1224462077 P * frootat 1224462338 M * Bertl daniel_hozac: looks good! 1224462632 M * daniel_hozac http://people.linux-vserver.org/~dhozac/p/k/delta-fperm-fix02.diff was the patch i was porting, and i think http://people.linux-vserver.org/~dhozac/p/k/delta-ixunlink-dlc01.diff is something we should do. 1224462764 M * Bertl I'm fine with the ixunlink part, but the long term plan is to fade out ixunlink (or at least make it a non-Linux-VServer feature) 1224462784 M * Bertl i.e. ixunlink should get replaced by the COW flag 1224462792 M * daniel_hozac sure, but for now i don't think we should be breaking disk compat with existing installs. 1224462811 M * Bertl nope, no problem there, as I said 1224462939 M * Bertl my problem with the fperm patch, as I said last time? is, that we lose the distinction between acessing the different filesystems 1224462957 M * Bertl i.e. procfs vs, devpts vs barrier 1224462972 M * daniel_hozac barrier is still distinct. 1224462994 M * Bertl not for the 'messing' part 1224463016 M * Bertl but IIRC, you argued that this cannot be hit anyway or so? 1224463025 M * daniel_hozac i was going to do a follow-up patch extending that message. 1224463052 M * daniel_hozac adding at least device and fs-magic. 1224463057 M * Bertl okay, because I think it is vital information for the debug/analyze case 1224463065 M * daniel_hozac (just an inode number really isn't useful...) 1224463085 M * Bertl agreed 1224463196 M * yarihm cu guys 1224463201 M * Bertl cya 1224463212 Q * yarihm Quit: Leaving 1224469417 M * Bertl okay, off to bed now .. have a good one everyone! 1224469422 N * Bertl Bertl_zZ 1224469667 Q * cehteh Ping timeout: 480 seconds 1224469986 J * cehteh ~ct@pipapo.org 1224473873 Q * derjohn_mob Ping timeout: 480 seconds 1224474846 J * wenchien ~wenchien@59.105.176.102 1224476746 J * balbir ~balbir@32.97.110.53 1224476749 Q * Loki|muh Read error: Connection reset by peer 1224477187 J * mtg ~mtg@dialbs-088-079-143-204.static.arcor-ip.net 1224477339 J * Loki|muh loki@satanix.de 1224479372 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1224480324 Q * FireEgl Quit: Leaving... 1224482127 Q * ghislainocfs2 Quit: Leaving. 1224482144 J * ghislainocfs2 ~Ghislain@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr 1224482948 Q * larsivi Quit: Konversation terminated! 1224483720 J * ghislainocfs21 ~Ghislain@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr 1224484037 Q * ghislainocfs2 Ping timeout: 480 seconds 1224484322 J * derjohn_mob ~aj@e180221068.adsl.alicedsl.de 1224485863 J * davidkarban ~david@193.85.217.71 1224486540 J * larsivi ~larsivi@85.221.53.194 1224488729 J * pmenier ~pme@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr 1224489349 Q * derjohn_mob Ping timeout: 480 seconds 1224490069 J * ktwilight ~ktwilight@189.72-66-87.adsl-dyn.isp.belgacom.be 1224492360 J * Pazzo ~ugelt@reserved-225136.rol.raiffeisen.net 1224492566 J * tpo ~tpo@212-41-88-180.adsl.solnet.ch 1224492775 M * tpo I'd like to: ssh myvserver 1224492804 M * tpo Thus I need to first: ssh vserver-host and then vserver guest enter 1224492807 M * ktwilight tpo, ensure that you configure /etc/ssh/sshd_config in your myvserver 1224492820 M * ktwilight ListenAddress and Port are important. ;) 1224492835 M * tpo ktwilight: thanks, but let me explain :-) ! 1224492848 M * tpo I want to ssh to host and then vserver enter to guest 1224492865 M * ktwilight so setup ssh in host? 1224492886 M * tpo ssh has a "ProxyCommand" feature, but the idea of that feature is that is defines all the way to the before-last instance and there issues an ssh 1224492933 M * tpo what I would like to do is the same, except, that I want to tell ssh to issue "some command" (here vserver enter) and then be done with it, without further connecting 1224492947 M * tpo Something like: 1224492956 M * tpo Host myguestvserver 1224492959 J * Punkie ~Punkie@goc.coolhousing.net 1224492966 M * ktwilight vsomething would work i guess 1224492974 M * ktwilight vsomething --help 1224493010 M * tpo ProxyCommand ssh root@vserver vserver enter 1224493032 M * tpo ktwilight: yup, but I need to do that through ssh 1224493093 M * tpo that way I could be able to work on all the servers no matter, if they are directly connected, reachable through a jump host/gateway or wheter they are vservers 1224493117 M * tpo I don't know if it's clear what I want to achieve? 1224493119 M * blathijs tpo: What is the end effect you're trying to achieve? That someone that ssh's into the host actually ends up in the vserver instead? 1224493130 M * tpo blathijs: exactly 1224493150 M * blathijs But there is only a single vserver per host? Or is there some way to choose between different proxy thingies? 1224493179 M * tpo blathijs: there are many host-vservers and many guest-vservers aka n:m 1224493196 M * blathijs Then how do you choose which vserver you want? 1224493226 M * tpo ssh has an option to configure a "Host", where you can let it know how to get to that "Host" 1224493246 M * tpo so I'd configure each host separately for ssh 1224493260 M * ktwilight "host" meaning vserver guest? 1224493269 M * tpo ktwilight: yes, exactly 1224493304 M * ktwilight using the ProxyCommand... 1224493317 M * blathijs Ok, then I see what you mean. You want to be able to connect to different vservers using ssh + vserver enter, by using client side ssh configuration, right? 1224493321 M * ktwilight what error do you have when you use it? 1224493325 M * ktwilight or rather, what's the command that you issue for ssh? 1224493366 M * tpo ktwilight: that's what I thought, but ProxyCommand wants to ssh to the guest. I don't want to do that, since that means to run ssh inside each guest plus iptables config etc. etc. 1224493387 M * tpo blathijs: exactly 1224493389 M * blathijs tpo: You could try using the "LocalCommand" option? 1224493424 M * blathijs ktwilight: ProxyCommand should be a command that sets up a connection to some ssh daemon, which is too low level for what tpo is trying to achieve 1224493432 M * ktwilight o 1224493437 M * tpo blathijs: I thought "LocalCommand" gets executed on the ssh source? I'll try that out... 1224493441 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1224493448 M * ktwilight the manual isn't helpful to state that :) 1224493473 M * blathijs tpo: Hmm, indeed, so that will probably not work :-S 1224493479 M * tpo ktwilight: :-), you have to read it very carefully :-), which I didn't either in the beginning 1224493482 M * blathijs ktwilight: State what? 1224493507 M * blathijs ktwilight: I think it is quite clear, it's just that the concept is quite tricky to wrap your head around :-) 1224493523 M * ktwilight aha! "It should eventually connect an server running on some machine" 1224493568 M * blathijs If you're running ssh within the vservers, you could misuse proxycommand 1224493580 M * tpo blathijs: looked it up again - LocalCommand effectively relates to the ssh _client_ 1224493618 M * blathijs tpo: Yeah, that makes sense. Annoying that there is no RemoteCommand, or Shell (you could specify it on the commandline, but that's not quite elegant) 1224493636 M * tpo blathijs: yes, I could, but that would force me to configure iptables and run ssh in every vserver-guest instance, which is overkill, ugly, etc. 1224493679 M * blathijs This might work without iptables, but with ssh in each vserver, but is butt ugly: ProxyCommand ssh root@host vserver guest exec nc localhost 22 1224493687 M * tpo blathijs: ah... maybe there's a way to hack around that by specifying the remote _shell_ ... :-o, I'll check that 1224493723 M * blathijs tpo: From a security perspective, running an ssh in each vserver does makes sense, btw 1224493744 M * blathijs tpo: Needing to log in as root on the host server is very much bad practice 1224493758 M * tpo blathijs: only if you don't trust the vserver-host ... well you need to anyway :-/ 1224493770 M * blathijs tpo: IMHO, you should never log in to the host when it's not needed, and never log in as root either 1224493788 J * ghislainocfs2 ~Ghislain@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr 1224493807 M * blathijs tpo: It's more that if your connection or login is somehow compromised, you're giving away full access right away (root @ host) 1224493807 M * ktwilight how could you not trust the host... :/ 1224493833 M * ktwilight isn't that part of the point of vserver, to able to fully entrust host. 1224493840 M * tpo I could use vlogin of course, requiring me to configure it everywhere.... 1224493862 A * blathijs doesn't know vlogin 1224493886 M * blathijs tpo: But, I can't seem to find any way to achieve what you're trying right now 1224493926 M * tpo blathijs: vlogin forwards your login to some vguest. But it's rather hackish as well 1224493939 Q * ghislainocfs21 Ping timeout: 480 seconds 1224493961 Q * Pazzo Remote host closed the connection 1224494613 M * tpo blathijs, ktwilight: vslogin did it. I want to thank you very much for helping me. Being able to bounce off ideas was crucial. Thanks! 1224494624 M * tpo I'll put this into the wiki... 1224494663 M * ktwilight where did you find vslogin? i don't seem to have it...? 1224494872 M * tpo ktwilight: http://oldwiki.linux-vserver.org/HowtoSSHLogin 1224494933 M * ktwilight ah 1224495142 J * frootat ~joern@dyndsl-091-096-055-191.ewe-ip-backbone.de 1224495258 Q * frootat 1224495277 J * frootat ~joern@dyndsl-091-096-055-191.ewe-ip-backbone.de 1224495396 M * frootat hi is it possible to set the guest interface into promiscuous mode.. that the guest can only sniff this virtual interface? 1224495547 J * FireEgl FireEgl@173-16-9-10.client.mchsi.com 1224496873 M * daniel_hozac there are no virtual interfaces. 1224496883 M * daniel_hozac and guests cannot sniff traffic by default. 1224497149 M * frootat but it is possible, that a guest can only sniff its own interface? 1224497164 M * daniel_hozac since it doesn't have an interface of its own, no. 1224497165 M * frootat or can it sniff all traffic done by this int? 1224497177 M * daniel_hozac it can sniff _all_ traffic, not just that interface. 1224497185 M * frootat yes, thats what i thought.. thank you daniel 1224497951 J * awk ~awk@security.web.za 1224498371 J * yang yang@yang.netrep.oftc.net 1224498478 J * Mojo1978 ~Mojo1978@ip-88-152-100-137.unitymediagroup.de 1224499351 Q * Hunger Read error: Connection reset by peer 1224499353 J * Hunger Hunger.hu@Hunger.hu 1224500576 Q * PowerKe Ping timeout: 480 seconds 1224503913 M * ghislainocfs2 hello there 1224504016 M * ghislainocfs2 daniel are you there ? :) 1224504967 Q * pmenier Read error: Connection reset by peer 1224505497 J * pmenier ~pme@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr 1224505721 M * daniel_hozac ghislainocfs2: what's up? 1224506378 J * morrigan morrigan@IRC.13thfloor.at 1224506437 P * tpo 1224507337 M * ghislainocfs2 hello daniel, i wondered if playing with memset will negate the unification gain in memory or not 1224507359 M * ghislainocfs2 i mean cpuset.mem 1224507373 M * daniel_hozac you're on a NUMA box? 1224507383 M * ghislainocfs2 numa ? :) 1224507391 M * ghislainocfs2 debian lenny 64bit kernel 1224507396 M * daniel_hozac non-uniform memory access. 1224507406 M * daniel_hozac i.e. you have multiple, separate, memory banks? 1224507414 M * daniel_hozac or would you use fakenuma? 1224507414 M * ghislainocfs2 yes 1224507430 M * ghislainocfs2 i have 4x4gb ram 1224507446 M * ghislainocfs2 dam i dont know 1224507613 M * meebey any chance to make a /etc/vserver/foo/fstab change active without rebooting the vserver? 1224507688 M * daniel_hozac ghislainocfs2: i believe the only commodity hardware that is NUMA are multiprocessor AMD64 boxes. 1224507714 M * daniel_hozac meebey: what kind of change? 1224507725 M * meebey daniel_hozac: new bind entry 1224507746 M * daniel_hozac vnamespace -e mount -n .... should do the trick. 1224507765 M * meebey ok let me try 1224507816 M * meebey daniel_hozac: I need to use the real paths though? 1224507826 M * daniel_hozac yes, it's executed in the host's root. 1224507826 M * meebey daniel_hozac: not like I have them in the fstab.. 1224507829 M * meebey ok 1224507860 M * meebey vnamespace -e dms mount -n --bind /srv/daisy/mail /vservers/dms/srv/daisy/mail 1224507865 M * meebey so something like that 1224507885 M * daniel_hozac for instance, yes. 1224507943 M * meebey seems like --bind doesnt like -n 1224507967 M * meebey mount: special device /srv/daisy/mail does not exist 1224507982 M * meebey its a directory of course, as its a bind mount, eh 1224508020 M * daniel_hozac i assume /srv or /srv/daisy are not on the / filesystem, are they? 1224508046 M * meebey oh 1224508050 M * daniel_hozac irrelevant mount points are cleaned up in the guest's namespace. 1224508069 M * meebey own partition 1224508082 M * meebey /srv is a different partition than / 1224508092 M * meebey is that a problem? 1224508123 M * meebey actually its a nfs mount... not a partition 1224508147 M * meebey vserver supports that though when being used in the fstab of the guest vserver config 1224508354 J * _gh_ ~gerrit@67.170.155.50 1224508360 M * meebey daniel_hozac: so the issue is that it sees not the mount inside the namespace? 1224508371 M * meebey wonder how I can mount bind it then 1224508880 J * ktwilight_ ~ktwilight@126.110-66-87.adsl-dyn.isp.belgacom.be 1224509004 J * ktwilight__ ~ktwilight@126.110-66-87.adsl-dyn.isp.belgacom.be 1224509007 A * meebey checks how vserver.functions does it 1224509148 Q * ktwilight Ping timeout: 480 seconds 1224509156 Q * ktwilight[m] Ping timeout: 480 seconds 1224509287 Q * Punkie Quit: ...mizim... 1224509349 M * daniel_hozac meebey: you either restart the guest, or mount /srv again inside the guest's namespace. 1224509759 M * meebey I restarted the guest, was only 2 employees affected 1224509852 Q * mattzerah Read error: Operation timed out 1224510156 Q * larsivi Ping timeout: 480 seconds 1224510277 J * root` ~user@212.153.80-79.rev.gaoland.net 1224510484 Q * micah Read error: Connection reset by peer 1224510511 J * micah ~micah@micah.riseup.net 1224510521 J * mattzerah ~matt@pool1-180.dyn.winshop.com.au 1224510540 M * root` Hi. I want my guest use a vlan (tag 7). How do that ? Do you have any sample ? 1224510569 M * daniel_hozac --interface .7:/ 1224510578 M * daniel_hozac touch /etc/vservers//interfaces/vlandev 1224510679 M * root` daniel_hozac: thanks 1224511061 Q * wenchien Quit: Terminated with extreme prejudice - dircproxy 1.0.5 1224512000 J * mrfree ~mrfree@host1-89-static.40-88-b.business.telecomitalia.it 1224512092 J * marcfiu ~marcfiu@aegis.CS.Princeton.EDU 1224512200 M * nox root`: for vdsl? 1224512568 J * PowerKe ~tom@d5153A64C.access.telenet.be 1224512791 Q * Aiken Remote host closed the connection 1224512969 Q * root` Remote host closed the connection 1224513130 N * Bertl_zZ Bertl 1224513135 M * Bertl morning folks! 1224513490 M * nox wb Bertl 1224513698 J * dowdle ~dowdle@scott.coe.montana.edu 1224514232 J * larsivi ~larsivi@9.80-202-30.nextgentel.com 1224514393 J * raceme ~tof@ombos.raceme.org 1224514558 M * raceme hello. i've got a problem with lo in a vserver which used to work well in the past before I upgraded the kernel to 2.6.25-6~bpo40+1 from backports.org on a stable debian 1224514758 M * Bertl well, 2.6.25 isn't the best choice, especially as 2.6.26 something is available, but what problem do you think you have? 1224514825 M * raceme Bertl: i've got a problem between apache/mod_ngobjweb-ogo ang ogo 1224514877 M * Bertl o-kay .. what kind of problem, and more important, what is your guest config? 1224514973 M * raceme Bertl: the guest is configured with an alias (eth0:19) but i see a lo interface even if it is not configured 1224514997 M * Bertl that is fine 1224514999 M * raceme Bertl: i've got 127.0.0.1 localhost in /etc/hosts 1224515029 M * Bertl which would not have worked with older debian kernels 1224515036 M * raceme Bertl: the problem is that mod_ngobjweb stuff only take a port as parameter, 1224515085 M * Bertl okay, and? 1224515096 M * raceme Bertl: ogo is listening on eth0:19 (this is what says netstat) and I _suppose_ that apache is trying to reach on lo (this is way says tcpdump on lo on the physical host) 1224515141 M * Bertl well, host local communication _always_ uses lo, regardless of the IP 1224515153 M * raceme Bertl: IP ogo117.xxx-fr.58263 > 127.0.19.1.20000 1224515175 M * Bertl and I presume your guest has context 19, right? 1224515185 M * raceme Bertl: exactly 1224515207 M * Bertl that's the lo isolation ... basically you have two options there 1224515348 M * raceme Bertl: to make it clear: apache and ogo are in the same vserver 1224515399 M * Bertl 1) fix your setup, by either setting localhost to the guest ip, or by binding whatever is listening on 20000 to 127.0.0.1 too 1224515424 M * Bertl 2) disable the automatic loopback assignment/remapping, or set the loopback ip to the first guest ip 1224515436 M * Bertl http://linux-vserver.org/Capabilities_and_Flags 1224515580 J * yarihm ~yarihm@whitehead2.nine.ch 1224515722 M * raceme Bertl: for 1), i cannot choose the binding except the port, so i don't know why it does not bind on lo... I changed /etc/hosts to make localhost -> 10.16.1.19 (the vserver ip), restarted the vserver and same results... :( going for 2) 1224515823 M * Bertl so I presume whatever does the connect has a hardcoded 127.0.0.1, or you did explicitely put that in some config 1224515898 M * raceme Bertl: i think is is hardcoded because on the config there is only: SetHandler ngobjweb-adaptor SetAppPort 20000 and no way to specify the host 1224515916 M * yarihm hi everyone 1224515967 M * Bertl raceme: yep, looks very broken 1224515969 M * yarihm is there some file under /proc that states how much memory a context (is that still the word to use today?) uses? I'd like to get the same value top shows inside a guest with virtualized memory 1224515993 M * Bertl you can get that from the limits file 1224516025 M * yarihm in the limits file is the soft and hard limit, not the actual consumption, no? 1224516040 M * yarihm or do you mean some /proc/foo/bar/limits I haven't yet heard of? 1224516042 M * Bertl current and max is there too 1224516074 M * daniel_hozac unless you're usinga 2+ year old kernel. 1224516090 M * yarihm where exactly is that limits-file? 1224516107 M * daniel_hozac /proc/virtual//limits 1224516116 M * yarihm ah, great 1224516119 M * yarihm thanks 1224516140 M * Bertl http://linux-vserver.org/ProcFS#limit 1224516176 M * raceme Bertl: should i use the nflags ? 1224516197 M * Bertl raceme: probably the best shot is to set the loopback address to the guest ip 1224516231 M * raceme Bertl: how do you do that ? with nflags ? 1224516256 M * Bertl (or, as I suggested, to bind whatever is listening on port 20000 to 127.0.0.1) 1224516307 M * Bertl http://www.nongnu.org/util-vserver/doc/conf/configuration.html (search for lback) 1224516472 M * raceme Bertl: groovy ! 1224516568 M * raceme Bertl: thanks a lot 1224516574 M * Bertl you're welcome! 1224516600 J * marcfiu_ ~marcfiu@dsl092-234-022.phl1.dsl.speakeasy.net 1224517023 Q * marcfiu Ping timeout: 480 seconds 1224517298 Q * davidkarban Quit: Ex-Chat 1224517520 M * Borg- Bertl: is my basic udptest.sh was incorporate to basic tests? ;) 1224517526 M * Borg- incorporated even 1224517578 M * Bertl not yet 1224517665 M * Borg- HOLY necro. 1224517669 M * Borg- the problem still exists 1224517690 M * Borg- I though it was fixed long time ago 1224517792 M * Bertl care to refresh my memory a little? maybe we have a patch waiting for inclusin? 1224517797 M * Bertl *inclusion 1224517816 M * Borg- its about 127.0.0.1 remapping and UDP packets 1224517828 M * Borg- [borg@voip] ./udptest.sh 127.0.0.1 2500 1224517828 M * Borg- You should see 5 lines that contains word packet[1-5] 1224517828 M * Borg- If you see less than 5 lines, there is problem somewhere... 1224517828 M * Borg- packet1 1224517828 M * Borg- [borg@voip] 1224517829 M * Bertl I presume you are talking about 2.6.26.x or so? 1224517832 M * Borg- yep 1224517842 M * Borg- doing same test using guest IP.. everything is fine 1224517846 M * Borg- 5 lines, packet[1-5] 1224517859 M * Borg- [borg@voip] uname -r 1224517859 M * Borg- 2.6.22.19-vs2.2.0.7 1224517864 M * Borg- ah sorry ;) 1224517867 M * Borg- 2.6.22 ;) 1224517874 M * Bertl try with vs2.3.x 1224517876 M * Borg- forgot that im always a bit behind trends 1224517899 M * Borg- well.. script is here.. if anyone have vs2.3.x he might do the test: 1224517906 M * Borg- ftp://borg.uu3.net/home/borg/temp/udptest.sh 1224517933 M * Borg- Im currently lack of spare boxes :) 1224518001 M * Bertl btw, which brings me to the question: daniel_hozac, marcfiu_: do we have a princeton test machine available? preferably with the setup we did last time? 1224518013 Q * mrfree Quit: Leaving 1224518130 M * kwowt hi 1224518277 M * Bertl hey 1224518743 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1224519679 Q * marcfiu_ Quit: marcfiu_ 1224519807 J * marcfiu ~marcfiu@aegis.CS.Princeton.EDU 1224521652 Q * mtg Quit: Verlassend 1224521849 Q * ghislainocfs2 Read error: Connection reset by peer 1224521870 J * ghislainocfs2 ~Ghislain@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr 1224522033 Q * pmenier Remote host closed the connection 1224522693 J * hparker ~hparker@linux.homershut.net 1224522794 J * doener_ ~doener@i577AE1E4.versanet.de 1224522897 Q * doener Ping timeout: 480 seconds 1224523275 J * cga ~weechat@94.36.121.222 1224523376 M * transacid Hollow: around? 1224523508 M * daniel_hozac Bertl: hmm. i thought that was back up already. 1224523525 M * Bertl maybe? at least nobody told me :) 1224523537 M * transacid or any other gentoo guest user? is it still adviced to use the vserver profile or normal profile 1224523557 M * transacid also: baselayout-vserver or baslayout 2? 1224523580 M * daniel_hozac baselayout 2 1224523588 M * transacid thanks 1224524795 Q * frootat Read error: Connection reset by peer 1224524798 J * frootat_ ~joern@dyndsl-080-228-191-044.ewe-ip-backbone.de 1224524800 N * frootat_ frootat 1224524815 Q * yarihm Quit: Leaving 1224527234 J * jm` jm@183.82.80-79.rev.gaoland.net 1224528698 Q * jm` Remote host closed the connection 1224528749 J * yarihm ~yarihm@77-56-182-18.dclient.hispeed.ch 1224529441 Q * cga Quit: WeeChat 0.2.6 1224529992 J * nou Chaton@2001:6f8:328:bbc:6666:6667:: 1224530139 Q * larsivi Ping timeout: 480 seconds 1224530427 M * daniel_hozac anyone running 2.6.27* around to verify something for me? 1224530513 M * Wonka <- 1224530517 M * daniel_hozac on a filesystem using -o tag, does mkdir test; cd test; echo 123 > test; chxid -c 15 test; vtag --tag 12 --migrate cat test give you a null pointer dereference in dmesg? 1224530520 M * Wonka 2.6.27.1 1224530530 M * Wonka without vserver 1224530537 M * Wonka sorry. 1224530667 M * Bertl daniel_hozac: well, would be good to have that princeton test system :) 1224530688 M * daniel_hozac yes, yes it would. :-) 1224530698 M * daniel_hozac i think i found it though. 1224530751 M * daniel_hozac http://people.linux-vserver.org/~dhozac/p/k/delta-tag-fix02.diff 1224530821 M * Bertl hmm, interesting ... 1224530842 M * daniel_hozac path is the destination, not set in case of failure. 1224531063 M * daniel_hozac http://people.linux-vserver.org/~dhozac/p/k/delta-fperm-fix03.diff fixes various issues with the fperm patch, including the message. 1224531083 M * daniel_hozac though i guess it's just the devpts-case in addition to that :-) 1224531728 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1224532102 J * hparker ~hparker@linux.homershut.net 1224532182 Q * ktwilight__ Quit: Left 1224533060 J * Web-sidux877 ~richi@chello062178029134.10.11.vie.surfer.at 1224533073 M * Web-sidux877 Abend :) 1224533141 M * Bertl good evening! 1224533162 M * Web-sidux877 hi, i have some questions about vserver. 1224533201 M * Bertl let`s hear! 1224533247 M * Web-sidux877 i have used vserver now for a long time on my webserver and some privat maschines -> testing kde4, devel webserver etc. but now i need to setup a samba openldap cluster with 6 nodes. 1224533319 M * Bertl okay, so? 1224533328 M * Web-sidux877 and i will use some apache or lighttpd webserver for my own managment scripts- ldap, vserver. 1224533342 M * daniel_hozac Bertl: delta-tag-fix02 is missing a &, want a new version? 1224533343 M * Web-sidux877 can i run apache on the guest and on the host without troubles? 1224533389 M * Web-sidux877 when i start the host apache befor the guest, the guest can't bind on port 80. 1224533438 M * daniel_hozac you have to restrict the host's apache to the host's IP addresses. 1224533440 M * Web-sidux877 if i start the guest with the apache on port 80 and then i start the host apache, every thig work fine. 1224533459 M * Bertl daniel_hozac: yep, as I haven't included any patch yet 1224533552 M * Web-sidux877 k good - i have one last problem :) 1224533595 M * Web-sidux877 a need loop devices in the guest and i use debian sid with aeo loop. but when in want to mount a loop device in the guest i get an error that i don't have the permission... 1224533669 M * Web-sidux877 i wanna use havp(http anti virus proxy) in some guests and thats needs a loopback to mount an image with mandatory lock. 1224533775 M * Bertl well, first, you can get loop devices inside a guest, but you rarely need them 1224533793 M * Bertl (unless you explicitely want the guest to mount/umount them) 1224533836 M * Bertl it is advisable to do 'permanent' mounts outside the guest (i.e. via guest config's fstab) 1224533843 M * Web-sidux877 havp is the only one that needs loop 1224533900 M * Bertl I don't see why a virus scanner would require loop mounts, but so be it :) 1224533934 M * Web-sidux877 it mounts a image with mandatory lock, or so... 1224533979 M * Web-sidux877 i'am a little bit afk, thx for ur help :) 1224533993 M * Bertl again, no idea how that helps to scan for viruses in http streams :) 1224534035 M * Web-sidux877 i will read the manual maybe i can find why they need mandatory lock... 1224534045 M * ktwilight_ "security" purposes ;P 1224534092 M * Web-sidux877 thx for the help, read you later :) 1224534100 M * Bertl you're welcome! 1224534700 Q * Wonka Remote host closed the connection 1224534730 J * Wonka produziert@chaos.in-kiel.de 1224534744 P * glen_ 1224534750 Q * Wonka Remote host closed the connection 1224534762 J * Wonka produziert@chaos.in-kiel.de 1224534780 J * xdr ~xdr@130-173-96-87.cust.blixtvik.se 1224535649 Q * bonbons Quit: Leaving 1224535822 J * Aiken ~Aiken@ppp118-208-28-181.lns2.bne1.internode.on.net 1224536037 M * fosco Web-sidux877: hmm ? 1224536838 J * derjohn_mob ~aj@p5B23E158.dip.t-dialin.net 1224537617 J * ghislainocfs21 ~Ghislain@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr 1224537926 Q * ghislainocfs2 Ping timeout: 480 seconds 1224537936 J * bibabu` bibabu@voice1.de 1224537943 Q * bibabu Read error: Connection reset by peer 1224539157 J * larsivi ~larsivi@9.80-202-30.nextgentel.com 1224539263 Q * yarihm Quit: Leaving 1224539906 Q * Mojo1978 Read error: Connection reset by peer 1224540393 Q * frootat Quit: :(){ :|:&};: 1224541239 Q * ruskie Read error: Connection reset by peer 1224542958 Q * marcfiu Ping timeout: 480 seconds 1224543205 M * Web-sidux877 will there someday a full cluster solution for vserver? Live Migration? 1224543257 M * Bertl when mainline is going to support that, why not? 1224543329 M * Web-sidux877 my solution is now to use drbd and heartbeat or lvs to provide HA. 1224543345 M * Bertl well, that's a good choice, no? 1224543373 M * Web-sidux877 yes it is :) 1224543380 M * Bertl note that HA has nothing to do with migration :) 1224543398 M * Web-sidux877 i know... 1224543403 M * Bertl (unless you can look into the future ;) 1224543460 M * Web-sidux877 but for the first time a heartbeat and lvs solution is enough. 1224543484 M * Web-sidux877 2 vservers with lvs on one node and the same over drbd with heartbeat on the other... 1224543559 M * Web-sidux877 i hope i have no thinking mistake with 6 nodes. 1224543863 M * Web-sidux877 can i use user mode linux in a vserver host? Maybe useless but i'am curious - couse uml is in the main vanilla kernel.. 1224543984 M * Bertl yep, uml, even for Linux-VServer kernels should be fine 1224544135 M * Bertl same with xen, mix and match to your likings 1224544200 M * Web-sidux877 and why someone should use vserver instead of openvz? maybe a daring question... 1224544531 T * * http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.34, grsec 2.2.0.7|util-vserver-0.30.215|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute. 1224544531 T * ChanServ - 1224544582 M * Web-sidux877 i don't like windows - couse i don't have vserver in windows ;) 1224544616 M * Bertl the company behind OVZ provides a solution to do that, it's called Virtuozzo(tm) :) 1224544661 M * Web-sidux877 yeah for linux or? or windows too? 1224544668 M * Bertl for windows too 1224544671 M * daniel_hozac Windows on Windows, Linux on Linux. 1224544681 M * daniel_hozac as is the nature of OS-level virtualization. 1224544716 M * Web-sidux877 windows rapes windows - nice presentation ;) 1224545451 M * Web-sidux877 so i wish everyone a nice evning/night. 1224545490 M * Bertl have a good one too! 1224545507 Q * Web-sidux877 Remote host closed the connection 1224545666 Q * nou Remote host closed the connection