1230944186 Q * yarihm Quit: Leaving 1230947520 Q * bonbons Quit: Leaving 1230947846 J * meebey_ meebey@booster.qnetp.net 1230948336 Q * meebey_ Remote host closed the connection 1230949000 J * meebey_ meebey@booster.qnetp.net 1230949192 Q * meebey_ Remote host closed the connection 1230949319 J * meebey_ meebey@booster.qnetp.net 1230952941 Q * infowolfe Ping timeout: 480 seconds 1230953513 J * infowolfe ~infowolfe@c-24-21-204-37.hsd1.or.comcast.net 1230954767 M * Bertl off to bed now ... have a good one everyone! 1230954776 N * Bertl Bertl_zZ 1230954836 M * Supaplex Bertl, sweet dreams and all :) 1230966755 J * doener_ ~doener@i577B8799.versanet.de 1230966859 Q * doener Ping timeout: 480 seconds 1230968065 Q * balbir_ Read error: Connection reset by peer 1230968987 J * balbir_ ~balbir@xbl.dnsbl.oftc.net 1230970343 Q * balbir_ Ping timeout: 480 seconds 1230971420 J * sunkencity_ ~sunkencit@h121n2c1o1036.bredband.skanova.com 1230971484 Q * ztakeru Ping timeout: 480 seconds 1230971583 J * ztakeru ~ztakeru@s35.GtokyoFL11.vectant.ne.jp 1230973050 J * geb ~geb@AOrleans-151-1-72-104.w90-21.abo.wanadoo.fr 1230973137 M * geb hi 1230973806 J * mtg ~mtg@dialbs-088-079-143-204.static.arcor-ip.net 1230975624 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1230975734 J * cga ~weechat@94.36.127.183 1230976770 Q * sunkencity Quit: sunkencity 1230976838 Q * mtg Quit: Verlassend 1230976846 J * sunkencity ~joel@h121n2c1o1036.bredband.skanova.com 1230977797 N * pmenier_off pmenier 1230978052 Q * arekm Quit: leaving 1230978624 J * arekm arekm@carme.pld-linux.org 1230978654 J * takeru ~takeru@nttkyo888227.tkyo.nt.ftth.ppp.infoweb.ne.jp 1230980204 Q * esa Ping timeout: 480 seconds 1230980303 J * friendly ~friendly@ppp118-208-186-144.lns10.mel4.internode.on.net 1230980507 P * friendly 1230981117 J * cga_ ~weechat@94.36.127.183 1230981193 Q * cga Ping timeout: 480 seconds 1230982169 Q * Aiken Quit: Leaving 1230983036 N * Bertl_zZ Bertl 1230983041 M * Bertl morning folks! 1230983073 M * mnemoc morning Bertl 1230984075 M * geb morning ! 1230984738 N * pmenier pmenier_off 1230987275 N * pmenier_off pmenier 1230988537 J * balbir_ ~balbir@xbl.dnsbl.oftc.net 1230989428 Q * duckx Remote host closed the connection 1230989640 J * duckx ~Duck@81.57.39.234 1230990221 N * meebey_ meebey__ 1230991233 Q * takeru Quit: takeru 1230991382 N * meebey__ meebe337 1230991439 N * meebe337 meebey 1230996784 J * independence independen@titan.blinkenshell.org 1230996909 M * independence is vserver with grsec patches still being developed? 1230997099 M * geb http://people.linux-vserver.org/~harry/ 1230997229 M * geb the last patch isn't very old :) 1230997240 M * independence it's not very new either 1230997249 M * independence 1 patch in 6 months, hm 1230997509 M * geb maybe that's because there is no recent "stable" vserver patchset 1230997552 M * independence yeah, but it seems everyone is runnnig some dev version of vserver. stable is very old 1230997679 M * geb yeah the experimental version is very stable 1230997744 M * geb you should ask Bertl for details about experimental vs stable branch 1230997750 M * independence is there anyone here running that 2.6.26 +grsec version then? is it reliable? 1230997956 M * geb their is some answers here: http://www.paul.sladen.org/vserver/archives/200810/0003.html 1230998050 M * independence harry: you there? 1230998096 M * independence idle 10 days.. hehe 1230998104 M * geb :) 1230998228 M * geb i don't know how difficult it is to build the patch, but http://www.grsecurity.net/pipermail/grsecurity/2008-October/000957.html says that you just have too apply the two patches in order (grsec and next vserver) 1230998449 M * independence maybe I could make a patch that boots up and all, but I wouldn't feel very confident that it would be stable :) 1230998770 Q * click Quit: leaving 1230998858 M * geb you don't seems to have many choices for now 1230998900 M * geb if you try the last harrys patch i 'll be interested to have your return 1230998955 M * independence mabye I could try and get another box with roughly the same hw and do some tests on it 1230999686 J * Piet ~piet@asteria.debian.or.at 1231000442 M * Bertl independence: what do you need grsec for, btw? 1231000495 M * independence I use the server as shell hosting, so it feels a bit safer with some added security 1231000703 M * Bertl do you configure grsec properly? i.e. do you setup policies? 1231000926 M * independence I don't use rbac 1231000954 M * Bertl so, what's the added security you are referring to? 1231000984 M * independence or hm, wait 1231001124 M * independence maybe most of it is in pax really, address randomization and stuff 1231001141 M * independence bbl 1231001543 Q * ztakeru Ping timeout: 480 seconds 1231003634 J * darrob ~darrob@tor-irc.dnsbl.oftc.net 1231003981 Q * darrob2 Ping timeout: 480 seconds 1231004882 M * nox patching grsec on 2.6.27.10-vs2.3.0.36.2 gives me http://paste.linux-vserver.org/12687 1231004996 Q * nenolod Remote host closed the connection 1231005053 J * nenolod nenolod@petrie.dereferenced.org 1231005261 M * mnemoc nox: integrating grsec and vserver is not trivial 1231005369 M * nox mnemoc: just looked 4 rejects 1231006226 Q * docelic__ Quit: http://www.spinlocksolutions.com/ 1231007105 N * BobR_zZ BobR 1231009770 M * zbyniu nox: there are patches for .27 in pld cvs if you want 1231009798 M * zbyniu nox: pure vserver and modified grsec 1231010279 M * independence pld cvs? 1231010443 M * mnemoc pld is a linux distribution 1231011478 Q * TimLyth Ping timeout: 480 seconds 1231013771 M * sunkencity what is the preferred method for moving a vserver from one machine to another? I usually make a tarball of both the etc and the vserver filesystem root and unpack on the other machine 1231013825 M * sunkencity i think there was some command to do that but it didn't work on gentoo at the point in time I started to need to move machines around 1231013836 M * sunkencity which was a while ago 1231013936 M * Bertl tarball is fine, as long as you have the proper options 1231013954 M * Bertl personally I prefer rsync, which is simpler 1231014086 M * sunkencity I never get rsync to work 1231014100 M * sunkencity what options do I need to tack on to rsync 1231014113 M * sunkencity tarball always works for me 1231014124 M * sunkencity but it's slow 1231014132 M * Bertl rsync -axHPSD --numeric-ids /path/to/guest/ root@remote:/path/to/guest_copy/ 1231014152 M * sunkencity thanks! 1231014160 M * Bertl np 1231014360 M * sunkencity Another question... I'm trying to get away from running gentoo on the servers I manage that I don't have physical access to. If I had a ILO promt or something on the machines I'd stick to gentoo but alas. So far looking at debian 4.0 and centos 5. 1231014395 M * sunkencity I suppose debian has the best and freshest vserver kernels readily available by default 1231014408 M * Bertl not really 1231014426 M * sunkencity I had hell with one machine running ubuntu, and whoops no available vserver kernels 1231014431 M * Bertl it's more like: debian has the oldest and most broken kernels readily available :) 1231014435 M * sunkencity haha 1231014449 M * Bertl but, usually you can get recent/new/working ones from backports/testing 1231014463 M * sunkencity what about centos 1231014470 M * sunkencity or arch? 1231014489 M * sunkencity I could go for testing though 1231014507 M * Bertl centos is kind of supported by daniel_hozac, who does fedora and centos packages 1231014539 M * Bertl arch was reported working fine, but I do not know anything about the packaged stuff 1231014599 M * sunkencity I've always had great success with vserver-sources on gentoo, but i'm getting too little time to cook the kernel myself these days 1231014628 M * Bertl IMHO a custom configured kernel is a good idea for a server 1231014652 M * Bertl you can fix a lot of 'bugs' (or better bad decisions) distributors make 1231014658 M * sunkencity yep 1231014685 M * sunkencity takes a few days for each new flavour of dell server i buy though 1231014734 M * sunkencity configuring kernel is fun though 1231014742 M * Bertl yeah, but just once :) 1231014776 M * Bertl the configuring part, not the fun part :) 1231014815 M * sunkencity they always manage to change some bloody chipset 1231014828 M * sunkencity :) 1231015877 M * fb good evening 1231016129 M * Bertl evening! 1231016256 M * fb sad evening today... 1231016292 Q * nou Read error: Connection reset by peer 1231016903 M * sunkencity why is that 1231017440 M * fb sunkencity: my friend lost his fight with cancer at the very end of 2008, he was buried today 1231017483 M * Bertl everybody dies ... sooner or later ... 1231017540 M * Bertl what somebody accomplished and how s/he is remembered is what counts 1231017574 M * fb yeah 1231017595 M * fb this is especially sad, because my wife fights her fight 1231018033 M * Bertl make the best of it ... don't waste you time here :) 1231018208 J * TimLyth ~tux@202.134.227.227 1231019024 J * Aiken ~Aiken@ppp118-208-102-132.lns3.bne4.internode.on.net 1231019068 M * sunkencity_ that is sad, yea one supposedly has to make something worth the while 1231020080 J * nou Chaton@2001:6f8:328:bbc:6666:6667:: 1231020579 Q * cga_ Quit: WeeChat 0.2.6 1231021410 Q * doener_ Quit: leaving 1231023437 Q * sunkencity Quit: sunkencity 1231024919 Q * sunkencity_ Ping timeout: 480 seconds 1231025913 J * blues blues@acv144.neoplus.adsl.tpnet.pl 1231025961 M * blues hello 1231025980 M * blues I have small problem with vserver 1231026022 M * blues on one machine there is problem with memory shown inside vserver (with proper flag) 1231026058 J * friendly ~friendly@ppp118-208-186-144.lns10.mel4.internode.on.net 1231026109 J * sunkencity ~joel@h121n2c1o1036.bredband.skanova.com 1231026110 M * Bertl blues: please elaborate ... 1231026110 M * blues instead of right value (according to rss.*) I have 4294967295k total" 1231026114 M * blues instead of right value (according to rss.*) I have "4294967295k total" 1231026129 M * blues no matter what I'll set 1231026131 M * Bertl what value did you specify to rss.* 1231026146 M * blues Bertl: no matter 1231026159 M * blues i.e. 128000 1231026170 M * blues should be 512M 1231026233 M * blues system is 32bit with 64bit kernel 1231026245 M * blues Bertl: could it be problem? 1231026362 M * Bertl nah, that should be fine 1231026374 M * Bertl you did enable the VIRT_MEM flag? 1231026380 M * blues Bertl: yep 1231026407 M * blues # cat /proc/virtual/info 1231026408 M * blues VCIVersion: 0002:0304 1231026408 M * blues VCISyscall: 236 1231026408 M * blues VCIKernel: 13000ff1 1231026425 M * blues kernel is 2.6.27.10 1231026452 M * Bertl okay, what does /proc/virtual//limits show? 1231026455 M * Bertl (please use paste.linux-vserver.org for everything longer than 3 lines) 1231026510 M * blues hmmm... 1231026521 M * blues RSS: 379 0/ 1625 21474836480/21474836480 0 1231026543 M * Bertl that is quite huge for the limits :) 1231026570 M * Bertl what util-vserver version and 32 or 64bit? 1231026588 M * blues userspace is 32-bit 1231026625 M * blues util-vserver 0.30.215 1231026677 M * Bertl okay, but the kernel is 64bit, yes? 1231026704 M * blues Bertl: yes 1231026707 M * Bertl do you have 64bit userspace on the host too, or would it be possible to install/try with 64bit utils? 1231026724 M * blues aaa 1231026726 M * Bertl it could be related to the ia32 compatibility emulation 1231026742 M * blues Bertl: guest is 32bit 1231026744 M * Bertl in which case it would be a bug and I would like to know :) 1231026760 M * Bertl guest can stay 32bit, not really relevant :) 1231026824 M * blues Bertl: no, 64bit is not possible there, sorry 1231026846 M * blues :( 1231026871 M * Bertl okay, no problem ... let me check if I can recreate that 1231027086 M * blues ok 1231027152 M * blues Bertl: please letme know :) 1231027155 M * blues let me 1231027156 M * blues :)