1215216281 Q * dna Quit: Verlassend 1215217068 Q * dowdle Remote host closed the connection 1215217533 J * doener_ ~doener@i577BA709.versanet.de 1215217636 Q * doener Ping timeout: 480 seconds 1215220568 Q * geb Ping timeout: 480 seconds 1215220738 J * geb ~geb@41.207.197.36 1215222079 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1215225640 Q * laptopnenolod- Ping timeout: 480 seconds 1215228047 Q * geb Quit: Quitte 1215228123 J * duckx ~Duck@81.57.39.234 1215233112 Q * marv_ Remote host closed the connection 1215233124 J * marv_ ~marv@modemcable139.74-82-70.mc.videotron.ca 1215233510 Q * marv_ Remote host closed the connection 1215235127 Q * _gh_ Ping timeout: 480 seconds 1215235737 J * _gh_ ~gerrit@c-67-169-199-103.hsd1.or.comcast.net 1215236084 J * marv_ ~marv@modemcable139.74-82-70.mc.videotron.ca 1215236101 J * ntrs ~ntrs@77.29.74.102 1215237670 Q * marv_ Remote host closed the connection 1215238927 J * meandtheshell ~sa@88-117-7-144.adsl.highway.telekom.at 1215238927 Q * meandtheshell Killed (resistance.oftc.net (Nick collision (new))) 1215238950 J * meandtheshell ~sa@88-117-7-144.adsl.highway.telekom.at 1215241543 J * marv_ ~marv@modemcable241.222-57-74.mc.videotron.ca 1215244383 Q * doener_ Quit: leaving 1215244402 J * doener ~doener@i577BA709.versanet.de 1215245626 J * joern42 ~jr@dyndsl-085-016-235-055.ewe-ip-backbone.de 1215245941 Q * joern421 Ping timeout: 480 seconds 1215246033 Q * marv_ Remote host closed the connection 1215246055 J * dna ~dna@251-224-dsl.kielnet.net 1215246435 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1215246751 A * nkukard looks for a beta recent vserver patch to try out 1215247438 J * marv_ ~marv@modemcable241.222-57-74.mc.videotron.ca 1215248469 J * friendly ~friendly@ppp59-167-134-156.lns3.mel6.internode.on.net 1215248643 P * joern42 1215248874 J * laptopnenolod ~nenolod@ip70-189-74-62.ok.ok.cox.net 1215249476 J * derjohn_mob aj@p57A6FF83.dip.t-dialin.net 1215250819 J * waldi ~waldi@bblank.thinkmo.de 1215250820 M * waldi hi 1215252376 J * ktwilight ~ktwilight@52.126-66-87.adsl-dyn.isp.belgacom.be 1215252646 Q * ktwilight_ Ping timeout: 480 seconds 1215252730 J * ema ~ema@rtfm.galliera.it 1215253099 Q * marv_ Remote host closed the connection 1215253212 J * marv_ ~marv@modemcable241.222-57-74.mc.videotron.ca 1215253566 Q * derjohn_mob Ping timeout: 480 seconds 1215254434 J * yarihm ~yarihm@50-48-239-77-pool.cable.fcom.ch 1215255881 J * marv__ ~marv@modemcable241.222-57-74.mc.videotron.ca 1215255965 Q * marv_ Quit: Leaving 1215256721 J * ntrs_ ~ntrs@77.29.71.59 1215256786 P * friendly 1215256985 N * marv__ marv_ 1215257090 Q * ntrs Ping timeout: 480 seconds 1215258591 J * z0d ~z0d@apn-89-223-128-199.vodafone.hu 1215258598 M * z0d hello 1215258973 Q * z0d Remote host closed the connection 1215259114 M * marv_ bye 1215259586 J * z0d ~z0d@apn-89-223-128-199.vodafone.hu 1215259594 M * z0d re 1215259613 M * marv_ hi 1215262301 Q * ema Quit: leaving 1215263850 N * Bertl_zZ Bertl 1215263858 M * Bertl morning folks! 1215263866 M * z0d re Bertl 1215264180 M * z0d Bertl: earlier you've said that one can bind mount e.g. /usr with mount option: read-only. How do you do it? Where's the content of /usr originally? I mean what do you bind mount? 1215264204 M * daniel_hozac /vservers//usr /usr ext3 ro,bind 0 0 1215264278 M * z0d daniel_hozac: thank you. I didn't know you can do it this way 1215264417 M * Bertl z0d: it's magic! :) 1215264632 M * z0d vserver is too good to be true (-: 1215264930 M * Bertl okay, off to get some groceries ... bbl 1215264938 N * Bertl Bertl_oO 1215266305 Q * ntrs_ Ping timeout: 480 seconds 1215267836 Q * meandtheshell Ping timeout: 480 seconds 1215268244 Q * yarihm Quit: This computer has gone to sleep 1215268792 J * Magus ~chatzilla@91.200.114.23 1215268934 M * Magus Hi, is somebody willing to help out? I have created a clean 64bit centos5 vserver on a host with 64bit vserver kernel running centos5, but the vserver wont start and does not display any errors. 1215268991 M * Magus the same host runs 32 bit vservers perfectly(but they were created from a template downloaded from the internet) 1215269126 M * daniel_hozac you have to use a really recent util-vserver to have support for CentOS 5.2. 1215269131 J * pmenier ~pmenier@ACaen-152-1-78-105.w83-115.abo.wanadoo.fr 1215269169 M * Magus kenel is :2.6.22.19-vs2.3.0.34.1 util-vserver:0.30.215-0.1.el5 1215269204 M * daniel_hozac you need 0.30.216-pre2722+ 1215269312 M * Magus thanks! 1215269397 M * z0d on some web sites I saw people create guests with prefixes /32. It that an error? 1215269424 M * daniel_hozac why would it be? 1215269438 M * z0d or it just means that that guest won't access anything on the network? 1215269460 M * daniel_hozac no, it still has access to everything. 1215269472 M * z0d I though you have to specify a netmask 1215269496 M * daniel_hozac it definitely makes the algorithm work better. 1215269507 M * daniel_hozac but if you have a simple setup, /32 is fine. 1215269515 M * z0d so what's the difference between e.g. /24 and /32? 1215269552 M * z0d am I right that /24 designates a subnet and /32 one IP? 1215269580 M * z0d s/one/one specific/ 1215269615 M * daniel_hozac yes. 1215269625 M * daniel_hozac (assuming IPv4, of course) 1215269632 M * z0d yup 1215269658 M * marv_ z0d, lookup CIDR Notation 1215269667 M * z0d but doesn't /32 mean that the guest can only access its own IP? 1215269670 M * marv_ thats what /32 /24 /16.... are 1215269681 M * daniel_hozac no. 1215269702 M * daniel_hozac it still uses the host's routing table, like always. 1215269721 M * daniel_hozac but really, there's no reason to use /32. 1215269732 M * daniel_hozac it's just a hack people to do so they don't have to worry about setting it up right. 1215269788 Q * pmenier Quit: Konversation terminated! 1215269812 M * z0d Aha. I see. thanks 1215270568 M * z0d does vserver still have the problem of hashifying files which have multiple hard links inside a guest? I've read about it in the FAQ 1215270602 J * meandtheshell ~sa@88-117-1-180.adsl.highway.telekom.at 1215270663 M * daniel_hozac the "problem" is that if you modify one, that's the only one that gets the modification. 1215270761 M * z0d can I do something to modify the links too? 1215270791 M * daniel_hozac exclude those files from hashification. 1215270871 M * the-fafa do i need vt or a similar capable cpu to run vserver? 1215270873 M * z0d basically, all hard links, right? 1215270885 M * z0d the-fafa: no 1215270945 M * daniel_hozac yep. 1215270959 M * z0d the-fafa: vserver doesn't virtualize the CPU 1215270977 M * z0d daniel_hozac: well, that's easy. thank you again 1215271197 M * the-fafa what os can i run as a guest with vserver? linux, bsd, solaris or windows? 1215271229 M * daniel_hozac it's _Linux_-VServer. 1215271251 M * z0d the-fafa: it's not a virtualization solution you think it is 1215271295 M * daniel_hozac it's not virtualization at all. 1215271302 M * daniel_hozac it's operating system-level isolation. 1215271326 M * daniel_hozac i.e. process A cannot see process B, as they're part of different contexts. 1215271335 M * daniel_hozac all running on the same kernel. 1215271340 M * z0d daniel_hozac: the disks are virtualized, e.g. vroot, but you're right 1215271368 M * daniel_hozac no, that's not virtualization 1215271372 M * daniel_hozac it's still using the real disk. 1215271376 M * daniel_hozac vroot is just a proxy. 1215271440 M * z0d sorry 1215271526 M * the-fafa how does this split context stuff look like in the real world? do i bootstrap a full linux installation to disk OR to a disk image or do i just split and restrict a set of services to its sandbox in another way? 1215271557 M * daniel_hozac sure. 1215271561 M * daniel_hozac i.e. either way works. 1215271588 M * daniel_hozac typically you'll have a complete distro though. 1215273898 A * arekm wonders how to change shmall in vserver without restarting it 1215273918 M * arekm and kernel.shmmax 1215273934 M * arekm change in the host doesn't change the guest value 1215274125 M * arekm I have CAP_SYS_RESOURCE set but still can't change 1215274511 M * daniel_hozac i don't need any capabilities to set it... 1215274797 N * Bertl_oO Bertl 1215274804 M * Bertl arekm: what kernel/patch? 1215274876 M * arekm 2.6.22.19, some vs2.3 one, can look exactly what the number was (anyway got a workaround - lowering number of postgresql connection so it doesn't want so much shm) 1215274925 M * Bertl how did you try to change it in the guest? 1215275374 M * arekm sysctl -w kernel.shmmax=val 1215275589 M * marv_ hi Bertl 1215275596 M * daniel_hozac it's probably complaining about O_TRUNC... 1215275615 M * marv_ Bertl, any luck with gfs2? 1215275687 M * Bertl marv_: well, the debian support is almost non existant 1215275701 M * marv_ Bertl, want an other OS on there? 1215275702 M * Bertl marv_: i.e. I ended up recompiling most of the tools 1215275733 M * Bertl some stuff works now, the devmapper locking is still broken 1215275786 M * marv_ Bertl, would you like to try it on an other distribution? 1215275821 M * Bertl not after compiling all the stuff (Ias I said last time, I wouldn't have chosen debian) 1215275875 M * marv_ well i was running low on bandwith for the month and wasn't willing to download an other distribution.. but the month has cycled 1215275902 M * marv_ atm i wouldnt mind downloading a dist and redo the install on the boxes 1215275933 M * Bertl if you volunteer to redo the entire gfs/dm setup too, I'm fine with that 1215275955 M * Bertl but I don't want to spend much more time on the part I'm definitely not interested in :) 1215275979 M * Bertl arekm: and you got what error message? 1215276020 M * marv_ well i never played with gfs yet.. 1215276176 M * z0d daniel_hozac: what does setting shmmax involve? truncating a file in /dev? 1215276363 M * arekm Bertl: error: "Operation not permitted" setting key "kernel.shmmax" 1215276923 M * z0d have to go. bye 1215276927 Q * z0d Remote host closed the connection 1215277074 M * daniel_hozac ah. 1215277077 M * daniel_hozac i see... 1215277151 M * daniel_hozac Bertl: fs/attr.c:inode_change_ok is triggered when guests write to /proc with O_TRUNC. 1215277161 M * daniel_hozac but, if you don't use O_TRUNC, it's fine. 1215277170 M * daniel_hozac somewhat... inconsistent. 1215277367 M * Bertl interesting ... 1215278496 J * ntrs_ ~ntrs@77.29.75.54 1215280875 J * balbir ~balbir@122.167.213.88 1215280902 J * the_fafa ~fafa@p5496E3DB.dip.t-dialin.net 1215281317 Q * the-fafa Ping timeout: 480 seconds 1215281517 Q * the_fafa Ping timeout: 480 seconds 1215284085 J * z0d ~z0d@4d6f4a01.adsl.enternet.hu 1215284096 M * z0d re 1215284498 M * Bertl wb 1215285063 M * z0d so, what happens when you set shmmax? what kind of truncation? 1215285273 J * Mojo1978 ~Mojo1978@ip-78-94-103-112.hsi.ish.de 1215286778 Q * FireEgl Ping timeout: 480 seconds 1215288532 J * the-fafa ~fafa@p5496FF0D.dip.t-dialin.net 1215288720 J * unenana ~unenana@ANantes-257-1-64-75.w90-25.abo.wanadoo.fr 1215288830 Q * unenana 1215289083 J * derjohn_mob ~aj@p5B23DABE.dip.t-dialin.net 1215290679 Q * the-fafa Quit: the-fafa 1215290797 M * Bertl okay, off for now ... 1215290801 N * Bertl Bertl_oO 1215290902 Q * ntrs_ Ping timeout: 480 seconds 1215291587 J * kaouete kkwet@crazydwarves.org 1215291595 M * kaouete hello, 1215291625 M * kaouete I am wondering why between 2.2.0.3 and 2.2.0.7 ipv6 as been disabled ? 1215291638 M * kaouete (I mean ipv6 on the host and not on the guest) 1215291794 M * kaouete (in fact I am using 2.2.0.5) 1215291826 Q * meandtheshell Quit: Leaving. 1215291863 M * daniel_hozac did you enable IPv6 in your kernel configuration? 1215291926 M * kaouete in fact, i explained my problem in the wrong way 1215291940 M * kaouete i am using debian kernels with vserver 1215291956 M * kaouete and I was using 2.6.22 and ipv6 was enabled 1215291981 M * kaouete and I upgraded to the current backported kernel 2.6.25 which is using (I think) 2.2.0.5 1215292001 M * daniel_hozac i seriously doubt that. 1215292013 M * kaouete and ipv6 is disabled, so i reported it as a bug, and they said to me that ipv6 was marked as disabled by default in the patch from vserver 1215292024 M * kaouete you seriously doubt what ? :) 1215292041 M * kaouete that ipv6 was enabled ? 1215292041 M * daniel_hozac there is no 2.2.0.5 patch for 2.6.25. 1215292048 M * kaouete ok 1215292055 M * daniel_hozac hell, there is no 2.2 patch for 2.6.25. 1215292060 M * kaouete ho ! 1215292076 M * kaouete interesting, I will verify all of this and come back 1215292085 M * daniel_hozac as for what Debian folks say, i have no idea what they're talking about. 1215292144 Q * Magus Read error: Connection reset by peer 1215292169 M * kaouete ok, the bug report I am talking too is :http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489387 1215292289 M * kaouete s/too/about/ 1215292359 M * kaouete is there a way to know easily what vserver version I am running ? 1215292390 M * daniel_hozac with vanilla kernels, uname -a shows it. 1215292394 M * daniel_hozac for Debian kernels, guess. 1215292406 M * fanto666 no 1215292420 M * fanto666 ... it doesn't work for debian kernels 1215292423 M * kaouete yes 1215292437 M * kaouete I can get the vs-api with vserver-info : 0x00020302 1215292475 M * daniel_hozac which means you have any of the 9 patches for 2.6.25. 1215292568 M * kaouete what 9 patches ? 1215292588 M * daniel_hozac 9 versions have been released that patch 2.6.25. 1215292600 M * kaouete oh, and where can i get information about them ? 1215292606 M * daniel_hozac http://vserver.13thfloor.at/Experimental/ 1215292610 M * kaouete ok 1215292620 M * daniel_hozac as for that bug, that's completely bogus. 1215292629 M * kaouete why ? 1215292644 M * daniel_hozac if a distro only used the defaults, their kernel would be completely unusable on the majority of hardware out there. 1215292673 M * daniel_hozac it's a distro's job to get the options right... 1215292680 M * kaouete ok 1215292968 M * kaouete daniel_hozac: and, do you know why is ipv6 is marked as disabled by default in 2.3.0.34 1215292971 M * kaouete ? 1215292997 M * daniel_hozac probably because we haven't enabled it since adding it. 1215293032 M * kaouete hmm, I am not sure to understand, ipv6 on the host side was not added, but was always here, no ? 1215293033 M * daniel_hozac also, because it's a boolean, it would make everyone have IPv6. 1215293056 M * kaouete ho, so maybe it means ipv6 is boolean on 2.6.25 . 1215293061 M * kaouete ok 1215293072 M * daniel_hozac of course. but we added support for IPv6 in guests in 2.3. 1215293078 M * kaouete yes 1215293126 M * kaouete hm, it looks like that the vanilla 2.6.25 kernel has ipv6 as a tristate and not a boolean 1215293139 M * daniel_hozac yes. 1215293141 M * daniel_hozac we change it. 1215293175 M * kaouete but I don't understand why 1215293186 M * kaouete why not let it as a module ? 1215293204 M * daniel_hozac because letting it be a module adds some serious complexity. 1215293220 M * daniel_hozac i believe bonbons was working on a patch for it. 1215293245 M * kaouete hhmmm, ok, I don't think debian will enable it, I am not sure how to handle this ... 1215293253 M * kaouete thanks for your answers 1215293258 J * sandra_f ~sandra_f@ANantes-257-1-64-75.w90-25.abo.wanadoo.fr 1215293272 M * kaouete I don't know who is bonbons but I hope he will solve this thing :) 1215293380 Q * sandra_f 1215294489 M * arekm what are these? vxW: [?ps?,4719:#100|100|100] did lookup hidden ffff81023d825840[#0,4] ?/dev/pts/2?. 1215294492 M * arekm vxW: [?ps?,4719:#100|100|100] did lookup hidden ffff81023d825840[#0,4] ?/dev/pts/2?. 1215294499 M * z0d how do you remount /usr as rw in a guest? can you do it without adding capabilities? 1215294623 M * MooingLemur *from* the guest? I don't think you can do that without capabilities 1215294715 M * daniel_hozac arekm: the guest with xid/nid/tag 100 tried to look up /dev/pts/2, which belongs to the host. 1215294728 M * daniel_hozac z0d: you need at least secure_remount. 1215294848 M * z0d daniel_hozac: what dangers does it have? 'only' that an attacker can use it too? 1215294897 M * daniel_hozac yes. 1215294907 M * arekm 740 of these, well 1215294951 M * z0d daniel_hozac: thanks 1215295335 J * dna_ ~dna@251-224-dsl.kielnet.net 1215295474 Q * bonbons Quit: Leaving 1215295718 Q * dna Ping timeout: 480 seconds 1215296979 Q * dna_ Quit: Verlassend 1215297087 J * FireEgl ~FireEgl@adsl-147-90-4.bhm.bellsouth.net 1215297592 M * z0d bye 1215297594 Q * z0d Remote host closed the connection 1215298190 J * Aiken ~james@ppp118-208-119-17.lns4.bne4.internode.on.net 1215299158 J * the-fafa ~fafa@p5496D880.dip.t-dialin.net 1215299413 Q * derjohn_mob Remote host closed the connection 1215300424 Q * Mojo1978 Read error: Connection reset by peer