thrasher@CPE-124-188-70-91.nsw.bigpond.net.au 1205644853 Q * thrasher Quit: rawr 1205645791 J * nixe ~dev@64.214.184.106 1205645809 J * USA|00|XP|SP2|738804844 thrasher@CPE-124-188-70-91.nsw.bigpond.net.au 1205645833 N * USA|00|XP|SP2|738804844 thrasher 1205645877 M * nixe hey everyone, im running vserver 2.2.0.6 with grsec on my box and receive 1205645878 M * nixe vcontext: execvp("/sbin/init"): No such file or directory 1205645882 M * nixe when attempting to start a vserver 1205645900 M * nixe i have tried both the normal build options and --initstyle plain (that was initstyle plain) 1205645957 M * nixe it seems that it cant find those files, but they deffinately exist, on the host box and the vserver 1205646043 M * nixe archives show similar/same problems but i cant seem to find the answer :x 1205646809 M * nixe update: trolling back through archives, i have found that my gcc and libcc versions are 4.1.2 1205646866 M * nixe apparently, Nam and Bertl from archives http://irc.13thfloor.at/LOG/2006-06/LOG_2006-06-18.txt have had some success by reverting back to older Gcc versions, specifically 3.3.6 <-- Nam and 4.0.x (reported by Bertl) 1205646954 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1205647300 Q * danman Quit: leaving 1205650262 J * JonB ~NoSuchUse@77.75.164.169 1205651298 Q * Hunger Ping timeout: 480 seconds 1205651901 Q * JonB Quit: This computer has gone to sleep 1205652424 J * PhatJ ~PhatJ@24-231-253-65.dhcp.aldl.mi.charter.com 1205652517 M * PhatJ is there a recommended way to 'move' a vserver instance ? i need to migrate my existing vserver guests onto a new host 1205652556 J * dna ~dna@249.Red-88-27-12.staticIP.rima-tde.net 1205652566 Q * dna 1205652572 M * arachnist i'd just tar them up, along with /etc/vserver (or was it /etc/vservers?) 1205652734 M * PhatJ ok - then i would have to update IP addressing (if necessary) in /etc/vserver(s)/ 1205652781 M * PhatJ you think i could do this whilst they were running ? 1205652794 M * PhatJ (just not writing new data to the hd) 1205652804 M * arachnist dunno 1205652816 M * PhatJ ok 1205652820 M * arachnist i hadn't played with vservers for almoast 4 months now... 1205652822 M * PhatJ arachnist: thanks 1205652825 M * arachnist n/p 1205655211 J * mire ~mire@183-175-222-85.adsl.verat.net 1205657056 J * JonB ~NoSuchUse@77.75.164.169 1205657340 J * ftx__ ~ftx@dslb-084-060-239-079.pools.arcor-ip.net 1205657911 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1205665938 N * esa` eSa| 1205666141 N * mc Guest1531 1205666161 Q * Guest1531 Quit: leaving 1205666179 J * mc ~many@mc.netop.oftc.net 1205666712 Q * mc Quit: leaving 1205666775 J * mc ~many@mc.netop.oftc.net 1205666919 J * mrfree ~mrfree@host155-183-dynamic.12-79-r.retail.telecomitalia.it 1205667046 J * Hunger Hunger.hu@Hunger.hu 1205667812 Q * friendly12345 Quit: Leaving. 1205668107 J * dj2008 dj@77.35.183.253 1205668113 M * dj2008 www.stroganov-shop.ru 1205668238 Q * JonB Quit: This computer has gone to sleep 1205668505 N * Bertl_oO Bertl 1205668528 F * ChanServ +o Bertl 1205668561 K dj2008 Bertl no spam or advertizements 1205668655 M * Bertl morning folks! 1205668770 F * Bertl -o Bertl 1205668893 Q * Aiken Quit: Leaving 1205670601 J * danman danman@eliza.wigner.bme.hu 1205670602 M * danman hi 1205670659 M * danman Hollow: I emerged your new qmailadmin build, and installed it via webapp. After this I wasn't able to login via qmailadmin. If I downgrade, everything works well. Just thought I'd let you know, and perhaps you can give me some pointers. 1205670822 M * danman probably I'm missing something, but it's real weird :-) 1205670833 M * danman never had logon problems with qmailadmin 1205671409 Q * nixe Remote host closed the connection 1205671474 Q * thrasher Quit: rawr 1205672132 J * ViRUS ~mp@p57A6E00B.dip.t-dialin.net 1205672628 J * docelic ~docelic@78.134.200.134 1205674065 J * doener ~doener@i577ADAA0.versanet.de 1205674483 Q * doener_ Ping timeout: 480 seconds 1205674663 M * daniel_hozac PhatJ: typically you'd do an rsync while it's running, stop it, rsync again, and then start it on the destination. 1205674705 J * DRAKON_ ~sanek@195.5.125.29 1205674710 M * daniel_hozac Bertl: what category should i put the tun/tap nid ownership function in? NETALT? 1205674859 M * DRAKON_ всем привет! 1205674863 M * DRAKON_ я с Украины 1205674869 M * DRAKON_ здесь есть такие ??? 1205674940 P * DRAKON_ 1205676686 J * cissusnar ~cissusnar@125.32.15.106 1205676844 N * DoberMann[PullA] DoberMann 1205677015 M * Bertl daniel_hozac: yep, sounds good to me 1205677657 J * per ~chatzilla@c-b790e155.722-1-64736c10.cust.bredbandsbolaget.se 1205677683 Q * cissusnar Remote host closed the connection 1205678673 M * per [util-vserver 0.30.214] I (or rather one of my clients) wants to run a fedora 8 vserver on my gentoo host. I've got several gentoo vservers running, but I don't know how to install a fedora vserver. I found some stuff in /usr/lib/util-vserver/distributions, but I'm missing an f8 directory. Can I create it myself by copying the f7 directory and replacing 7 with 8 at the appropriate places? 1205678724 M * Bertl very likely, but it's probably easier to get the latest snapshot for the upcoming 0.30.215 and copy it from there 1205678809 M * per yeah, that sounds better 1205678880 M * Bertl ftp://ftp.linux-vserver.org/pub/people/dhozac/t/uv-testing/util-vserver-0.30.215-pre2697.tar.bz2 1205678976 M * per thanks 1205678985 M * Bertl you're welcome! 1205679002 M * per what's the release ETA of this btw? 1205679046 M * Bertl we need to do some more testing, but should be quite soon, if I got daniel_hozac right 1205679061 M * per ok 1205679364 M * per In the f7 I have there are two symlinks (initpost and initpre) that point to the redhat distribution. They're not present in the archive I just downloaded. I'm guessing I should create them in the f8 I just copied over from 0.30.215? 1205679376 M * Hollow per: you can use the snapshot ebuild from my overlay 1205679383 M * Hollow it uses svn directly 1205679422 M * Hollow http://overlays.gentoo.org/svn/proj/vps/sys-cluster/util-vserver/ 1205679468 M * per Ok, not sure I want to run an svn version though. 1205679482 M * Hollow the pre2697 is a snapshot too 1205679501 M * Hollow revision 2697 to be exact ;) 1205679512 M * per yes, but I'm not installing that, just copying the f8 distribution scripts. 1205679523 M * Hollow you can just copy the 0.30.215_pre* ebuild and change ESVN_OPTIONS 1205679527 M * Hollow ah 1205679736 M * per ok, so now I've got the f8 distribution scripts and settings. What do I need to do on a standard gentoo host to build an f8 vserver? I'll gladly add this to the wiki as soon as I've got it running. 1205679923 M * Bertl something along this line: 1205679930 Q * dowdle Remote host closed the connection 1205679933 M * Bertl vserver etch32 build -m debootstrap --context 10104 --hostname etch32.debian.org --interface eth1:10.1.4.32/24 -- -d etch -m http://ftp.debian.org/debian -- --arch i386 1205679993 M * Bertl -m yum, and yum arguments 1205680007 M * Bertl (there should be an example on the wiki) 1205680150 M * per I thought there should be one as well but I could not find it. There is http://linux-vserver.org/Installing_a_Fedora_7_vserver_guest but it looks very empty to me. 1205680171 M * Bertl vserver guest build -m yum --context 42 --hostname=guest.example.org --interface eth0:192.168.0.1/24 -- -d f8 1205680181 M * Bertl that should do it 1205680231 M * per ok, I'm guessing I'll need yum installed for this to work? 1205680242 M * Bertl yes, definitely :) 1205680253 M * per :-) 1205680432 M * daniel_hozac there's only one issue holding up 0.30.215, and that's tunctl's nid setting operation which needs to finalized in the kernel first. 1205680710 M * per Nice dependencies for yum: Total: 20 packages (17 new, 3 in new slots), Size of downloads: 39,691 kB 1205680761 M * Bertl yeah, not as humble and smooth as with debootstrap :) 1205680780 M * Bertl -with 1205680803 M * daniel_hozac Bertl: http://people.linux-vserver.org/~dhozac/p/k/delta-tun-feat03.diff 1205680814 M * daniel_hozac (not tested yet, but shows the general idea) 1205681031 M * Bertl yep, looks good, still missing address checks 1205681041 M * Bertl +though 1205681059 M * daniel_hozac so you think guests should be allowed to set addresses? 1205681083 M * Bertl yes, I think that would improve the tunneling case drasticall 1205681088 M * daniel_hozac i think that's problematic, since we don't have interface information encoded in our address structures. 1205681104 M * Bertl not for 'normal' interfaces 1205681121 M * Bertl but for 'assigned' interfaces, that would be a good option 1205681123 M * daniel_hozac so there'd be an address flag? 1205681150 M * Bertl yep, for example, and only allows for 'tagged' (nid) interfaces 1205681157 M * daniel_hozac right. 1205681157 M * Bertl *allowed 1205681183 M * Bertl but I'm fine with the current state (given some testing) if you need that for 0.30.215 1205681185 M * daniel_hozac that seems to be a different feature though. what this patch gives us is the ability for the utils to create tunnels when the guest starts. 1205681196 M * Bertl (i.e. we do not need to add that _now_ :) 1205681197 M * daniel_hozac (and assign them to the guest) 1205681208 M * daniel_hozac this includes setting the IP address. 1205681240 M * daniel_hozac (i.e. by the utils) 1205681249 M * Bertl got it 1205681331 Q * per Quit: ChatZilla 0.9.81 [Firefox 3.0b4/2008030317] 1205681434 J * per ~chatzilla@c-b790e155.722-1-64736c10.cust.bredbandsbolaget.se 1205681818 J * danman_ danman@eliza.wigner.bme.hu 1205681847 M * danman_ Hollow: qmailadmin only had permission problems. -rwsr-s--x and vpopmail:vpopmail did the trick :-) 1205681851 M * danman_ sorry for bothering 1205681921 M * per I'm thinking of building an admin web app for my vservers and the services running on them. I guess the easiest way is to run it on the host and give it full access and a safer way would be to run it in its own vserver and let it communicate with daemons running on the host and vservers and ask them to do the required tasks. 1205681960 M * Hollow danman_: yeah, i have to fix some minor issues still 1205682096 M * danman_ Hollow: everything else seems to be ok, btw thx for the work :-) 1205682277 M * Hollow danman_: if you use spp, be aware that my vchkuser script is not complete yet, it misses some corner cases of existing users (mostly mailing lists etc) 1205682435 Q * nou Remote host closed the connection 1205682549 M * danman_ Hollow: thx for the tip! forunately I don't use it :-) 1205683177 M * PhatJ daniel_hozac: thank you! 1205683195 M * PhatJ i will give it a try - and then perhaps i'll update the wiki with a procedure 1205684347 M * per Bertl: How much should I worry about this: http://pastebin.com/d39a5594b 1205684393 Q * per Remote host closed the connection 1205684460 J * per ~chatzilla@c-b790e155.722-1-64736c10.cust.bredbandsbolaget.se 1205684486 M * per Bertl: sorry, lost connection, did you answer? 1205684543 M * Bertl well, you should get (and apply) the proper patch 1205684560 M * Bertl daniel_hozac has the ugly details about possible issues 1205684583 M * per ok, I'm starting to regret this :-) 1205684633 M * per I'm not even getting paid a lot, should've forced my client to run gentoo. Then I would've been done in two minutes :-) 1205684645 M * Bertl or debian 1205684672 M * Bertl but on the bright side, once you got it working, you can provide all kinds of yum/rpm based distros too 1205684703 M * per yep, that's what I'm thinking now that I'm half way through. At least I hope I am. 1205684727 M * Bertl definitely, only minor issues ahead now :) 1205684819 M * per like patching yum... there should be a gentoo ebuild with the patches already. 1205684935 M * Bertl yeah, that would be a good idea indeed ... 1205684977 M * per like a vserver USE flag 1205685034 M * Bertl well, the patch doesn't hurt 'normal' operation, so it could be added unconditionally 1205685168 M * per there are ebuilds for yum 2.6.1 and 3.2.8 and patches for 2.6.0 and 3.2.4 ... 1205686344 M * per Bertl: I'll see what I can do. gotta go now. 1205686351 M * Bertl k, cya! 1205686352 N * per per|away 1205686434 M * PowerKe Would upgrading vserver-sources-2.2.0.5 to vserver-sources-2.2.0.6 help anything to avoid segfaulting when shutting down gentoo guests? 1205686481 M * Bertl IIRC, the segfault happens somewhere in userspace (and is/was already fixed), so probably no 1205686543 M * Hollow PowerKe: didn't 0.30.214 fix it? 1205686547 M * PowerKe Yes, I fixed one when upgrading from .213 to .214, but I now have segfaults on a host that already is running .214 1205686556 M * Hollow hm 1205686569 M * PowerKe Well, it fixed the problem on the first host, but I discovered a similar problem on another 1205686570 M * Hollow can you paste it? 1205686574 M * Bertl PowerKe: do you have kernel traces in 'dmesg'? 1205686587 J * balbir ~balbir@122.167.216.1 1205686717 M * PowerKe http://paste.linux-vserver.org/11846 1205686754 M * PowerKe I added an echo in the stop script to print out the shutdown command, not that it has helped me anything, but that's why it's there. 1205686755 Q * danman_ Quit: leaving 1205686762 Q * danman Quit: leaving 1205686775 M * Hollow PowerKe: does not seem like 0.30.214 1205686789 M * Hollow otherwise it should have PATH=${PC_PATH} in the line you echoed 1205686802 M * Hollow *RC_PATH 1205686866 M * PowerKe odd... portage shows .214 is installed. I could re-emerge offcourse 1205687093 M * PowerKe emerging again does fix the problem 1205687256 M * PowerKe I only changed vserver.stop and diff only shows the echo line, so I didn't break that 1205687260 J * ViRUS_ ~mp@p57A6E249.dip.t-dialin.net 1205687650 M * Hollow PowerKe: do you have PATH=$RC_PATH now in INITCMD_STOP? 1205687654 J * virtuoso_ ~s0t0na@ppp91-122-138-102.pppoe.avangarddsl.ru 1205687693 Q * ViRUS Ping timeout: 480 seconds 1205687710 M * PowerKe Seems so, now I get: /usr/bin/nice -n 0 /usr/sbin/chbind --silent --secure --nid 850 --ip 172.16.8.50/24 /usr/sbin/vtag --migrate --tag 850 --silent -- /usr/sbin/vcontext --silent --migrate --chroot --xid 850 -- env -i PATH=/usr/sbin:/usr/bin:/sbin:/bin TERM=screen RUNLEVEL=0 /sbin/rc shutdown 1205687766 M * PowerKe Strange thing is that my emerge log only shows .214 (Nov 18) and the only file changed since then was vserver.stop where I added the echo 1205688079 Q * virtuoso Ping timeout: 480 seconds 1205688405 M * PowerKe I'm wondering, is it possible to change an ebuild after it's been published? 1205688428 M * PowerKe My emerge dates from before the timestamp on util-vserver-0.30.214-baselayout2_path.patch in the files subfolder in portage 1205688620 M * PowerKe hmm, looking through the Changelog for .214, I think I just emerged it while it was broken :( 1205688694 M * Hollow probably, yeah .. 1205688770 M * PowerKe Just my luck :) 1205689787 J * JonB ~NoSuchUse@0x535b270c.kjnxx10.adsl-dhcp.tele.dk 1205690048 Q * xdr Remote host closed the connection 1205690443 Q * balbir Ping timeout: 480 seconds 1205690666 J * xdr ~xdr@3-173-96-87.cust.blixtvik.se 1205692307 Q * xdr Quit: leaving 1205692324 J * xdr ~xdr@3-173-96-87.cust.blixtvik.se 1205692325 Q * JonB Quit: This computer has gone to sleep 1205693899 Q * bzed Ping timeout: 480 seconds 1205693907 J * bzed ~bzed@devel.recluse.de 1205693909 J * JonB ~NoSuchUse@0x535b270c.kjnxx10.adsl-dhcp.tele.dk 1205693956 J * bzed_ ~bzed@devel.recluse.de 1205694110 Q * bzed 1205694111 Q * bzed_ 1205694119 J * bzed ~bzed@devel.recluse.de 1205694216 Q * nenolod Quit: i'm always up for some rough cybersex on sundays 1205694692 J * dna ~dna@249.Red-88-27-12.staticIP.rima-tde.net 1205695042 J * nenolod ~nenolod@ip70-189-74-69.ok.ok.cox.net 1205696253 Q * the-me Ping timeout: 480 seconds 1205696394 J * Slydder ~chuck@dslb-088-075-082-152.pools.arcor-ip.net 1205696449 Q * Slydder 1205697936 Q * xdr Ping timeout: 480 seconds 1205698604 Q * JonB Quit: This computer has gone to sleep 1205699623 J * JonB ~NoSuchUse@0x535b270c.kjnxx10.adsl-dhcp.tele.dk 1205699688 Q * JonB 1205700133 J * JonB ~NoSuchUse@0x535b270c.kjnxx10.adsl-dhcp.tele.dk 1205701451 J * Aiken ~james@ppp121-45-199-100.lns1.bne1.internode.on.net 1205702023 Q * JonB Quit: This computer has gone to sleep 1205702304 J * virtuoso ~s0t0na@ppp91-122-139-84.pppoe.avangarddsl.ru 1205702558 Q * virtuoso_ Ping timeout: 480 seconds 1205702565 M * daniel_hozac Bertl: hmm, the downside of having it as a vserver syscall is that it'll need register/unregister hooks, as tun can be a module. we'll also need rtnl locking and such. you still prefer this over an ioctl? 1205702765 M * Bertl hmm ... 1205703031 M * Bertl well, we could restrict the ioctl to host admin, that would have the same benefit/control than the syscall command 1205703117 M * daniel_hozac yeah. 1205703207 M * Bertl so, it's probably the easier way to go for the ioctl, which I think is fine (any arguments against the ioctl?) 1205703271 M * daniel_hozac the only i can think of is if the mainline kernel gets an ioctl with the same id, but that seems unlikely. 1205703335 M * Bertl we already have that 'potential problem' with the dlimit and legacy flags 1205703368 M * daniel_hozac right, and with the barrier. (which happened in 2.6.23, right?) 1205703463 J * nou Chaton@causse.larzac.fr.eu.org 1205703585 M * daniel_hozac http://people.linux-vserver.org/~dhozac/p/k/delta-tun-feat04.diff 1205704052 M * Bertl k, looks good, tested? 1205704148 M * bXi okay 1205704150 M * bXi crazy new idea 1205704162 M * bXi gonna build me a diskless cluster here 1205704169 M * bXi or well semi-diskless 1205704293 Q * ViRUS_ Quit: Leaving 1205704519 Q * bonbons Quit: Leaving 1205707069 N * DoberMann DoberMann[ZZZzzz] 1205707497 Q * dna Quit: Verlassend 1205707889 Q * docelic Remote host closed the connection 1205707927 J * docelic ~docelic@78.134.200.134 1205708237 M * daniel_hozac Bertl: everything but the capable, yeah. 1205708701 M * Bertl daniel_hozac: okay, we add it to devel and give it some time? 1205708722 M * Bertl (guess derjohn and friends will test it :) 1205708758 M * daniel_hozac that was my plan. 1205708891 A * cehteh hacked up firewalling inside guests i a *cheap* way :P 1205708943 M * bXi i'll update my servers soon too 1205708955 M * bXi so far so good 1205708960 M * bXi only had 2 kernel panics 1205708971 M * bXi Linux venice 2.6.22.6-vs2.3.0.24 1205709118 M * daniel_hozac that's only half a year old by now... :) 1205709127 J * nixe ~dev@208.53.131.190 1205709190 M * nixe Hey everyone, when i try and put gradm into learning mode and jump into a vserver, I'm getting a segmentation fault :/ also, the vserver starts but the only thing that seems to work and bind is sendmail, and ive now disabled that because i dont need it :/ Trying to get SSH to work it just wont bind when i do netstat -nap and look for it 1205709217 M * daniel_hozac http://linux-vserver.org/Frequently_Asked_Questions#When_I_try_to_ssh_to_the_guest.2C_I_log_into_the_host.2C_even_if_I_installed_sshd_on_the_guest._What.27s_wrong_here.3F 1205709219 M * nixe I can do nc -l -p 9090 and listen and connect to that from the host machine but SSH is foobared 1205709231 M * nixe cool ill check it out 1205709236 M * nixe thanks :) 1205709255 M * daniel_hozac as for gradm, you'd need to talk to someone who does grsec, e.g. harry or zbyniu. 1205709269 M * whisk zbyniu <3 1205709386 M * nixe daniel_hozac: ive already specified the sshd ListenAddress to a 192. local address, it didnt bind :/ also tried setting it to the hosts internet routable IP, it also didnt bind. even when i restart sshd it says '[ OK ]' but still isn't running in ps or netstat 1205709398 M * daniel_hozac on the _host_? 1205709430 M * daniel_hozac guests are already restricted to their own IP addresses. it's only the host you have to restrict manually. 1205709477 M * nixe no SSHD is working fine on the host 1205709483 M * nixe im working with really crazy stuff here 1205709502 M * nixe an FC6 x86_64 box with 2.6.22.19-grsec2.1.11-vs2.2.0.6 1205709507 M * daniel_hozac you still need to make sure that the host's sshd only binds to the host's IP addresses, or guests just won't be able to bind to that port. 1205709510 M * nixe i cant even get the damn thing updated 1205709536 M * nixe hrm ok, ill specify it on the host 1205709595 M * nixe omfg 1205709599 M * nixe eureka 1205709610 M * nixe pure genious 1205709648 M * nixe thankyou my friend, ive had a really really rough time with this dedi 1205709659 M * nixe ive re-imaged this box like 56 times over fri-sat-sun 1205709867 M * nixe hrm daniel_hozac 1205709873 M * zbyniu nixe: grsec and vs are (almost) independent 1205709908 M * zbyniu so gradm doesn't know what ie xid is 1205709939 M * nixe zbyniu: hrm i dont follow :/ whats xid? daniel_hozac: Connection to 192.168.1.5 closed. 1205709955 M * nixe i receive that after what looks like a sucesfull login to 192.168.1.5's SSH, which is the vserver 1205709966 M * daniel_hozac and the logs say what? 1205709967 M * Bertl nixe: xid is short for 'context identification' 1205709970 M * zbyniu guest processes are only chrooted for grsec 1205710043 M * zbyniu so from gradm point of view you need prefix subjects and objects in policy by /vservers/ 1205710060 M * nixe ahh 1205710071 M * nixe i havnt tweaked with the policy yet, its still vanilla i guess 1205710081 M * nixe i just managed to get vservers to actually start last night by trolling through your IRC logs for this server 1205710094 M * nixe after recompiling with gcc version 3.3.6 i had some success 1205710162 M * nixe i hope it is not shortlived lol, the SSH daemon is listening on the vserver box, but when i attempt to log into it, it immediatley shuts off the connection, could this have something to do with my grsec policy? should i start attempting to fix this policy before continuing or.. ? 1205710193 F * ChanServ +o Bertl 1205710207 T * Bertl http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.33, grsec 2.2.0.6|util-vserver-0.30.214|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute. 1205710212 M * Bertl *2.3.0.33 1205710214 F * Bertl -o Bertl 1205710215 M * daniel_hozac my guess would be loginuid, but without log messages... 1205710281 M * daniel_hozac Bertl: hmm, no http://people.linux-vserver.org/~dhozac/p/k/delta-dmap-fix01.diff? 1205710282 M * nixe lol 1205710285 M * nixe daniel_hozac: 1205710288 M * nixe Mar 13 19:24:34 vserver sshd[5908]: Accepted password for root from 192.168.1.5 port 37262 ssh2 1205710291 M * nixe Mar 13 19:24:34 vserver sshd[5908]: pam_unix(sshd:session): session opened for user root by (uid=0) 1205710295 M * nixe Mar 13 19:24:34 vserver sshd[5908]: pam_loginuid(sshd:session): set_loginuid failed opening loginuid 1205710298 M * nixe Mar 13 19:24:34 vserver sshd[5908]: pam_loginuid(sshd:session): set_loginuid failed 1205710301 M * Bertl daniel_hozac: probably missed that one 1205710302 M * nixe Mar 13 19:24:34 vserver sshd[5908]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session 1205710305 M * nixe -- 1205710327 M * daniel_hozac Bertl: http://people.linux-vserver.org/~dhozac/p/k/delta-loop-fix02.diff too, i guess. 1205710355 M * daniel_hozac (though i'm now thinking that VS_WATCH_P should be VS_ADMIN_P) 1205710395 Q * ftx__ Remote host closed the connection 1205710479 M * zbyniu nixe: if you successfully exec gradm -E - you have policy :) but dafault from gradm 1205710609 M * zbyniu edit /etc/grsec/policy add copy section starting "subject /usr/sbin/sshd" with prefixed _all_ paths by /vservers/ 1205710830 M * nixe sweet :D 1205710834 M * nixe thankyou zbyniu 1205710864 M * zbyniu np :) 1205710864 M * nixe also, looking @ the FAQ - i can now log into my vserver via SSH to its IP Address (192.168.1.5) by appending that magic sed string xD* im not actually quite sure what it even replaced 1205710869 M * nixe but it worked 1205710976 M * nixe what would be the 'default gateway' for my vserver? 1205710987 M * daniel_hozac there's no such thing. 1205710991 M * nixe im having troubles getting to the internet ;/ 1205711003 M * nixe (from the vserver) 1205711009 M * daniel_hozac networking happens on the host. guests are just limited to a subset of the IP addresses. 1205711058 M * whisk nixe: edit resovl.conf 1205711095 M * nixe hrm, iptables is now switched off on the host box, the guest box spits out terrible errors when i try and turn its iptables off (but it says its turned off), i cant ping internet routable IP's or domains 1205711128 M * daniel_hozac and does your guest have an internet routable IP? 1205711146 M * daniel_hozac i.e. if you assigned that address to the host, would it work? 1205711168 M * nixe ohh xD maybe i need to make a NAT rule to say anything from 192.168.1.5 outbound gets natted behind Host IP (or another virtual IP i designate) ? 1205711181 M * nixe and visa-versa ? 1205711186 M * zbyniu nixe: yes, you need 1205711777 M * nixe hrm 1205711777 M * nixe ping: sendmsg: Operation not permitted 1205711783 M * nixe is that a gradm policy problem ? 1205711855 M * zbyniu nixe: look in you kernel logs 1205711920 M * nixe hrm, cant see anything in the logs on the vserver box 1205711924 J * xdr ~xdr@136-173-96-87.cust.blixtvik.se