1240359275 Q * C14r Ping timeout: 480 seconds
1240359555 Q * tex_ Remote host closed the connection
1240360037 Q * bourgeau_ Quit: bourgeau_
1240360557 Q * dowdle Remote host closed the connection
1240364251 Q * pmenier Read error: Connection reset by peer
1240364262 J * pmenier ~pme@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr
1240367584 J * aj__ ~aj@p5B23BE86.dip.t-dialin.net
1240368022 Q * derjohn_foo Ping timeout: 480 seconds
1240368976 Q * geb Quit: Quitte
1240373564 T * * http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.34, grsec 2.3.0.36|util-vserver-0.30.215|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute.
1240373564 T * Bertl -
1240375952 Q * balbir_ Ping timeout: 480 seconds
1240376917 Q * sardyno Ping timeout: 480 seconds
1240378691 J * sardyno ~me@pool-96-235-18-120.pitbpa.fios.verizon.net
1240378708 J * balbir_ ~balbir@59.145.136.1
1240378960 J * sharkjaw ~gab@149-240-82.oke2-bras6.adsl.tele2.no
1240380406 Q * pmenier Remote host closed the connection
1240380841 J * davidkarban ~david@193.85.217.71
1240380967 J * davidkarban_ ~david@193.85.217.71
1240380967 Q * davidkarban Read error: Connection reset by peer
1240381941 Q * Kamping_Kaiser Ping timeout: 480 seconds
1240381952 Q * infowolfe Ping timeout: 480 seconds
1240382581 J * Kamping_Kaiser ~kgoetz@ppp121-45-82-204.lns10.adl6.internode.on.net
1240383168 J * Pazzo ~ugelt@host156-36-static.14-79-b.business.telecomitalia.it
1240384550 J * cga ~weechat@62.196.2.6
1240385142 Q * aj__ Ping timeout: 480 seconds
1240385673 J * geb ~geb@87-98-134-86.kimsufi.com
1240385710 M * geb hi
1240385874 J * cluk ~cluk@p549C6D94.dip.t-dialin.net
1240386504 J * harobed ~harobed@pda57-1-82-231-115-1.fbx.proxad.net
1240387634 A * Supaplex cracks open the source and checks context.c:140
1240387678 J * esa bip@62.123.8.224
1240387903 M * Supaplex ffffffff80295bf1 T free_vx_info
1240387937 N * Bertl_zZ Bertl
1240387942 M * Bertl morning folks!
1240387949 J * HeinMueck ~Miranda@dslb-088-064-216-229.pools.arcor-ip.net
1240387969 M * Supaplex    192  void free_vx_info(struct vx_info *vxi)
1240387977 M * Supaplex humm intersting...
1240388001 M * Supaplex RIP has ffffffff80295bfc. system map has ffffffff80295bf1 T free_vx_info
1240388007 Q * HeinMueck 
1240388008 M * Bertl Supaplex: good, now let's try with addr2line -e vmlinux ffffffff80295bfc
1240388039 M * Supaplex addr2line: /boot/vmlinuz-2.6.18-6-vserver-amd64: File format not recognized
1240388050 M * Bertl vmlinux not vmlinuz
1240388061 M * Supaplex I don't have a vmlinux around.
1240388068 M * Bertl i.e. the result of the kernel build, not the boot file
1240388081 M * Supaplex humm
1240388099 M * Supaplex of the origional build. not a repeat of the package I assume.
1240388128 M * Supaplex dpkg -L linux-image-2.6.18-6-vserver-amd64 | grep vmlinu
1240388128 M * Supaplex /boot/vmlinuz-2.6.18-6-vserver-amd64
1240388140 M * Supaplex fooey :(
1240388150 M * Bertl no problem to 'rebuild' it, as long as the result is the same
1240388185 M * Supaplex i'll compare system.map when done.
1240388201 M * Bertl i.e. avoid major differences in the build chain, like gcc 3.3 vs 4.2 or so
1240388203 M * Supaplex still building actually. =)
1240388224 M * Supaplex humm okay.
1240388257 M * Bertl ah, and make sure you have debug info and debug verbose enabled, otherwise you might end up without addresses
1240388284 M * Bertl the detailed address is not such a problem per se, as we can base it on the free_vx_info() address
1240388286 M * Supaplex I'm rebuilding from apt source.
1240388333 M * Bertl so, if free_vx_info() ends up on ffffffff90000000, then we want to look at address ffffffff9000000b :)
1240388342 M * Supaplex eventually (someday soon....) I'll configure a usb stick for crash dumps or something.
1240388357 M * Supaplex ahh. okay
1240388359 M * Bertl crash dumps are overrated, IMHO
1240388398 M * Bertl it is nice to navigate around in an 'active' kernel image, but it is quite resource intensive, and usually you get the same info as with addr2line :)
1240388399 M * Supaplex at least I had a camera for this one. I was too lazy to write it down. and my handwriting isn't very elegant. :)
1240388411 Q * harobed Read error: No route to host
1240388418 J * harobed ~harobed@pda57-1-82-231-115-1.fbx.proxad.net
1240388594 M * Bertl well, a serial console would have revealed a little more of that oops/bug, but the camera is better than nothing :)
1240388693 M * Supaplex https://buildd.debian.org/fetch.cgi?&pkg=linux-2.6&ver=2.6.18.dfsg.1-23&arch=amd64&stamp=1224075220&file=log
1240388702 M * Supaplex looks like I'm using the same gcc
1240388726 M * Supaplex COMPILER='gcc-4.1'
1240389504 J * thierryp ~thierry@zircon.inria.fr
1240389852 Q * balbir_ Ping timeout: 480 seconds
1240389981 M * Bertl hey thierryp! how's going?
1240390005 M * thierryp Bertl: hi - fine 
1240390064 M * thierryp thanks for asking - and you ?
1240390080 M * Bertl fine so far ... a cold atm
1240390226 A * Supaplex hands Bertl a soothing warm cup of apple cider
1240390552 M * Guy- does util-vserver provide a mechanism to start a script on the host after a specific vserver has been started?
1240390576 M * Guy- I'm looking at the flower page, and apps/vshelper/action seems promising, but I don't know how to use it
1240390657 Q * geb Ping timeout: 480 seconds
1240390711 Q * Supaplex Ping timeout: 480 seconds
1240390754 M * Bertl Guy-: define 'has been started' :)
1240390891 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net
1240390904 M * Guy- Bertl: the context has been created and cmd.start (or whatever init-like thing) has been spawned inside
1240390968 M * Bertl there are a bunch of pre/post scripts, as well as initialize and finalize, IIRC
1240390991 M * Guy- ah, /etc/vservers/vserver-name/scripts
1240390992 M * Bertl (they are called in various contexts/spaces and at various times)
1240391037 J * balbir_ ~balbir@59.145.136.1
1240391046 M * Guy- but they run in the host's context, right?
1240391081 J * Supaplex ~supaplex@166.70.62.193
1240391174 M * Supaplex interweb passed out on me. :-d
1240391203 J * geb ~geb@87-98-134-86.kimsufi.com
1240391269 M * Bertl Guy-: yes, at least most of them
1240391299 M * Bertl Guy-: you can also utilize the vshelper for that
1240391321 M * Guy- OK, I'll look into it, thanks
1240391324 M * Bertl (in any case, it will require some scripting)
1240391360 M * Guy- no problem :)
1240391834 A * Supaplex watches paint dry as the kernel compiles . . . .
1240391855 M * Supaplex oh wait... this has the habbit of compiling 18 different flavors.
1240392538 M * Bertl and most likely it is going to remove the essential files after build and packaging :)
1240393205 Q * Pazzo Quit: Ex-Chat
1240394282 M * Bertl need to take a nap .. bbl
1240394287 N * Bertl Bertl_zZ
1240394514 M * Supaplex i'm going to zzzZzz myself.
1240394520 M * Supaplex http://wiki.debian.org/HowToRebuildAnOfficialDebianKernelPackage?highlight=%28debian%5C+rule%29
1240394567 M * Supaplex lovely folks in #debian-kernel can only tell me it's on the wiki. what a joyful waste of 20 more minutes when I already spent 20 minutes before I ask them.
1240394763 Q * sharkjaw Ping timeout: 480 seconds
1240395716 J * bourgeau ~bourgeau@euclide.rsr.lip6.fr
1240397708 J * tex_ ~tex@p579DAF93.dip.t-dialin.net
1240397742 Q * balbir_ Ping timeout: 480 seconds
1240397865 J * balbir_ ~balbir@59.145.136.1
1240399447 J * Pazzo ~ugelt@host156-36-static.14-79-b.business.telecomitalia.it
1240399967 J * saulus_ ~saulus@d026017.adsl.hansenet.de
1240400075 Q * saulus Ping timeout: 480 seconds
1240400075 N * saulus_ SauLus
1240400284 J * aj__ ~aj@51.42.69.80.in-addr.net-lab.net
1240401326 Q * balbir_ Ping timeout: 480 seconds
1240401682 Q * scientes Ping timeout: 480 seconds
1240401772 N * Bertl_zZ Bertl
1240402087 M * Bertl back now ...
1240402296 M * geb hi Bertl 
1240402417 M * fb hello Bertl :)
1240402996 J * kir ~kir@swsoft-msk-nat.sw.ru
1240405753 J * jrdnyquist ~jrdnyquis@slayer.caro.net
1240408072 J * allquixotic ~jcd@mac18pg2.wam.umd.edu
1240408516 M * allquixotic Hello! My VServer host has multiple public IPs available to it (static). The host eth0 consumes one IP address but the rest are not bound. When I build my vserver, would I specify --interface eth0:<other static IP> even though eth0 is already in use by the host?
1240408553 M * Bertl yep
1240408562 M * Bertl the guest IPs will become secondaries
1240408582 M * allquixotic Thanks :) Just didn't want to hose my host networking, heh
1240408583 M * Bertl (don't forget to specify the prefix/netmask too :)
1240408636 M * allquixotic Bertl: But I *shouldn't* bind the static IP to the eth0 interface in the host's /etc/network/interfaces, right? That is, the IP that I want to use in the guest.
1240408663 M * Bertl nope, util-vserver will bring them up/take them down on guest start/stop
1240408670 M * allquixotic ok, excellent
1240409982 Q * cluk Quit: Ex-Chat
1240410549 M * Bertl off for now .. bbl
1240410553 N * Bertl Bertl_oO
1240410754 J * mib_nv7f9cnz 5005aeb9@webchat.mibbit.com
1240410856 P * mib_nv7f9cnz 
1240411466 M * ryker hi.  i was wondering if someone could help me with a problem  that I think is related/caused by vhashify
1240411508 M * ryker i made a tarball of a hashified? server and extracted it to a directory
1240411515 M * ryker now I can't delete that directory
1240411572 M * ryker files in it show with showattr command as '-----Ui-'
1240411602 M * ryker I know lowercase u means the file can be undeleted, but uppercase U I'm not sure
1240411611 M * ryker and I can't remove the i or the U with chattr
1240411627 M * ryker files are owned by root:root and chmod 755, and I am trying to delete as root
1240411635 M * ryker the files are also not in use
1240411665 M * ryker I tried googling, but I haven't found anything to help me delete the files yet.
1240411702 M * ryker oh, i think i just found the answer
1240411708 M * ryker setattr --~iunlink <file/dir>
1240411711 J * ktwilight_ ~ktwilight@91.178.158.149
1240411757 M * ryker that worked
1240411942 Q * ktwilight Ping timeout: 480 seconds
1240412418 Q * Pazzo Quit: Ex-Chat
1240412521 M * allquixotic Does vserver use something similar to chroot for filesystem isolation? Rather than disk images or something?
1240412594 M * ryker allquixotic: yes, pretty much just a chroot
1240412607 M * allquixotic With its own special device node apparently :)
1240412619 M * ryker more involved than that, but it's something simple like that
1240412627 M * ryker yes
1240412642 M * ryker well, permissions are given to certain device nodes
1240412643 M * ryker not all
1240412647 M * ryker that can be customized
1240412648 M * allquixotic it still uses the host filesystem though, so wouldn't the host filesystem be aware of all the files in the guest?
1240412665 M * allquixotic or is that isolated with a security context
1240412681 M * ryker yes, from the host you can modify guest files
1240412685 M * allquixotic ah
1240412688 M * ryker that's actually a great part of vserver
1240412698 M * ryker theres lots of docs here: http://linux-vserver.org/Documentation
1240412700 J * dowdle ~dowdle@scott.coe.montana.edu
1240412701 M * allquixotic yeah, it's good, just a bit unexpected
1240412713 M * ryker how so?
1240412725 M * allquixotic it's less isolation than I'm used to, coming from "higher" level virtualization :)
1240412730 M * ryker even with vmware, you can get access to guest files through various ways
1240412737 M * allquixotic I was looking for "Something more than chroot" but without all the overhead of VMware/vbox
1240412748 M * ryker what do you need?
1240412750 M * allquixotic it seems to work well for my needs though :)
1240412782 M * ryker if you only require linux virtualization, and you don't require different kernels for each guest, it works great
1240412788 M * allquixotic my needs are just to run a logically separate Linux (the same distro and version in fact) to isolate different configurations and package versions
1240412804 M * ryker vserver is likely perfectly suited to that environment
1240412822 M * ryker each guest is completely isolated from each other guest.
1240412833 M * allquixotic I've got my guest running now and it looks good so far
1240412840 M * ryker you can set resource limits if you choose
1240412853 M * ryker and do management from the host.
1240412862 M * ryker try to run almost no services on the host
1240412872 M * ryker such as apache, mysql, etc
1240412892 M * allquixotic actually I was hoping to keep the host a rather "heavyweight", versatile server running tons of daemons, and only put a few daemons in the guest(s)
1240412897 M * ryker a new guest really consists of only another bash prompt and any services you require, such as a logger, apache, etc
1240412915 M * allquixotic basically one Internet-facing service on each guest, and only looking at one guest for testing
1240412929 M * allquixotic each guest gets its own public IP so port conflicts aren't a problem at all
1240412945 M * ryker why would you need those services running on the host instead of a guest?
1240412966 M * allquixotic because the host has been running in production for over a year with configuration and files deployed as I want them to.
1240413001 M * allquixotic vserver lets me use more of the hardware resources for an orthogonal project whose requirements are a "clean" isolated environment
1240413034 M * ryker if it were me, i would probably still try to move those services to a guest or multiple guests if it made sense to move them to multiple guests.
1240413062 M * allquixotic why? isolation security?
1240413065 M * ryker even vmware wouldn't help you in this situation anyway
1240413105 M * ryker multiple guests for the services, yes, isolation, security, just logical seperation for personal preference
1240413137 M * allquixotic one problem is that running many instances of shared daemons like mysql is resource expensive, where I could use UNIX socket communication (with tcp disabled for security) on the host, and let all services share the same daemon
1240413144 M * allquixotic e.g. Apache and a few Glassfish apps
1240413163 M * ryker even if you use vmware on the host and have guests, if you host is compromised through one of these services you already have running on the host, they will still will likely be able to get to the vmware guests.
1240413195 M * ryker then it would make sense to run those in the same guest.
1240413246 M * allquixotic yeah, I can see the advantages of having a very minimal host and a bunch of guests because purportedly security issues propagate from host to guest but not the other way around
1240413255 M * ryker it's all a matter of your service and security requirement and your preference
1240413272 M * allquixotic but I'll have to set that up later when services running on the host aren't actually needed right now :)
1240413278 M * ryker sure
1240413282 M * ryker makes sense
1240413309 M * allquixotic I've only got a single server (no production/test separation; personal project with near zero budget) so I can't just hot swap in a reconfigured server with services split out on guests, heh
1240413372 M * ryker no, but you can likely create a guest/s for those services while they are running, and then copy your files and configuration to get the guest ready
1240413391 M * ryker then have very minimal downtime to switch over at some scheduled time
1240413398 Q * davidkarban_ Quit: Ex-Chat
1240413404 M * allquixotic almost :) I've got a Bugzilla instance with several insertions/deletions into mysql every minute, that's the main thing which is always changing
1240413405 M * ryker there's always a way ;)
1240413461 M * ryker anyway, hope I helped you a bit.  I need to get back to work.
1240413464 M * ryker nice chatting.
1240413470 M * allquixotic yep, thanks for your help!
1240413473 M * ryker np
1240413583 J * BenG ~bengreen@94-169-110-10.cable.ubr22.aztw.blueyonder.co.uk
1240413631 Q * BenG 
1240414020 M * Bertl_oO allquixotic: while it uses the same principles as chroot, the isolation is a little stronger ... also you could put a guest on a separate filesystem (to some degree, even private to that guest)
1240415061 J * hparker ~hparker@wsip-24-249-117-202.ks.ks.cox.net
1240415731 Q * hparker Ping timeout: 480 seconds
1240415836 Q * cga Quit: got a DELL??? update you BIOS with http://github.com/cga/dellbiosupdate.sh/tree/master ;)
1240415981 N * Bertl_oO Bertl
1240416057 Q * bourgeau Quit: bourgeau
1240416188 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1240416208 J * bourgeau ~bourgeau@euclide.rsr.lip6.fr
1240416434 M * allquixotic Hmm... this is odd: I have separate static IPs for the host and guest. But when I try to access the guest IP over TCP using my local system, it's as if I'm talking to the host!
1240416500 M * allquixotic the IP used by the guest is definitely not bound by the host's eth0 for use on the host, but the eth0 adapter on the host is in use for the host itself, and I ran vserver build with `--interface eth0:<static ip>'
1240416722 M * Bertl well, networking is on the host, Linux-VServer uses IP isolation .. so no virtual network stack is involved (which would only add overhead)
1240416780 M * allquixotic Bertl: The IPs don't appear to be isolated at all :) I thought that if I had two static, public IPs I could use and assigned one to the host and one to the guest, then trying to (for example) SSH into the guest's IP would give me the *guest*, not the host :)
1240416782 M * Bertl the IP used by the guest is definitely configured on the host, because that is how it works, but I presume you are using ifconfig, which is deprecated since like 5 or 6 years, and thus doesn't see everything :)
1240416813 M * Bertl allquixotic: that's a misconception, the IPs _are_ isolated, but the host has them all
1240416816 Q * harobed Ping timeout: 480 seconds
1240416847 M * Bertl so, if you want to run sshd on the host as well as in the guest(s) you have to keep the host's sshd from binding all IPs
1240416868 M * Bertl (which is simple to do by restricting the host's sshd to host IPs)
1240416870 Q * bXi_ Remote host closed the connection
1240416900 M * Bertl inside a guest, no such adjustment is required, as the guest is restricted to the assigned IP(s) by default
1240416978 M * allquixotic well, ok. that still doesn't seem like enough isolation for me, though; what I was hoping for is a sort of "bridged networking", giving the guest its own port map entirely; that is, for each port on the guest static IP, there is no way for the host to somehow "intercept" that just by choosing to listen on :: or 0.0.0.0
1240416992 M * allquixotic I guess I can individually get most services to work by specifying the host IP on the host
1240416999 M * allquixotic but that won't work for everything, as some programs lack that option entirely
1240417016 M * Bertl that's why you usually put those services into a guest
1240417035 M * Bertl (or use chbind to restrict the process)
1240417296 M * allquixotic hmm, couldn't I use bridge-utils to create a virtual network bridge?
1240417415 M * Bertl you can do all those things a Linux system can do
1240417441 M * Bertl just keep in mind, Linux-VServer networking happens at layer 3 and is based on isolation
1240417498 Q * esa Quit: Coyote finally caught me
1240417606 M * allquixotic it makes me very uncomfortable that services may appear to be on the guest (when in fact they are running on the host) and I have to deliberately chbind or otherwise configure every daemon running on the host so it won't conflict with stuff on guests. on a well understood, controlled host, it's certainly feasible to work with each daemon on a case by case basis and get them to stop binding against the IP of the guest, but I guess I don't like the 
1240417606 M * allquixotic design because there's still the *capability* of someone going to guest:<randomport> and getting host:<randomport> services.
1240417643 M * allquixotic isolation for me is about eliminating such possibilities, rather than having to trust that things are configured correctly.
1240417672 M * Bertl well, then you need a virtual network stack as e.g. kvm provides ... 
1240417690 M * Bertl Linux-VServer is not designed to run services on the host (except for maintainance)
1240417713 M * allquixotic indeed I do - but I also don't need the overhead of a hypervisor, separate kernel, etc. -- guess I can't have the best of both worlds :(
1240417727 M * Bertl but IMHO, it should be trivial to move _all_ your host services into a guest, and benefit from the isolation there
1240417738 M * Bertl (only leaving sshd on the host, for maintainance)
1240417787 M * allquixotic guests' IPs are fully isolated, right? so there's no way for guest X, with a distinct IP from guest Y, to respond to guest Y's IP?
1240417797 M * Bertl correct
1240417898 M * allquixotic I suppose that would work, with some more effort. I'm just experiencing growing pains because this server started off running a mainline kernel without any virtualization. Will have to see how difficult it is to get the host down to a tiny system and run everything in guests
1240417972 M * Bertl the cut is usually made at the hardware layer, so, the basic procedure to move an existing system into a guest (while using the same host) is like this:
1240417993 M * Bertl 1) prepare, install and boot a Linux-VServer kernel and the utils
1240418008 M * Bertl at this point, everything works as before, all services on the host
1240418016 M * allquixotic done that part
1240418051 M * Bertl 2) prepare a guest by e.g. rsyncing the host (almost a copy of the host system) which shares the 'host' IPs
1240418058 J * hparker ~hparker@wsip-24-249-117-202.ks.ks.cox.net
1240418078 M * Bertl there is a build method to help you there, and you do not start that guest right away
1240418091 M * Bertl i.e. you keep the services disabled in the guest for now
1240418129 M * Bertl 3) one service at a time, disable it on the host, rsync potential changes to the guest and restart it there
1240418154 M * allquixotic hmm
1240418158 M * allquixotic sounds like that would work
1240418165 M * allquixotic then just uninstall and clean up stuff on the host
1240418169 M * Bertl 4) when there are no layer 3+ services left on the host, get rid of the services/scripts (leaving only sshd)
1240418196 M * Bertl and then you are prepared to add further guests with separate IPs
1240418226 M * Bertl (which by the way, could be a clone copy of the one you already have)
1240418255 M * allquixotic so the "first" guest retains the IP of the host originally...
1240418311 M * allquixotic that seems like it'd work for my needs
1240418331 M * Bertl yep, thus all services look like before (when they were running on the host), but now they are separated from the host and other guests (thus increasing security)
1240418342 J * C14r ~C14r@mail.cipworx.de
1240418384 M * allquixotic seems like vserver does a great job at making sure guests can't touch one another with a six foot pole, but the host can touch guests pretty easily
1240418397 M * allquixotic that's fine once you make your original host's software stack a guest :D
1240418402 M * allquixotic I see "the way"
1240418434 M * allquixotic is there a concept of guests "rebooting" separately too?
1240418441 M * allquixotic other than restarting the kernel itself, of course
1240418456 M * Bertl probably the biggest step is to forget about the bridging and routing stuff you need to use for kvm and friends .. once you accept that networking happens on the host, and the guests are allowed to 'use' certain IPs ... you are basically done :)
1240418485 M * Bertl yes, each context can be 'rebooted' (i.e. the userspace part of a reboot)
1240418493 M * allquixotic cool
1240418503 M * allquixotic so 'reboot' as root in a guest only reboots that guest, not the whole box. perfect
1240418512 M * Bertl of course
1240418536 M * allquixotic the bridging and routing stuff more or less defeats the purpose anyway, at least when I tried it before with virtualbox. running a game server with very low latency requirements, the game played horribly in the virtualbox guest because of the added bridge latency
1240418547 M * allquixotic it wasn't even the paravirtualization slowing it down, that part was very responsive
1240418566 M * Bertl Linux-VServer is widely used in root-shell hosting, so the isolation is good enough to keep potentially hostile users from messing up anything except their guest :)
1240418610 M * allquixotic I'm using it mainly to run an "official" server for an indie game, and the game publisher/developer wants full control of the OS they run it on :) they do accept virtual servers though, as long as they are isolated
1240418631 M * allquixotic I just want to keep running all the stuff I already do on the host but give them a clean OS with their own IP etc for the game server
1240418664 M * Bertl should work fine that way
1240418667 M * allquixotic yep :)
1240418691 M * allquixotic only difference from running the game server natively on a mainline host would be the overhead of the additional userspace stack in each vserver guest
1240418697 M * allquixotic which is like 50 MB of RAM or so, isn't it?
1240418742 M * Bertl actually the overhead will be unmeasureable ...
1240418754 M * allquixotic cool :)
1240418776 M * Bertl of course, you are sharing resources with the stuff now running on the host, but that's about it
1240418794 M * allquixotic yeah I figure syslogd, cron, openssh-server, klogd, atd and init are all pretty lean
1240418798 M * allquixotic they run in smartphones etc :)
1240418846 M * Bertl you can also run the guests without init, which saves some more resources
1240418862 M * allquixotic hmm... are there any limitations to not running init in a guest?
1240418862 M * Bertl i.e. just the services in each guest
1240418890 M * allquixotic s/limitations/reductions in isolation
1240418906 M * Bertl well, you can't contact init if it isn't running, and certain (init based) services will not work (or be restarted)
1240418912 M * allquixotic ah
1240418936 M * Bertl so depends on your services, but usually it is fine without init
1240418976 M * Bertl but hey, with two or three guests, I wouldn't even think about that, this is something you want to consider when you are running 200+ guests on a single host :)
1240418991 M * allquixotic yeah, not going to worry about it
1240419012 M * allquixotic thanks for your advice!
1240419020 M * Bertl np, you're welcome!
1240419099 M * fb heh
1240419111 M * fb i had an old PC with broken RAM
1240419158 M * fb it was half-broken (first 128M of 256M memory) so i used badram kernel patch to mark this area unusable
1240419197 M * fb as it appears, after kernel upgrade I forgot to pass proper potion to the kernel
1240419226 M * fb but machine never hanged, never showed strange behavior, unexpected dumps, nothing
1240419266 M * fb I just tested it with memtest86+, memory works perfectly %-)
1240419288 M * Bertl maybe it was a temperature problem?
1240419379 M * fb Bertl: it broke in an old p2-based server at my home
1240419396 Q * aj__ Ping timeout: 480 seconds
1240419408 M * fb then it was in a drawer for i think 2 or 3 years
1240419480 M * fb then I bought an old PC, and it required this old, PC-133 "dual side" ram
1240419482 M * Bertl and then a different system .. well, could be simple different timing then 
1240419506 Q * bourgeau Quit: bourgeau
1240419519 M * fb i put it inside, and found it was broken
1240419568 M * fb *that* was the time I used memtest to find where, and badram patch to filter out broken area
1240419627 M * fb it was still broken... and suddenly it started to work again 8-)
1240419702 M * fb i wasn't aware i missed that option for quite a time
1240419712 M * fb since 2.6.22 came out until today
1240420212 M * fb Bertl: maybe bad soldering?
1240420673 J * aj__ ~aj@e180192219.adsl.alicedsl.de
1240420711 M * allquixotic Bertl: when I'm doing the rsync from the host filesystem, do I just specify / as the source? And won't that create some kind of infinite loop? ;-)
1240420738 M * allquixotic Something like  /vservers/fooserver/vservers/fooserver/vservers/fooserver/....
1240420751 M * Bertl heh, you might want to keep the rsync restricted to a filesystem or exclude the destination path :)
1240420866 M * tex_ Hi, I've experienced a strange problem when using mount bind in the vservers fstab: secure-mount sometimes takes 100% cpu and renders the system unusable. Ever heard of this kind of misbehaviour?
1240420899 M * Bertl nope, but sounds interesting, what kernel/patch/util-vserver version?
1240421038 M * allquixotic I don't see any exclude option for vserver build, so I guess i'll debootstrap to the same distro version as I'm using, and pull over config and data files manually
1240421099 M * Bertl the rsync build method allows you to specify arbitrary rsync options ... but yes, that approach is fine too .. or you could create a skeleton guest, and move the stuff manually (whatever your preference is :)
1240421174 M * tex_ Bertl: please wait, I'll figure it out ..
1240421188 M * Bertl np, take your time :)
1240421313 M * tex_ Bertl: Kernel 2.6.26-amd64 (Debian lenny kernel). I don't know which version of the vserver patch they use. util-vserver is 0.30.216~r2772-6.
1240421341 M * Bertl well, that debian version is broken, best update to recent versions
1240421357 M * tex_ Which do you mean? Util-vserver or the kernel?
1240421370 M * Bertl both, actually
1240421390 M * tex_ Ok, can you tell whats broken (or where I can find more on that topic)?
1240421417 M * Bertl it's quite a number of things, but I do not keep a log
1240421419 Q * gnuk Quit: NoFeature
1240421445 M * allquixotic That version of util-vserver is pulled into Ubuntu 8.10 and they say it's broken too :)
1240421483 M * tex_ Ok, is there some place I can find more on this? Some post to a mailling list, some keyword I can search for in google, anything? I need something to tell my boss why we need to move away from distribution packages.
1240421521 M * Bertl if you google in the realtime logs of th irc channel, you'll probably find a lot of incidents
1240421541 M * tex_ Ok, I'll do. Thank you very much.
1240421542 M * Bertl one notable issue is that the 2.6.26 kernel and the Linux-VServer patch used for that was incomplete
1240421567 M * tex_ Ok, that is a good starting point.
1240421585 M * Bertl so for example, if you install with that kernel, and use unification
1240421599 M * Bertl and then lateron, switch to a newer kernel, you have to fix up all the attributes
1240421627 M * Bertl because this specific kernel uses a 'broken' attribute scheme
1240421651 M * tex_ Yeah, we just had to deal with that yesterday :(
1240421703 M * allquixotic Does anyone know how to change the static IP allocated to a guest (when it's not started) after it's already built?
1240421716 M * Bertl the 2772-6 version of util-vserver is a little better than the 2772-4 version, which was almost unuseable
1240421739 M * Bertl allquixotic: it is part of the config, i.e. /etc/vservers/interfaces
1240421758 M * allquixotic So I just have to modify /etc/vservers/main/interfaces/0/ip ?
1240421766 M * Bertl correct
1240421770 M * allquixotic Cool :)
1240422012 M * allquixotic Bertl: Just to be sure, the "filesystem" of each guest is just /etc/vservers/<guest>/vdir ?
1240422040 M * Bertl that is a symlink to the path where the 'rootfs' starts, yes
1240422352 Q * aj__ Ping timeout: 480 seconds
1240422389 M * allquixotic well i saved myself lots of time by using mv for the /home directories (most of the space in terms of bytes) but gonna have to cp the rest to avoid nuking the host system :)
1240422718 J * cga ~weechat@82.84.131.229
1240422736 J * doener_ ~doener@i59F5A8F4.versanet.de
1240422838 Q * doener Ping timeout: 480 seconds
1240423057 P * cga got a DELL??? update you BIOS with http://github.com/cga/dellbiosupdate.sh/tree/master ;)
1240423057 Q * fb Read error: Connection reset by peer
1240423121 J * dna ~dna@186-204-103-86.dynamic.dsl.tng.de
1240424509 J * fb fback@red.fback.net
1240424773 J * bourgeau ~bourgeau@tomsoieur.fr
1240427251 Q * C14r Quit: leaving
1240427256 J * C14r ~C14r@mail.cipworx.de
1240427361 J * cga ~weechat@82.84.131.229
1240428861 Q * bzed Remote host closed the connection
1240428865 J * bzed ~bzed@devel.recluse.de
1240429513 Q * fb Ping timeout: 480 seconds
1240429786 J * _fb_ fback@hell.pl
1240429800 M * _fb_ Bertl: still here?
1240429807 M * Bertl yup
1240429829 M * _fb_ got hit by this(?) kernel bug again
1240429848 M * Supaplex supaplex@li:/usr/local/src/vserver-kernel/linux-2.6-2.6.26$ addr2line -e debian/build/build_amd64_vserver_amd64/vmlinux ffffffff80295bfc
1240429851 M * Supaplex ??:0
1240429853 M * _fb_ now I have serial cable, is there anything I can do?
1240429853 M * Supaplex dern. :( 
1240429877 M * Bertl Supaplex: recompile with the debug info enabled
1240429886 M * Supaplex ok
1240429893 M * _fb_ or it's too late, and i should think about some permanent console connected to serial port?
1240429917 M * Bertl you mean, the kernel hangs, and _now_ you want to connect a serial console?
1240429929 M * _fb_ Bertl: yeah
1240429974 M * _fb_ Bertl: well, it's close to impossible to connect it permanently, i'm afraid
1240429978 M * Bertl that is very unlikely to help, you need to make sure that the serial console is used for kernel logging first, then you have to wait for the kernel problem, which will be written to the serial line instead of the screen
1240430000 M * Bertl so, at least it needs to be connected when it happens :)
1240430006 M * _fb_ at least SysRq lives ;)
1240430019 M * Bertl well, then the kernel isn't dead yet
1240430029 M * _fb_ yup
1240430037 M * Bertl so make a register dump and maybe some memory info
1240430043 M * _fb_ but keyboard blinks two leds
1240430113 M * Bertl so create what debug info you can get via magic sysrq, and upload that
1240430192 Q * thierryp Quit: ciao folks
1240430390 M * Supaplex you can echo sysrq keys into /proc/sys/kernel/sys... something
1240430410 M * Bertl yep, but doesn't help if the machine is 'almost' dead :)
1240430412 M * Supaplex so if you can ssh in, that'll work.
1240430526 M * _fb_ http://hell.pl/fb/minicom.cap
1240430545 M * _fb_ Supaplex: send break with serial console, then the key
1240430565 M * _fb_ ^A F with default-configured minicom
1240430582 M * Supaplex oh neat
1240430622 M * _fb_ i have partly broken usb <--> rs232 converter that produces break on speed change
1240430703 M * Supaplex eww ;-/
1240430736 M * Bertl tainted kernel?
1240430738 M * _fb_ if i forget about that, and not press enter enough times, but start with root login, 99% times it interprets "o" the right way
1240430776 M * _fb_ Bertl: no reason to be
1240430795 M * _fb_ and lsmod on working system would tell that, no?
1240430810 M * Supaplex do you want specific kernel options, or are there build options for the debug info?
1240431162 M * _fb_ Bertl: i can provide you with modinfo on all loaded modules
1240431173 M * _fb_ Bertl: but i'm 100% sure they're all GPL
1240431185 M * _fb_ what else could taint the kernel?
1240431227 M * Supaplex I have nvidia running on this box...
1240431272 M * Bertl Supaplex: DEBUG_INFO_VERBOSE should do
1240431303 M * Bertl _fb_: no idea .. but the cpu traces point towards an xfs/scsi issue
1240431507 M * Bertl _fb_: check /proc/sys/kernel/tainted when loading modules on startup
1240431594 M * _fb_ atlas:~# cat /proc/sys/kernel/tainted 
1240431594 M * _fb_ 0
1240431647 M * Bertl so I presume either you loaded a module last time (which caused this) or your kernel memory is flakey
1240431663 M * Bertl (which would, to some degree, explain the strange behaviour)
1240431680 M * _fb_ I didn't load any module
1240431709 M * _fb_ well, in fact it happened the moment I tried to /reconnect irssi session in ipv6-only guest
1240431757 M * Supaplex Bertl: I assume DEBUG_INFO_VERBOSE=y   in .config?  using vim, I don't find that pattern in .config
1240431827 Q * allquixotic Quit: Leaving
1240431937 A * Supaplex pokes professor google
1240431938 J * fb fback@red.fback.net
1240431947 Q * _fb_ Quit: leaving
1240431982 M * Supaplex no hits?! humm checking for other debug features of .config
1240432015 M * Bertl CONFIG_DEBUG_BUGVERBOSE=y and CONFIG_DEBUG_INFO=y
1240432020 M * Supaplex CONFIG_DEBUG_BUGVERBOSE=y
1240432042 M * Supaplex # CONFIG_DEBUG_INFO is not set
1240432045 M * Bertl fb: using ipv6 subtrees?
1240432047 M * Supaplex there's our culprit :)
1240432162 Q * cga Quit: got a DELL??? update you BIOS with http://github.com/cga/dellbiosupdate.sh/tree/master ;)
1240432178 J * cga ~weechat@82.84.131.229
1240432206 M * fb Bertl: subtrees?
1240432269 M * Bertl well, the kernel trace says you are using code which requires IPV^_SUBTREES enabled
1240432296 M * Bertl that's IPV6 :)
1240432542 M * fb CONFIG_IPV6_SUBTREES=y
1240432684 M * Bertl do you use that?
1240432702 M * fb nope
1240432716 M * Bertl why is it enabled then?
1240432716 M * fb i wonder, why on earth its enabled at all
1240432763 M * fb i'm using SBR, but only on ipv4
1240432797 M * fb will recompile with subtrees disabled
1240432818 M * fb can i safely add your pivot fix you mentioned last time too?
1240432853 M * Bertl guess so, also add the signalling fix
1240432876 M * fb ie, this won't break working 2772-based debian util-vserver?
1240432883 M * fb ok, i'll aply these two
1240432912 M * fb killperm <-- this one?
1240432928 M * Bertl no idea if it will break the 'broken' debian util-vserver :)
1240432930 M * fb what about nethash? it's .29 related?
1240433282 M * fb okay
1240433309 M * fb need to do some cleanup here, before sleeping, and take a shower
1240433334 M * fb maybe will have enough stamina ;) to test new kernel
1240433353 M * fb if not, have a good night
1240433379 M * fb i need to catch some longer sleep...
1240433454 M * Supaplex if it break something that's broken, is it any less ... nm that just hurts my brain. permutation *FOOM*
1240433933 Q * bonbons Quit: Leaving
1240434076 M * ryker can anyone tell me how to stop using vhashify?  ie. unlinks all the files and just go back to regular files.
1240434148 M * ryker I'm having some mysql table corruption in a guest which I think might be caused by vhashify.
1240434183 M * Bertl well, touching a file will break the unification, cp/dump-ing the guest would be another way
1240434267 M * ryker and then delete the /etc/vservers/.hash directory also?
1240434332 M * Bertl shouldn't matter, as long as you do not re-unify it
1240434419 M * ryker is there any command I can run against the files in the guest to see if it's a real file and not a link?
1240434438 M * Bertl hmm?
1240434452 M * ryker sry, I'm not that familiar with the process and I probably shouldn't have even tried using vhashify without truly understanding what it does
1240434454 M * Supaplex ls -l will show hardlinks.
1240434495 M * Bertl well, hard links _are_ as real as any file, all you can tell is if there are more than one links to the same data or not
1240434551 M * ryker ok, i'll just do a copy as you suggested.
1240434564 M * Bertl if the link count is 1, then the file is definitely not shared
1240434567 M * ryker and assume none of the copied files are links
1240434595 M * Bertl further, checking the attributes (with showattr) should allow you to check for unified files
1240434610 M * Supaplex Bertl: what do you think. is vhashify expected to create this kind of problem?
1240434628 M * Bertl not really, any write access should break the link
1240434651 M * Bertl and I think mysql should do writes pretty often :)
1240434653 M * ryker it could be a software issue, but i'm trying to troubleshoot
1240434653 M * Supaplex should be transparent to all guests.
1240434674 M * ryker it's a guest with nagios/centreon/mysql/apache
1240434693 M * ryker it was a new and configured install in the guest.  
1240434715 M * ryker everything was working.  i ran vhashify on the server. and then stopped the guest when it was done
1240434721 M * ryker i then backed up the server.
1240434732 M * ryker started the guest again and it's corrupted.
1240434746 M * Bertl how did you stop it?
1240434758 M * ryker could just be a mysql fart or something, but i'm just troubleshooting
1240434776 M * ryker vserver guest stop
1240434784 M * Bertl did it run into a timeout?
1240434789 M * ryker everything said it stopped fine
1240434815 M * ryker no, no timeout
1240434830 M * Bertl then mysql should have shut down properly, I guess
1240434837 M * ryker it is now though. :)  mysql is all freaked out about the table corruption.
1240434850 M * Bertl what filesystem/kernel do you use?
1240434890 M * Bertl btw, it is unlikely that the mysql tables/data were unified in the first place, they should not be identical among guests, no?
1240434903 M * ryker centos5.3, 2.6.22.19-vs2.3.0.34.1 from dhozac, and ext3
1240434923 M * ryker true, i wouldn't have expected them to be
1240434992 J * derjohn_mob ~aj@e180192219.adsl.alicedsl.de
1240435034 M * ryker i think i'm still going to unlink the files anyway, just for the heck of it.  space is really not an issue on the server.  I really just ran vhashify because I wanted to try it.
1240435095 M * ryker thank you both for your help.
1240435317 M * Supaplex np
1240435601 M * Bertl you're welcome!
1240435942 M * Supaplex hah. I ran out of disk space. let's add 20gb from the lvm pool to this volume, and resize the filesystem.
1240436009 M * Supaplex Bertl: how's your cold?
1240436033 M * Bertl getting better .. at least I get some sleep at night now
1240436059 M * Bertl (helps a lot with the concentration :)
1240436106 M * fb now, lets see what will new kernel say about those broken debian util-vserver ;)
1240436114 M * Bertl but I'm somewhat worried about daniel_hozac ... anybody talked to him recently?
1240436124 M * fb se you soon, hopefully :)
1240436136 Q * fb Quit: kernel upgrade
1240436145 A * Supaplex checks daniel_hozac for a pulse
1240436320 M * Supaplex you were saying something about concentration? I gave the 20gb to /var and not /usr. my kernel buils are usually in /usr/local/src/... :p gah
1240436447 M * Bertl time to hit the sack ... off to bed, have fun!
1240436455 N * Bertl Bertl_zZ
1240436512 M * Supaplex buhuhaha. time to cheat with bind mounts. >:)
1240436576 M * Supaplex sleep well. don't let the registers longbyte.
1240436596 J * harobed ~harobed@arl57-1-82-231-110-14.fbx.proxad.net
1240436619 J * fb fback@red.fback.net
1240436634 M * fb Bertl_zZ: looks like your patches did the trick
1240436728 M * fb and both 'broken' and latest util-vserver work with as expected
1240436756 M * Supaplex yay
1240437052 Q * cga Quit: got a DELL??? update you BIOS with http://github.com/cga/dellbiosupdate.sh/tree/master ;)
1240438031 J * scientes ~scientes@75-165-65-163.tukw.qwest.net
1240438185 Q * tex_ Read error: Connection reset by peer
1240439327 M * Supaplex ffffffff80295b32 T valid_swaphandles
1240439345 M * Supaplex supaplex@li:/usr/local/src/vserver-kernel$ addr2line -e linux-2.6-2.6.26/debian/build/build_amd64_vserver_amd64/vmlinux ffffffff80295bfc
1240439348 M * Supaplex mm/swapfile.c:1841
1240439351 M * Supaplex humm
1240439723 Q * dna Quit: Verlassend
1240439971 Q * larsivi Ping timeout: 480 seconds
1240440308 Q * harobed Ping timeout: 480 seconds
1240440960 Q * geb Remote host closed the connection
1240441645 Q * dowdle Remote host closed the connection
1240442148 Q * bourgeau Quit: bourgeau
1240442866 Q * FireEgl Read error: Connection reset by peer
1240443708 J * FireEgl Proteus@WTF.4.1.0.c.0.7.4.0.1.0.0.2.ip6.arpa