1209433137 J * joelm ~joel.mack@60-234-209-43.bitstream.orcon.net.nz
1209433276 M * joelm n00b Q.  looking to create a vserver kernel for ubuntu server 8.04...Is it worth trying to compile 2.2.0.7 against 2.6.24 ?
1209433929 P * joelm 
1209433933 J * joel1 ~joelm@60-234-209-43.bitstream.orcon.net.nz
1209439786 Q * daniel_hozac charon.oftc.net plasma.oftc.net
1209439786 Q * brag charon.oftc.net plasma.oftc.net
1209439786 Q * bzed charon.oftc.net plasma.oftc.net
1209440376 J * daniel_hozac ~daniel@ssh.hozac.com
1209440376 J * brag ~bragon@2001:7a8:aa58::1
1209440376 J * bzed ~bzed@devel.recluse.de
1209440979 Q * balbir Ping timeout: 480 seconds
1209441622 P * joel1 
1209442292 J * joel1 ~joelm@60-234-209-43.bitstream.orcon.net.nz
1209442295 P * joel1 
1209443034 Q * FireEgl Ping timeout: 480 seconds
1209445592 Q * hparker Quit: Read error: 104 (Peer reset by connection)
1209447166 Q * kaner Ping timeout: 480 seconds
1209447867 J * sharkjaw ~gab@64.28.12.166
1209449516 J * JonB ~NoSuchUse@77.75.164.169
1209450208 J * derjohn_mob ~aj@e180206248.adsl.alicedsl.de
1209450646 J * balbir ~balbir@59.145.136.1
1209452675 Q * JonB Quit: This computer has gone to sleep
1209453186 J * joel1 ~joelm@60-234-209-43.bitstream.orcon.net.nz
1209453811 J * dna ~dna@155-240-dsl.kielnet.net
1209453871 J * cryptronic ~oli@p54A3A0E7.dip0.t-ipconnect.de
1209455400 J * h01ger ~holger@socket.layer-acht.org
1209455418 M * h01ger huhu
1209455705 M * h01ger +cu :)
1209455714 P * h01ger sorry for the noise
1209455884 N * DoberMann[ZZZzzz] DoberMann
1209456030 J * bfremon ~ben@ANantes-252-1-59-32.w82-126.abo.wanadoo.fr
1209456220 M * heanol joel1: I'm guessing no, but there are dev patches against .24/.25 i think
1209456404 Q * derjohn_mob Ping timeout: 480 seconds
1209456506 J * JonB ~NoSuchUse@130.227.63.19
1209456679 M * joel1 cool.  will have a look for them
1209458202 Q * balbir Ping timeout: 480 seconds
1209459217 T * * http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.34, grsec 2.2.0.7|util-vserver-0.30.215|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute. 
1209459217 T * harry -
1209459561 J * derjohn_mob ~aj@port-83-236-147-79.static.qsc.de
1209460037 Q * joel1 Ping timeout: 480 seconds
1209461278 M * heanol will the load in my guests and host always be the same?
1209461327 M * daniel_hozac only if you don't set virt_load.
1209461432 M * heanol ah
1209462121 J * balbir ~balbir@59.145.136.1
1209462960 Q * bfremon Remote host closed the connection
1209462998 J * bfremon ~ben@ANantes-252-1-59-32.w82-126.abo.wanadoo.fr
1209463179 J * ddub ~ddub@213.219.163.99.adsl.dyn.edpnet.net
1209464705 N * Bertl_zZ Bertl
1209464711 M * Bertl morning folks!
1209464767 M * daniel_hozac morning Bertl!
1209465289 J * Punkie ~Punkie@goc.coolhousing.net
1209466165 Q * bfremon Remote host closed the connection
1209466196 J * bfremon ~ben@ANantes-252-1-59-32.w82-126.abo.wanadoo.fr
1209466221 Q * bfremon Remote host closed the connection
1209466349 J * virtuoso_ ~s0t0na@ppp92-101-10-99.pppoe.avangarddsl.ru
1209466758 Q * virtuoso Ping timeout: 480 seconds
1209467326 M * yang hey Bertl 
1209467336 M * yang Out of curiosity, why is there no update later than the 2.6.22-3-vserver-k7 for debian lenny ?
1209467352 M * daniel_hozac you'd have to ask a Debian maintainer.
1209467398 M * yang the linux-vserver website also says latest is 2.6.22.19
1209467440 M * yang other default debian kernels are at 2.6.24
1209467560 M * daniel_hozac well, yes, there aren't any stable patches for anything more recent than 2.6.22.
1209467571 M * daniel_hozac but experimental and incomplete patches exist for 2.6.24 and 2.6.25.
1209467577 M * yang ok
1209467702 M * Bertl for testing (debian) they should adopt 2.3 anyways
1209467723 M * Bertl and IIRC, there are no 2.6.24 kernels for debian stable, yes?
1209467943 M * waldi there are
1209467955 J * bfremon ~ben@ANantes-252-1-50-34.w82-126.abo.wanadoo.fr
1209468019 A * waldi currently thinks which part of vserver can be rebuilt using the different namespaces, which parts need help in form of a module and which parts really needs patches
1209468151 M * Bertl namespaces are used by Linux-VServer whenever it makes sense
1209468152 M * daniel_hozac the layer 3 isolation will always require patches.
1209468171 M * waldi daniel_hozac: well, layer 2 (aka veth) exists
1209468183 M * daniel_hozac yes.
1209468190 M * Bertl yes, but that has the network stack overhead and problems
1209468219 M * waldi measerable overhead?
1209468261 M * Bertl well, twice the code, twice the overhead, no?
1209468289 M * waldi no
1209468299 M * Bertl simply speaking, if you run a program twice (i.e. traverse the stack twice) it adds twice as much overhead
1209468307 M * waldi no, it does not
1209468317 M * waldi (caching effects for example)
1209468321 M * Bertl aha, well, in this case, programmers will be happy :)
1209468361 M * Bertl but if you like, you can do performance measurements and benchmarking for that
1209468382 M * Bertl note: we are not going to spend a lot of time proving the obvious
1209468416 M * waldi the isolation code also adds overhead
1209468430 M * daniel_hozac obviously.
1209468448 M * waldi so it is not obvious which implementation have less overhead
1209468462 M * daniel_hozac but that's a matter of lines, vs. a complete retraversal of the network stack.
1209468501 M * Bertl waldi: please take the time and do a proper comparison with 2.6.25 and a network context as well as veth+network namespace
1209468522 M * Bertl waldi: and let us know what gives the better performance results
1209468694 M * Bertl waldi: if you can show (conclusively) that the double network stack traversal and routing/bridging involved does equally well or better than e.g. the single ip rewrite, we drop those modifications immediately and switch to network namespaces exclusively
1209468738 M * daniel_hozac well... personally i'd still prefer the layer 3 isolation. it's less maintenance/setup.
1209468883 M * Bertl okay, off for now .. bbl
1209468896 Q * mire Read error: Connection reset by peer
1209468898 N * Bertl Bertl_oO
1209469227 J * kwowt ~quote@pomoc.ircnet.com
1209469230 M * kwowt hi
1209469236 M * ex avatou_casting;
1209469245 M * ex uh, sorry :-)
1209469254 M * kwowt I'm having huuge problems with hosting trackers on my vserver...:) anyone has any experiences with that?
1209469283 M * JonB trackers?
1209469294 M * daniel_hozac what kind of problems?
1209469295 M * simon_ bittorrent 'servers'
1209469296 M * kwowt well
1209469298 M * kwowt yes
1209469346 M * kwowt well, torrents dont wanna seed, 'Torrent not registrered with this tracker' errors, 'invalid_info hash', etc 
1209469356 M * kwowt plus, when someone wants to click confirmation email, it doesnt work
1209469366 M * kwowt and its some vps configuration issue, cause it works great on localhost
1209469370 M * kwowt or any other non-vps server
1209469388 M * daniel_hozac with the same distribution and same configuration?
1209469422 M * kwowt umm...it works outside vps, yeah
1209469439 M * daniel_hozac so everything else is the exact same, right?
1209469446 M * kwowt i'm using gentoo for vservers
1209469478 M * kwowt i tried google and forums
1209469484 M * kwowt but no answers or clues for now
1209469491 M * kwowt i got 3 users
1209469493 M * kwowt with the same problem
1209469498 M * kwowt all running on vps
1209469503 M * kwowt 2 different machines
1209469507 M * kwowt with a similar configuration
1209469591 M * kwowt i'm thinking its some ip related issue
1209469599 M * kwowt but i'm a noob, so that doesnt count :)
1209469678 J * friendly ~friendly@ppp59-167-167-175.lns1.mel4.internode.on.net
1209469681 M * heanol well, you should probably look in the tracker software logs
1209469693 M * heanol to get some definite error
1209469817 M * ddub Hello all
1209469821 M * ddub I try to set up an hosting lamp server using vserver for services isolation. I have actually 4 vservers: DNS (bind9), WWW (apache2), MAIL (postfix + dovecot), SQL (mysql-5).
1209469831 M * ddub Everything works fine till now, vs is really a great project
1209469839 M * ddub I am now trying to allow guests to send mail through my MAIL vserver. What's the best way to proceed to keep things as secure as possible? Do i have to set up an MTA on each guest?
1209469911 M * daniel_hozac that's probably the easiest way, yes.
1209469988 M * ddub thanks. Does it mean there's another way?
1209470022 M * JonB ddub: if your application can use a smtp server thats another way
1209470060 M * JonB ddub: i use ssmtp on my guests to relay all email to a real mailserver, which is also running inside vserver
1209470100 J * docelic ~docelic@78.134.192.202
1209470132 M * ddub Thanks JonB it looks like an interesting solution
1209470161 Q * JonB Quit: This computer has gone to sleep
1209470189 A * waldi smells featureritis
1209470202 M * waldi daniel_hozac: sure, layer 3 isolation is fine, but not essential
1209470230 M * heanol waldi: featureitis?
1209470306 M * waldi daniel_hozac: i'm not sure if it may be possible to add a limited variant of vserver as a kernel module. but if it is, it may be much easier to use for the beginner
1209470341 M * waldi heanol: add features over features but ignore the essential parts
1209470379 M * waldi and I would prefer the layer 2 solution because I often use protocols different to ip/ipv6
1209470423 M * kwowt how do i put interfaces into promiscuous mode?
1209470436 M * waldi ip link set $dev promisc on?
1209470468 M * daniel_hozac waldi: it depends on what you do. for my use case, layer 2 would be nothing but a hassle.
1209470477 A * heanol scrolls up to read what's being discussed
1209470495 M * kwowt which tool enables 'ip' command?
1209470520 M * heanol iproute package in debian/ubuntu at least
1209470540 M * daniel_hozac ip is required by util-vserver, so you should already have it.
1209470582 M * kwowt and what exactly does this promisc mode do?
1209470590 M * kwowt i googled a little more and theres some connection
1209470600 M * kwowt with the tracker issue
1209470607 M * waldi kwowt: no, there is not
1209470619 M * waldi promisc applies the layer below ip
1209470685 M * kwowt can i turn that on for guest vps in config?
1209470694 M * kwowt SIOCSIFFLAGS: Permission denied
1209470705 M * daniel_hozac it has nothing to do with guests.
1209470714 M * waldi daniel_hozac: sure, both solutions have its advantages
1209470719 M * daniel_hozac in fact, a guest will not be able to utilize it.
1209470750 M * daniel_hozac (unless you've configured arp_* to specifically disable guest IPs)
1209471250 Q * Aiken Quit: Leaving
1209472249 N * virtuoso_ virtuoso
1209472311 Q * balbir Ping timeout: 480 seconds
1209472623 N * Bertl_oO Bertl
1209472629 M * Bertl back now ...
1209472646 M * Bertl kwowt: does the traker report something (in the logs)?
1209472685 M * Bertl waldi: OS level isolation is fine, but not essential, you can always go with QEMU or UML :)
1209472775 M * waldi Bertl: haha
1209474632 Q * friendly Quit: Leaving.
1209474901 Q * sharkjaw Remote host closed the connection
1209475058 M * ard6 Hmmm:
1209475578 J * sharkjaw ~gab@64.28.12.166
1209476254 M * ard6 anyway:
1209476262 A * ard6 wanted to say:
1209476265 M * ard6 Segmentation fault
1209476276 M * ard6 and then the ospf went haywired
1209476284 M * ard6 root@ieniemienie:~# netstat -nlp
1209476302 M * ard6 gives a segmentation fault (2.6.25 - 2.3.0.34.5)
1209476406 M * ard6 http://paste.linux-vserver.org/12066
1209476426 M * ard6 it's running 2 vservers
1209476466 M * daniel_hozac nice.
1209476475 M * ard6 2.6.22.19-2.3.0.34 works
1209476512 A * ard6 goes back to the ospf problem :-)
1209476634 J * tobifix_ ~tobifix@muedsl-82-207-236-144.citykom.de
1209476717 J * JonB ~NoSuchUse@77.75.164.169
1209476858 J * nkukard ~nkukard@196.212.73.74
1209476981 M * Bertl ard6: what is quirk_vsfx?
1209477060 Q * tobifix Ping timeout: 480 seconds
1209477895 J * docelic_ ~docelic@78.134.193.215
1209478296 Q * docelic Ping timeout: 480 seconds
1209479411 J * glen_ ~glen@elves.delfi.ee
1209479431 M * glen_ hello, i'm yet again stuck with the rpm fake problem
1209479432 M * glen_ ERROR: ld.so: object '/usr/lib/util-vserver/rpm-fake.so' from LD_PRELOAD cannot be preloaded: ignored.
1209479516 M * glen_ um. i'm supposed to ask question i believe :)
1209479520 M * Bertl static rpm binary?
1209479531 M * glen_ what was the lib call that vserver utils override?
1209479546 M * glen_ no. shared rpm
1209479557 M * glen_ i recall the same rpm worked, but on amd64, not i686
1209479559 M * Bertl so why can't it be preloaded?
1209479564 M * glen_ because it shouldn't be
1209479573 M * Bertl hmm?
1209479573 M * glen_ the preload should unset LD_PRELOAD
1209479590 M * glen_ but it can't as rpm doesn't execute external commands via the call that vserver utils trace
1209479615 M * Bertl ah, yep, makes sense .. I remember now
1209479621 M * glen_ i remember too
1209479622 M * glen_ :)
1209479626 M * Bertl execve vs execv
1209479632 M * daniel_hozac did you figure out what rpm _does_ call?
1209479633 M * glen_ but what was the call. i'd like to check is rpm calling it
1209479641 M * ard6 ./System.map:c04915b8 r __pci_fixup_PCI_VENDOR_ID_VIAPCI_DEVICE_ID_VIA_82C576quirk_vsfx
1209479643 M * ard6 weird...
1209479650 M * glen_ daniel_hozac, rpm calls system() for %() macro expansion
1209479681 M * glen_ daniel_hozac, and depending on selinux it calls selinux_execcon for selinux or execve for %post scriptlet
1209479725 A * ard6 doesn't have anything via in his macmini
1209479830 A * ard6 guesses a faulty name resolving
1209479879 M * ard6 since the syscall_call entrance is higher in the trace
1209479897 J * dowdle ~dowdle@scott.coe.montana.edu
1209479928 M * Bertl ard6: could be, should be easy to fix
1209479938 M * Bertl ard6: could you addr2line the calltrace for us?
1209479963 M * ard6 there is a difference between -nltp and -nlp ...
1209479983 M * ard6 -nltp is ok, -ntp segfaults
1209480019 M * ard6 hmmmm...
1209480025 M * ard6 just netstat -n segfaults :-)
1209480070 M * ard6 first coffee :-)
1209480078 M * Bertl okay, translocating now ... bbl
1209480099 N * Bertl Bertl_oO
1209480213 M * glen_ daniel_hozac, rpm calls 'execve' here seen with strace, with ltrace, no exec* family calls. so it calls ONLY execve()
1209480488 M * glen_ so i'm adding execve() overload, that should be the right thing to do?
1209480546 M * ard6 root@ieniemienie:/mnt/nas/ard/src/kernel/mm/l-2.6.25-vs2.3.0.34.5# addr2line -e ./vmlinux 0xc01abc90
1209480546 M * ard6 ??:0
1209480553 J * dna_ ~dna@166-239-dsl.kielnet.net
1209480553 M * ard6 hmmm, doesn't say anything sane
1209480565 M * ard6 but then again, this is the first time I use it
1209480609 M * ktwilight_ is there a central doc that tells me what each v* does? e.g. vupdateworld?
1209480659 Q * ddub Ping timeout: 480 seconds
1209480746 M * glen_ it's alias to vconquerorworld actually
1209480939 A * ard6 guesses the binary is stripped
1209480959 Q * dna Ping timeout: 480 seconds
1209480980 M * geb what is it ( vconquerorworld ) ? i haven't anything with this name in my system ?
1209481030 M * glen_ :)
1209481042 M * daniel_hozac glen_: execve is the _only_ syscall.
1209481065 M * daniel_hozac ktwilight_: vupdateworld --help
1209481085 M * daniel_hozac ... generally. it seems to be lacking in this instance :)
1209481086 M * glen_ daniel_hozac, yes i know. but seems my rpm calls execve()
1209481160 M * daniel_hozac ktwilight_: vupdateworld is a Gentoo-thing. it calls emerge world in the specified guests.
1209481200 Q * sharkjaw Remote host closed the connection
1209481409 M * daniel_hozac ard6: do you have CONFIG_DEBUG_INFO=y?
1209481495 M * ard6 :-(
1209481498 M * ard6 no
1209481522 A * ard6 will compile and install
1209481724 J * sharkjaw ~gab@64.28.12.166
1209481788 Q * cryptronic Quit: Leaving.
1209481846 M * glen_ daniel_hozac, i'm lost again. so what is fix to my problem?
1209481889 M * daniel_hozac find the used function, add that hook, et voila.
1209481920 M * glen_ it's not function, but execve() syscall
1209481941 M * glen_ so the original syscall must be called too
1209481976 M * glen_ hmm
1209481987 M * glen_ it's execv() still. why ltrace didn't show?
1209481987 M * glen_ /*@-nullstate@*/ xx = execv(argv[0], (char *const *)argv);
1209482084 M * daniel_hozac and you're sure that's the path triggering your error?
1209482138 M * glen_ 18:15:07 root[pts/1]@toothy /vservers/siim# vrpm siim -- -e pdksh
1209482138 M * glen_ ERROR: ld.so: object '/usr/lib64/util-vserver/rpm-fake.so' from LD_PRELOAD cannot be preloaded: ignored.
1209482141 M * glen_ ERROR: ld.so: object '/usr/lib64/util-vserver/rpm-fake.so' from LD_PRELOAD cannot be preloaded: ignored.
1209482176 M * ktwilight_ yea, i always do --help, but sometimes it lacks :|
1209482180 M * ktwilight_ thanks anywayz :)
1209482224 M * glen_ 18:16:51 root[pts/1]@toothy /vservers/siim# RPM_FAKE_DEBUG=8 vrpm siim -- -e pdksh --noscripts --test
1209482227 M * glen_ ERROR: ld.so: object '/usr/lib64/util-vserver/rpm-fake.so' from LD_PRELOAD cannot be preloaded: ignored.
1209482235 M * glen_ no debug about exec, so library hook not caught
1209482243 M * glen_ #define DBG_EXECV   0x0008
1209482514 M * glen_ what's char * const ?
1209482521 M * glen_ shouldn't it be const char * ?
1209482568 M * daniel_hozac const after the * means that the pointer itself cannot be modified.
1209482684 J * ddub ~ddub@213.219.163.99.adsl.dyn.edpnet.net
1209482737 J * larsivi ~larsivi@144.84-48-50.nextgentel.com
1209482978 J * jla jacob@green.cachevalley.org
1209483167 Q * ddub Ping timeout: 480 seconds
1209483248 J * catlee ~catlee@38.104.156.10
1209483250 M * catlee hello
1209483260 J * ddub ~ddub@213.219.163.99.adsl.dyn.edpnet.net
1209483270 M * catlee I just set up a debian etch vserver instance on a debian lenny/sid host
1209483273 M * jla Is there a command to list all vservers on a host, and their status ala vgdisplay/lvdisplay/mount. I know I can look at /etc/vservers and then run vserver status for each directory (or even make a script to do that) but I was hoping to avoid reinventing the wheel if such a facility has escaped me.
1209483274 Q * ddub 
1209483287 M * catlee I'm trying to compile some stuff, and getting an error: undefined reference to `__tls_get_addr'
1209483332 M * catlee do I need a special C library for the guest?
1209483365 M * glen_ jla, vserver-stat
1209483424 M * ard6 catlee : probably you need to install libc-dev or something like that :-)
1209483424 M * daniel_hozac catlee: no, this is not Xen.
1209483429 M * jla glen_: the man page made that look like the right direction, but it didn't work. DOH. *blushes after checking uname*
1209483436 M * catlee yeah, I have libc-dev
1209483442 M * jla rebooted into wrong kernel
1209483445 M * ard6 get_addr is a normal library function, and tls is the linux-threaded variant I guess
1209483484 A * ard6 does all it's compiling within vservers
1209483535 M * daniel_hozac same here.
1209483591 M * catlee the code is using the __thread attribute
1209483593 M * ard6 catlee : it must be in the linking stage to gat an error like that
1209483600 M * catlee it is in the linking stage
1209483643 M * ard6 anyway: without more info about what you are trying to compile :-)...
1209483694 A * ard6 stands gorrected...
1209483710 M * ard6 get_addr is not a standard function I guess
1209483714 M * ard6 can't find it here
1209483854 A * ard6 was thinking about getaddrinfo and family
1209483854 M * ard6 catlee : maybee it depends on some include file...
1209483873 M * ard6 to fix the get_addr into some function the system understands
1209483890 M * catlee the symbol is defined in ld-linux
1209483968 M * catlee not sure why it's not being found...
1209484161 Q * jla Quit: leaving
1209484174 M * catlee it should be using the guest's version of ld-linux, right?
1209484216 M * daniel_hozac yes, of course
1209484281 M * catlee hmmmm
1209484324 J * Slydder ~chuck@dslb-088-075-089-024.pools.arcor-ip.net
1209484431 Q * JonB Quit: This computer has gone to sleep
1209484488 J * jla ~jacob@green-amp.lhtassociates.com
1209484655 Q * Slydder Quit: Leaving.
1209485266 Q * bfremon Remote host closed the connection
1209485473 J * kaner kaner@zzz.strace.org
1209485538 M * ard6 catlee : http://www.pulseaudio.org/ticket/217
1209485571 M * ard6 and there is another reference to some PPC architecture
1209485611 M * ard6 but it doesn't sound etch to me :-)
1209485757 J * JonB ~NoSuchUse@77.75.164.169
1209485769 Q * nkukard Ping timeout: 480 seconds
1209485843 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1209486306 J * nkukard ~nkukard@196.212.73.74
1209487085 M * ard6 aaargh...
1209487091 A * ard6 wanted to test the new kernel
1209487117 M * ard6 so I started to stop the vservers, and now it's completely gone from the internet :-(
1209487126 M * ard6 yes, the headless macmini
1209487158 M * ard6 with a little luck it will panic-reboot
1209487365 N * DoberMann DoberMann[PullA]
1209487365 N * Bertl_oO Bertl
1209487395 M * Bertl back now ...
1209487986 Q * JonB Ping timeout: 480 seconds
1209487987 M * Bertl daniel_hozac: I'm toying with the idea to drop xid support for xfs, and to reuse the immutable flag for the barrier there (which, btw, could be done on other filesystems as well)
1209488069 M * daniel_hozac wouldn't that require some ugly hack to support creating/removing guests?
1209488370 M * catlee ard6, The suggestion here fixed the linking error: http://www.pulseaudio.org/ticket/152
1209488381 M * catlee ard6, editing /usr/lib/libc.so to point to ld-linux as well
1209488441 Q * sharkjaw Quit: Leaving
1209488461 M * Bertl daniel_hozac: not if we override the immutable on the host/with cap context
1209488588 J * balbir ~balbir@122.167.217.3
1209488625 J * bronson_ ~bronson@adsl-68-122-117-135.dsl.pltn13.pacbell.net
1209488671 M * daniel_hozac that changes the behavior of the immutable bit though, even if it's just on the host.
1209488729 M * Bertl correct, any better ideas?
1209488835 M * ard6 catlee : thanks... I will try to remember it :-)
1209488851 M * ard6 sounds like a bug in the package
1209488853 Q * dna_ Quit: Verlassend
1209488881 M * catlee yeah
1209488892 M * daniel_hozac Bertl: no, not really... i think we need all of our bits.
1209488914 J * JonB ~NoSuchUse@0405ds1-noe.1.fullrate.dk
1209488942 M * Bertl ard6: did you manage to get line numbers for your trace?
1209489134 Q * quasisane Remote host closed the connection
1209489217 M * Bertl we could investigate extended attributes for this purpose, but I doubt that it is worth the overhead
1209489236 M * Bertl daniel_hozac: another alternative would be to hard code the barrier path into the context?
1209489260 M * Bertl (not as flexible, but probably doable)
1209489456 Q * bronson_ Quit: Ex-Chat
1209489534 M * glen_ it is totally weird that installing pdksh package right after vserver creation fails, but if i install and erase it and try install again it succeeds
1209489567 M * daniel_hozac we already have the fs_struct, right? couldn't we simply deny access to vxi->vx_fs->root.dentry->d_parent?
1209489568 M * glen_ i have diff from rpm -vvv, where i can see that in first case it tried but failed to start %post
1209489596 M * glen_ failure log: http://pld.pastebin.com/f411f7d5c success log: http://pld.pastebin.com/f297c5a84
1209489611 M * daniel_hozac (though that's a bit too many dereferences for my taste...)
1209489617 M * glen_ log was created just with: RPM_FAKE_DEBUG=8 vrpm siim -- -Uhv ../pdksh-5.2.14-46.amd64.rpm ../sed-4.1.5-2.amd64.rpm  -vvv > foo2 2>&1
1209489629 M * glen_ i'm out of ideas
1209489698 M * Bertl daniel_hozac: hmm, does the vx_fs point to the right location (i.e. the actual guest root tree)?
1209489708 M * glen_ i can reproduce error with: 1. create vserver. 2. install pdksh
1209489735 M * glen_ but at some point it starts working and no more fails. but on first install it always fails
1209489755 Q * derjohn_mob Ping timeout: 480 seconds
1209489783 M * daniel_hozac Bertl: ah, good point... i guess that is set pre-chroot.
1209489815 M * glen_ daniel_hozac, ideas?
1209489858 M * glen_ diff between failed vs succeeding one: http://pld.pastebin.com/f690c23d1
1209489868 M * daniel_hozac glen_: rpm is... let's just say strange. rpm-fake adds on to that strangeness.
1209489884 M * daniel_hozac i try to stay away from both of them as much as possible.
1209489885 M * glen_ and so, what i do? start crying?
1209489898 M * daniel_hozac well, that, or something productive.
1209489916 M * glen_ i tought too, the second one, therefore i ask help from here
1209489929 M * glen_ and i wouldn't blame rpm here, only rpmfake maybe could be blamed
1209489957 M * daniel_hozac well, rpm is the one executing the script.
1209489963 M * daniel_hozac figure out what would make it do that.
1209489982 M * glen_ ok. i'll try #rpm then
1209489999 M * glen_ probably will be bounced back here
1209490130 M * daniel_hozac Bertl: it seems easy enough to get this right in the utils, if you want to pursue that option.
1209490239 M * Bertl well, if we can assume and/or declare a root entry
1209490252 M * Bertl we can probably protect that sufficiently
1209490265 M * Bertl with all the advantages and disadvantages
1209490391 M * ard extended attributes has the advantage of being supported by rsync 8-D
1209490466 M * Bertl yes, unfortunately they also have the disadvantage that they would cause a lot of overhead on every permission check
1209490481 M * Bertl (not that this would be an issue on xfs :)
1209490484 A * ard6 figured as much :-)
1209490484 M * daniel_hozac and they require additional filesystem support that needs to be enabled.
1209490498 M * Bertl good point
1209490531 J * quasisane ~sanep@c-75-68-59-175.hsd1.nh.comcast.net
1209490539 A * ard6 wonders if you can't use the extended attributes file space
1209490555 M * ard6 without using the extended attributes
1209490555 M * daniel_hozac the only tricky part of using a dentry reference is getting it right when people don't use complete guests.
1209490586 M * daniel_hozac (utils side. kernel side using a dentry reference is much easier)
1209490626 P * catlee Ex-Chat
1209490640 M * Bertl coming back to the immutable attribute ..
1209490650 M * Bertl do we know of any mechanism currently using that?
1209490699 M * daniel_hozac well, there's no telling what people use it for. it's been around for a while.
1209490732 M * Bertl that's true ...
1209491311 M * daniel_hozac Bertl: btw, i figured out what was wrong with that patch... i had pid_nr_ns calling pid_nr_ns :)
1209491377 M * Bertl ah, nice, a stack overflow
1209491380 M * Bertl yeah, makes sense
1209491580 M * daniel_hozac http://people.linux-vserver.org/~dhozac/p/k/delta-fakeinit-fix03.diff
1209491635 M * daniel_hozac works in basic testing, but IIRC there was some corner-case that still failed.
1209491980 M * Bertl okay
1209491995 M * daniel_hozac i'll test it some more.
1209492086 Q * Punkie Quit: ...mizim...
1209492130 J * ktwilight ~ktwilight@131.106-67-87.adsl-dyn.isp.belgacom.be
1209492165 Q * ktwilight_ Ping timeout: 480 seconds
1209493354 J * marl ~marl@84.13.23.137
1209493408 M * marl hi folks, any tell me if there is a vserver kernel patch for 2.6.24
1209493453 M * daniel_hozac the 2.6.25 patch is further along.
1209493458 M * daniel_hozac http://vserver.13thfloor.at/Experimental/
1209493506 M * marl lol, how experimental is it? need it to be stable for this server!
1209493516 M * daniel_hozac no way.
1209493520 M * daniel_hozac if you want stable, go for 2.6.22.
1209493527 M * marl lol thanks :)
1209493606 M * marl ok, am downloading the kernel source just now, but thought id ask, as have just installed the latest ubuntu, and it is using 2.6.24, couldnt see it on the site so thought id ask  :)
1209494469 J * tanjix tanjix@77.37.25.222
1209494472 M * tanjix hi all!
1209494501 M * tanjix how's it going?
1209494626 M * Bertl hey tanjix!
1209494764 M * tobifix_ Bertl, i tested 2.6.25 with the latest experimental patch
1209494772 M * tobifix_ seem to be running relatively stable :)
1209494783 M * tobifix_ no problems since the switch to the new kernel
1209494786 M * tobifix_ good work dude
1209494793 M * Bertl as stable as testing/devel can be :)
1209494811 M * Bertl and thanks!
1209494898 M * marl tobifix, how long u been running the 2.6.25 kernel?
1209494905 M * tobifix_ 3 day
1209494905 M * tobifix_ s
1209494919 M * tobifix_ runs really good
1209494931 M * marl ok, think ill maybe leave it a wee while longer
1209494943 M * tobifix_ i am waiting for my first bug
1209494943 M * tobifix_ :D
1209494951 M * tobifix_ hopefully i find one
1209495003 M * marl tobifix, what u running it on?
1209495099 M * marl is it posible to configure guests to use certain procesors in a multi procesor system?
1209495105 M * daniel_hozac yes.
1209495129 M * daniel_hozac Bertl: Hollow: did we get trac setup for the kernel?
1209495141 M * marl am just downlaoding kernel to install on a dual quad core zeon server
1209495146 M * Bertl daniel_hozac: hmm, no idea
1209495164 M * Bertl marl: zeon, nice .)
1209495180 M * Bertl marl: so you are going to have 8 cores then, yep?
1209495185 M * marl yup
1209495193 J * virtuoso_ ~s0t0na@ppp92-101-10-99.pppoe.avangarddsl.ru
1209495197 Q * virtuoso Read error: Connection reset by peer
1209495200 M * Bertl you plan to run 1000+ guests?
1209495210 M * Bertl or a bunch of java apps :)
1209495226 M * daniel_hozac (a bunch meaning... 8 :))
1209495240 M * Bertl hehe, yeah, something along those lines ...
1209495245 M * marl LOL, nope just a realy heavly loaded mail server!
1209495290 M * marl wanting to assign 6 cores to one vsserver, one to another and keep one purly for the host, if that is posible
1209495300 M * Bertl sure
1209495336 M * marl where are the settings for assigning cores to guests?
1209495355 M * marl or is there a howto on the site that ive not found yet?
1209495369 M * Bertl cpusets are used for this, the config has entries
1209495376 M * marl ah thanks
1209495391 M * Bertl http://www.nongnu.org/util-vserver/doc/conf/configuration.html
1209495415 J * mire ~mire@129-175-222-85.adsl.verat.net
1209495526 M * marl thats great thanks
1209495532 M * Bertl you're welcome! 
1209495645 M * Bertl drivers/net/tun.c:444: warning: passing argument 3 of 'tun_put_user' discards qualifiers from pointer target type
1209495658 M * Bertl daniel_hozac: is that a mainline issue?
1209495773 M * daniel_hozac 2.6.25?
1209495780 M * Bertl yep
1209495792 M * daniel_hozac yeah, we don't touch that.
1209496112 M * tobifix_ marl, believe me, it's great
1209496113 M * tobifix_ :D
1209496146 M * Bertl Hollow: you are still using xfs, no?
1209496238 M * tobifix_ marl, i have it running on several systems... dual quads, opterons and xeons
1209496242 M * tobifix_ both performing very well
1209496404 M * marl ok thanks, will maybe have a try later
1209496460 M * tobifix_ the installation takes only a few minutes, the only problem is the configuration, thats sometimes a hard choice
1209496461 M * Hollow daniel_hozac: yes, there is a kernel trac ...
1209496467 M * marl if im only planning on running a few guests, would lowering the CONFIG_VSERVER_CONTEXTS value, help improve performance in any way?
1209496467 M * Hollow Bertl: yep, still using xfs
1209496495 M * Bertl don't you feel the urge to do some kernel hacking :)
1209496502 M * daniel_hozac Hollow: but does it work? ;)
1209496512 M * daniel_hozac Hollow: i get a 500 when i try to login.
1209496523 M * Hollow daniel_hozac: ok, i'll take a look
1209496535 M * Hollow Bertl: well ... :)
1209496543 M * daniel_hozac marl: it would free up some memory.
1209496591 M * marl am i write in thinnking that the contexts are just the number of guests? or does a guest use more than one context?
1209496603 M * Bertl actually it does
1209496626 M * micah http://bblank.thinkmo.de/blog/archive/2008/04/29/linux-vserver-replacement-without-patches
1209496633 M * Bertl a guest usually consists of several different contexts, e.g. process, network, filesystem ...
1209496633 M * micah ^^ waldi
1209496718 M * Bertl waldi: you know that PID spaces do not allow for init-less process grouping?
1209496728 M * marl Bertl, is that a yes to one context per guest?
1209496746 M * Bertl marl: nope, you have a bunch of 'contexts' per guest
1209496774 M * marl ah, is there a way of working out how meny contexts a guest would use?
1209496799 M * daniel_hozac waldi: fakeinit is supported by the PID namespaces.
1209496813 M * daniel_hozac (or... that's the plan)
1209496819 P * tanjix 
1209496831 M * Bertl marl: usually one of each kind, currently exposed contexts are the process context and the network context
1209496858 M * marl ok thanks
1209496939 M * Bertl waldi: you also want to add all the resource limits and the context tagging
1209496970 M * Bertl waldi: as well as the hard-cpu scheduler and the various virtualizations
1209496970 M * daniel_hozac (and the things context tagging implies, i.e. disk limits)
1209497038 M * Bertl but as I already pointed out, UML would be a good replacement, if performance is not an issue :)
1209497247 M * Hollow daniel_hozac: should work now
1209497296 J * doener ~doener@i577AF3C2.versanet.de
1209497371 M * waldi Bertl: yes
1209497401 Q * doener_ Ping timeout: 480 seconds
1209497405 M * daniel_hozac Hollow: great, thanks.
1209497801 M * waldi Bertl: context tagging? ressource limits are part of cgroups
1209497827 M * Bertl waldi: yeah, right, will be completed in 2.6.32 :)
1209497891 M * Bertl waldi: context tagging or just tagging makes the context information filesystem persistent
1209497918 M * Bertl it'S the basis for dlimits and cross context security
1209497923 M * waldi ah, filesystem. never used that
1209497950 M * daniel_hozac what _do_ you use Linux-VServer for?
1209497967 M * Bertl typical UML tasks :)
1209498117 J * Piet ~piet@tor.noreply.org
1209499129 P * waldi 
1209499488 J * xdr ~xdr@gote2.188.cust.blixtvik.net
1209499552 Q * kwowt Read error: Connection reset by peer
1209499742 Q * JonB Quit: This computer has gone to sleep
1209500019 M * geb <micah> http://bblank.thinkmo.de/blog/archive/2008/04/29/linux-vserver-replacement-without-patches
1209500022 M * geb is it serious ?
1209500150 M * micah geb, see backlog
1209500223 J * hparker ~hparker@linux.homershut.net
1209500425 M * ard ieniemienie:/mnt/nas/ard/src/kernel/mm/l-2.6.25-vs2.3.0.34.5# addr2line -e ./vmlinux c0342d29
1209500436 M * ard  /home/ard/nas/src/kernel/mm/l-2.6.25-vs2.3.0.34.5/include/linux/vserver/check.h:55
1209500485 M * Bertl hmm, I doubt it :)
1209500540 M * Bertl did you rebuild the kernel in the meantime?
1209500604 M * ard yes...
1209500608 M * ard and lilo
1209500617 M * ard weird...
1209500618 M * Bertl okay, please try to get a new trace then
1209500664 M * ard the other one is: /home/ard/nas/src/kernel/mm/l-2.6.25-vs2.3.0.34.5/net/ipv4/raw.c:936
1209500717 M * ard Query failure: Table 'pastebin' was not locked with LOCK TABLES
1209500719 M * ard :-(
1209500767 M * ard http://pastebin.ca/1002174
1209500853 M * ard http://pastebin.ca/1002177
1209500865 M * ard with the addr2line of the top 3
1209501132 M * Bertl okay, found it, thanks!
1209501147 M * ard wutwutwut?
1209501150 M * ard where?
1209501159 M * Bertl expect a patch shortly, you'll see
1209501360 M * Bertl http://vserver.13thfloor.at/Experimental/delta-getnext-fix01.diff
1209501383 M * Bertl ard: please let me know if this fixes all your issues
1209501392 Q * bonbons Quit: Leaving
1209501411 J * JonB ~NoSuchUse@77.75.164.169
1209501589 M * ard heheh...
1209501634 M * ard it's compiling...
1209501644 A * ard would have never found something like that
1209501733 Q * larsivi Ping timeout: 480 seconds
1209501849 M * ard it still hurts looking at it...
1209501859 A * ard has been a lazy admin for too long
1209501860 J * yarihm ~yarihm@84-75-103-252.dclient.hispeed.ch
1209501866 A * ard needs a good programming project
1209501881 M * geb hurd ?
1209501908 M * JonB ard: ask bertl
1209501928 M * JonB ard: or daniel_hozac 
1209502219 M * ard :-)
1209502224 M * ard I mean a paid version :-)
1209502237 A * ard was a DOS programmer once
1209502251 M * ard writing videodrivers
1209502262 M * Bertl ard: so you have to be blamed for all the crappy DOS versions?
1209502262 M * ard geographical information systems
1209502271 M * ard no :-)
1209502298 M * ard it was private library since we couldn't afford anything else
1209502312 A * ard had to redo memory management too
1209502323 M * ard "memory management"
1209502366 M * ard And then fix the dos installations at the clients sites, since their admins couldn't get more than 400k free memory out of dos...
1209502397 M * ard I never hated computers more then at that time, I was really thinking about going to work in a supermarket 8-D
1209502462 M * ard Then I switched bosses, which was much more easy than getting a job in a supermarket...
1209502744 Q * yarihm Quit: Leaving
1209502751 A * ard needed to powercycle :-(
1209502758 J * yarihm ~yarihm@vpn-global-dhcp3-083.ethz.ch
1209503076 M * micah how does one properly pass a mirror to the debootstrap process for a vserver build? for some reason I can't figure out which combination of dashes I need :)
1209503123 M * Bertl vserver etch32 build -m debootstrap --context 10104 --hostname etch32.debian.org --interface eth1:10.1.4.32/24 -- -d etch -m http://ftp.debian.org/debian -- --arch i386
1209503227 M * micah ah -m does it
1209503239 M * micah i was looking at the man page and it says:
1209503250 M * micah debootstrap [OPTION...]  SUITE TARGET [MIRROR [SCRIPT]]
1209503256 M * micah so I thought I could do it without -m
1209503256 M * Bertl vserver - build --help
1209503266 M * micah right yeah
1209503294 M * micah i even spent time reformatting the vserver-build man page :)
1209503299 J * Aiken ~james@ppp121-45-247-4.lns2.bne4.internode.on.net
1209503323 J * pisco ~pisco@tor.noreply.org
1209503365 M * ard weird...
1209503366 M * ard root      1481  0.0  0.0   1784   672 ?        Ss   22:58   0:00 /usr/sbin/inetd
1209503366 M * ard root      3129  0.7  0.3   9448  3236 ?        Ss   23:08   0:00  \_ sshd: root@pts/0 
1209503377 M * Bertl evening Aiken! welcome pisco!
1209503383 A * ard had to wait 10 minutes before inetd started listening on port 22
1209503392 M * Aiken greetings
1209503403 M * pisco hello folks, has anyone read this http://bblank.thinkmo.de/blog/archive/2008/04/29/linux-vserver-replacement-without-patches
1209503427 M * Bertl yeah, what shall I say ... 
1209503428 M * micah heh
1209503434 M * pisco ' ... vserver is currently asleep' tzz..
1209503436 M * micah pisco: you are the third person so far
1209503440 M * ard Bertl : http://paste.linux-vserver.org/12067
1209503457 M * pisco micah: sorry :|
1209503466 A * ard jumps around...
1209503521 M * ard I can understand that blog...
1209503563 M * ard since if you google for vserver you get pages pointing to 13thfloor...
1209503571 M * ard not to linux-vserver
1209503681 M * ard you will see http://www.13thfloor.at/vserver/project/, and nothing pointing to linux-vserver.org
1209503775 M * Bertl ard: haha funny, waldi is here on the IRC channel
1209503965 M * ard ok, only main redirects to linux-vserver
1209504010 Q * Piet Quit: Piet
1209504081 M * ard Bertl : /me still is learning who is who :-)
1209504111 M * ard waldi maintains that part? Since it does say: © 2003-2007 Herbert Pötzl
1209504112 M * ard :-)
1209504113 M * Wonka somehow i thought all that namespace stuff popping up in vanilla actually came from here...
1209504141 M * ard there is also openvz
1209504150 M * ard virtuozo
1209504173 M * ard and others are working on jail functionality too..
1209504182 M * Wonka hm. hm. last time i looked that one didn't really look like namespaces...
1209504208 M * Bertl ard: nah, waldi == Bastian Blank
1209504241 M * Wonka (and i still believe ovz is violating gpl - or do they providing all the sources to paying customers?)
1209504249 M * ard Bertl : :-)... that was a trolling blog?
1209504266 M * Bertl Wonka: OVZ probably not, but Virtuozzo(tm) definitely
1209504274 M * ard Wonka : I think the kernel part was open, not their management tools
1209504285 M * Wonka Bertl: ah, yes, that's what i meant :)
1209504301 M * ard but what they were trying to achieve was too big for me to believe in...
1209504314 M * Wonka ard: i thought there were parts in Virtuozzo that were not open...
1209504334 M * Bertl and that is still true, even for the kernel
1209504338 A * ard doesn't know ...
1209504359 M * Wonka gpl-violations.org, anyone?
1209504366 M * ard I searched, and found vserver to be the only one promising: lean and mean
1209504447 M * ard Wonka : there are a *lot* of gpl-violations that also need to be taken care of...
1209504460 M * ard toshiba hd-dvd's run linux
1209504463 M * ard eh
1209504465 M * ard players
1209504470 M * Wonka cooool. *want*
1209504477 M * Wonka with sources, of course.
1209504484 M * ard I haven't seen any release of code yet...
1209504503 M * ard http://www.speurders.nl/dagknaller
1209504507 M * ard 92.50 euro
1209504514 M * ard with dvd's :-)
1209504532 M * ard then there is the famous fritz!box
1209504545 M * ard major violator if I am correct
1209504632 J * derjohn_mob ~aj@p5B23E433.dip.t-dialin.net
1209504662 M * Bertl ard: keep doing free advertisements for those folks :)
1209504688 M * ard heheh :-)
1209504727 M * ard Wonka : dreambox 8000 ... it almost exists!
1209504748 M * ard at least they provide source... better yet, they are active developers, and you can join
1209504760 M * Wonka ard: AVM publishes sources
1209504761 M * ard except for a few kernel modules
1209504776 M * ard Wonka : but not for the fritz!box
1209504777 M * Wonka ard: they lost at court
1209504782 M * Wonka ard: they do
1209504784 M * ard when? where
1209504821 M * Wonka http://www.avm.de/de/Download/index.php3
1209504888 M * Wonka hrm
1209504889 M * Wonka "Der Source Code der als Open Source verbreiteten Dateien kann schriftlich 
1209504891 M * Wonka angefordert werden über fritzbox_info@avm.de. "
1209504896 A * ard searches the source code for the fritz!box wlan7170
1209504902 M * ard ah
1209504902 M * Wonka i think that qualifies as "written offer"...
1209504907 M * ard ok
1209504918 M * ard I will ask my colleageau..
1209504994 N * DoberMann[PullA] DoberMann[ZZZzzz]
1209505063 M * ard Hmmmm
1209505078 M * ard I can download the firmware, so I should also get the source
1209505096 M * ard it's worth looking at it before buying one :-)
1209505106 M * Bertl folks, Linux-VServer channel?
1209505126 A * ard has ISDN and 2 adsl connections at home, and 3 servers with vservers :-)
1209505152 M * JonB and a HUGE electric bill
1209505162 M * JonB (or your own nuclear powerplant)
1209505176 M * ard a little over 10MWh to be exact
1209505233 M * ard In holland we have no energy taxes above 10MWh, so I got about 200 euro of energy tax back 8-D
1209505373 M * mugwump Energy tax?  what's that?  ;)
1209505513 M * ard that's a "polution" tax, since I pay extra to get wind and solar power energy I get taxed extra because I am a poluter...
1209505529 M * ard But with vserver I hope I can try to cut some costs... :-)
1209505781 Q * yarihm Quit: Leaving
1209505794 J * yarihm ~yarihm@84-75-103-252.dclient.hispeed.ch
1209506159 Q * ktwilight Remote host closed the connection
1209506671 Q * pisco Ping timeout: 480 seconds
1209508891 M * Bertl okay, off to bed now .. have a good one everyone!
1209508917 N * Bertl Bertl_zZ
1209508984 J * ktwilight ~ktwilight@131.106-67-87.adsl-dyn.isp.belgacom.be
1209509486 J * emag_ ~Itoc5OI6@gurski.org
1209509493 Q * emag_ 
1209509742 M * nox BET is close to CEST atm :)
1209509753 M * nox BMT ^^
1209511049 Q * jla Quit: leaving
1209511187 Q * nkukard Ping timeout: 480 seconds
1209511667 Q * yarihm Quit: This computer has gone to sleep
1209511779 Q * JonB Ping timeout: 480 seconds
1209512604 Q * dowdle Remote host closed the connection