1233619529 Q * dowdle Remote host closed the connection 1233621504 Q * kwowt Read error: Connection reset by peer 1233626129 Q * FireEgl Quit: Leaving... 1233627714 J * FireEgl FireEgl@173-16-9-10.client.mchsi.com 1233628321 J * almak ~almak@proxy-sjc-2.cisco.com 1233628338 M * almak Hi there. 1233628351 M * Bertl hey 1233628391 M * almak I am trying to use vcontext command. Is there an option to set memory limit on this context? 1233628410 M * Bertl yes, with vlimit 1233628467 M * almak call vlimit after the context has been created? 1233628488 M * Bertl yep, or do it in the 'chained' way util-vserver does 1233628506 M * almak I see. thx! 1233628535 M * Bertl np 1233628925 J * takeru ~takeru@nttkyo675077.tkyo.nt.ftth.ppp.infoweb.ne.jp 1233629208 Q * cehteh Ping timeout: 480 seconds 1233630330 Q * takeru Read error: Connection reset by peer 1233630519 J * takeru ~takeru@nttkyo675077.tkyo.nt.ftth.ppp.infoweb.ne.jp 1233631010 Q * takeru Ping timeout: 480 seconds 1233631236 J * takeru ~takeru@nttkyo675077.tkyo.nt.ftth.ppp.infoweb.ne.jp 1233631698 J * almak_ ~almak@proxy-sjc-1.cisco.com 1233631700 Q * almak Read error: Connection reset by peer 1233633364 Q * almak_ Read error: Connection reset by peer 1233633386 J * almak_ ~almak@proxy-sjc-2.cisco.com 1233633593 Q * geb Remote host closed the connection 1233636430 Q * doener_ Ping timeout: 480 seconds 1233636623 J * Hollow__ ~hollow@shiva.xnull.de 1233636623 Q * Hollow Read error: Connection reset by peer 1233636628 J * doener ~doener@i577BB3BA.versanet.de 1233636632 Q * Aiken Quit: Leaving 1233636681 N * Hollow__ Hollow 1233640228 Q * takeru Ping timeout: 480 seconds 1233640502 J * takeru ~takeru@nttkyo675077.tkyo.nt.ftth.ppp.infoweb.ne.jp 1233640511 Q * takeru 1233640615 J * Hollow__ ~hollow@shiva.xnull.de 1233640978 Q * Hollow Ping timeout: 480 seconds 1233641033 N * Hollow__ Hollow 1233641612 J * Slydder1 ~chuck@dslb-088-074-054-193.pools.arcor-ip.net 1233642240 J * MexiNerd 48cf17cd@webchat.mibbit.com 1233642368 Q * Slydder1 Ping timeout: 480 seconds 1233642875 M * Bertl off to bed now .. have a good one everyone! 1233642881 N * Bertl Bertl_zZ 1233642959 Q * MexiNerd Quit: http://www.mibbit.com ajax IRC Client 1233643039 J * Slydder1 ~chuck@dslb-088-072-230-006.pools.arcor-ip.net 1233644480 Q * Slydder1 Quit: Leaving. 1233644938 J * cehteh ~ct@pipapo.org 1233646138 J * sharkjaw ~gab@217-26-13.231210.adsl.tele2.no 1233646800 J * duckx ~Duck@81.57.39.234 1233647277 J * davidkarban ~david@199.123.broadband11.iol.cz 1233647333 J * amine ~amine@41.221.18.188 1233647354 M * amine Hello 1233647489 M * amine I have to set two vservers with different subnets/gw , I guess the only way is to setup source-based routing, but I have an error "RTNETLINK answers: Network is unreachable" when setting up the second gateway, even if it is ping'able 1233647494 M * amine any idea please? 1233648499 Q * balbir_ synthon.oftc.net oxygen.oftc.net 1233648499 Q * kaner_ synthon.oftc.net oxygen.oftc.net 1233648506 J * balbir_ ~balbir@122.172.106.62 1233648506 J * kaner_ ~kaner@zzz.strace.org 1233648982 J * harobed ~harobed@pda57-1-82-231-115-1.fbx.proxad.net 1233649237 J * friendly ~friendly@ppp118-208-221-197.lns10.mel6.internode.on.net 1233649470 Q * davidkarban Ping timeout: 480 seconds 1233649480 J * davidkarban ~david@88.86.104.103 1233649483 Q * dysofinu Ping timeout: 480 seconds 1233649588 Q * duckx Remote host closed the connection 1233650134 J * doener_ ~doener@i577B9B17.versanet.de 1233650235 Q * doener Ping timeout: 480 seconds 1233650680 J * lavogu ~lavogu@193.43.249.169 1233651941 Q * lavogu Remote host closed the connection 1233652227 M * sid3windr amine: is it directly connected? 1233654862 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1233655236 M * amine sid3windr: thank you for your reponse, actually there was a routing problem even for getting the gateway 1233655289 M * amine now another question: how to make the interface for the vserver visible on the host as an alias interface? 1233655896 M * nkukard is it possible to make a vserver think its i586 and not x86_64 in the uname? 1233655962 M * cehteh yes 1233655990 M * cehteh there is a hint on the wiki how to setup a 32 bit vserver on a 64 bit system 1233656143 M * sid3windr check the uts options :) 1233656285 Q * sharkjaw Quit: Leaving 1233656471 A * nkukard checks agaijn 1233656504 M * amine uts? 1233656615 Q * friendly Quit: Leaving. 1233657587 M * ghislainocfs2 http://linux-vserver.org/util-vserver:Cheatsheet#Where_to_find_the_latest_util-vserver_.3F 1233657595 M * ghislainocfs2 sudo vuname --xid 40133 -s -t 'machine=i686' 1233657617 M * ghislainocfs2 also in the /vserver tools file to make it permanent 1233657630 M * ghislainocfs2 in the debootstrap you must use the option arch=i386 1233657737 M * ghislainocfs2 like this: -- -d lenny -- --arch=i386 1233657806 M * ghislainocfs2 hummy answers are confusing: nkukard: use sudo vuname --xid 40133 -s -t 'machine=i686' i think it will do, also put it in the config for permanent change 1233657827 M * ghislainocfs2 cehteh: in the debootstrap you must use the option arch=i386, like this: -- -d lenny -- --arch=i386 1233657860 M * ghislainocfs2 nkukard: of course the xid is an exemple 1233658798 Q * zolty Ping timeout: 480 seconds 1233658801 M * nkukard thanks ghislainocfs2 1233659365 M * ghislainocfs2 :) 1233659726 J * zolty ~pzoltows@mion.elka.pw.edu.pl 1233659791 Q * esa Quit: Coyote finally caught me 1233660512 M * amine is there a way to change routing table on a VS? ... it seems VS isnt taking into account changes made with ip route on host... 1233660610 M * arekm hm, syslog-ng is changing capabilities and then it's trying to open fifo from host where fifo is located on /vservers/gues/ and it gets permission denied 1233660654 M * arekm now doing the same but outside /vservers/ works fine... which capability is important here then? 1233663194 N * Bertl_zZ Bertl 1233663198 M * Bertl morning folks! 1233663242 M * Bertl arekm: ad routing, see multiple routing tables 1233663272 M * Bertl arekm: ad fifo, please elaborate what you are doing :) 1233663282 M * arekm it's vserver unrelated it seems. 1233663294 M * Bertl not unexpected :) 1233663335 M * Bertl actuall (it is early in the morning for me :) 1233663348 M * Bertl amine: ad routing, see multiple routing tables 1233663677 J * kwowt ~quote@pomoc.ircnet.com 1233663680 M * kwowt ello 1233663872 M * Bertl ello 1233663915 J * dna ~dna@229-201-103-86.dynamic.dsl.tng.de 1233664159 M * kwowt :> 1233664175 M * kwowt today is THE day! 1233664325 Q * kir Ping timeout: 480 seconds 1233664368 J * kir ~kir@swsoft-msk-nat.sw.ru 1233664370 Q * ard Ping timeout: 480 seconds 1233665555 J * esa bip@ip-87-238-2-45.static.adsl.cheapnet.it 1233666055 M * amine I still have several false entries in vz routing table, how can I correct them? thanks.. 1233666082 M * Bertl vz? 1233666104 M * amine vs 1233666143 M * amine it's driving me mad :s , i just lost two days for setting up a vserver with a diffrent subnet 1233666148 M * Bertl what do you mean by 'false entries'? you obviously added them at some point? 1233666188 M * Bertl it is in no way different from configuring Linux _without_ Linux-VServer for different subnets 1233666217 M * Bertl describe your scenario and I'll help you with the setup 1233666222 M * amine can't remove or add entries with "route" command in a vserver 1233666233 M * amine thanks Bertl 1233666238 M * Bertl you don't do that on the guest, you configure it on the host 1233666279 M * amine I have a physical server , with a vserver guest, the two using two public IPs , on the same subnet, It is working correctly 1233666315 M * amine now I want to add a second vserver , but have to use a public IP with different subnet/gateway 1233666394 M * Bertl 1) add an entry to /etc/iproute2/rt_tables like '42 second' 1233666421 M * Bertl 2) add the routing entries you want to that table like this: 1233666440 M * Bertl ip route add default via table second 1233666465 M * Bertl 3) add a source IP based rule to the routing engine for the affected IPs 1233666509 M * Bertl ip rule add from table second 1233666534 M * Bertl 4) test the setup with e.g. ping -I www.google.com 1233666573 M * Bertl once that is working, just assign the IP(s) to the guest(s) 1233666677 M * amine thanks I am trying it now 1233668235 M * amine Bertl: to be sure, I created a new vserver without an interface , then tried to add the "ip route add ... via new_gw" ... but it complained network was unreachable 1233668267 M * amine now i am trying to add an IP to eth0 , with new subnet , 1233668287 M * amine am reading the faq , but cant figure out what is the "nid" 1233668491 M * Bertl amine: forget about the guest(s) for now, just focus on the routing (as I said, it is _not_ Linux-VServer related) 1233668525 M * Bertl so, make sure that the ping -I works and the proper gateway is used 1233668549 M * Bertl once that is done, you can simply configure the guest to use that IP 1233668577 M * amine Bertl: ok , but that's logical to have it complain when adding the gateway route , if there's no address with same subnet already configured 1233668585 M * Bertl to answer the question: the nid is the network context id use in Linux-VServer (usually the same as the process context id (xid)) 1233668604 M * Bertl amine: then configure it (for the second table) 1233668652 M * amine ok , am adding it to eth0 (ip addr add ....) but it didnt work..... I am gonna try again 1233668680 M * Bertl as far as I can tell you are stuck at #2 of my list above 1233668702 M * amine yes 1233668719 M * Bertl assumed that you want to add a network 10.0.0.0/24 with gw 10.0.0.1 and your IP 10.0.0.2 you would do: 1233668769 M * Bertl ip route add 10.0.0.0/24 dev eth0 src 10.0.0.2 table second 1233668788 M * Bertl ip route add default via 10.0.0.1 dev eth0 table second 1233668828 M * Bertl the first one should already exist on the main table when you added the 10.0.0.2/24 address to eth0 1233668852 M * amine yes 1233668893 M * amine I think i figured out a problem, first vserver has its interface as eth1 in host !! 1233668902 M * amine that's causing a conflict 1233668920 M * amine just added the route to new_bw with appropriate interface 1233668922 M * Bertl well, I don't know much of your setup, so that might as well be fine :) 1233668956 M * amine now am gonna re-apply your commands for source-based routing 1233670345 M * amine there definetely a problem with my source-based routing, I can ping , but cant ping -I second_ip 1233670365 M * Bertl the second IP? that's fine then 1233670393 M * Bertl it is expected that you cannot reach the second gateway from the first IP 1233670406 M * Bertl (wouldn't make much sense, would it?) 1233670436 M * amine actually it is ping -I secondip secondgw 1233670453 M * amine but I can ping secondgw directly 1233670467 M * amine I have now the two ip (1st and second) on eth0 1233670469 M * Bertl so which one fails? 1233670491 M * amine ping -I secondip secondgw fails 1233670518 M * Bertl then either your setup is wrong, or the second gateway doesn't answer 1233670530 M * Bertl check with tcpdump -vvnei eth0 icmp 1233670548 M * amine it does answer when i ping it directly (ping secondgw) 1233670594 M * Bertl check that the 'ip route ls' and 'ip route ls table second' match for this subnet 1233670606 M * Bertl (double check ips and netmasks :) 1233670630 M * amine yes I am gonna do it :) 1233671359 M * _nono_ amine, are your subnets pure IP or are they different vlans? 1233671392 M * _nono_ if your network switches support it, I tend to find vlans easier to manage 1233671415 M * _nono_ no IP black magic, just different (virtual) ethernet interfaces 1233671429 M * amine they should be on different vlans... actually i dont have physical access to servers 1233671511 M * _nono_ I have no direct experience with vlans and vserver, but you should find lots of examples in Xen-related docs and the basic idea is the same 1233671563 M * _nono_ just make sure the network topology is what you think it is, I would try not to mess with the network config of servers I don't have physical access to :) 1233671681 M * Bertl well, actually the networking on Linux-VServer is nothing like on Xen 1233671706 M * Bertl it is like on Linux, no indirection, no bridging, no virtual interfaces 1233671729 M * Bertl nevertheless, vlans work great with Linux-VServer and util-vserver knows how to create them too 1233671760 M * Bertl amine: what does the tcpdump show when you ping -I as described above? 1233671774 M * Bertl (i.e. in the 'failing' case) 1233671953 M * amine it show only requests, but no responses 1233671974 M * Bertl with the correct IPs? 1233671978 M * amine yes 1233671990 M * Bertl then your gateway is not configured to answer 1233672018 M * Bertl i.e. the problem is outside yout host, unless you have a firewall blocking the replies 1233672077 M * amine really stange 1233672123 M * amine I think am gonna give up for the moment..... 1233672132 M * amine thank you very very much for your help 1233672148 M * amine tomorrow i'll contact the hoster to debug with me, 1233672162 M * amine (iptables isnt filtering on my side) 1233672256 M * Bertl you could tcpdump arp packets to get some clues 1233672448 J * click click@ti0127a340-0778.bb.online.no 1233673224 Q * nou_ Ping timeout: 480 seconds 1233673685 J * Hollow__ ~hollow@shiva.xnull.de 1233673693 Q * Hollow Read error: Connection reset by peer 1233673744 N * Hollow__ Hollow 1233674128 J * nou Chaton@2001:6f8:328:bbc:6666:6667:: 1233674388 J * hparker ~hparker@linux.homershut.net 1233675512 Q * davidkarban Remote host closed the connection 1233676088 J * dowdle ~dowdle@scott.coe.montana.edu 1233676131 J * xije ~xije@193.43.249.169 1233676945 Q * hparker Quit: New radio 1233678252 J * hparker ~hparker@linux.homershut.net 1233678525 Q * amine Ping timeout: 480 seconds 1233678749 Q * dna Quit: Verlassend 1233679383 M * kwowt Bertl, here? 1233679446 Q * FloodServ synthon.oftc.net services.oftc.net 1233679738 Q * kir Quit: Leaving. 1233679926 M * Bertl kwowt: yep? 1233680020 J * FloodServ services@services.oftc.net 1233680264 J * mfv ~mfv@151.16.123.36 1233680710 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1233680747 Q * mfv Ping timeout: 480 seconds 1233681360 J * jidanu ~jidanu@pmr.fr 1233681667 Q * esa Quit: Coyote finally caught me 1233683355 Q * harobed Ping timeout: 480 seconds 1233683486 Q * doener_ Quit: leaving 1233683815 Q * xije Read error: Connection reset by peer 1233683907 Q * pmenier Quit: Konversation terminated! 1233684393 M * kwowt Bertl: i moved the vps now 1233684401 M * kwowt how can i be sure its started from the new directory now? 1233684948 M * Bertl in the config, does vdir point to the new location? 1233684970 M * Bertl touch something in /path/to/guest and check if it is visible inside the guest 1233684975 M * kwowt yes, it does 1233685057 M * kwowt i created a new dir and its visible 1233685062 M * kwowt so i can remove the old files now right 1233685075 M * Bertl yes, I'd say so 1233685482 M * kwowt thx 1233686108 Q * nkukard Ping timeout: 480 seconds 1233686181 J * nkukard ~nkukard@196.212.73.74 1233686722 Q * daniel_hozac Remote host closed the connection 1233686725 J * daniel_hozac ~daniel@2002:5043:693::102 1233687872 J * dna ~dna@229-201-103-86.dynamic.dsl.tng.de 1233689710 J * echo6 ~echo6@5acf76bd.bb.sky.com 1233689766 M * echo6 where should I look to fix procfs-security issues!? 1233689796 M * echo6 vc_migrate_context(): Function not implemented 1233689815 M * echo6 /proc/uptime can not be accessed. Usually, this is caused by procfs-security 1233689861 M * Bertl you 'fix' it by running vprocunhide 1233689878 M * echo6 reading the web page the subsequent url refers to lsattr, which doesn work on /proc 1233689879 M * Bertl (which usually is done as part of the host startup scripts) 1233689880 M * echo6 ah ok thanks 1233689925 M * echo6 which package provides vprocunhide, ubuntu? 1233689930 M * Bertl what kernel/patches and what util-vserver version do you use? 1233689950 M * Bertl util-vserver provides all that (the tools you have already installed) 1233690119 M * echo6 kernel 2.6.28.2-vs2.3.0.36.4 with 0.30.216`r2750-3ubuntu2 1233690276 M * Bertl check for a service called vprocunhide 1233690311 M * Bertl i.e. in /etc/rc.d/init.d (or where ubuntu keeps the init scripts) 1233690322 M * echo6 Hmm, I found it here /usr/lib/util-vserver/vprocunhide 1233690368 M * echo6 but it doesnt seem to do anything! 1233690396 M * Bertl that is the one which gets executed, and it is supposed to configure /proc correctly 1233690424 M * Bertl how do you tell it doesn't do anything for you? 1233690451 M * echo6 i get the same error after executing vprocunhide, taking a peek at the script 1233690540 M * Bertl I wouldn't trust the ubuntu version of the tools to do the proper thing, IIRC, they had a broken gcc and broken dietlibc not too long ago 1233690561 M * Bertl but the best approach is to check with testme.sh 1233690572 M * echo6 ok 1233690584 M * Bertl http://vserver.13thfloor.at/Stuff/SCRIPT/ 1233690652 M * echo6 vcontext: vc_ctx_migrate(): Function not implemented 1233690666 M * echo6 chcontext failed! 1233690675 M * echo6 back to google then :( 1233690712 M * daniel_hozac your version of the utils is known to be broken. 1233690727 M * daniel_hozac either build them yourself, or get something based on -6. 1233690757 M * echo6 ok thanks both 1233690805 M * Bertl you're welcome! 1233690934 M * fb good evening :) 1233691042 M * Bertl and a good 1 2u2 1233691453 M * echo6 Hah! ./linuxcaps.h:74: error: expected specifier-qualifier-list before ‘__le32’ 1233691489 M * echo6 util-vserver-0.30 fails to build :( 1233691518 M * daniel_hozac try something from the last 5 years. 1233691528 M * daniel_hozac like 0.30.215 or 0.30.216-pre2827. 1233691677 Q * echo6 Read error: Connection reset by peer 1233691678 J * echo6 ~echo6@5acf76bd.bb.sky.com 1233691750 M * echo6 where is util-vserver-0.30.215? 1233691774 M * daniel_hozac http://ftp.linux-vserver.org/pub/utils/util-vserver/ http://people.linux-vserver.org/~dhozac/t/uv-testing/ 1233691807 M * echo6 excellent thanks 1233692277 M * echo6 configure: error: internal error! where do I look to see what I need to fix 1233692281 J * jrdnyquist ~jrdnyquis@slayer.caro.net 1233692388 Q * balbir_ Read error: Operation timed out 1233692430 M * daniel_hozac install beecrypt headers or nss headers. 1233692454 M * echo6 ok 1233692865 Q * maddoc Ping timeout: 480 seconds 1233693072 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg 1233693079 M * ser hello chaps, i set sched/priority-bias - how to check if it works? 1233693123 Q * gnuk Remote host closed the connection 1233693127 J * maddoc maddoc@social.ostruktur.com 1233694032 M * Bertl check the priorities with top? 1233694162 M * ser it is not easy as each process takes only part of a second, there are 100 qmail-remote instances 1233694208 M * ser and in other vservers there are long-running cpu intensive processes which persist on "top" of top 1233694230 M * Bertl well, then you have to 'hope' that it works :) 1233694242 M * ser Bertl: :-) 1233694259 M * Bertl but you could 'test' with two guests each running a cpuhog, for example 1233694276 M * Bertl and if that works out fine, you can assume that it works for your specific load too 1233694278 M * ser Bertl: right! thanks, of course... 1233695456 M * echo6 vserver vserver1 start and I get /etc/init.d/rc: 166: cannot open /dev/console: No such file 1233695460 M * Bertl nap attack ... probably back later ... 1233695465 N * Bertl Bertl_zZ 1233695923 M * ser echo6: but are there any problems with this vserver? 1233695958 M * echo6 ser: no it is running, and /dev/console does exist! 1233695990 M * echo6 ser: but not to the vserver 1233696184 M * ser how did you create this vserver? 1233696416 M * echo6 step 2 here http://wiki.linux-vserver.org/Installation_on_Ubuntu#Check_Ubuntu.27s_Wiki 1233696679 Q * stimpy_ Quit: leaving 1233697741 J * mufafidov ~mufafidov@193.43.249.169 1233697943 J * doener ~doener@i577B9B17.versanet.de 1233698494 M * ser echo6: but using newvserver command? 1233698518 Q * bonbons Quit: Leaving 1233698711 M * daniel_hozac echo6: just ignore it. 1233698974 Q * echo6 Quit: Leaving 1233699870 J * larsivi_ ~larsivi@212251132182.customer.cdi.no 1233699875 Q * larsivi Ping timeout: 480 seconds 1233701586 M * ktwilight__ 2.6.27.14 and 2.6.28.3 are out :) 1233702182 Q * hijacker_ Quit: Leaving 1233703603 Q * dna Quit: Verlassend