1233709384 M * almak_ hi there 1233709448 Q * dowdle Remote host closed the connection 1233709464 M * almak_ If I have a Vserver context which mount --binds to a directory that shares file with another vserver context is it possible for both context to modify the same file? 1233709502 M * daniel_hozac as long as the filesystem isn't mounted with -o tag, yes. 1233709571 M * almak_ Is there any way to overcome if filesystem is mounted with -o tag? 1233709581 M * daniel_hozac mount it with -o notagcheck. 1233709604 M * daniel_hozac but that disables all checking of tags. 1233709613 M * daniel_hozac not just for certain files. 1233709699 M * almak_ Can I use -o notagcheck with mount --bind? 1233709744 M * daniel_hozac depends on your kernel. 1233709772 M * almak_ I have kernel 2.6.22 1233709788 M * daniel_hozac and patch version? 1233709835 M * almak_ 2.0.1 patch 1233709843 M * daniel_hozac no... 1233709927 M * almak_ I got it wrong, I have 2.6.14.3-v2.0.1. The new version will be 2.6.22.18-v2.2.0.7 1233709943 M * daniel_hozac neither of those have notagcheck, IIRC. 1233709946 M * daniel_hozac at all. 1233709963 M * almak_ Do you now which patch version has it? 1233709996 M * daniel_hozac the 2.3 series since at least 2.3.0.18. 1233710031 M * almak_ Thanks got it. 1233716209 N * Bertl_zZ Bertl 1233716217 M * Bertl back now ... 1233718842 Q * hparker Quit: Quit 1233721550 Q * jidanu 1233726590 Q * FloodServ synthon.oftc.net services.oftc.net 1233728470 J * ktwilight_ ~ktwilight@241.102-66-87.adsl-dyn.isp.belgacom.be 1233728664 M * Bertl off to bed now ... have a good one everyone! 1233728670 N * Bertl Bertl_zZ 1233728855 Q * ktwilight__ Ping timeout: 480 seconds 1233729037 J * amine ~amine@41.221.19.3 1233729725 J * MexiNerd MexiNerd@ip72-207-23-205.sd.sd.cox.net 1233729750 J * ErrantEgo ~ErrantEgo@errantego.user.oftc.net 1233729846 Q * MexiNerd Quit: OUCH!!! 1233729940 P * ErrantEgo 1233730578 J * sharkjaw ~gab@217-26-13.231210.adsl.tele2.no 1233730803 J * FloodServ services@services.oftc.net 1233732727 J * hparker ~hparker@2001:470:1f0f:32c:215:f2ff:fe60:79d4 1233732811 Q * FireEgl Quit: Leaving... 1233734529 J * davidkarban ~david@88.86.104.103 1233735150 J * harobed ~harobed@pda57-1-82-231-115-1.fbx.proxad.net 1233736102 J * kir ~kir@swsoft-msk-nat.sw.ru 1233736398 J * gypsymauro ~colorioma@84.18.151.77 1233736454 M * gypsymauro hi, I'm running debian lenny with vserver and after some days of uptime I get this error: http://pastebin.com/mcfc9227 , there is a way to monitor memory usage of guests processes? I know vtop there is something like htop? vhop?:) 1233736566 J * balbir_ ~balbir@122.172.106.62 1233736604 M * gypsymauro vhtop?:) 1233736642 J * doener_ ~doener@i577BA503.versanet.de 1233736745 Q * doener Ping timeout: 480 seconds 1233736954 J * duckx ~Duck@81.57.39.234 1233737471 J * FireEgl FireEgl@2001:470:e056:1:4:: 1233737664 J * esa bip@ip-87-238-2-45.static.adsl.cheapnet.it 1233737861 M * ktwilight_ gypsymauro, chcontext --xid 1 -- htop 1233738056 M * gypsymauro ktwilight_: whoa... 1233738109 M * gypsymauro so xid 1 means all context? 1233738870 Q * click Remote host closed the connection 1233739014 M * ktwilight_ gypsymauro, something like that yea 1233739448 J * cga ~weechat@62.196.2.6 1233740055 J * pmenier ~pme@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr 1233740142 M * gypsymauro tank you a lot:) 1233740192 M * ktwilight_ :) 1233740728 Q * gypsymauro Quit: leaving 1233740943 Q * cga Quit: WeeChat 0.2.6 1233741231 J * cga ~weechat@62.196.2.6 1233741763 Q * cga Quit: WeeChat 0.2.6 1233742469 J * cga ~weechat@62.196.2.6 1233743240 J * gypsymauro ~colorioma@84.18.151.77 1233743283 J * ghislainocfs21 ~Ghislain@adsl2.aqueos.com 1233743383 Q * ghislainocfs2 Ping timeout: 480 seconds 1233743507 J * dna ~dna@229-201-103-86.dynamic.dsl.tng.de 1233743577 J * ghislainocfs2 ~Ghislain@adsl2.aqueos.com 1233743716 M * gypsymauro I'm back:) ktwilight_ I've a problem on a guest.. if i run ps -aux I c 4 apache2 processes with htop I see 40 apache2 processes... what this means? (buggy htop?:) 1233743767 M * ktwilight_ sure it's not the number of childs? 1233743810 M * gypsymauro uhm 1233743855 Q * ghislainocfs21 Ping timeout: 480 seconds 1233743919 M * gypsymauro i can't c childs with ps? 1233744389 J * brianwillis1984 ~brianwill@cpe-98-30-144-101.woh.res.rr.com 1233744420 M * brianwillis1984 i know i might be in the wrong place but ill take a try at it....hey has anyone ever heard of icecast? 1233744459 M * pmjdebruijn who hasn't 1233744482 M * brianwillis1984 aww great finally someone....everyone i asked doesnt know what the heck it is 1233744482 M * brianwillis1984 lol 1233744524 M * brianwillis1984 dont want to sound too noobish plus also im getting tired...but how do i install that into debian? 1233744528 M * brianwillis1984 would u know? 1233744758 M * gdm aptitude install icecast? but you are very much in the wrong place! 1233744817 M * brianwillis1984 yea i know i just took a try...thanks tho gdm: 1233745020 P * brianwillis1984 Leaving 1233745569 Q * balbir_ Read error: Connection reset by peer 1233746373 Q * sharkjaw Remote host closed the connection 1233746424 J * balbir_ ~balbir@122.172.144.72 1233746547 J * sharkjaw ~gab@217-26-13.231210.adsl.tele2.no 1233748637 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1233749119 Q * balbir_ Ping timeout: 480 seconds 1233749675 Q * amine Ping timeout: 480 seconds 1233749783 J * balbir_ ~balbir@122.172.57.195 1233752476 J * amine ~amine@41.221.18.3 1233753540 N * Bertl_zZ Bertl 1233753553 M * Bertl morning folks! 1233754129 M * Bertl gypsymauro: by default, ps doesn't show threads, there are options (see man ps) to show threads too (like htop does by default) 1233754979 M * gypsymauro tanx Bertl 1233755073 Q * jrdnyquist Remote host closed the connection 1233756533 Q * pmenier Read error: Connection reset by peer 1233759328 J * ard ~ard@shell2.kwaak.net 1233760147 J * takeru ~takeru@nttkyo888227.tkyo.nt.ftth.ppp.infoweb.ne.jp 1233760167 P * takeru 1233760582 M * Bertl nap attack .. bbl 1233760589 N * Bertl Bertl_zZ 1233760993 Q * kwowt Ping timeout: 480 seconds 1233762747 J * dowdle ~dowdle@scott.coe.montana.edu 1233762953 J * geb ~geb@42.4.82-79.rev.gaoland.net 1233763022 M * geb hi 1233763080 Q * sharkjaw Remote host closed the connection 1233763254 M * geb stupid question of the day: is it possible to have a vserver with a read only / ? what is the prefered way ? 1233763295 J * takeru ~takeru@nttkyo888227.tkyo.nt.ftth.ppp.infoweb.ne.jp 1233763337 J * saulus ~saulus@c140114.adsl.hansenet.de 1233763363 M * saulus Trying to make samba4 work on a debian-vservers guest, i need user_xattr. How do I enable this? 1233763429 M * saulus its working fine on my host, but the guest doesnt have this cappability 1233763932 J * ktwilight__ ~ktwilight@87.66.199.27 1233764000 Q * amine Quit: Ex-Chat 1233764163 M * ser hello, i wonder if PRI value could be bigger than 39? (top) 1233764185 J * pmenier ~pme@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr 1233764232 M * geb saulus, is your vserver root mounted with user_xattr ? 1233764279 J * saulus_ ~saulus@d025051.adsl.hansenet.de 1233764304 M * geb saulus, is your vserver root mounted with user_xattr ? (connection problem ? :) ) 1233764352 M * geb you may also look for http://linux-vserver.org/Capabilities_and_Flags#System_capabilities_.28bcaps.29 1233764363 Q * ktwilight_ Ping timeout: 480 seconds 1233764390 Q * saulus Ping timeout: 480 seconds 1233764400 J * dna_ ~dna@229-201-103-86.dynamic.dsl.tng.de 1233764658 Q * dna Ping timeout: 480 seconds 1233764658 N * Bertl_zZ Bertl 1233764662 M * Bertl back now .. 1233764677 M * ser hello Bertl, i wonder if PRI value could be bigger than 39? (top) 1233764721 M * Bertl ser: no need to repeat questions here, we have a) a realtime log, and b) I usually look at the backlog when I return ... 1233764733 M * ser ok 1233764738 P * takeru 1233764811 M * Bertl geb: yes, a read-only / is possible, just add the proper --bind mount to the guest config's fstab 1233764825 M * Bertl saulus_: what's the problem there? 1233764903 M * geb ok, i'll test 1233764916 M * Bertl ser: 'normal' processes will get priorities between 0 and 39, realtime processes get different values 1233764917 Q * balbir_ Quit: Ex-Chat 1233764994 Q * davidkarban Quit: Ex-Chat 1233765019 M * saulus_ Bertl: are you familliar with vservers? The host's fstab has the listing /dev/mapper/lvm--raid-root / ext3 defaults,user_xattr,errors=remount-ro 0 1 and all works fine. But the guest's mount tells /dev/hdv1 on / type ufs (defaults). In guests fstab the /dev/hdv1 is not listed, in host:/etc/vservers/myvserver/fstab not listed as well. 1233765093 M * Bertl I'm somewhat familiar with Linux-VServer, yes :) 1233765093 M * geb i am no really sure Bertl is familliar with vserver :p 1233765102 M * ser Bertl: haha 1233765134 M * ser Bertl: good stuff 1233765162 M * Bertl saulus_: what you see on the host and guest is merely what mount (or some other app) has written to /etc/mtab 1233765179 M * ser saulus_: so if it is not listed in fstab, how did you mount it? 1233765190 M * Bertl saulus_: if you want to know what's really going on, check with /proc/mounts 1233765221 M * Bertl saulus_: the guest's fstab (i.e. the fstab _inside_ the guest data) is not consulted, instead the fstab in the guest's config is applied 1233765321 M * geb Bertl, before asking i tested that : http://paste.linux-vserver.org/12725 , is it normal that the guest keep its / rw ? 1233765377 M * Bertl yes 1233765393 J * saulus ~saulus@d026147.adsl.hansenet.de 1233765445 M * geb thanks :) 1233765500 Q * saulus_ Ping timeout: 480 seconds 1233765515 M * Bertl guest and host use different namespaces, so you have to apply the changes to the correct namespace 1233765552 M * Bertl if you want a ro /, just add the proper bind mount to the guest config's fstab, or if your guest has a separate / mount, add ro for that one 1233765659 M * saulus Bertl: the guests fstab doesnt have any entries for the mount:(/dev/hdv1 on / type ufs (defaults)) even when tuning the guests fstab with /dev/hdv1 / ufs defaults,user_xattr,errors=remount-ro 0 0 it doesnt change anything 1233765677 J * dna ~dna@229-201-103-86.dynamic.dsl.tng.de 1233765712 M * saulus because of this I cant get the mount option user_xattr to work in my guest, that I need for samba4 1233765726 M * saulus especially for the attr-package 1233765759 M * Bertl as I said above, the fstab _inside_ the guest is not consulted ever 1233765775 M * ser Bertl: if i have "19" in two vservers "nice", how can "priority-bias" be important? as you said PRI cannot be more than 39. 1233765793 M * Bertl saulus: the fstab used for mounting guest mounts (inside the guest space) lives in the guest's config tree 1233765829 M * Bertl saulus: and the mtab is mere illusion, i.e. you can edit it if you like, even remove it, no effect on the mounts 1233765870 M * Bertl ser: 39 is the _highest_ priority (remember priority is inverse to nice values) 1233765885 Q * dna_ Ping timeout: 480 seconds 1233765980 M * saulus ok Bertl, understood. But how can I tell the vserver to mount with user_xattr ? Ive tried to use /etc/vservers/samba4/fstab. When I start the vserver it reports: mount: special device /dev/hdv1 does not exist, /etc/vservers/samba4/fstab:2:1: failed to mount fstab-entry. The device doesnt exist - so how can I pass parameters to it? 1233765994 M * ser Bertl: highest?? so vserver with /etc/blabla/nice = 19 is "more important" then other with "17"? 1233766013 M * Bertl saulus: where does the mount come from in the first place? 1233766032 M * ser saulus_: so if it is not listed in fstab, how did you mount it? 1233766057 M * Bertl ser: no, a 'nice' value of 19 is less important than one of '17' 1233766086 M * ser ok, but i can see my vserver with 17 has PRI=37 1233766105 M * ser and this with 19 - PRI=39 1233766112 M * Bertl a process inside that guest can have a priority of 0 .. 39 1233766135 M * Bertl the priority is calculated across _all_ guests and processes 1233766139 Q * bibabu Remote host closed the connection 1233766157 M * Bertl if nothing else is running, a nice 19 guest will also get high priorities 1233766162 M * saulus :))) Feels like the circle has closed :) Bertl - i dont understand your question, ser it gets mounted automatically and your question is exactly my question. Wait, i do some pastes ... 1233766179 J * bibabu bibabu@vserv1.de 1233766205 M * Bertl saulus: not really necessary, I think you have two misconceptions blocking your understanding here 1233766208 M * ser saulus: cat your /etc/vservers/BLABLAB/fstab 1233766254 M * Bertl saulus: first, on the guest, there is _no_ hdv1 (i.e. no virtual device or such), it is simply a placeholder written to /etc/mtab to make some userspace tools happy 1233766297 M * ser Bertl: i still cannot get it - as i said one vserver has nice 19, other 17, and PRI is set (as i can see on htop) accordingly 39 and 37 1233766298 M * Bertl saulus: second, there is _no_ guest specific mount, unless you have added something to the guest configs fstab 1233766325 J * balbir_ ~balbir@122.172.57.195 1233766330 M * ser why more "niced" server has bigger PRI? 1233766382 J * dna_ ~dna@229-201-103-86.dynamic.dsl.tng.de 1233766436 M * saulus http://rafb.net/p/5hfLHB39.html is the fstab and mount output from the host. the vservers config directory fstab: http://rafb.net/p/IYL0V624.html, the vserver itself: http://rafb.net/p/wzxvu919.html 1233766523 M * saulus fine. So how do I do a guest specific mount, i.e. add some special mount option to the guests root directory? 1233766548 Q * dna Ping timeout: 480 seconds 1233766548 M * Bertl your guests root dir is already mounted with user_xattr 1233766555 M * cehteh is util-vserver 0.30.214 recent (cough) enough for current experimental 2.6.28 kernel patches? 1233766562 Q * esa Quit: Coyote finally caught me 1233766571 M * cehteh (not using any new functionality, just upgrading kernel) 1233766591 M * Bertl cehteh: better get one of the 0.30.216pre but it should work (no new features :) 1233766614 M * Bertl saulus: cat /proc/mounts inside the guest 1233766653 M * saulus Bertl: you're right - there is it listed: /dev/mapper/lvm--raid-root / ext3 rw,errors=remount-ro,user_xattr,data=ordered 0 0 1233766672 M * cehteh well never touch a running system .. only the kernel is bit rootten by now, i want the new one give a try 1233766685 M * Bertl saulus: see, if you want to adjust the mtab accordingly, you can do that via the config too 1233766687 M * cehteh 2.6.22.19-vs2.2.0.6 ... 1233766743 M * saulus ok, but the problem remains: on the guest: cd /tmp/; touch test.txt; LC_ALL=C setfattr -n user.test -v test test.txt reports setfattr: test.txt: Operation not supported. On the host this works 1233766784 M * Bertl run it through 'strace -fF' and upload the output 1233766807 M * Bertl most likely you are missing a capability 1233766915 M * saulus http://rafb.net/p/4zUova13.html 1233767148 M * Bertl that's at least interesting .. sec 1233767192 M * Bertl saulus: could you upload the /proc/mounts contents for me too, please? 1233767198 M * Bertl (from inside the guest) 1233767266 M * saulus here it is Bertl http://rafb.net/p/smRd4t78.html 1233767388 Q * dna_ Ping timeout: 480 seconds 1233767501 M * geb http://paste.linux-vserver.org/12727 , is something wrong ? 1233767586 J * dna ~dna@229-201-103-86.dynamic.dsl.tng.de 1233767636 M * Bertl geb, what util-vserver version? 1233767664 M * Bertl saulus: what kernel/patches? 1233767684 M * geb util-vserver: 0.30.216-pre2772; Jan 13 2009, 12:32:16 (debian backports) 1233767725 M * Bertl probably the broken version, but try with bind instead of rbind 1233767766 M * saulus Bertl: Linux mynet.local 2.6.26-1-vserver-686 #1 SMP Mon Dec 15 21:11:05 UTC 2008 i686 GNU/Linux, debian stable 1233767777 M * saulus is the output from uname -a 1233767778 M * Bertl geb: and do not 'enter' the guest, ssh into it or so 1233767825 M * Bertl saulus: let's try with a more recent kernel, e.g. 2.6.27.14 or 2.6.28, but I suspect a mainline bug, not handing over the xattr handlers on (r)bind mounts 1233767849 M * Bertl but we can investigate that if you want 1233767895 M * geb same problem with bind 1233767921 Q * kir Quit: Leaving. 1233767986 M * saulus hmm, im not that used to debian. I want a secure host. I dont know how to use backports. But would it be possible to get a newer kernel with the backports - or do you see another possibility besides compiling? 1233768003 Q * harobed Ping timeout: 480 seconds 1233768021 M * nox geb: 0.30.216~r2772-4 was broken, if you have that one update to 0.30.216~r2772-6 is recommended 1233768033 M * Bertl saulus: backports should have moderately recent kernels 1233768047 M * geb saulus, just add backport line to /etc/apt/sources.list; apt-get update ; apt-get install -t etch-backports util-vserver linux-image-2.6-vserver-686 1233768067 M * geb thanks nox 1233768172 M * geb i have the -6 1233768176 M * nox fine 1233768334 M * saulus thx geb 1233768363 M * Bertl daniel_hozac: ping? 1233768505 J * dna_ ~dna@229-201-103-86.dynamic.dsl.tng.de 1233768751 J * ktwilight_ ~ktwilight@87.66.201.85 1233768768 Q * dna Ping timeout: 480 seconds 1233768798 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1233768850 M * geb strange even using rbind,ro or bind,ro i am unable to have a readonly root 1233768882 M * Bertl yes, the problem seems to be that the rbind done _after_ the mounting eliminates those options 1233768912 M * Bertl looks like a mainline bug/feature to me, but we'll have to chat with daniel_hozac to figure the details 1233768964 M * geb ok 1233768971 M * geb if i can help ... :) 1233769135 Q * ktwilight__ Ping timeout: 480 seconds 1233769253 J * ktwilight__ ~ktwilight@78.122-66-87.adsl-dyn.isp.belgacom.be 1233769290 M * cehteh PID Namespaces << does vserver use that? 1233769304 M * Bertl not yet 1233769307 M * cehteh make oldconfig fun 1233769318 M * cehteh but adding it wont harm i guess 1233769335 M * Bertl it shouldn't 1233769408 M * Bertl geb: the first problem is, with recent kernels, bind,ro doesn't work anymore (was a mainline decision when adding ro bind mounts) 1233769423 M * Bertl geb: instead, it requires a bind mount, and then a remount 1233769494 J * ktwilight ~ktwilight@87.66.198.160 1233769494 M * Bertl the main problem I see is that util-vserver's secure mount doesn't allow for that specific remount 1233769495 M * geb oh, strange decision 1233769513 M * geb want that i test something (remounting) ? 1233769537 M * Bertl yeah, well, we are glad mainline picked up the ro bind mounts after five years or so :) 1233769602 M * Bertl you can try to play around with remounting the bind mount in the pre-start script, but my attempts failed so far (mountpoint busy or mount too dumb to get it right) 1233769693 Q * ktwilight_ Ping timeout: 480 seconds 1233769721 J * Piet ~piet@asteria.debian.or.at 1233769738 Q * ktwilight__ Ping timeout: 480 seconds 1233770323 N * pmenier pmenier_off 1233771239 Q * cga Quit: WeeChat 0.2.6 1233771417 J * ktwilight_ ~ktwilight@176.73-66-87.adsl-dyn.isp.belgacom.be 1233771436 Q * ktwilight Read error: Connection reset by peer 1233772027 J * ktwilight__ ~ktwilight@86.97-66-87.adsl-dyn.isp.belgacom.be 1233772066 Q * ktwilight_ Read error: Connection reset by peer 1233772696 Q * gnuk Quit: NoFeature 1233773173 Q * larsivi_ Ping timeout: 480 seconds 1233773427 Q * nou Read error: Connection reset by peer 1233773598 J * nou Chaton@2001:6f8:328:bbc:6666:6667:: 1233778159 Q * saulus Quit: leaving 1233778201 J * saulus ~saulus@d026147.adsl.hansenet.de 1233778211 Q * saulus 1233778456 Q * ensc Remote host closed the connection 1233778520 J * saulus ~saulus@d073161.adsl.hansenet.de 1233778522 M * ser Bertl: sorry, do you have a second to explain me this fact? nice=19,PRI=39 / nice=17,PRI=37 1233778541 M * Bertl how do you test? 1233778549 M * ser htop 1233778567 M * ser or vtop 1233778567 M * Bertl that's not a test, that is a monitoring tool 1233778584 M * Bertl you need a test load, e.g. cpuhog 1233778595 M * ser now my server is load 1233778598 M * ser loaded 1233778607 M * ser both vservers 1233778610 M * Bertl run that as only process in two guests 1233778622 M * ser ok, i will establish a testbed 1233778632 M * Bertl adjust the nice value, not the priority bias, and check what happens 1233778638 M * ser OK, thanks 1233778757 M * saulus so i didnt get any new kernels with backports and tried lenny for now, but I didnt get any new kernels also. Instead I got a new vserver-utils package (0.30.216~r2772-6~bpo40+1) 1233778773 M * saulus the problem still remains 1233778781 N * kaner_ kaner 1233778786 M * Bertl that's fine (the new tools) 1233778847 M * Bertl you probably need to compile the kernel yourself anyway if you want to investigate this further 1233778941 M * saulus im looking for another way out of this :) 1233779002 M * Bertl well, it looks like a mainline issue, and if so, I doubt you will find a quick workaround 1233779032 M * Bertl maybe you could enable remount for the guest and do an actual remount from inside 1233779039 M * saulus ok, but Im trying to obtain the debian experimental or unstable kernel without any troubles 1233779049 M * saulus how would I do this? 1233779056 M * Bertl what? 1233779066 M * saulus that would satisfy my testing for now. The remout 1233779068 M * saulus remount 1233779111 M * Bertl http://linux-vserver.org/Capabilities_and_Flags 1233779118 M * saulus SECURE_REMOUNT ? 1233779126 M * Bertl yep 1233779194 M * fb good evening :-) 1233779206 M * Bertl evening! 1233779457 M * fb if i want my vserver to use host's network interface(s), all i need is interface/0/dev set to 'dev', right? 1233779484 M * Bertl Linux-VServer will _always_ use the host's network interface(s) 1233779528 M * Bertl the dev/nodev just controls if util-vserver will add the ip or not 1233779529 M * fb Bertl: i know :P I described this wrong way 1233779571 M * fb so just a file named nodev 1233779584 M * Bertl k, try to rephrase your question then ... 1233779642 M * fb Bertl: i don't want my guest to have it's own IP 1233779668 M * Bertl ah, so the host IP shall be used, then it is 'nodev' and the proper entry in ip/prefix 1233779691 M * Bertl but keep in mind that this might cause some DoS scenarios if the guest is not trusted 1233779713 M * fb Bertl: this guest is normally shut down 1233779715 M * Bertl (a more secure setup is a private IP with S/DNAT) 1233779746 M * fb Bertl: i'm using this only when i need to compile new kernel, then turning off again 1233779761 M * saulus ok: with ccaps SECURE_REMOUNT my guest is able to remount. mount -o remount,rw,errors=remount-ro,user_xattr / from inside results in: /dev/hdv1 on / type ufs (rw,user_xattr,errors=remount-ro,user_xattr). This looks good! 1233779816 M * saulus but when I try to do the test: cd /tmp; touch test.txt; LC_ALL=C setfattr -n user.test -v test test.txt, I get: setfattr: test.txt: Operation not supported - so nothing changed 1233779822 M * fb well, not just a kernel in fact, but this doesn't matter :) 1233779825 M * fb thanks! :) 1233779839 M * Bertl saulus: what's in /proc/mounts ? 1233779940 M * saulus http://rafb.net/p/LMvTUx58.html 1233779993 M * Bertl yep, really looks like the beforementioned bug 1233780010 M * Bertl could you try two things for me? 1233780047 M * saulus just tell me 1233780058 M * Bertl on the host, do something like this: 1233780076 M * Bertl mkdir /mnt/test 1233780099 M * Bertl mount --rbind /var/lib/vservers /mnt/test 1233780115 M * Bertl then test on /mnt/test if you can set user xattrs 1233780256 M * Bertl and the second one is, create a new lvm, copy the device node into the guest, add SECURE_MOUNT too, and mount it inside the guest with user_xattr 1233780265 M * Bertl then test on that mount inside the guest 1233780281 M * Bertl I expect the first one to fail, but the second to succeed 1233780323 M * Bertl actually it should be: 1233780334 M * Bertl mount --rbind /var/lib/vservers/guest /mnt/test 1233780398 M * saulus the first one succeeeded: http://rafb.net/p/744Ogc79.html 1233780418 M * Bertl even with a sub-directory? 1233780424 M * saulus as you can see 1233780452 M * Bertl nah, try with /var/lib/vservers/guest 1233780466 M * Bertl in the /var/lib/vservers case, it clones the original mount 1233780494 M * saulus You mean insteda of: mount --rbind /var/lib/vservers /mnt/test I shall do mount --rbind /var/lib/vservers/myvserver /mnt/test ? 1233780502 M * Bertl yep 1233780656 M * saulus http://rafb.net/p/QatDrh89.html 1233780662 M * saulus it works as well 1233780671 M * saulus you ment the vdirbase, is it? 1233780681 M * saulus s/is it/do you/ 1233780702 M * Bertl actually it doesn't matter as long as it is a sub directory of the lvm mount 1233780735 M * Bertl ahem, wait a second, you are not testing inside the guest in tmp, are you? 1233780751 M * saulus no 1233780756 M * Bertl okay 1233780776 M * saulus as you can see: my host is called "host", my guest "samba4" 1233780955 M * saulus is the second still needed Bertl ? If so, could you please give me some commands as a basis? I forgot how I created my lvm and im not sure that I can add another one (because there is no space left on device) 1233780987 M * Bertl doesn't need to be an lvm, create a file and use a loop mount 1233781016 M * saulus so what is its device node? 1233781038 M * Bertl in the loop case, the loop device 1233781056 M * saulus could you please write some command? 1233781060 M * Bertl create a file, set it up with losetup to be mapped by loop0 1233781090 M * Bertl dd if=/dev/zero of=path/to/file bs=1M count=100 1233781115 M * Bertl losetup /dev/loop0 path/to/file 1233781161 M * Bertl cp -va /dev/loop0 /path/to/guest/dev/loop0 1233781179 M * Bertl then inside the guest, mount it with user_xattr 1233781190 M * Bertl (you need to make a filesystem on it first though :) 1233781201 M * Bertl mke2fs /dev/loop0 (for example) 1233781474 M * Bertl ah, and I have another favor to ask, could you also get me an strace of one of the working attribute changes? 1233781550 M * saulus how do I make this appear in the guest? Its not listed under /dev . I created a "dev" directory and copied (-va) the file so /etc/vservers/samba4/dev/loop0 does exist now. But its not known in guest 1233781601 M * Bertl hmm, you sure you are in the 'right' dir? 1233781628 M * Bertl you probably want /var/lib/vservers/samba4/dev (if you are on debian) 1233781634 M * saulus no, but I think so :) 1233781739 M * saulus i was doing some action with the file-system at the beginning. So /var/lib/vservers contains .defaults .distributions etcConfig .hash .pkg, /var/lib/vservers/etcConfigs/ the vservers. 1233781767 M * Bertl yes, but /etc/vservers/samba4 just contains the config 1233781777 M * saulus inside /var/lib/vservers/etcConfigs/samba4/ is the new dev directory containing loop0 1233781793 M * Bertl and you definitely want to copy the loop device _into_ the guest data, not config 1233781809 M * saulus ok. thats it! 1233781930 M * tam So, I'm having issues with running out of low memory on one of my 32bit vserver hosts... so I'm considering upgrading to x86_64, will I be able to run guests built on an i386 platform on an x86_64 host? 1233781933 M * saulus samba4:/# mount /dev/loop0 /mnt/test/: mount: permission denied 1233781953 M * Bertl did you give the capabilitiy (secure mount?) 1233781978 M * Bertl tam: yes, as long as you compile in 32bit compatibility (kernel) 1233782003 M * saulus yes, remounting the root works: mount -o remount,rw / 1233782016 M * tam Bertl- I love that answer. Thank you! 1233782033 M * Bertl you're welcome! 1233782046 M * tam I do love linux-vserver. 1233782054 M * Bertl saulus: that's a remount, not a mount 1233782069 M * Bertl (two different ccapabilities) 1233782088 M * saulus ok 1233782251 M * saulus what were youre strace flags? -F and? 1233782293 M * Bertl -fF 1233782607 M * saulus on mounted loop it doesnt work either: http://rafb.net/p/kwJk3h13.html 1233782643 M * Bertl that's interesting ... so we might really have a permission issue here, although the return value suggests otherwise 1233782749 M * saulus here is the working example from the host: http://rafb.net/p/NKaVy054.html 1233782835 M * saulus ok Bertl, thanks for your time, but I'll have to do some rl stuff now ;) But Im back in 1.5 hours - so dont hesitate to write something for me 1233782839 M * Bertl hmm, you are mixing attributes here 1233782845 M * saulus ? 1233782860 M * Bertl in the succeeding case, you used security, the failing has user 1233782866 M * Bertl they are completely different 1233782919 M * Bertl but doesn't really matter, I know how to test it myself ... 1233782935 M * saulus ok 1233782952 M * Bertl I should know more tomorrow 1233782978 M * saulus Bertl: I use the same command for both examples 1233782988 M * saulus its one test for user and security 1233783028 M * saulus setfattr -n user.test -v test test.txt && setfattr -n security.test -v test2 test.txt&&getfattr -d test.txt&&getfattr -n security.test -d test.txt 1233783036 M * Bertl ah, yes, but they are joined with && so the second isn't executed when the first fails 1233783052 M * saulus yes, shall I change to ";"? 1233783064 M * Bertl nah, as I said, I have what I need 1233783083 M * saulus ok. Your advice is to use a newer kernel? 1233783097 M * Bertl my advice is to ask again tomorrow :) 1233783116 M * saulus ok :) I'll be there :) 1233783123 M * saulus See you tomorrow 1233783132 M * Bertl have fun! 1233783281 M * ktwilight__ hm, am wondering how i should update the frontpage on the experimental releases. should i keep the most updated ones or continue to include previous versions as well? 1233783353 M * Bertl doesn't make much sense to keep older ones around 1233783698 M * ktwilight__ hm, thought so 1233783763 M * ktwilight__ k, updated :) 1233783801 M * ktwilight__ so am keeping .28.x and .27.x, including grsecurity patch 1233783822 M * Bertl yep, .27 is long term maintained, so there will be updates 1233783856 M * ktwilight__ yup, i heard of that too. 1233783884 M * ktwilight__ am excited about the new xfs stuff in .29 :) 1233783951 M * Bertl ah, did they rewrite everything once again? :) 1233784335 Q * bonbons Quit: Leaving 1233784460 M * ktwilight__ lots of fixes, rewrites and some new stuff, IIRC 1233785711 J * urbi ~quote@pomoc.ircnet.com 1233785712 M * urbi ola 1233785713 M * urbi :> 1233785790 Q * dna_ Quit: Verlassend 1233786388 M * ghislainocfs2 daniel are you there ? 1233786429 M * ghislainocfs2 i linked my page http://linux-vserver.org/util-vserver:Cheatsheet in the docs and wanted to be sure i do not say silly thing 1233786436 M * ghislainocfs2 in it 1233789114 M * Bertl it seems daniel_hozac is travelling or otherwise occupied 1233789137 J * ensc ~irc-ensc@77.235.182.26 1233789250 Q * geb Remote host closed the connection 1233789393 M * ghislainocfs2 ok :) 1233789418 M * ghislainocfs2 i just hope i do not say stupid things in this page 1233789428 M * ghislainocfs2 i dont think but ... :) 1233789446 M * ghislainocfs2 i will try to grab his attention next time he pass by here :) 1233789757 Q * Piet Quit: Piet 1233790157 J * click click@ti0127a340-0135.bb.online.no 1233790833 Q * duckx Remote host closed the connection