1206403357 J * nou Chaton@causse.larzac.fr.eu.org 1206404133 Q * dna Quit: Verlassend 1206404138 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206406833 Q * mick_work Ping timeout: 480 seconds 1206407482 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206409706 Q * mick_work Ping timeout: 480 seconds 1206411359 T * * http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.34, grsec 2.2.0.7|util-vserver-0.30.215|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute. 1206411359 T * harry - 1206412927 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206413290 M * Bertl okay, off to bed now .. have a good one everyone! 1206413296 N * Bertl Bertl_zZ 1206414866 Q * mick_work Ping timeout: 480 seconds 1206419648 Q * balbir Ping timeout: 480 seconds 1206420503 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206421006 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1206424043 Q * mick_work Ping timeout: 480 seconds 1206425183 J * balbir ~balbir@59.145.136.1 1206425876 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206426049 Q * bzed Remote host closed the connection 1206426114 J * bzed ~bzed@devel.recluse.de 1206426666 Q * balbir Ping timeout: 480 seconds 1206427336 J * balbir ~balbir@59.145.136.1 1206427343 Q * mick_work Ping timeout: 480 seconds 1206427411 J * sharkjaw ~gab@64.28.12.166 1206429300 J * Slydder ~chuck@194.59.17.53 1206429349 Q * Slydder 1206429607 J * Slydder ~chuck@194.59.17.53 1206429611 Q * Slydder 1206430009 J * dna ~dna@8-218-dsl.kielnet.net 1206430291 J * Slydder ~chuck@194.59.17.53 1206430469 Q * Slydder 1206430713 Q * balbir Ping timeout: 480 seconds 1206431386 J * balbir ~balbir@59.145.136.1 1206431746 J * cryptronic ~oli@p54A3B573.dip0.t-ipconnect.de 1206431918 J * JonB ~NoSuchUse@77.75.164.169 1206432684 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206433066 Q * balbir Ping timeout: 480 seconds 1206434680 J * yarihm ~yarihm@mtec-hg-docking-1-dhcp-133.ethz.ch 1206434700 J * balbir ~balbir@59.145.136.1 1206436322 M * pmjdebruijn morning 1206436349 M * pmjdebruijn are there split out patches for vserver (2.2.0.7)? 1206436421 M * pmjdebruijn ie without the filesystem tagging 1206436509 M * pmjdebruijn I might be having an issue with xfs+vserver, so I'd like to test it without the fs tagging 1206436519 M * pmjdebruijn it might be unrelated after all... 1206436607 J * friendly12345 ~friendly@ppp121-44-224-29.lns2.mel4.internode.on.net 1206436706 J * Slydder ~chuck@194.59.17.53 1206436867 J * gebura ~gebura@77.192.186.197 1206436992 J * zbyniu_ ~zbyniu@host13-188.crowley.pl 1206436997 Q * zbyniu_ 1206437539 M * gebura hi 1206437644 J * tobifix ~tobifix@IVV7KNALLER.UNI-MUENSTER.DE 1206437787 Q * daniel_hozac Ping timeout: 480 seconds 1206438012 M * pmjdebruijn lo 1206438139 M * glen_ and why would the pkgs/ dir need different installsets, why not have all pkgs listed in 00 file? 1206438286 J * daniel_hozac ~daniel@ssh.hozac.com 1206438506 Q * mick_work Ping timeout: 480 seconds 1206438606 Q * dna Ping timeout: 480 seconds 1206438785 Q * cryptronic Quit: Leaving. 1206440126 Q * yarihm Quit: Leaving 1206440804 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206441536 Q * daniel_hozac Remote host closed the connection 1206441803 Q * mick_work Ping timeout: 480 seconds 1206441952 N * DoberMann[ZZZzzz] DoberMann 1206442296 T * * http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.34, grsec 2.2.0.7|util-vserver-0.30.215|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute. 1206442296 T * harry - 1206442526 J * daniel_hozac ~daniel@ssh.hozac.com 1206442745 J * jsambrook ~jsambrook@aelfric.plus.com 1206443270 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206443367 Q * JonB Ping timeout: 480 seconds 1206443570 J * jms ~setzer@212.60.207.98 1206443583 M * jms hello 1206443640 M * jms may someone can help me, I setup vserver on debian etch, but I'm to stupid to setup a rss.soft limit. 1206443718 M * jms vlimit -c 120 --rss 2000;vlimit -c 120 -S --rss 1000;vlimit -c 120 -a -d 1206443718 M * jms RSS N/A 0 2000 1206443718 M * jms NPROC N/A N/A inf 1206443718 M * jms ... 1206443769 M * jms why is the soft limit not set? I also try it by createing /etc/vservers/mail/rlimits/rss.soft und rss.hard - same result, softlimit is always 0 1206443789 M * jms someone an idea? 1206443969 N * jms jms__ 1206444573 Q * ruskie Ping timeout: 480 seconds 1206445364 J * ftx ~ftx@space-ext.gatworks.de 1206445376 J * virtuoso_ ~s0t0na@ppp91-122-139-202.pppoe.avangarddsl.ru 1206445783 Q * virtuoso Ping timeout: 480 seconds 1206446518 T * * http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.34, grsec 2.2.0.7|util-vserver-0.30.215|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute. 1206446518 T * harry - 1206446621 J * dna ~dna@8-218-dsl.kielnet.net 1206447119 M * jms__ someone here who can explain the behavior of my system? 1206447155 M * jms__ Setting rss.soft doesn't have any effect: 1206447155 M * jms__ vlimit -c 120 --rss 2000;vlimit -c 120 -S --rss 1000;vlimit -c 120 -a -d 1206447155 M * jms__ RSS N/A 0 2000 1206447155 M * jms__ .. 1206447230 N * Bertl_zZ Bertl 1206447259 M * Bertl morning folks! 1206447270 M * Bertl jms__: what kernel and what util-vserver do you use? 1206447338 M * jms__ linux-image-2.6.18-6-vserver-amd64 2.6.18.dfsg.1-18etch1 1206447338 M * jms__ util-vserver 0.30.212-1 1206447351 M * jms__ debian/etch default 1206447367 M * Bertl jms__: and what does /proc/virtual//limit show (please use paste.linux-vserver.org for everything longer than 3 lines) 1206447436 M * jms__ RSS: 1448 1972 2000 0 1206447454 M * jms__ there is no line with a soft / hard value pair 1206447471 M * Bertl because the kernel is probably a 2.0 kernel and has no support for it 1206447494 M * Bertl so upgrading to recent kernel/util-vserver from backports will fix that 1206447511 M * jms__ where do I get the Information which (vserver-) kernel-version is running? 1206447526 M * Bertl from the debian package changelog? 1206447549 M * Bertl all 'mainline' Linux-VServer kernels have it in the name 1206447567 M * Bertl e.g. 2.6.22.6-vs2.2.0.7 1206447619 M * Bertl the API version can be gathered from /proc/virtual/info, but that doesn't tell you the kernel version 1206447622 M * ard if all else fails, just "decode" /proc/virtual/info or something likwe that 1206447637 Q * arachnist Remote host closed the connection 1206447671 M * ard hmmmm 1206447679 M * ard indeed, not a version number 1206447712 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206447739 M * jms__ /proc/virtual/info - > VCIKernel: 03000076 1206447765 M * Bertl close, but no banana, the VCIVersion is the best indicator 1206447789 M * Bertl VCIVersion: 0002:0302 -> 2.3.2 'version' API 1206447905 N * ensc Guest2518 1206447905 Q * Guest2518 Remote host closed the connection 1206447908 Q * alex__ Remote host closed the connection 1206447915 J * ensc ~irc-ensc@77.235.182.26 1206448040 M * jms__ vserver-info says VS-API: 0x00020002, so I suppose I have a 2.00.02 Version (?) 1206448063 M * Bertl yes, something like that, previous stable kernel 2.2.x is current stable 1206448119 J * ruskie ruskie@ruskie.user.oftc.net 1206448243 M * pmjdebruijn are there any split patch sets for vs2.2.0.7? 1206448272 M * jms__ upgrading to linux-image-2.6.22-4-vserver-amd64 2.6.22-6~bpo40+2 (from backports) 1206448287 J * arachnist arachnist@plzdie.kthxbai.pl 1206448377 M * Bertl pmjdebruijn: nah, 2.2.0.5 was the latest split, but the changes should be minimal 1206448389 M * Bertl http://vserver.13thfloor.at/Experimental/split-2.6.22.10-vs2.2.0.5.tar.bz2 1206448507 J * speedy ~speedy@194.126.63.57 1206448521 M * tobifix i have read about how to set cpu limits here: http://linux-vserver.org/CPU_Scheduler 1206448539 M * tobifix "So, if you have four CPUs and you want one context to get an average of one whole CPU to itself, then you would set fill-rate to 1 and interval to 4. " 1206448577 M * tobifix how do i set these values? i found something according to this in /proc/virtual//sched 1206448594 M * tobifix but i don't know how to change these values :( 1206448612 M * tobifix does anybody have a hint for me? 1206448613 M * speedy after upgrading my server when i try to start a vps i got error: can not change context: migrate kernel feature missing and 'compat' API disabled: Function not implemented 1206448619 M * speedy /proc/uptime can not be accessed. 1206448674 M * pmjdebruijn Bertl: say I would want to use 2.2.0.7 without the fs xid stuff, can I just take out the ./linux/fs/* parts in the patch, or will that break stuff? 1206448710 M * jms__ tobifix: For setting use /etc/vservers//sched-Directory there have to be files like fill-rate, fill-rate2, intervall, intervall2 (have a look at http://www.nongnu.org/util-vserver/doc/conf/configuration.html) 1206448731 Q * balbir Ping timeout: 480 seconds 1206448815 J * cryptronic ~oli@p54A3B573.dip0.t-ipconnect.de 1206448823 M * tobifix jms__, thanks alot ;) 1206448888 Q * Aiken Remote host closed the connection 1206448891 M * Bertl pmjdebruijn: well, in most cases that will be fine, but some changes affect more than a specific feature, those are sorted into the 'canonical' group (so those would need some work) 1206448908 M * Bertl tobifix: you can also set them at runtime with vsched 1206448943 M * speedy whenever i use showattr i get vc_get_iattr(): Function not implemented 1206448952 M * Bertl speedy: did you run vprocunhide? (should be part of the initial startup/upgrade scripts) 1206448989 M * Bertl speedy: are you sure you are running a Linux-VServer enabled kernel? are you using old/ancient tools on a new kernel? 1206449001 M * Bertl speedy: best start is testme.sh :) 1206449005 M * speedy i dont have vprocunhide 1206449025 M * speedy i was running fine for 1 year, i just upgraded my packages 1206449045 M * Bertl from what, to what? :) 1206449051 M * ard new tools on an ancient kernel :-) 1206449056 M * speedy linux-image-2.6.18-5-vserver-amd64 util-vserver 0.30.214-5~bpo40+2 1206449058 A * ard had problems with that 1206449088 M * Bertl speedy: http://vserver.13thfloor.at/Stuff/SCRIPT/testme.sh 1206449101 M * Bertl (upload the output to paste.linux-vserver.org) 1206449106 M * speedy am using debian etch backports for util-vserver as the version that ships with debian is broken 1206449128 M * Bertl please tell that them debian folks :) 1206449144 M * ard the backports version is probably not old-api compatible 1206449166 A * ard has a vserver with a new vserver, but with old-api compat... 1206449171 M * ard same situation :-( 1206449198 M * speedy http://paste.linux-vserver.org/11875 1206449237 M * speedy oops! 1206449241 M * speedy ovz kernel! 1206449255 M * speedy i'm sorry 1206449264 M * Bertl yep, doesn't work too well with util-vserver :) 1206449270 M * speedy lol 1206449290 M * speedy it was vserver kernel i dont know how an upgrade switched to ovz kernel! 1206449315 M * speedy i had it before but wasnt the last kernel installed 1206449342 M * ard But I think it still would not work... 1206449351 M * ard "chcontext: tools were built without legacy API support; can not continue" 1206449364 M * ard Hmmm 1206449373 M * Bertl speedy: I'd suggest installing 2.6.22 from backports 1206449385 M * ard it will work, just as long as the kernel is not build with expliciet legacy api support... 1206449475 M * jms__ Bertl: I update an now I have VS-API: 0x00020200, seems to me like 2.02.00, right? 1206449477 M * speedy Bertl thank you very much 1206449486 M * Bertl ard: which shouldn't be the case for backport kernels 1206449514 M * Bertl jms__: it is the 2.2.0 API, could be 2.2.0.x to 2.2.1 pre (in theory) 1206449545 M * jms__ ok, now I have a hard/soft value in vlimit output. 1206449565 M * Bertl excellent 1206449593 Q * arachnist Remote host closed the connection 1206449601 M * jms__ thanx 1206449631 M * Bertl np 1206449636 M * speedy after an upgrade debian recreates /boot/grub/menu.lst sorted by name thats why it loaded ovz kernel 1206449919 M * jms__ I changed the vdirbase to /etc/vservers/.defaults/vdirbase -> /vserv, in /usr/share/doc/util-vserver/README.Debian is something written to change Variable DEFAULT_VSERVERDIR in /etc/vservers/util-vserver-vars to the new directory, which I already done but vserver-info is statefull the openion my vserver-Rootdir is /var/lib/vservers, some other things to change? 1206449954 M * jms__ (reboot was already done) 1206449987 M * Bertl jms__: if you really want to change it permanently (for whatever reason) the best way is to recompile the tools, but note that this is usually not necessary, as you can give the rootdir path on guest creation 1206450004 M * Bertl (the canonical path is /vservers) 1206450031 M * jms__ the vserver-info output is not really needed or doesn't matter? 1206450052 M * Bertl it shows what is used if nothing else is given 1206450120 M * jms__ ok, the vserver create build the vservers alreay in /vserv, so the vbasedir links is in use. When I don't run into problems with these vserver-Rootdir in vserver-info, it doesn't matter me 1206450186 A * jms__ lunchtime... 1206450191 Q * speedy Quit: BitchX: born to raise hell 1206450204 M * Bertl enjoy your lunch :) 1206451172 J * hparker ~hparker@linux.homershut.net 1206451346 Q * mick_work Ping timeout: 480 seconds 1206451877 J * arachnist arachnist@plzdie.kthxbai.pl 1206452005 Q * jsambrook Quit: Leaving. 1206452044 J * jsambrook ~jsambrook@aelfric.plus.com 1206452091 M * ctrix question about iptables... 1206452104 M * ctrix i usually use -m owner --uid-owner $value 1206452127 M * ctrix that woks beautifully but it seems that the uids in the vserver context do not match 1206452154 M * ctrix is there a method to do such kind of filtering for uids in a virtual context ? 1206452255 Q * ruskie Ping timeout: 480 seconds 1206452478 J * ruskie ruskie@ruskie.user.oftc.net 1206452485 J * mrfree ~mrfree@host136-183-dynamic.36-79-r.retail.telecomitalia.it 1206452866 M * Bertl ctrix: the uids inside a guest should match like normal, I guess 1206452881 M * Bertl ctrix: but there will be no difference between guest and host 1206452930 M * Bertl at some point, we added a specific context check, but I don't remember what happened to that (was too complicated as it required a patched iptables) 1206453011 M * daniel_hozac they're still at http://people.linux-vserver.org/~dhozac/p somewhere... :) 1206453132 J * JonB ~NoSuchUse@77.75.164.169 1206453145 A * ard wants a u32 match or whatever on metadata 1206453166 M * ard hmmm... that probably won't reveal the owner 1206453273 J * DavidS ~david@helios.uni-ak.ac.at 1206453416 M * cehteh do your vservers have distinct ip's then just use ip+uid to identify the people 1206453440 M * Bertl should work in 99% of all scenarios, yep 1206453509 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206453525 A * cehteh pimped up firehol a little bit, so that vserver admins can configure their own firewall :) 1206453578 M * cehteh reminds me that i wanted to post that on my wiki 1206453606 M * Bertl good idea, and maybe link it from linux-vserver.org then 1206453617 M * cehteh yeah moment 1206453654 M * DavidS hi Bertl! 1206453670 M * Bertl hey DavidS! LTNS! 1206453843 M * ctrix uhmm for sure the usual rules i use for iptables doesn't work 1206453857 M * ctrix so i guess i'll have to patch 1206453885 M * ctrix http://people.linux-vserver.org/~dhozac/p/k/delta-owner-xid-feat02.diff 1206453890 M * ctrix this one ? 1206453892 M * Bertl double check why they don't work first 1206453920 M * Bertl I'd assume the do not work because you are checking for the wrong interface or similar 1206453935 N * virtuoso_ virtuoso 1206453946 M * ctrix the interface is shared between the guest and the host 1206453948 J * dowdle ~dowdle@scott.coe.montana.edu 1206453963 M * Bertl ctrix: and you are sending packets from/to the host? 1206453965 M * ctrix if i don't use the owner match, the rules works ok 1206453987 M * ctrix Bertl, the rule is simple. i use vserver to isolate my apache 1206454015 M * ctrix so i'd like to add a rule to block outgoing packets to dport 80 on a user basis 1206454023 M * Bertl okay, and you match for what uid? 1206454027 M * ctrix yes 1206454042 M * Bertl but hopefully not based on a name, yes? 1206454060 M * Bertl because guest and host might have a different opinion on what uid means what 1206454063 M * ctrix well i block on www-data that on debian is plain uid 33 1206454072 M * ctrix that was the 1st thing i checked :-D 1206454076 J * yarihm ~yarihm@vpn-global-dhcp3-210.ethz.ch 1206454106 M * Bertl and inside the guest, you see a process running with that uid, yes? 1206454112 M * ctrix yes 1206454190 M * Bertl and it works fine on the host (if you add a similar rule)? 1206454210 M * ctrix yes. i'm double checking it again right now 1206454301 M * ctrix ok, i'll experiment some more 1206454652 Q * yarihm Quit: This computer has gone to sleep 1206454706 M * cehteh http://www.pipapo.org/pipawiki/FireholForVservers .. have fun with it, harry you where interested 1206454721 M * cehteh if there are possible bugs or problems, please tell me 1206454785 M * DavidS Bertl: yeah, LTNS, indeed. I'm in vienna for a few weeks again. would be nice to see you e.g. at debienna sometime? 1206454907 M * cehteh mhm the last regex looks rather confusing, have fun :) 1206455585 M * jms__ thx for the help! 1206455586 M * jms__ bye 1206455602 P * jms__ 1206455631 J * jms__ ~setzer@212.60.207.98 1206455641 P * jms__ 1206455739 M * Bertl DavidS: yeah, maybe I can arrange something ... 1206455785 M * DavidS I expect to be there on 3rd and 10th of April 1206455796 M * DavidS do you have my phone# ? 1206456206 Q * mick_work Ping timeout: 480 seconds 1206456270 M * Bertl I don't think I do ... 1206456465 Q * ruskie Ping timeout: 480 seconds 1206456476 Q * mrfree Quit: Leaving 1206456834 J * Julius ~julius@p57B25448.dip.t-dialin.net 1206457092 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206457295 J * pmenier ~pme@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr 1206458830 Q * tobifix Quit: Leaving 1206459279 Q * sharkjaw Quit: Leaving 1206459763 J * ruskie ruskie@ruskie.user.oftc.net 1206460045 Q * ruskie 1206460239 J * ruskie ruskie@ruskie.user.oftc.net 1206460448 J * julius_ ~julius@p57B27570.dip.t-dialin.net 1206460491 Q * Slydder Quit: Leaving. 1206460588 Q * mick_work Ping timeout: 480 seconds 1206460888 Q * Julius Ping timeout: 480 seconds 1206461031 J * virtuoso_ ~s0t0na@ppp78-37-178-150.pppoe.avangarddsl.ru 1206461443 Q * virtuoso Ping timeout: 480 seconds 1206461455 J * docelic ~docelic@78.134.200.134 1206461503 Q * Linus Ping timeout: 480 seconds 1206461896 M * Bertl nap attack ... bbl 1206461910 N * Bertl Bertl_zZ 1206462119 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206463957 Q * DavidS Quit: Leaving. 1206464566 J * mrfree ~mrfree@host136-183-dynamic.36-79-r.retail.telecomitalia.it 1206464726 Q * ftx Remote host closed the connection 1206464820 M * glen_ what's the difference of these dirs? 1206464820 M * glen_ /usr/lib64/util-vserver/distributions/f7/apt/ /etc/vservers/.distributions/f7/ 1206464828 M * glen_ /usr/lib64/util-vserver/distributions/f7/apt/ /etc/vservers/.distributions/f7/apt/ 1206464840 M * glen_ vserver build searches from both dirs 1206464855 M * JonB and they are not linked together? 1206464897 M * glen_ they are both dirs containing different files 1206464897 M * glen_ # l /usr/lib64/util-vserver/distributions/f7/apt/* /etc/vservers/.distributions/f7/apt/* 1206464899 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1206464901 M * glen_ -rw-r--r-- 1 root root 496 2008-03-25 18:32 /etc/vservers/.distributions/f7/apt/sources.list 1206464904 M * glen_ -rw-r--r-- 1 root root 82 2008-03-25 18:32 /usr/lib64/util-vserver/distributions/f7/apt/rpmpriorities 1206464907 M * glen_ i took f7 just for example 1206464971 M * JonB i would check subdirs below for links 1206464983 Q * JonB Quit: This computer has gone to sleep 1206465002 M * glen_ there are none, note i pasted ls *, which means it shows anything inside 1206465020 M * glen_ basically they are scanned by populatedirs: 1206465020 M * glen_ populateDirectory "$PKGCFGDIR/poldek/etc" \ "$__DISTRIBDIR/defaults/poldek" \ "$__DISTRIBDIR/$DISTRIBUTION/poldek" \ "$__CONFDIR/.distributions/$DISTRIBUTION/poldek" 1206465044 M * glen_ so my question is what to put to each dir, ie why prefer one location over another 1206465069 M * glen_ trying to make poldek patch more nicer 1206465100 M * daniel_hozac /etc is for site-configuration. libdir is for util-vserver stock files. 1206465120 M * daniel_hozac as to why apt is the way it is, you'd have to ask ensc. it's a legacy thing. 1206465131 M * glen_ ok. i'll put to DISTRIBDIR everything then 1206465173 M * glen_ and if i don't want to use --reinstall or other options, i should stick to single pkgs/ list? 1206465299 M * daniel_hozac i suppose so. 1206465390 M * glen_ nice. base install only 13 pkgs and no hacks :) 1206465430 M * glen_ http://pld.pastebin.com/m325c5bd5 1206465995 J * balbir ~balbir@122.167.201.78 1206466163 J * tobifix ~tobifix@muedsl-82-207-195-142.citykom.de 1206466172 M * tobifix re 1206466267 M * kwowt hm 1206466283 M * kwowt when i start the guest vserver, my host server starts to use that ip 1206466286 M * kwowt howcome? 1206466307 M * kwowt i got 'interfaces' set up 1206466334 M * daniel_hozac define "my host server starts to use that ip". 1206466341 M * kwowt i mean 1206466347 M * kwowt my root server 1206466356 M * kwowt which i'm running the vservers on 1206466365 M * bXi i think that he means his interface binds the ip of his guests 1206466373 M * kwowt probably :D 1206466398 M * tobifix isn't that a normal bahaviour? 1206466405 M * kwowt eh 1206466411 M * kwowt when i try to ssh to the guest server 1206466455 M * bXi then 1206466530 M * kwowt i cant, cuz it connects to the host machine 1206466575 M * daniel_hozac http://linux-vserver.org/Frequently_Asked_Questions#When_I_try_to_ssh_to_the_guest.2C_I_log_into_the_host.2C_even_if_I_installed_sshd_on_the_guest._What.27s_wrong_here.3F 1206466653 M * kwowt lol 1206466660 M * kwowt theres actually a faq answer to this 1206466671 M * kwowt and i was just browsing through the faq 1206466696 M * kwowt ehhh 1206466703 M * kwowt i'm so lame :P 1206466731 M * glen_ can the vserver build somehow understand what arch is about to be built? 1206466748 M * kwowt i changed it in the guest server, but i forgot to change it in the host 1206466756 M * glen_ in pld just different distro was made (pld-ac vs pld-ac-i686), but it's a hack 1206466782 M * daniel_hozac debootstrap uses --arch, yum uses linux32 1206466820 M * glen_ well, what's the option to use? 1206466827 M * glen_ # vserver test build --context -n test -m poldek -- -d pld-ac-i686 1206466845 M * daniel_hozac whatever you want... 1206466871 M * glen_ to put it other way, what's the cmdline to build 32bit vserver on 64bit host using yum? 1206466873 M * daniel_hozac linux32 makes rpm happy, at least. 1206466892 M * glen_ well i should handle source urls somehow differently. some subst came in mind 1206466919 M * daniel_hozac there's no $ARCH or similar set automatically? 1206466933 M * glen_ nope 1206466962 M * daniel_hozac you pld people really don't believe in automating things, huh? 1206467000 M * glen_ it should still know whether to call linux32 or not 1206467069 M * daniel_hozac with yum you just prepend linux32 to the vserver ... build command. 1206467086 M * bXi whats the latest kernel which has a devel patch? 1206467092 M * glen_ daniel_hozac, i see 1206467098 Q * _gh_ Ping timeout: 480 seconds 1206467104 M * glen_ daniel_hozac, and is there automation for these commands too then later? 1206467105 M * glen_ # echo linux_32bit >> /etc/vservers/test/personality 1206467105 M * glen_ # echo i686 >> /etc/vservers/test/uts/machine 1206467119 M * daniel_hozac you just need one of those. 1206467128 M * daniel_hozac and for machine you actually want > 1206467147 M * daniel_hozac bXi: 2.6.22.19 1206467150 M * glen_ tell me which one i want? 1206467161 M * bXi ah ok 1206467182 M * bXi so my script actually still works 1206467189 M * daniel_hozac of the two? depends on your goals mostly. linux_32bit sets the second one though. 1206467221 M * glen_ i'd go for the personality then 1206467245 M * glen_ using that uname -m shows i686? 1206467256 M * daniel_hozac yes. 1206467268 M * glen_ good 1206467281 M * glen_ but original question, does the build process automate that somehow? 1206467306 Q * mick_work Ping timeout: 480 seconds 1206467345 M * daniel_hozac no. 1206467371 M * glen_ but it's not bad idea to add initpost script such code? 1206467393 M * daniel_hozac makes more sense to have it in the build method... 1206467408 M * daniel_hozac (you know, since you'd actually have access to the arguments) 1206467509 M * glen_ method args are after double dash? 1206467512 M * glen_ -- -d pld-ac-i686 1206467542 M * glen_ ... i could add -m or -a for machine/arch .. 1206467546 M * glen_ is what you wanted to say? 1206467554 M * daniel_hozac yes. 1206467574 M * glen_ -m seems better over -a (mnemonic: uname -m)? 1206467629 M * daniel_hozac you could just make it generic. 1206467670 M * glen_ as cfgoption? 1206467681 M * glen_ aside to --cpuset and others? as --arch ? 1206467710 J * Piet ~piet@tor.noreply.org 1206467712 M * daniel_hozac or --machine. 1206467745 M * daniel_hozac (or --personality, if that's what you want to modify) 1206467778 J * JonB ~NoSuchUse@77.75.164.169 1206467891 Q * pmenier Quit: Konversation terminated! 1206467922 M * glen_ for me it's just 32bit guest, don't see the differences 1206468092 Q * dna Quit: Verlassend 1206468232 J * larsivi ~larsivi@144.84-48-50.nextgentel.com 1206468261 J * dna ~dna@8-218-dsl.kielnet.net 1206468299 J * Blissex ~Blissex@82-69-39-138.dsl.in-addr.zen.co.uk 1206468313 M * glen_ 20:05:02 root[pts/2]@wintersunset f7/yum# cat /etc/vservers/test2/personality 1206468313 M * glen_ linux_32bit 1206468314 M * glen_ cool 1206468319 M * glen_ 20:05:09 root[pts/2]@wintersunset f7/yum# vserver test2 build --context 111 -m poldek -n test2 --force --personality linux_32bit 1206468323 J * hijacker ~Lame@87-126-142-51.btc-net.bg 1206468365 M * glen_ adjusting source config depending on personality should be done in poldek.initFilesystem ? 1206468416 J * ftx ~ftx@dslb-084-060-238-062.pools.arcor-ip.net 1206468592 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206468626 M * glen_ daniel_hozac, you said uts/machine and personality both do as a result the same, give 32bit guest? as i'm thinking --machine would be easier to understand and type 1206468646 M * glen_ and woul;d allow to do --machine i486, --machine i686 ... 1206468695 M * daniel_hozac personality is needed when you build the guest though, as there's no context to modify the machine of. 1206468759 M * glen_ ok 1206468822 M * glen_ so looks like i'll add both... 1206468841 M * glen_ as figuring out personality from --machine would be not clean 1206469161 M * glen_ ok. source urls is now ok 1206469185 M * glen_ but there's another problem, glibc is named glibc64 on x86_64 and glibc on all other arches 1206469347 M * glen_ hah :D, i'll remove it from pkgset, it's not needed directly, and deps pull it 1206469601 M * glen_ how to output some status message for user, something "using machine foo" ? plain echo probably isn't nice? 1206470019 J * ftx_ ~ftx@dslb-084-062-251-254.pools.arcor-ip.net 1206470338 Q * ftx Ping timeout: 480 seconds 1206470542 Q * mick_work Ping timeout: 480 seconds 1206470543 N * Bertl_zZ Bertl 1206470543 M * daniel_hozac vserver ... build ought to be as silent as possible. 1206470551 M * Bertl back again ... 1206471045 M * glen_ daniel_hozac, those --machine and --personality patch you'd like to see separately from pld poldek patch to accept it? 1206471056 M * daniel_hozac yes. 1206471319 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206471548 M * glen_ http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/util-vserver-personalitymachine.patch 1206472201 J * mire ~mire@139-174-222-85.adsl.verat.net 1206472697 N * DoberMann DoberMann[PullA] 1206472951 Q * mick_work Ping timeout: 480 seconds 1206473213 J * Pazzo ~ugelt@reserved-225136.rol.raiffeisen.net 1206473222 M * Pazzo hi @ll! 1206473230 M * Bertl hey Pazzo! 1206473237 M * Pazzo hi Bertl!!! 1206473253 M * Pazzo is there anything wrong with granting CAP_LINUX_IMMUTABLE if I'm not making use of vunify & co? 1206473270 M * JonB why do you need it? 1206473279 M * Bertl should be fine with 2.x kernels 1206473286 M * Pazzo php & fcgi 1206473310 M * Pazzo trying to set up a secure and clean virtual hosting environment 1206473321 M * Pazzo Bertl: thanks! 1206473326 M * Bertl np 1206473433 Q * hijacker Quit: Leaving 1206473455 M * Pazzo JonB: it's impossible to get a REAL secure mod_php, suphp is too slow - fcgi is the only remaining real option :-( I need the immutable bit to be able to protect the php-launch scripts (they have to be owned by the owner of the several webs as of suexec - patching suexec is not an option for me) 1206473499 A * Pazzo knows that even without mod_php there is no REAL security in this world ;o) 1206473540 M * arachnist fastcgi is the way it should've been done in the first place 1206473545 M * Bertl hmm, IIRC, there is an suexec which works for groups, no? 1206473570 M * arachnist without all that mod_{perl,php,ruby,python,whatever} mess 1206473683 M * Pazzo Bertl: there is a (mod_)php safe_mode that works for groups - and there are a lot of patched suexec variants. But afaik there is no way to relax current distro's suexec to gid-checks 1206473689 Q * JonB Quit: This computer has gone to sleep 1206473766 M * Pazzo fastcgi is the way it should've been done in the first place <- FULL ACK 1206474060 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206474776 Q * jsambrook Quit: Leaving. 1206475043 Q * mick_work Ping timeout: 480 seconds 1206475727 J * JonB ~NoSuchUse@77.75.164.169 1206475820 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206475917 J * balbir_ ~balbir@122.167.201.78 1206476003 Q * Blissex Remote host closed the connection 1206476210 Q * ruskie Ping timeout: 480 seconds 1206476348 Q * balbir Ping timeout: 480 seconds 1206476999 J * ruskie ruskie@ruskie.user.oftc.net 1206477178 N * DoberMann[PullA] DoberMann 1206478296 Q * Pazzo Quit: Ex-Chat 1206479067 Q * mick_work Ping timeout: 480 seconds 1206479102 M * Supaplex can you assign multiple ipv6 ips, or a subnet of ips to a vserver guest? (v2.3 of course) 1206479114 Q * Piet Remote host closed the connection 1206479193 N * virtuoso_ virtuoso 1206479208 J * Piet ~piet@tor.noreply.org 1206479221 M * Supaplex looks like sid is shipping with 2.2.0.3. what's holding 2.3 from vserver-stable? I doubt sid will accept 2.3 until it's not a dev patch... 1206479427 Q * geekNerd Ping timeout: 480 seconds 1206479612 J * Aiken ~james@ppp121-45-199-100.lns1.bne1.internode.on.net 1206479715 M * glen_ anyone can speak on /etc/rpm/platform file 1206479750 M * glen_ in pld we build it for each dist (pld-ac, pld-th, pld-ti) and put their dir, maybe in PACKAGE on pld it should be put to defaults/rpm/etc/platform? 1206479807 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206480121 J * geekNerd adam@ip68-226-183-97.lf.br.cox.net 1206480651 Q * geekNerd Ping timeout: 480 seconds 1206480663 M * glen_ is packaging pubkey in rpm util-vserver package bad idea? 1206481053 Q * mick_work Ping timeout: 480 seconds 1206481179 J * geekNerd adam@ip68-226-183-97.lf.br.cox.net 1206481700 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206481773 Q * derjohn Ping timeout: 480 seconds 1206481902 J * derjohn ~derjohn@80.69.41.3 1206482414 Q * bonbons Quit: Leaving 1206482437 Q * tobifix Quit: Leaving 1206482467 Q * docelic Quit: http://www.spinlocksolutions.com/ 1206483292 Q * geekNerd Quit: Later losers 1206484518 Q * mire Ping timeout: 480 seconds 1206485002 Q * mick_work Ping timeout: 480 seconds 1206485018 M * glen_ daniel_hozac, plz look now on pld patch. looks better? http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/util-vserver-pld.patch?rev=1.33;content-type=text%2Fplain 1206485088 J * mire ~mire@37-174-222-85.adsl.verat.net 1206485136 M * glen_ if you want to drop credit for me then i'm Elan Ruusamäe ;) 1206485549 J * yarihm ~yarihm@84-75-103-252.dclient.hispeed.ch 1206485568 Q * dna Quit: Verlassend 1206485715 J * mick_work ~clamwin@h-74-2-196-226.miatflad.covad.net 1206486146 Q * cryptronic Quit: Leaving. 1206486177 Q * larsivi Remote host closed the connection 1206486652 Q * JonB Ping timeout: 480 seconds 1206486720 N * DoberMann DoberMann[ZZZzzz] 1206486774 J * doener ~doener@i577AC798.versanet.de 1206486891 Q * yarihm Quit: Leaving 1206487081 Q * ftx_ Remote host closed the connection 1206487217 J * dlx ~stefan@chello213047083221.7.14.vie.surfer.at 1206487353 M * dlx hi, can you tell me what vserver version the debian etch/stable package uses? or how I could determine that? 1206487380 M * Bertl well, the debian package/maintainer should know 1206487406 M * dlx I see, thx 1206487426 Q * dlx 1206489252 Q * dowdle Remote host closed the connection