1208392299 Q * _gh_ Ping timeout: 480 seconds
1208401563 Q * ard6 Ping timeout: 480 seconds
1208405554 Q * meandtheshell Quit: Leaving.
1208406459 A * ard down for upgrade -> 2.6.22.19-vs2.3.0.34 (hopefully this fixes the conntrack bugs)
1208406472 Q * ard Quit: down for upgrade -> 2.6.22.19-vs2.3.0.34 (hopefully this fixes the conntrack bugs)
1208407104 J * _gh_ ~gerrit@c-67-169-199-103.hsd1.or.comcast.net
1208407510 J * ard ~ard@shell2.kwaak.net
1208408454 M * ard aarghh...
1208408463 M * ard 2.6.22.19 still contains the conntrack bug :-(
1208408476 M * ard (2.6.19 doesn't ...)
1208408776 J * ard6 ~ard@2002:d9c4:2909:1::1
1208409798 J * Slydder ~chuck@194.59.17.53
1208411193 Q * virtuoso Ping timeout: 480 seconds
1208411727 N * Bertl_zZ Bertl
1208411731 M * Bertl morning folks!
1208411745 M * Bertl ard6: so?
1208412902 Q * hijacker__ Read error: Connection reset by peer
1208414130 J * JonB ~NoSuchUse@77.75.164.169
1208414959 Q * JonB Quit: This computer has gone to sleep
1208415100 J * sharkjaw ~gab@64.28.12.166
1208415836 J * cryptronic ~oli@p54A3B1FB.dip0.t-ipconnect.de
1208416728 J * meandtheshell ~sa@d91-129-52-41.cust.tele2.at
1208417968 J * JonB ~NoSuchUse@77.75.164.169
1208418504 J * the_hydra ~mulyadi@125.161.247.93
1208418515 M * the_hydra hi all
1208418595 M * Bertl hey
1208418651 M * the_hydra hi Bert
1208418674 M * the_hydra is it ok to ask about resource management here?
1208418683 M * the_hydra things like limiting CPU usage and so on?
1208418693 M * Bertl sure
1208418792 N * DoberMann[ZZZzzz] DoberMann
1208418849 M * the_hydra using current available resource management, can we really effectively limit CPU usage?
1208418865 M * Bertl yep
1208418912 M * Bertl http://linux-vserver.org/CPU_Scheduler
1208418954 M * the_hydra let me check
1208418972 M * the_hydra i was thinking to write something about that topic, but never had a time
1208419032 M * the_hydra quickly reading that URL....seems it is an effective way to limit resource
1208419067 M * Bertl yep, you can do from hard scheduling to idle time sharing (fair) and everything in-between
1208419191 M * the_hydra very interesting
1208419201 M * the_hydra i'll read them
1208419237 M * Bertl feel free to ask if you have questions regarding details
1208419275 M * harry when is the 2.6.24 patch due? :p
1208419281 M * harry (sry... i'm an ass ;))
1208419287 M * the_hydra token...hm, so it's like one getting a coin before get a permission to enter the carnival
1208419293 M * Bertl harry: devel patch is up since a few weeks now
1208419309 M * harry kinky
1208419320 M * harry still.. i was just being obnoxious :)
1208419325 M * Bertl the_hydra: kind of, diffence is that you get the coins for free (periodically)
1208419346 M * the_hydra i see
1208419375 M * the_hydra is the situation same when current kernel goes tickless like these days?
1208419385 M * Bertl yep
1208419409 M * Bertl was tested for olpc with tickless kernels
1208419429 M * the_hydra ah, so olpc  does use vserver?
1208419450 M * pmjdebruijn the_hydra: why would it
1208419451 M * Bertl not anymore, a political decision ended it
1208419461 M * pmjdebruijn huh? 
1208419469 M * harry same as at kuleuven :(
1208419480 M * harry tough it's still here, and maybe even here to stay :)
1208419493 M * harry (i hate "the top")
1208419546 M * Bertl pmjdebruijn: for your information, Linux-VServer was the basic implementation of bitfrost
1208419558 M * pmjdebruijn oh
1208419592 M * pmjdebruijn what is used now then?
1208419621 M * Bertl AFAIK, most of the security stuff is not in place ATM, only basic things, and those are covered by SElinux :)
1208419627 M * the_hydra Bertl: ups, sorry to hear that ...
1208419727 M * Bertl well, I'm kind of sorry for the kids ... personally I have no problem with it .. (besides the fact that I do not like political decisions :)
1208419795 M * the_hydra :)
1208419847 M * pmjdebruijn Bertl: what politics were involved?
1208419879 M * Bertl basically maintainer, redhat and kernel politics
1208420149 M * pmjdebruijn Bertl: I can understand why they would choose something which was already in-kernel
1208420159 M * pmjdebruijn external patches suck
1208420229 M * Bertl your opinion :)
1208420286 M * pmjdebruijn Bertl: no offense, but always being stuck 3 kernel version behind, it's nice
1208420289 M * pmjdebruijn isn't
1208420311 M * Bertl when was that the case with Linux-VServer?
1208420322 M * the_hydra looking into similar old case, UML needs long way before integrated into 2.6 mainline
1208420532 M * pmjdebruijn Bertl: stable vserver is still at 2.6.22
1208420557 M * Bertl well, patches do not become stable when a new kernel is released, no?
1208420571 M * Bertl note that mainline kernels are not stable either :)
1208420599 M * the_hydra yeah, I agree again
1208420616 M * the_hydra security flaw on <2.6.24.2 sucks
1208420630 M * the_hydra !
1208420645 M * the_hydra that vmsplice bug is so disgusting IMHO
1208420645 M * pmjdebruijn the_hydra: 2.6.22 was hit by that one too, wasn't it?
1208420660 M * the_hydra why can't somebody see that off-by-one is dangerous :D
1208420682 M * the_hydra AFAICT, yeah
1208420825 Q * JonB Quit: This computer has gone to sleep
1208420856 J * virtuoso ~s0t0na@ppp91-122-138-146.pppoe.avangarddsl.ru
1208421022 J * Infinito ~argos@200-101-123-26.gnace701.dsl.brasiltelecom.net.br
1208421601 Q * Infinito Quit: Leaving
1208421702 J * hijacker ~hijacker@213.91.163.5
1208421785 J * Infinito ~argos@200-101-123-26.gnace701.dsl.brasiltelecom.net.br
1208422382 Q * the_hydra Ping timeout: 480 seconds
1208423129 J * JonB ~NoSuchUse@130.227.63.19
1208424806 Q * Infinito Quit: Leaving
1208425025 J * MatBoy ~MatBoy@wiljewelwetenhe.xs4all.nl
1208425680 M * heanol 2.6.25 is out i hear, so vserver really is 3 versions behind now ;)
1208425754 M * Bertl 25-24 = 3?
1208425799 M * arekm no real vserver2.3 for .24 ;)
1208425812 A * arekm stopped at .22 anyway
1208425842 M * Bertl well, if that is the argumentation, then there is 'no real' 2.6.25 either :)
1208425945 A * arekm hopes that one day vserver-like functionality will be in mainline and there will be no need to mess with tons of that patches, trying to make them work together
1208425984 M * Bertl dream on ... :)
1208426016 A * pmjdebruijn agrees with arekm
1208426033 M * pmjdebruijn well, some of the infrastructure is being moved into mainline
1208426053 M * Bertl and Linux-VServer is already using it
1208426092 M * Bertl folks, I really do not understand the point in hanging around here and complaining that Linux-VServer isn't in mainline .. go and complain to the mainline folks about that
1208426106 M * arekm we don't complain, we dream :)
1208426109 M * Bertl if you don't want to patch Linux-VServer patches, so be it .. no problem with that
1208426304 M * JonB Bertl: okay, i'll go tell Linus, that'll work for sure ;-)
1208426317 M * Bertl hehe
1208426375 M * arekm we have 22 with vserver 2.2 and 2.3 (switchable at buildtime) + full/partial grsecurity (also switchable at build time) + apparmor + tuxonice + tons of patches. We didn't manage to get the same thing on .24 yet 
1208426385 M * JonB i change kernel so seldom that if the patch just applies cleanly i dont have a problem with patching
1208426778 M * pmjdebruijn we'll were fine with vserver on .22, except that both iSCSI and XFS could use some bugfixes, which are most probably already fixed upstream
1208426823 M * Bertl well, get the patches, and backport them properly
1208427089 M * arekm pmjdebruijn: what xfs bugfixes?
1208427676 J * pmenier ~pme@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr
1208427787 A * ard does run 2.6.24.4 with vserver
1208427800 M * ard vs2.3.0.34
1208427815 M * ard but I had to install ldap and stop using nis...
1208427844 M * ard But that's probably due to the move from 2.2 to 2.3
1208427894 M * ard (2.2 had the nice side effect that if you install nis client on the host, the clients can use it without ever having to install nis.
1208427942 M * ard probably because of calls to portmap on 127.0.0.1 and such
1208427999 M * JonB ard: thats strange, because 127.0.0.1 should map to the guests own ip address
1208428009 M * JonB ard: maybe portmap binds to 0.0.0.0 on the host
1208428012 M * ard not with 2.3?
1208428029 M * ard because in 2.3 every vserver has it's own 127.0.0.1
1208428044 M * JonB ard: i was thinking of the 2.2 funny thing
1208428055 M * ard yes, portmap and ypbind should listen to 0.0.0.0 on the host, else it will not work :-)
1208428077 M * ard and yes, that's probably what happens :-)
1208428081 M * JonB is that smart
1208428102 M * ard well, for external hosts, you can always use a packet filter
1208428130 M * ard come to think of it...
1208428151 M * JonB i was more thinking of attacking the host from a guest through portmap and ypbind
1208428158 M * ard maybe that's why it wasn't working with 2.3 since I always install packet filters
1208428163 M * ard ah
1208428189 M * ard well, security is not always the main reason for vserver :-)
1208428216 M * JonB no, but there is no reason to shoot yourself in the foot
1208428223 M * ard :-)
1208428250 M * ard it's a development system. We have development systems running 2.6.22.16 :-)
1208428282 M * ard but for real production, nis and portmap are not an option
1208428286 M * JonB okay
1208428323 M * ard and 2.6.22.* should be upped to 2.6.22.19 ...
1208428348 M * ard but in 2.6.22.* there is this bug in conntrack :-(
1208428365 M * Bertl which one?
1208428395 M * ard Well, conntrack sometimes cannot correctly track lo connections
1208428422 M * ard I first thought it might be a race because of 8 processors and such
1208428467 M * ard Hmmmm, at home i have a also a dual core, so it still might be a race
1208428549 M * ard anyway: if you receive a syn, and then send a syn-ack, and you are filtering on the OUTPUT chain on established connections, it will in 0.0001% not see it as established, and hence drop it
1208428582 M * ard this can happen a few times even...
1208428682 M * ard and what might be fixed in 2.6.22.19 is the fact that it sometimes sees an established connection as closed, and hence drops all fin packets...
1208428823 M * ard I know it's not normal to filter local traffic in the OUTPUT chain, maybe I should just turn that off
1208428901 M * ard anyway: since the last 18 hours I've logged 21 packets that did not match RELATED,ESTABLISHED according to conntrack, but was ESTABLISHED according to the ip stack
1208429010 M * Bertl maybe it wasn'T RELATED?
1208429052 M * ard Hmmmm
1208429069 M * ard you are saying that there is an order?
1208429156 A * ard should not match on state, but on conntrack probably
1208429356 M * ard Hmmm, if I do conntrack -E, I also see FIN_WAIT and CLOSE_WAIT as status
1208429558 Q * cryptronic Quit: Leaving.
1208430093 J * cryptronic ~oli@p54A3B1FB.dip0.t-ipconnect.de
1208430632 M * vasko i am hitting this issue http://paste.linux-vserver.org/11900 on my 2.3.0.34 machine, does probaly already exist a fix for this?
1208430664 M * pmjdebruijn arekm: we have occasional corrupt on volumes which heavily used hardlinks
1208430715 M * arachnist abcdefghijklmnoprostuvwxyz
1208430717 M * arachnist whoops
1208431079 M * Bertl vasko: yep, patch already exists
1208431269 Q * MatBoy Remote host closed the connection
1208431525 J * MatBoy ~MatBoy@wiljewelwetenhe.xs4all.nl
1208431630 M * vasko Bertl: and could you plz tell me where to find it?
1208432037 Q * MatBoy Remote host closed the connection
1208432077 M * Bertl vasko: sec
1208432082 M * JonB arachnist: long password you have there
1208432266 M * Bertl JonB: yeah, but it has an interesting twist :)
1208432288 M * JonB Bertl: yeah
1208432301 M * Bertl vasko: http://vserver.13thfloor.at/Experimental/delta-locks-fix02.diff
1208432303 J * MatBoy ~MatBoy@wiljewelwetenhe.xs4all.nl
1208432495 M * vasko Bertl: Thanks
1208432500 M * Bertl np
1208432763 Q * Aiken Remote host closed the connection
1208433018 Q * MatBoy Read error: Connection reset by peer
1208433157 Q * snod Quit: leaving
1208435831 J * friendly ~friendly@ppp59-167-94-13.lns2.mel6.internode.on.net
1208435841 J * docelic ~docelic@78.134.193.20
1208436545 Q * JonB Quit: This computer has gone to sleep
1208436770 M * matti Bertl: :))
1208436775 M * matti Hollow: :)
1208436777 M * matti harry: :)
1208436980 M * harry you highlight me... you sonnomabitch! ;)
1208437310 Q * sharkjaw Quit: Leaving
1208437527 J * yang yang@yang.netrep.oftc.net
1208438964 J * JonB hidden-use@192.38.9.151
1208439020 Q * hparker Remote host closed the connection
1208439436 Q * friendly Quit: Leaving.
1208439963 Q * virtuoso Ping timeout: 480 seconds
1208441986 Q * meandtheshell Quit: Leaving.
1208444013 Q * Slydder Quit: Leaving.
1208444194 N * BobR_oO BobR
1208444647 Q * _gh_ Ping timeout: 480 seconds
1208445509 J * larsivi ~larsivi@144.84-48-50.nextgentel.com
1208445823 J * meandtheshel1 ~sa@d91-129-52-41.cust.tele2.at
1208445902 M * Bertl hey matti! how's going?
1208446801 N * BobR BobR_oO
1208447298 J * sasaki_takeru ~sasaki_ta@nttkyo680217.tkyo.nt.ftth.ppp.infoweb.ne.jp
1208447452 J * Mark17 ~mark@vnc.tt.streamservice.nl
1208447466 M * sasaki_takeru I want to connect USB device to guest.
1208447516 M * Mark17 hello, how can i solve the following issue: http://yourpaste.net/598 (master is using debian)
1208447651 M * Mark17 the other vservers on the same master are starting correctly
1208447654 M * Bertl sasaki_takeru: a guest is not a physical machine, so you cannot connect an usb device to it
1208447673 M * Bertl Mark17: what util-vserver version?
1208447693 M * Bertl Mark17: it seems that your scheduler config is broken (for that guest)
1208447736 M * sasaki_takeru No way to proxy USB?
1208447741 M * Mark17 Bertl: where can i see what version i am using?
1208447749 M * Bertl sasaki_takeru: if you want to _use_ an USB device connected to the host (inside the guest), then it depends on the USB device
1208447768 M * Bertl Mark17: 'vserver-info - SYSINFO'
1208447868 M * Mark17 util-vserver: 0.30.212
1208447911 M * Mark17 what file do i need to edit?
1208447942 M * cryptronic Mark17: /etc/vservers/<name>/schedule change all comma values to integer values
1208448061 M * Mark17 3 \ 32 \ 500 \200 \1000 \ dumy   (where \ stands for a new line in the file)
1208448069 M * Mark17 so i dont see any comma values
1208448070 M * cryptronic change dummy to 0
1208448103 M * sasaki_takeru the device is : http://javier.rodriguez.org.mx/index.php/2006/06/10/griffin-radio-shark-icecast2-on-debian-gnulinux
1208448116 M * Bertl Mark17: dummy is not a good number :)
1208448156 M * Bertl Mark17: and you want to update to 0.30.215 (or at least 0.30.214)
1208448235 M * Bertl sasaki_takeru: hmm, basically this could work, assumed that it only interfaces with userspace (the kernel driver) via certain device nodes
1208448302 M * Bertl sasaki_takeru: i.e. you want to 'copy' or 'create' the proper /dev/input* device inside the guest, then the software should be able to use the device
1208448566 M * sasaki_takeru isee, I can access HID device via /dev/input/*, right?
1208448674 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1208448943 J * dowdle ~dowdle@scott.coe.montana.edu
1208449048 J * ktwilight_ ~ktwilight@8.95-66-87.adsl-dyn.isp.belgacom.be
1208449194 M * Bertl sasaki_takeru: yes, usually you can ... works for example for a barcode reader or finger print scanner
1208449268 Q * ktwilight Ping timeout: 480 seconds
1208449298 M * sasaki_takeru OK, thank you a lot! 
1208449486 Q * sasaki_takeru Quit: Computer goes to sleep!
1208449594 Q * JonB Ping timeout: 480 seconds
1208449630 J * Slydder ~chuck@dslb-088-075-215-083.pools.arcor-ip.net
1208449635 J * JonB ~NoSuchUse@192.38.8.25
1208449813 Q * Mark17 Remote host closed the connection
1208450462 N * DoberMann DoberMann[PullA]
1208450963 J * _gh_ ~gerrit@ip246.fa1-0-1.occ.iinet.com
1208451604 Q * pmenier Quit: Konversation terminated!
1208451736 N * BobR_oO BobR
1208452047 Q * meandtheshel1 Quit: Leaving.
1208454070 N * BobR BobR_oO
1208454248 Q * balbir Remote host closed the connection
1208454291 Q * _gh_ Read error: Connection reset by peer
1208454426 Q * Slydder Quit: Leaving.
1208456404 Q * JonB Ping timeout: 480 seconds
1208456614 J * hijacker_ ~Lame@87-126-142-51.btc-net.bg
1208456673 J * JonB hidden-use@192.38.9.151
1208458807 J * rhodes ~rhodes@hc6521a55.dhcp.vt.edu
1208458889 M * rhodes I'm updating some of our routine monitoring/management scripts.  What is a good test that indicates I'm running in a vserver and is there a way I can determine the hostname of the base system.
1208460135 M * bonbons rhodes: you can detect you are in a guest when some files below /proc are missing (usually /sys is missing as well and you are restricted in the capabilities you can effectively use)
1208460183 M * bonbons determining the host's hostname should not be possible
1208460223 M * rhodes I've been looking at /proc diffs, it would be nice if /proc exposed some vserver specifics (ie this is a vserver, this is the controlling host)
1208460348 M * bonbons guest usually don't have a good bunch of files (hardware related files like /proc/bus/*), host has /proc/virtual/* and eventually you will have /proc/<pid>/v* files
1208460406 M * bonbons though what exactly exists or is missing depends on the configuration of the host (e.g. you can select the files/directories that should be hidden)
1208460433 M * ard you can always abuse an /etc/vserver/*/uts for that :-)
1208460466 A * ard sets the root gecos to <vservername>@<host> when disting passwd files
1208461065 J * balbir ~balbir@122.167.181.56
1208462014 Q * balbir Ping timeout: 480 seconds
1208462509 Q * larsivi Ping timeout: 480 seconds
1208464966 Q * hijacker_ Quit: Leaving
1208465024 Q * bonbons Quit: Leaving
1208465106 J * larsivi ~larsivi@144.84-48-50.nextgentel.com
1208465833 Q * JonB Quit: This computer has gone to sleep
1208465891 J * JonB ~NoSuchUse@192.38.8.25
1208466070 Q * cryptronic Quit: Leaving.
1208466189 M * Bertl night everyone! 
1208466193 N * Bertl Bertl_zZ
1208466440 Q * rhodes Quit: rhodes
1208466681 J * Aiken ~james@ppp121-45-192-61.lns1.bne1.internode.on.net
1208467335 J * cryptronic ~oli@p54A3B1FB.dip0.t-ipconnect.de
1208468684 J * _gh_ ~gerrit@ip246.fa1-0-1.occ.iinet.com
1208468893 Q * cryptronic Quit: Leaving.
1208468960 Q * docelic Quit: http://www.spinlocksolutions.com/
1208469757 J * docelic ~docelic@78.134.193.20
1208470378 Q * localghost Ping timeout: 480 seconds
1208470547 N * DoberMann[PullA] DoberMann[ZZZzzz]
1208470732 J * localghost anders@ies57-061.ies.luth.se
1208471271 Q * _gh_ Read error: Connection reset by peer
1208472525 Q * JonB Quit: This computer has gone to sleep
1208472687 Q * docelic Quit: http://www.spinlocksolutions.com/
1208473198 Q * larsivi Remote host closed the connection
1208473464 Q * dowdle Remote host closed the connection
1208475210 J * _gh_ ~gerrit@c-67-169-199-103.hsd1.or.comcast.net