1219882044 Q * dowdle Remote host closed the connection 1219883546 Q * pisco Remote host closed the connection 1219884868 T * * http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.34, grsec 2.2.0.7|util-vserver-0.30.215|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute. 1219884868 T * ChanServ - 1219886966 J * derjohn_foo ~aj@f051173029.adsl.alicedsl.de 1219887093 J * ntrs__ ~ntrs@77.29.72.214 1219887407 Q * derjohn_mob Ping timeout: 480 seconds 1219887581 Q * ntrs__ Ping timeout: 480 seconds 1219891147 N * Bertl_zZ Bertl 1219891152 M * Bertl morning folks! 1219891264 M * hparker morning Bertl 1219891281 A * hparker still fights the debian install :P 1219891296 M * Bertl ah, how so? 1219891523 M * hparker http://paste.linux-vserver.org/12405 1219891557 M * hparker not very informative :P 1219891615 M * Bertl you are missing a ':' 1219891621 M * hparker where? 1219891625 M * Bertl --interface eth0 10.0.0.111 1219891627 M * Bertl should be 1219891632 M * Bertl --interface eth0:10.0.0.111/24 1219891651 M * hparker shit! 1219891789 M * hparker Ok, both etch and lenny result in: chroot-sh: open("/etc/apt/sources.list"): No such file or directory 1219891789 M * hparker Gentoo host 1219891818 M * Bertl what util-vserver version? 1219891850 M * hparker .215 1219891930 M * Bertl could you upload 'vserver-info - SYSINFO' please? 1219892000 M * hparker http://rafb.net/p/ncoCel85.html 1219892029 M * hparker Sorry, that's what wgetpaste defaults to and my trackpad is iffy at best 1219892105 M * Bertl just for the fun of doing it, use a shorter guest name 1219892115 M * Bertl (e.g. freeside) 1219892201 M * hparker secure-mount: chdir("/tmp"): No such file or directory 1219892201 M * hparker /etc/vservers/freeside/fstab:2:1: failed to mount fstab-entry 1219892201 M * hparker vcontext: execvp("bash"): No such file or directory 1219892239 M * Bertl that is what you get on a build? 1219892265 M * hparker yup 1219892288 M * Bertl looks more like a 'vserver enter' or so to me 1219892311 M * Bertl okay, let's try the following: 1219892385 M * Bertl vserver test01 build -m debootstrap --context 4242 --hostname freeside.pcsrvc.com --interface eth0:10.0.0.111/24 -- -d lenny -m --arch amd64 1219892395 M * Bertl (add the url) 1219892441 M * hparker what's a good debian url? I'm debiantarded 1219892455 M * Bertl you are asking me? 1219892470 M * hparker yeah ;) 1219892500 M * Bertl http://linux-vserver.org/Building_Guest_Systems 1219892511 M * hparker I have no clue on debian.. Well, on any distro other than gentoo 1219892519 M * Bertl http://ftp.de.debian.org/debian 1219892532 A * hparker plugs that in 1219892547 M * Bertl probably want to replace the 'de' part with your local mirror 1219892554 M * hparker /usr/lib64/util-vserver/vserver-build: unrecognized option `--arch' 1219892600 M * Bertl should be -- --arch amd64 1219892612 M * Bertl forgot the double dash 1219892698 M * hparker Looks promising 1219892718 M * Bertl that is probably your main problem, debian doesn't know x86_64 1219892722 M * hparker taking way longer 1219892730 M * Bertl but I think the tools should report that at some point 1219892740 M * hparker ahh 1219892744 M * hparker thanks! 1219892759 M * hparker It's retrieving lots of things 1219892795 M * Bertl there are lots of things in debian :) 1219892816 M * hparker heh 1219892841 M * hparker Just need it for this one app as it was a real pita to get going in gentoo 1219892871 M * hparker #freeside on this server... ISP billing app 1219892871 M * Bertl if that works out fine (theinstall) try again with your original options plus the arch stuff 1219892878 M * hparker k 1219892918 M * Bertl you might need to remove the left-overs from previous installations with 'vserver delete' 1219892919 M * hparker It's still grabbing things so I'm guessing it's ok 1219892926 M * hparker yeah 1219892971 M * hparker Bertl: you're in the UK? 1219893023 M * hparker And, it looks like it installed fine 1219893129 M * Bertl ad UK, no, why do you think so? 1219893156 M * hparker Uhm... I'm uninformed :P 1219893213 M * Bertl hehe, nah, I'm in Austria 1219893226 M * hparker Ahh 1219893313 M * hparker Bertl: Wanna trade postcards with my 5th grader? :P 1219893744 M * Bertl I just had to read up what 'trade postcards' actually means ... never had any relation to postcards, sorry ... 1219893780 M * hparker ahh 1219893933 A * hparker isn't sure how one gets related to postcards 1219894171 M * Bertl well, probably if the collection grows beyond your living space, you need to .... :) 1219894180 M * hparker hehe 1219895879 N * morrigan_zZ morrigan 1219896008 Q * androsch Ping timeout: 480 seconds 1219897567 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1219898482 Q * balbir Ping timeout: 480 seconds 1219901794 J * balbir ~balbir@59.145.136.1 1219903128 Q * pisco Remote host closed the connection 1219903201 J * pisco ~pisco@tor.noreply.org 1219903284 J * ntrs ~ntrs@77.29.65.79 1219903688 Q * derjohn_foo Ping timeout: 480 seconds 1219904297 J * derjohn_foo ~aj@139.12.1.252 1219904790 Q * larsivi Quit: Konversation terminated! 1219904864 J * duckx ~Duck@81.57.39.234 1219905609 Q * ntrs Quit: Leaving 1219906731 Q * balbir Ping timeout: 480 seconds 1219907350 Q * duckx Remote host closed the connection 1219907970 J * Zigara ~LSD@CPE00179a51d1ee-CM0018c0d8b4d0.cpe.net.cable.rogers.com 1219907974 M * Zigara hello. 1219907979 J * balbir ~balbir@59.145.136.1 1219908026 M * Bertl hey Zigara! 1219908032 M * Zigara hi :] 1219908046 M * Zigara Anyone familure with making centos vservers? 1219908083 M * Bertl well, should work out of the box (with recent util-vserver) 1219908097 M * Zigara root@web1 [~]# vyum hydro -- install yum 1219908097 M * Zigara Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=5&arch=i386&repo=os error was 1219908097 M * Zigara [Errno 4] IOError: 1219908121 M * Zigara i can ping that host (mirrorlist.centos.org) from inside and outside of the vserver 1219908144 M * Bertl you sure about that? 1219908166 M * Zigara bash-3.2# ping mirrorlist.centos.org 1219908166 M * Zigara PING mirrorlist.centos.org (72.21.40.11) 56(84) bytes of data. 1219908166 M * Zigara 64 bytes from ns1.centos.org (72.21.40.11): icmp_seq=1 ttl=55 time=2.04 ms 1219908186 M * Bertl anyway, please upload the output of 'vserver-info - SYSINFO' to paste.linux-vserver.org 1219908198 M * Zigara ok moment 1219908234 M * Zigara http://paste.linux-vserver.org/12406 1219908303 J * larsivi ~larsivi@85.221.53.194 1219908309 M * Bertl looks good, the ping above was from _inside_ the guest? 1219908316 M * Zigara yes 1219908331 M * Zigara hmm 1219908335 M * Zigara i think i see the issue 1219908350 M * Zigara i think there was a bit of a dns issue, its pinging to a new ip now 1219908386 M * Bertl okay, then maybe try again 1219908406 M * Zigara hmm, still just sitting there, it should error out in a second 1219908446 M * Zigara blag ;[ 1219908541 M * Zigara this is very odd :P 1219908555 M * Zigara i can open that URL in links and it displays fine 1219908565 M * Bertl inside the guest, yes? 1219908578 M * Zigara the guest doesnt have links so 1219908580 N * DoberMann[ZZZzzz] DoberMann 1219908585 M * Zigara doesnt have much of anything 1219908597 M * Bertl well, the host uses different IP and different name resolver 1219908604 M * Zigara true 1219908608 M * Bertl so that doesn't really count :) 1219908641 M * Zigara i can ping the host from the guest though, so im guessing its fine 1219908672 M * Bertl how's that related? 1219908682 M * Bertl (unless your host is mirrorlist.centos.org :) 1219908696 M * Zigara well im not sure if it does the lookup on the guest or host :P 1219908719 M * Bertl well, you can trust me on that, the yum stuff happens in the guest context and uses guest networking 1219908727 M * Zigara ok 1219908734 M * Zigara hmm 1219908739 M * Bertl so you want to make sure that the guest _can_ resolve and reach that host 1219908750 M * Bertl the first step is to ping the ip from the guest 1219908754 M * daniel_hozac well, it's probably using the host's /etc/resolv.conf. 1219908772 M * Zigara bash-3.2# cat /etc/resolv.conf 1219908772 M * Zigara nameserver 4.2.2.2 1219908772 M * Zigara nameserver 4.2.2.1 1219908859 M * Zigara it seems to be resolving fine 1219908892 M * Bertl try 'ping 72.21.40.11' inside the guest 1219908905 M * daniel_hozac does the host use the same nameservers? 1219908909 M * Zigara 64 bytes from 72.21.40.11: icmp_seq=2 ttl=55 time=2.02 ms 1219908917 M * Zigara the host uses special nameservers thats local to the host only 1219909015 M * Bertl and the guest IP is not allowed to use them? 1219909024 M * Zigara ill try 1219909045 M * Zigara nope. 1219909065 M * Bertl then that's probably the cause, as daniel_hozac pointed out that vyum uses the host resolver 1219909089 M * Bertl you might want to S/DNAT those requests (at least temporarily) 1219909089 M * Zigara oh.. 1219909092 M * Zigara CLEVER! 1219909168 M * Zigara thanks guys, please excuse my dumbness, lack of sleep makes me insane. 1219909189 M * Bertl you're welcome! and a I couldn't detect any 'dumbness' 1219909201 M * Bertl feel free to hang around! 1219909204 M * Zigara i shall ;] 1219910277 J * dna ~dna@p54BCE48E.dip.t-dialin.net 1219910336 J * tramjoe_merin ~tramjoe@193.41.238.151 1219910458 M * Zigara hmm 1219910467 M * Zigara is there a way to change the hostname of a vserver after its created? 1219910472 M * Zigara without causing any issues 1219910680 M * daniel_hozac sure, just edit /etc/vservers//uts/nodename 1219910694 M * Zigara oh nice, thanks! 1219910840 Q * opuk Ping timeout: 480 seconds 1219911684 M * Zigara hrmm.. 1219911692 M * Zigara Aug 28 04:19:39 hydro passwd: pam_unix(passwd:chauthtok): user "root" does not have modifiable password 1219911864 M * Bertl seems to be a pam check 1219911959 M * Zigara hm 1219912389 J * HellDragon ~jd@modemcable234.136-203-24.mc.videotron.ca 1219912785 M * Bertl welcome HellDragon! 1219912945 M * daniel_hozac pwconv first. 1219913792 J * yang yang@yang.netrep.oftc.net 1219914066 Q * pisco Remote host closed the connection 1219914123 J * pisco ~pisco@tor.noreply.org 1219914209 M * Bertl okay, off for now ... bbl 1219914216 N * Bertl Bertl_oO 1219914856 M * karasz if i set some kernel memory parameters on the host would they be propagated to the guests ( like kernel.shmmax and kernel.shmall ) ? 1219914901 M * daniel_hozac not with kernels >2.6.18. 1219914930 M * karasz that means that i have to set some capabilities and then tickle the variables on the guest? 1219914965 M * daniel_hozac or just set them using /etc/vservers//sysctl. 1219914989 M * karasz so i need to worry only on the guest, right? i can leave defaults on the host.... 1219915013 M * daniel_hozac yep. 1219915019 M * karasz thx daniel_hozac 1219915519 M * yang daniel_hozac: does your IPv6 patch works in 0.30.215-4 (debian) ? 1219915530 M * yang not patch but, is it allready in the package? 1219915596 M * daniel_hozac 0.30.214 added support for 2.3-style IPv6, 0.30.212 added support for bonbons' patch style IPv6. 1219915617 M * daniel_hozac so, yes. 1219915622 M * yang ok thanks 1219916171 N * Bertl_oO Bertl 1219916228 M * Bertl back now .. 1219916762 Q * infowolfe Ping timeout: 480 seconds 1219918175 M * karasz daniel_hozac: 2.6.22.19-vs2.2.0.7, i made teh /etc/vservers/guest/sysctl but it seems ignored 1219918183 M * karasz shouldn't it be sysctl.conf? 1219918219 M * karasz ofcourse i restarted the guest after changing the sysctl. 1219918292 M * Bertl what util-vserver version? 1219918374 M * karasz util-vserver 0.30.215 1219918422 M * Bertl what was the entry you made? 1219918469 M * karasz http://rafb.net/p/p7Ezg099.html 1219918486 M * Bertl ah, that's wrong 1219918490 M * Bertl http://www.nongnu.org/util-vserver/doc/conf/configuration.html 1219918499 M * karasz ok, i will look into that, thx 1219918500 M * Bertl you need to do that like with the interfaces 1219918528 M * Bertl i.e. make a dir, add a setting file with the name, and a value file with the value 1219918575 M * karasz cat guest/sysctl/kernel/shmmax => value? 1219918608 M * Bertl in your case you want to do something like: 1219918629 M * Bertl mkdir /etc/vservers/guest/sysctl/shm0 1219918644 M * Bertl echo kernel.shmmax >/etc/vservers/guest/sysctl/shm0/setting 1219918656 M * Bertl echo 12884901888 >/etc/vservers/guest/sysctl/shm0/value 1219918667 M * Bertl and similar for the other one with e.g. shm1 1219918709 M * karasz i see 1219918711 M * Bertl note that this value looks quite high to me 1219918717 M * karasz i know 1219918725 M * Bertl unless you are on a 64cpu machine with 2TB memory 1219918732 M * karasz it is a 32G server only 1 guest only postgres 1219918753 M * karasz cpus are 64 bit opterons 1219918767 M * Bertl okay, so be it :) 1219918784 M * karasz i computed that value to be 12G, if i didn't messed up the calculus. 1219918835 M * Bertl yep, that should be 12G 1219919132 M * yang hi Bertl 1219919136 M * Bertl hey 1219919543 J * yarihm ~yarihm@whitehead2.nine.ch 1219921679 Q * doener Read error: Connection reset by peer 1219921951 J * doener ~doener@i577BAA0A.versanet.de 1219922748 J * loddafni1 ~mike@193.170.138.233 1219923084 J * jsambrook ~jsambrook@aelfric.plus.com 1219923328 P * jsambrook 1219923493 Q * Aiken Quit: Leaving 1219924010 Q * danman Ping timeout: 480 seconds 1219927005 M * Zigara is it possible to run a debian guest ontop of a centos host? 1219927015 M * Bertl sure 1219927029 M * Zigara any clues on what steps I should take on doing so? 1219927052 M * Bertl http://linux-vserver.org/Building_Guest_Systems 1219927066 M * Bertl (second paragraph) 1219927087 M * Zigara would I still use debootstrap? 1219927101 M * Bertl yep, for debian guests, you use debootstrap 1219927107 M * Zigara ah okay :] 1219927118 M * Zigara do I have to install anything to the centos machine? 1219927130 M * Bertl util-vserver 1219927136 M * Zigara ah, already got that ;] 1219927143 M * Zigara just thought it might need some odd things for debian 1219927157 M * Bertl nah, even the debootstrap is downloaded 1219927160 M * Zigara great. 1219927250 J * fb fback@red.fback.net 1219927276 M * fb hello :-) 1219927281 M * Bertl hey fb! 1219927342 M * fb oh, Bertl, you're not sleeping :) 1219927352 M * Bertl not at the moment :) 1219927424 M * fb Bertl: i'm going to go behind 2.2.0.7 -- which version do you suggest? 2.3 drom devel, or experimental with (newer) kernel? 1219927454 M * Bertl depends on what you are up to ... 1219927488 M * Zigara one last thing.. if i apt-get upgrade on a debian guest (on the centos host) would it explode? 1219927490 M * Bertl if you want 2.6.25+, then experimental, otherwise devel for 2.6.22 1219927509 M * Bertl Zigara: nope, why should it? 1219927513 M * Zigara not sure :P 1219927518 M * Zigara you guys are so helpful, its wonderful 1219927598 M * fb Bertl: i may want to switch to 2.6.25+, but not yet, for now 2.6.22 is enough. 1219927611 M * Bertl okay, then go for it! :) 1219927625 M * fb Bertl: and stability od 2.3 and experimental? they're very different? 1219927640 M * Bertl should be roughly the same 1219927646 M * Zigara hmm 1219927654 M * Zigara anyone know how to regen locale? 1219927672 M * Zigara perl is angry :[ 1219927698 M * Bertl just unset your host locale 1219927712 M * Bertl something like: export LC_ALL=C LOCALE=C 1219927719 M * Zigara ok :] 1219927740 M * fb Zigara: regen? dpkg-reconfigure -plow locale with debian 1219927745 M * Zigara ah 1219927746 M * Zigara thanks. 1219927830 M * fb (locales, not locale) 1219927873 M * Zigara ah it wasent even installed :P 1219927886 M * Bertl yep, default is minimal 1219928543 J * DavidS1 ~DavidS@vpn.uni-ak.ac.at 1219928551 M * DavidS1 Hi Bertl! 1219928560 M * Bertl hey DavidS1! 1219928566 N * DavidS1 DavidS 1219928582 M * DavidS god i hate this vpn-interactions 1219928617 M * DavidS i tried to find the broken behavior from our last conversation in a kvm guest using a 64bit userspace and was not able to reproduce that 1219928659 M * Bertl interesting ... 1219928666 M * DavidS should i try again with 32bit userspace? 1219928717 M * Bertl maybe, any way to recreate it would be interesting 1219928721 M * DavidS I'm reluctant to try that on my host because it seems that this is correlated to my recent instablity: i disabled cron.daily on the host and the machine didn'T crash again 1219928766 M * daniel_hozac this is the __d_lookup oops? 1219928771 M * DavidS daniel_hozac: yeah 1219928803 M * daniel_hozac so you copied the filesystem to a kvm guest, but that worked fine? 1219928805 M * DavidS http://paste.linux-vserver.org/12389 for reference 1219928820 M * DavidS daniel_hozac: i just do kvm -hda /dev/broken_fs 1219928863 M * daniel_hozac that won't really work. 1219928880 M * daniel_hozac well, i suppose you could mount /dev/hda directly. 1219928898 M * daniel_hozac and you're booting using -kernel/-initrd/-append, i guess? 1219928909 M * DavidS actually i did kvm -hda lenny-test,img -hdb /dev/system/broken -cdrom debian-installer.iso which bootet and installed fine and i could mount /dev/hdb /mnt 1219928942 M * daniel_hozac okay. 1219928960 M * daniel_hozac while it wasn't mounted on the host, right? 1219928965 M * DavidS exactly 1219929196 J * dna_ ~dna@p54BCE48E.dip.t-dialin.net 1219929251 M * Zigara hey, could someone give me a quick example on how to limit a vserver to 256mb ram? i know its the vlimit command, but im not 100% sure how it works. 1219929289 M * pmjdebruijn Zigara: vlimit -c 2343 -rss 262422 1219929293 M * pmjdebruijn for 1GB limit 1219929296 M * pmjdebruijn I think 1219929297 M * Bertl http://linux-vserver.org/Resource_Limits 1219929302 M * pmjdebruijn Zigara: rss is what you want (probably) 1219929303 M * Zigara but how do you calculate that 1219929306 M * Bertl http://linux-vserver.org/Memory_Limits 1219929310 M * Zigara okay 1219929312 M * pmjdebruijn Zigara: it's in 4k pages on most architectures 1219929314 M * Zigara thanks. 1219929408 M * Zigara this hurts my brain :] 1219929507 Q * dna Ping timeout: 480 seconds 1219929559 Q * balbir Remote host closed the connection 1219929564 M * Zigara i THINK i got it, not sure 1219929587 M * DavidS Zigara: "free" within the guest should show you whether you got it right ;-) 1219929650 M * daniel_hozac (if you have virt_mem enabled) 1219929880 M * Zigara hehe i almost have it perfect ;] 1219930011 M * Zigara perfect ;] 1219930674 J * mrfree ~mrfree@host11-19-dynamic.9-79-r.retail.telecomitalia.it 1219930906 Q * dna_ Read error: Connection reset by peer 1219930931 J * dna_ ~dna@p54BCE48E.dip.t-dialin.net 1219930945 Q * loddafni1 Ping timeout: 480 seconds 1219931257 M * Bertl nap attack ... off for now .. bbl 1219931263 N * Bertl Bertl_zZ 1219931590 Q * larsivi Quit: Konversation terminated! 1219931715 J * dna ~dna@p54BCE48E.dip.t-dialin.net 1219931739 J * loddafnir ~mike@193.170.138.233 1219931997 Q * dna_ Ping timeout: 480 seconds 1219932007 Q * __gh__ Ping timeout: 480 seconds 1219932123 Q * _gh_ Ping timeout: 480 seconds 1219933725 Q * mrfree Quit: Leaving 1219935504 M * DavidS Bertl_zZ: strange i couldn't repro it in the 32bit user space kvm guest either. neither with one nor two cpus 1219935529 M * DavidS I'll be near the server on the weekend, so maybe i dare to make further testing on the host 1219935823 J * cryptronic ~oli@p54A3B9BB.dip0.t-ipconnect.de 1219935871 J * blizz ~stephan@evilhackerdu.de 1219935876 M * blizz hiho 1219935910 Q * tramjoe_merin Remote host closed the connection 1219936289 M * blizz i'm having fun with a lenny host system for debian vservers 1219936311 M * blizz i just found out that 0.30.216~r2772-1 is not in the lenny packages yet, but it's required to run vservers 1219936318 M * blizz http://groups.google.com/group/linux.debian.kernel/browse_thread/thread/11e4fcd559150980/f8acc7700787b0fb?lnk=raot&fwc=1 1219936322 M * DavidS blizz: don't we all? get it from sid 1219936392 M * blizz will that work without any dependency complications? 1219936557 M * blizz seems so.. 1219936634 M * DavidS micah: are you aware of "Unblock request by luk ignored due to version mismatch: 0.30.216~r2772-2"? 1219936657 M * DavidS blizz: i would presume so, since lenny's frozen 1219936931 M * micah DavidS: no, where is that? 1219936949 M * DavidS packages.qa.debian.org/util-vserver 1219937282 J * opuk ~kupo@alla.beundrar.kupo.se 1219937555 M * micah DavidS: yeah, that is correct, because I uploaded -2 yesterday, and packages.qa hasn't updated 1219937580 M * DavidS micah: is the hint already updated? 1219937599 M * DavidS (which is what i believe the pts is complaining about, an old hint) 1219937774 M * micah DavidS: no, -2 is the new package, it has a new hint 1219937787 M * DavidS ah, ok :-) 1219937841 M * blizz DavidS: thx for your hint about simply using the sid pkg, works fine :P 1219937867 M * DavidS blizz: it'll be a lenny package RSN ;-) 1219938176 Q * besonen_mobile_ Ping timeout: 480 seconds 1219938292 Q * derjohn_foo Ping timeout: 480 seconds 1219940277 Q * nenolod Quit: MORE CFLAGS ALWAYS FIXES GENTOO DURR HURR 1219940379 J * nenolod ~nenolod@ip70-189-74-62.ok.ok.cox.net 1219940393 Q * nenolod 1219940407 J * larsivi ~larsivi@169.80-202-217.nextgentel.com 1219940414 J * nenolod ~nenolod@ip70-189-74-62.ok.ok.cox.net 1219940589 Q * DavidS Quit: Leaving. 1219941525 Q * yarihm Quit: Leaving 1219942419 J * dowdle ~dowdle@scott.coe.montana.edu 1219942623 Q * dna Quit: Verlassend 1219942789 Q * pmenier Quit: Konversation terminated! 1219942901 N * DoberMann DoberMann[PullA] 1219943202 Q * pisco Remote host closed the connection 1219943560 J * pisco ~pisco@tor.noreply.org 1219943665 J * duckx ~Duck@81.57.39.234 1219944209 Q * pisco Remote host closed the connection 1219945551 J * pisco ~pisco@tor.noreply.org 1219945836 J * hparker ~hparker@linux.homershut.net 1219945958 Q * sid3windr Ping timeout: 480 seconds 1219946118 J * sid3windr luser@bastard-operator.from-hell.be 1219946500 Q * wenchien Ping timeout: 480 seconds 1219947022 Q * snooze Ping timeout: 480 seconds 1219947191 Q * DoberMann[PullA] Remote host closed the connection 1219948301 J * rooijan ~rrosso@cuba.sonosite.com 1219948459 M * rooijan quick question for everyone. While ago the mailing list had some exciting news that Ubuntu will ship with vserver patch in kernels again. Any truth to this? 1219948469 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1219948530 M * pmjdebruijn no clue 1219948562 M * pmjdebruijn not for hardy anyway 1219948566 M * pmjdebruijn maybe for intrepid 1219948589 M * rooijan most of you guys using debian for hosts still? 1219948598 M * pmjdebruijn we are 1219948604 M * pmjdebruijn but not using the debian kernel 1219948634 M * rooijan custom? 1219948638 M * pmjdebruijn of course 1219948648 M * rooijan haha versions for production? 1219948675 A * hparker uses gentoo for host and most guests 1219948676 M * pmjdebruijn 2.6.22.19 1219948682 M * pmjdebruijn the latest stable vserver patch 1219948728 M * rooijan thanks. I have limited support in my environment except for myself so I stick with out of the box debian and debian kernel. 1219948741 M * rooijan anyone running ubuntu 8.04.1 guests 1219948777 M * pmjdebruijn "limited support" 1219948791 M * pmjdebruijn rooijan: stock Debian kernel is awful, so any use whatsoever 1219948923 M * rooijan good feedback. Environment very stable over here for many years but I will look into more custom. I run a couple custom today on ubuntu 7.04. But need to keep to KISS here since no depth on linux 1219948944 M * pmjdebruijn Ubuntu generally has better kernels 1219948990 J * ntrs ~ntrs@77.29.75.32 1219949426 P * ntrs Leaving 1219949453 J * genguy2 ~ntrs@77.29.75.32 1219949477 M * genguy2 I am having a problem starting a guest: 1219949487 M * genguy2 # vserver guest start 1219949487 M * genguy2 vcontext: execvp("/etc/rc.d/rc"): No such file or directory 1219949487 M * genguy2 An error occured while executing the vserver startup sequence; when 1219949487 M * genguy2 there are no other messages, it is very likely that the init-script 1219949488 M * genguy2 (/etc/rc.d/rc 3) failed. 1219949499 M * genguy2 however the /etc/rc.d/rc file does exist in the guest. 1219949794 M * daniel_hozac are you mounting the filesystem with -o tag? 1219949829 M * genguy2 The filesystem for /vservers? 1219949850 M * daniel_hozac if that's where the guest lives, yes. 1219949868 M * genguy2 Actually /vservers is part of / 1219949872 M * genguy2 LABEL=/ / ext3 defaults 1 1 1219949885 M * genguy2 it is mounted with no options 1219949918 M * daniel_hozac how did you build the guest? 1219949952 M * genguy2 just copied from a template. This guest worked for a few years and was recently restarted without a problem. It is just now that it is showing this behavior. 1219949966 M * genguy2 It is an old guest. 1219950055 M * daniel_hozac and what changed? 1219950106 M * genguy2 Nothing that I know of. 1219950447 M * daniel_hozac try chrooting in to the guest. 1219950522 M * genguy2 the guest is not running 1219950562 M * daniel_hozac you can still run chroot /vservers/. 1219950581 M * genguy2 ]# chroot /vservers/guest/ 1219950581 M * genguy2 chroot: cannot run command `/bin/bash': No such file or directory 1219950590 M * genguy2 but the /bin/bash file does exist 1219950606 M * daniel_hozac but one of the libraries it depends on does not, i assume. 1219950635 M * daniel_hozac ldd it, make sure they all exist in the guest. 1219950687 M * genguy2 hah, /lib is empty 1219951269 P * genguy2 Leaving 1219951548 J * ViRUS ~mp@p579B407C.dip.t-dialin.net 1219951727 A * dustybin uses debian lenny to host the guests 1219951786 M * dustybin anybody got any tips / ideas on how i can entertain my guests? 1219952059 J * malveo ~malveo@79.143.115.144 1219952453 Q * pisco Ping timeout: 480 seconds 1219952627 J * yarihm ~yarihm@guest-docking-nat-1-006.ethz.ch 1219952853 J * pisco_ ~pisco@tor.noreply.org 1219953807 M * ktwilight_ am gettin' an internal error when compiling util-vserver http://rafb.net/p/hKl0f037.html any ideas? :/ 1219954871 M * ktwilight_ nm, i did hte apt-get way 1219954875 M * ktwilight_ don't kill me! *hides* 1219954887 M * ktwilight_ it's from backports, so it _should_ be better. 1219954895 M * ktwilight_ than official rep. 1219954964 N * Bertl_zZ Bertl_oO 1219955083 Q * yarihm Quit: Leaving 1219955351 Q * malveo Quit: malveo 1219955354 J * malveo ~malveo@79.143.115.144 1219955847 Q * malveo Quit: malveo 1219956495 J * DoberMann ~james@cap31-6-88-180-72-76.fbx.proxad.net 1219956721 Q * DoberMann 1219956739 J * DoberMann ~james@cap31-6-88-180-72-76.fbx.proxad.net 1219956953 J * docelic ~docelic@78.134.200.82 1219957010 Q * docelic Remote host closed the connection 1219957147 J * ViRUS_ ~mp@p579B5D94.dip.t-dialin.net 1219957238 N * Bertl_oO Bertl 1219957242 M * Bertl back now ... 1219957335 M * Bertl ktwilight_: you neither have the nss libs nor the beecrypt libs available (for building) but why that causes an internal error is a good question maybe daniel_hozac can answer 1219957382 M * Bertl dustybin: xine? 1219957456 M * dustybin hehe 1219957460 M * ktwilight_ Bertl, hm, i've also tried install nss libs and devs, beecrypt i can't find on debian strangely. would be good if there's an explicit list of necessary packages to build it. 1219957496 M * Bertl configure is supposed to complain about that 1219957516 M * Bertl the part where it throws an internal error is 'unexpected' 1219957580 Q * ViRUS Ping timeout: 480 seconds 1219957635 M * dustybin Bertl: how many guests do you have? 1219957662 M * Bertl depends on the server, from 3 to 500 1219957688 M * dustybin Bertl: do you run them in professional situations? 1219957704 M * Bertl yep 1219957759 M * dustybin Bertl: what kind of firewall rules do you run on the host to stop the guests intercepting host traffic? 1219957783 M * Bertl they are not able to intercept host traffic 1219957800 M * Bertl (no special firewalling required for that) 1219957807 M * dustybin oh i didnt know that! 1219957810 J * yarihm ~yarihm@gw.ptr-80-238-203-84.customer.ch.netstream.com 1219957826 M * dustybin Bertl: even so, they can still ping the hosts IP 1219957836 M * dustybin really you dont want that to happen? 1219957837 J * Aiken ~Aiken@ppp118-208-65-150.lns1.bne4.internode.on.net 1219957845 M * Bertl yes, ping works fine 1219957878 M * dustybin that mean a evil guest could ping of death your host 1219957901 M * Bertl no, not really, unless my kernel would be ancient 1219957933 Q * loddafnir Ping timeout: 480 seconds 1219957947 M * dustybin Bertl: to make your guest secure, is there anything you should do manually? i read somehwere about making sure the chroot barrier flags are set properly? 1219958042 M * Bertl that is all handled by the tools and startup scripts, but of course, it can't hurt to check on stuff like the barrier 1219958058 M * dustybin one last question 1219958065 M * Bertl by default, a guest is considered secure, that changes when you give additional capabilities 1219958071 M * dustybin are your guests inside a firewalled DMZ ? 1219958097 M * Bertl most of my guests are on the internet, but some of them are 1219958150 M * dustybin Bertl: here is a simple diagram of my home setup 1219958152 M * dustybin http://empire.ispeeds.net/~subx/network2.png 1219958158 M * dustybin im replacing xen with vserver 1219958159 M * Bertl btw, if the 'ping' is something which worries you, you can simply remove the RAW_ICMP, and the problem is gone 1219958169 M * dustybin ace 1219958189 M * dustybin im only running 1 guest for all my public services 1219958205 M * Bertl okay 1219958218 M * Bertl might make sense to split that up in the future though 1219958248 M * dustybin if a public service got r00ted, the cracker might get root on my vserver guest 1219958270 M * dustybin im just trying to secure my guest up as much as possible so he doesnt get root on my host 1219958276 M * Bertl probably (if that service is running as root) 1219958277 M * dustybin (or she :P_ 1219958297 M * dustybin Bertl: well no public services actually run as root but there are root priv esc exploits etc 1219958318 M * Bertl there is no known way to reach the host from the guest, unless you exploit a very specific kind of kernel bug 1219958330 M * dustybin ace :-) 1219958335 M * Bertl (and reach doesn't mean ssh here :) 1219958344 M * dustybin Bertl: i also checked on google, the last serious vserver problems were few years back 1219958353 M * dustybin there are FAR MORE XEN security problems 1219958407 M * Bertl yeah, can't really comment on that, Xen is too heavy and to instable for me 1219958420 M * dustybin yep 1219958430 M * Bertl kvm looks like it could be usable if you need full virtualization in the near future 1219958439 M * dustybin ok 1219958519 M * dustybin thanks for your help :-) 1219958533 M * Bertl you're welcome! 1219958613 Q * bonbons Quit: Leaving 1219958713 N * DoberMann DoberMann[ZZZzzz] 1219958726 Q * cryptronic Quit: Leaving. 1219959175 M * rooijan Those of you online might have seen my question before about Ubuntu vserver enabled kernels. Speak of the devil I just got a message from the Ubuntu kernel team saying I need to test 2.6.27 for Intrepid Ibex 8.10 since they included the patch now. 1219959503 J * snooze ~o@1-1-4-40a.gkp.gbg.bostream.se 1219959593 M * Bertl rooijan: we are talking about Linux-VServer patches here, yes? 1219959633 M * rooijan Yes. I am trying to understand if they are really saying that or not. Read more here https://bugs.launchpad.net/ubuntu/+source/linux/+bug/184764 1219959643 M * Bertl so your question basically is: can I get a Linux-VServer patch for 2.6.27-rc4 or so? 1219959779 J * Mojo1978 ~Mojo1978@ip-88-152-102-182.hsi.ish.de 1219959796 M * Bertl well, the answer looks like 'we don't know what you're talking about, but maybe it's fixed in the new 2.6.27 kernel :) 1219959832 J * derjohn_foo ~aj@p5B23E14C.dip.t-dialin.net 1219959848 M * Bertl rooijan: i.e. the answer from Leann Ogasawara looks to me quite unrelated to Linux-VServer 1219959872 M * rooijan hmmm you might be correct. I guess I got over excited (-: 1219959901 M * Bertl anyway, if you want to test Linux-VServer on that kernel, I can probably provide a patch to 2.6.27-rc4 1219959938 J * _gh_ ~gerrit@67.170.155.50 1219960258 J * edlinuxguru ~edlinuxgu@216.223.13.188 1219960316 M * edlinuxguru Hey all quick questions just to be on the safe side. I am installing the Vserver kernel from http://rpm.hozac.com/dhozac/centos/5/vserver/x86_64/. Does the kernel require kernel-headers? I thought it did 1219960524 M * Bertl the kernel itself does not require any headers or so 1219960546 M * Bertl userspace, when you recompile things interfacing with the kernel, do 1219960575 M * Bertl but Linux-VServer doesn't change the default kernel API, so you can use the 'normal' kernel headers as well 1219960648 M * edlinuxguru Ok I just noticed that usually when I upgrade a kernel the headers come with it, but it is good that I know now why. 1219960737 M * Bertl well, looking at the url you gave above, I see two kernel header packages as well :) 1219960773 J * Genghis ~Genghis@what.is.this.digitalcrap.org 1219960807 Q * Aiken Remote host closed the connection 1219961589 Q * yarihm Quit: Leaving 1219961593 M * edlinuxguru I followed the instructions on the wiki and let yum chose. it picked the newest one 1219962886 Q * ViRUS_ Quit: Leaving 1219962914 M * rooijan Bertl: I am sure you are correct on Ubuntu 8.10 patches. Leann message is just blanket and not specific to linux-vserver (: 1219963102 M * Bertl well, you can take the initiative here and interpret it in your way 1219963117 M * Bertl (or just stick to the debian kernels :) 1219964073 J * sandra_f ~sandra_f@ANantes-257-1-135-233.w90-32.abo.wanadoo.fr 1219964200 Q * sandra_f 1219964283 Q * edlinuxguru Ping timeout: 480 seconds 1219964590 Q * dowdle Remote host closed the connection 1219966553 J * yarihm ~yarihm@84-74-147-84.dclient.hispeed.ch 1219966937 Q * yarihm Quit: Leaving 1219967080 J * unenana ~unenana@ANantes-257-1-135-233.w90-32.abo.wanadoo.fr 1219967172 Q * unenana 1219967318 Q * _gh_ Remote host closed the connection 1219967371 F * ChanServ +o Bertl 1219967426 F * Bertl +b *!*@ANantes-257-1-135-233.w90-32.abo.wanadoo.fr 1219967469 F * Bertl -o Bertl