1267056043 Q * Chlorek Remote host closed the connection 1267057006 J * AndrewLe1 ~andrew@u7.hlc.edu.tw 1267057037 Q * AndrewLee Read error: Connection reset by peer 1267057597 Q * Rendy Remote host closed the connection 1267057923 J * Chlorek ~cokolwiek@2001:6a0:183:f002::1 1267057944 Q * bonbons Quit: Leaving 1267058130 Q * Chlorek 1267058178 J * Chlorek ~cokolwiek@c.sed.pl 1267058687 Q * padde Server closed connection 1267058692 J * padde ~padde@patrick-nagel.net 1267058910 J * Rendy ~Rendy@122-62-16-132.jetstream.xtra.co.nz 1267061321 M * _Shiva_ oh - 2.6.33 is out.. Bertl: will you keep up the patches for 2.6.32..? 1267061532 M * Rendy got the groups running , in shell what is the line to migrate a task from root cgroup, to a child? 1267061602 M * Rendy understood now what Bertl_zZ said, proccesses appear in both host and cgroups, so yup, current migration version should work ok so 1267061635 M * Rendy per cgroup swapdvice, haven't yet figured out 1267061752 M * Rendy checkpointing 1267061797 P * Psy0rz 1267061837 M * Rendy daniel_hozac, is it possible to run in some child cgroup a swapon command that a host woudn't run it? 1267061937 M * daniel_hozac what? 1267062096 M * Rendy hmm, daniel_hozac njah gotta check what the migration is about, i expected something like proccess isolation, swapon seems to be like a daemon, so i thought that from root cgroup a daemon like swapon /dev/something can be isolated to a child, probably not then? 1267062117 M * Rendy migrated/isolated 1267062185 M * Rendy so proccesses in host kernel don't know that one child runs a swapon , hence don't use that swapping device, but i think balbir would had sayd if it worked so 1267062560 M * daniel_hozac huh? 1267062914 M * Rendy heh, i first ran it today, maybe too silly questions, cause i have too little space, only cgroups 2.6.33 without vserver, i see root hierarchy has a tasks file that lists pid's 1267062980 M * Rendy and when i make a child dir, by just mkdir Rendy, then i can echo running pid's there too, so how the task migration works, what is the line, to transfer a pid from one cgroup to another? 1267063005 M * Rendy just that same echo? then they start appearing in every cgroup? 1267063169 M * Rendy yup, i see now, when i echo'd 10 to child then root removed it, ok 1267063627 M * Rendy ah swapon isn't a daemon 1267063682 M * Rendy so it's triggered in for both host and child cgroup, as swapon -s shows here, doesn't suite, furthr hack is needed, might be fairly complicated 1267063986 M * Rendy anyways daniel_hozac gotta play a little before, bertl seemed to have ideas actually, ramzswap kernel module can use any backing block device and multiple it seems, like slram vram based ones 1267064322 Q * ckt1g3r Quit: Leaving 1267064874 M * Rendy seems to be picked up from /proc/swaps 1267065289 Q * Romster Ping timeout: 480 seconds 1267065499 M * Rendy security hole i belive it leaves quite sure the consern is related to this, why bertl said, not good idea 1267065528 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com 1267065881 M * daniel_hozac what? 1267066158 M * Rendy i'm still searching your pam-mount things, just a swapdevice per cgroup, so host applications ones that aren't in cgroups, would use different swapdevice on paging, memory pressure, you know when application uses more memory then is available, then host starts to use that samee swapdevice which i nede only for cgroup pid's to use 1267066639 M * daniel_hozac well, typically, you just want to avoid swap. 1267066647 M * daniel_hozac wanting to use swap is kind of a rare thing. 1267066657 M * Rendy daniel_hozac, pam is something that mounts volumes for a user session, maybe there is some sort of a way, you suggested similar 1267066667 M * daniel_hozac no 1267066675 M * daniel_hozac there is no kernel support for it. 1267066705 M * Rendy daniel_hozac, yeah, but their ram based swap and vram based swap, seems to be a hack to get swapping to happen elsewhere then on slow disks 1267066961 M * Rendy daniel_hozac, though probably yeah correct way shoudn't be to confuse, port it to correct code, conventional term is, yeah swap is used as slow alternative in out-of memory case 1267067115 M * Rendy ah there may be other issues, maybe it drains the physical devices quicker 1267067301 M * Rendy non said about vram and ddram still, only sd cards as swap blockdevices, shortens their lifetime 1267067375 M * Bushmills setting kernel swappiness low helps. better than running out of memory. 1267067379 M * Rendy daniel_hozac, gotta eat, bbl maybe bertl get's/arrives into timezone then 1267067438 M * Rendy Bushmills, yup, but in case of those hacked swapdevices, i think it can be set to high instead 1267067463 M * Bushmills as those are faster, it shouldn't matter much 1267067470 M * Rendy just that how to do that per cgroup, not affecting the host threads at all 1267067704 M * daniel_hozac you can't. 1267068184 M * Rendy daniel_hozac, probably can but needs some dangerous code, so that host woudn't access such a disk, pam mount may do that, with gid or something hardcoded to match the one how the device was mounted 1267068197 M * Rendy though maybe i'm wrong there, will investigate couple days 1267068242 M * daniel_hozac no 1267068249 M * daniel_hozac the kernel doesn't have any sense of that. 1267068252 M * daniel_hozac swaps only have priorities. 1267068445 M * Rendy yup, multiple devices with priorities, but there is like a flag that don't parse nonexisting ones, but you may be right there, this swapping may lead to some kernel ioctl instead, so that special swapon command can't be programmed without kernel patch 1267068453 J * morfoh_ ~morfoh@shell.opensde.net 1267068476 J * _Shiva__ shiva@whatcha.looking.at 1267068556 J * balbir ~balbir@122.172.106.116 1267068568 Q * morfoh Ping timeout: 480 seconds 1267068593 Q * _Shiva_ Ping timeout: 480 seconds 1267068603 M * Rendy daniel_hozac, i selectively from web saw little bit of those swapdevice cgroup patches, i think there swapaccess should work normally like for host, recheck them later 1267068608 M * Rendy will 1267069070 M * Rendy daniel_hozac, currently i belive i'd agree with you, swapon only triggers some function and exits, if the device is gid and all programs run with such gid's maybe that is still not suffecient, however really unsure about it all 1267069850 M * Rendy threre's also io controller, maybe gid/uid apply only to filesystems not devices 1267070145 M * Rendy balbir, this per cgroup swap device patch hasn't yet been tried on mailine i guess yes? 1267070295 M * fLoo is anyone free for testing a testbuild (debian, 64 bit) kernel 1267070302 M * fLoo vor the up2date kernel (2.6.32.9) ? 1267070304 M * fLoo *for 1267070465 J * SauLus_ ~SauLus@c193001.adsl.hansenet.de 1267070826 M * cehteh up2date? 1267070837 M * cehteh hey you are so yesterday .. 2.6.33 is released :P 1267070874 Q * SauLus Ping timeout: 480 seconds 1267070874 N * SauLus_ SauLus 1267071317 M * Rendy daniel_hozac, but running all apps in cgroups i think then per cgroup swap is possible, some just restrict access to certain devices and that's it 1267071419 M * Rendy somewhere was a daemon, that starts all apps in cgroups and classifies them 1267071427 M * Rendy libcgroup 1267071567 M * Rendy fairly complicated , then mesa and intel should run such a daemon 1267072052 Q * balbir Ping timeout: 480 seconds 1267073027 Q * Rendy Quit: Leaving 1267075010 J * Rendy ~Rendy@122-62-16-132.jetstream.xtra.co.nz 1267075213 Q * Rendy 1267076651 J * Rendy ~Rendy@122-62-16-132.jetstream.xtra.co.nz 1267079604 J * kir ~kir@swsoft-msk-nat.sw.ru 1267079954 Q * Romster Ping timeout: 480 seconds 1267080742 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com 1267080769 J * ghislain ~AQUEOS@adsl2.aqueos.com 1267081100 J * ncopa ~ncopa@245.39.189.109.customer.cdi.no 1267081427 J * sharkjaw ~gab@90.149.121.45 1267081861 Q * ncopa Quit: Ex-Chat 1267082691 M * Rendy daniel_hozac, there is also a library, i think libcap that has execap somewhere, can restrict access to devices per application 1267082754 Q * derjohn_mob Ping timeout: 480 seconds 1267084692 J * tpo ~tpo@cable-dynamic-87-245-106-94.shinternet.ch 1267084787 J * ncopa ~ncopa@245.39.189.109.customer.cdi.no 1267084931 M * Rendy njah, only all block devices 1267085508 Q * Rendy Quit: Leaving 1267086905 Q * niki Quit: Leaving 1267087119 J * Rendy ~Rendy@122-62-16-132.jetstream.xtra.co.nz 1267088149 Q * Romster Ping timeout: 480 seconds 1267088171 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com 1267088312 N * Bertl_zZ Bertl 1267088317 M * Bertl morning folks! 1267088464 M * morfoh_ moin Bertl 1267088505 Q * tpo Ping timeout: 480 seconds 1267088518 M * Rendy morning 1267088574 N * morfoh_ morfoh 1267088678 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com 1267088680 M * Rendy Bertl, that swap per cgroup is a bit to complicated to my previous knowledge, or per application on host 1267088925 M * Rendy those are in glibc and linux those swapoff swapon commands 1267089027 M * Rendy though one virtualizer cgroup based advertises a functionality like this kerighead 1267089050 M * Rendy two rr kerrighead 1267089169 M * Bertl kerrighed is an SSI solution, IIRC 1267089308 M * Rendy don't know what that means, anyways you had maybe idea, how to hack similar thing into vserver/cgroups? 1267089396 M * Bertl well, I'm pretty sure I could do that (if I understood correctly, you want to have a separate swap file per cgroup/process), but I do not really see a point in that (yet) 1267089399 J * derjohn_mob ~aj@213.238.45.2 1267089489 M * Rendy Bertl, yes, i guess so (i'm not sure wether i see things correctly though, only feels like that host proccesses would swap too , if one cgroup thread launches swapon somedev) 1267089555 M * Rendy but ther is like mountains of code, and i don't have much clue where to start debugging such sandboxes, never used cgroups much or trained 1267089626 M * Rendy exercised:) Bertl ramszwap i meant, maybe it's possible to instruct a cgroup thread to swap-in swap out to slram backing device on the fly 1267089663 M * Bertl probably, but again, what's the point? 1267089704 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267089824 M * Bertl I mean, don't get me wrong, I can see that _you_ want to test something with it (or so), which is probably more than enough reason for _you_ to work on that ... but I fail to see the point why somebody else (like me) would want that :) 1267089835 M * Rendy Bertl, just to get some faster functions, and responces, fast pagecache, for compiz and mesa and intel, cause their geometry isn't fully programmed in hw 1267089883 M * Bertl when mesa userspace starts swapping out, something must be wrong in the first place, no? 1267089891 M * Rendy and i need to alloc free, fast buffers from some pool, to feed compiz 1267089946 M * Bertl are you doing compiz development? 1267089961 M * Rendy with normal swapdevice and code without kernel forced swapout to some swaphack , that should only happen, when user feeds like 2gb textures 1267090019 M * Bertl why not simply pin that memory into ram with mlock? 1267090021 M * Rendy Bertl, not much, but i saw just it uses glvertex functions to draw a quad finally, texture geometry 1267090064 M * Bertl if the user wants 2GB of textures for compiz, there is a good reason to mlock that IMHO 1267090065 M * Rendy Bertl, yep, that is also a possibility 1267090169 M * Rendy two drawbacks then. once the mlock is done, no easy interface to change allocation, though maybe stdin function can be programmed, don't have snippets though to do that, so no quotas, and nr two, no lzo compression 1267090237 M * Bertl well, lzo compressing the textures is probably a bad idea anyway (not that it doesn't work, but it consumes cpu time after all) 1267090239 M * Rendy though yeah, mlock with vram should also be quite fast the way i red 1267090266 M * Bertl isn't there already a compression mechanism for textures available? 1267090285 M * Bertl i.e. textures which can be blitted out of some compressed data stream? 1267090324 M * Bertl and note: to mlock, there is munlock(2) :) 1267090458 M * Rendy ok, if that lzo isn't needed then maybe swap is not needed at all for cgroup thread 1267090547 M * Rendy it should still be possible to mlock inside a cgroup though, not sure about accounting, maybe if mmap maps the vram and has flag shared, then the counter knows about quotas 1267090571 M * Rendy the patch that does it may not be in kernel tree though 1267090620 M * Bertl there should be mlock support in recent cgroup framework 1267090624 M * Rendy but there is one more flag which prefaults readahead and doesn't use mlock 1267090788 M * Rendy but in case you see a solution to swapdevice per cgroup, then think about it, since that would be easier to implement, i think this mlock and readahead mm spitters with a long run are doable also, but little more code, maybe 200lines or so and actual mesa/compiz hooks 1267090916 M * Bertl I guess this is really off topic here, you might want to discuss that on the compiz channel or cgroup ML ... let's focus here on Linux-VServer related issues ... 1267091167 M * arekm do we have 2.6.33 patch already? ;) 1267091216 M * Bertl nope, but working on it as we speak 1267091232 M * Rendy Bertl, ok, i think they don't have such a channel though 1267091364 J * yarihm ~yarihm@office-zrh.youngsolutions.ch 1267091391 M * Bertl Rendy: freenode has a compiz-dev with 32 nicks 1267091400 M * Rendy i red for vserver and openvz same way system swapdevice used 1267091424 M * Rendy Bertl, nah, doesn't matter i don't have anything to discuss there for cgroups 1267091479 M * Bertl the point is, Linux-VServer is aiming to get best over-all performance, so something like separate swap devices (which requires separate pages for each guest) is not really appealing 1267091484 M * Rendy http://devweblog.org/archives/24-Oracle-10g-XE-and-OpenVZ.html both same thing, mentiones something about the trick, but no snippt, anyways i guess none is aware thn, or has some drawbacks 1267091525 M * Rendy BenG, yeah maybe, not an expert, vserver patches are quite large too 1267091530 M * Bertl i.e. it is a lot better to have a common (per cpu is fine) swap pool and it is even better not to swap at all 1267091562 M * Bertl Rendy: @large, you think? have you recently compared them to a single mainline version change? 1267091579 M * Rendy whole point i think is that swap and file backed things don't block from the start i think 1267091579 M * BenG Rendy, don't think I said anything :) 1267091597 M * Rendy oops BenG was meant to Bertl 1267091639 M * Rendy Bertl, no 13thfloor ones i saw maybe year and some months ago, experimental all were your patches 1267091700 M * Rendy that's little more then just cgroups, kernels and filesystem dir , like virtualized os 1267091741 M * Bertl correct, but e.g. 2.6.32 to 2.6.33 is about 70 times larger than any Linux-VServer patch ever :) 1267091755 M * Rendy tried with mount -o rbind that probably doesn't trick cgroups and running kernel proc files etc. 1267091849 Q * kjj Ping timeout: 480 seconds 1267091955 M * Rendy Bertl, what is the main new feature which makes them so much larger then previous ones? 1267092074 M * Bertl they have constantly grown over time, so not really that unusual ... new features depend on the kernel version 1267092098 M * Rendy anyways that still leaves me two possibilites cgroup's daemon (i.e all apps in cgroups), no swapping at all 1267092136 J * kjj ~kjj@pool-74-107-128-126.ptldor.fios.verizon.net 1267092156 M * Rendy yeah kernel is massively grown, 1gb compiler version almost, or was it 700mb 1267092226 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1267092444 J * barismetin ~barismeti@zanzibar.inria.fr 1267092454 M * BenG Bertl, what is it about Linux-Vserver that means that the namespaces cgroup subsystem must be disabled? 1267092508 M * BenG as in, why is that necessary? 1267092531 M * Bertl the 'cgroup namespace' aims to build a framework similar to Linux-VServer but quite limited (no enter, only cgroup limits, etc) 1267092567 M * Bertl for this purpose, it modifies how the cgroups fit together, in way which is currently incompatible to the normal Linux-VServer setup 1267092632 M * BenG if I don't mount my cgroup filesystem with ns though, should things work as expected? 1267092695 M * BenG for example: mount -t cgroup -o cpuset,cpu,cpuacct vserver /dev/cgroup 1267092720 M * BenG would exclude the ns subsystem 1267092737 J * tpo ERROR@fw.zhdk.ch 1267092761 M * Bertl it might work, but you have to check that 1267092826 M * BenG okay I'll check 1267092867 M * BenG I'm looking to help out with making sure cgroup scheduling works with the next Debian, so I'm keen to know how a kernel with NS enabled will work out 1267093022 M * Bertl note that the cgroup frameworks are independant from the cgroup namespace 1267093044 J * petzsch ~markus@dslb-094-222-103-145.pools.arcor-ip.net 1267093160 M * BenG how do you mean? 1267093269 M * Bertl the cgroup namespace just 'combines' the different cgroup frameworks in some kind of aggregate 1267093394 M * BenG as far as I can tell the cgroup namespace subsystem is for interaction with the namespace system already within the kernel 1267093486 M * Bertl yes, so that you can unshare a 'cgroup namespace' 1267093855 M * Rendy last question i think, so a restriction to certain device read/write, is only cgroup thing, or can it be done per app/user for host too? 1267094102 M * Rendy i think at host side the app main interpose patch not allowing to use the same swap, is probably really short code 1267094290 M * Bertl in Linux-VServer you can do it with a cgroup or with the device mapper and a Linux-VServer context .. both can be applied to a number of tasks 1267094340 M * Bertl but note: this kind of device restriction has nothing to do with e.g. swap files 1267094457 M * Rendy i don't care about swap files at all, only block devices, yeah period there i think now, it's sane to just run all app's in cgroups imo 1267094608 M * Rendy but making a devicemapper device from mtd storage or sw raid, i think is possible too, never red devmapper, so they have some rules as well then, probably libcap also has it, or just per app glibc hook 1267094632 Q * gnuk Remote host closed the connection 1267094695 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1267094773 M * Rendy Bertl, gotta go, not sure about shared libraries, kernel says there is a shared library memory usage, like some parts of shared libraries that are not launched as a pid, may still use swapdevice 1267095030 M * Bertl correct 1267095186 Q * bonbons Read error: Connection reset by peer 1267095458 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267096377 Q * bonbons Remote host closed the connection 1267096498 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267096574 M * Rendy yeah, i didn't see such flag, this could be somewhat solution, will see tomorrow if it's vserver specific devmapper access, that could be a start, maybe something more precise, but it's good enough 1267096818 M * Rendy infact raw/raid/devmapper restriction flags look to be a good starting point indeed, later find better 1267096953 M * Rendy oopys bothered enough, maybe not rough, that doesn't involve fs layer, what swap needs 1267097130 J * fleischergesell ~fleischer@dslb-088-076-038-005.pools.arcor-ip.net 1267097158 M * fleischergesell Hey, how can I up a new interface in a guest without restarting it? 1267097256 M * Bertl you do not up/down interfaces in a guest 1267097329 M * fleischergesell Okay, whatever the host normally does during the start of a guest to "give" the guest network interfaces, how can I achieve this without restarting the guest? 1267097353 M * Bertl naddress is able to modify the IPs assigned to a guest 1267097370 M * Bertl ip is used on the host to add/remove IPs to/from interfaces 1267097391 M * fleischergesell thx, that helped 1267097406 M * Bertl when an interface carries an IP which is assigned to a guest, it will be shown inside the guest 1267097492 M * BenG Bertl, using "mount -t cgroup -o cpuset,cpu,cpuacct vserver /dev/cgroup" does seem to work fine with a kernel with cgroup namespaces enabled 1267097502 M * BenG guest start fine and the cgroup scheduling works 1267097594 M * Bertl maybe you could wrap up a patch (against util-vserver) to handle that in a general way? I'm sure daniel_hozac will consider that one for inclusion 1267097738 M * BenG it depends what we want to do about it 1267097809 M * BenG I've a suggestion about the way /dev/cgroup is mounted which I should spend time getting together before I do that 1267097818 M * Bertl okay 1267097881 M * Bertl I planned to simply block enabling the cgroup namespace on a Linux-VServer patched kernel, but if you find a userspace workaround, I'm fine with that too 1267097929 M * BenG the user space workaround would be simply not mounting /dev/cgroup with the ns option 1267097944 Q * tpo Ping timeout: 480 seconds 1267097953 Q * bonbons Quit: Leaving 1267098007 M * BenG however my suggestion for mounting cgroups would be that a separate hierachy per subsystem be used 1267098029 M * BenG so that for example, the cpu subsystem would be mounted at /dev/cgroup/cpu 1267098061 M * BenG this would give much more flexibility 1267098068 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267098094 M * Bertl BenG: I doubt that daniel_hozac is explicitely mounting it with the ns option ... 1267098111 M * Bertl (so it is not as simple as 'just' leaving that out) 1267098124 M * BenG no, for sure, the default is to mount all subsystems 1267098151 M * BenG so ns gets brought in as part of that 1267098193 M * Bertl which was what I meant with a 'more general' approach 1267098208 M * BenG yeah, I hear you 1267098210 M * Bertl i.e. figure out what subsystems are available, remove 'ns' and mount 1267098240 M * BenG sure 1267098243 M * fleischergesell mh, for some reason naddress is not working for that new ip - if I do --set or --remove and then --add the old ips, that works - but the new one does not - any idea? 1267098333 M * BenG Bertl, further to that, it would be very useful to control which subsystems are mounted 1267098410 M * Bertl fleischergesell: 'does not work' means? 1267098416 M * Rendy bye folks, Bertl yeah i'm pretty sure with a month more reading i find a way how to do block device swap method too, so that host blocks per app & shared lib's access to cgroup threads swap entries, takes a bit time to find correct glibc/kernel hooks where to inject those restrictions 1267098435 M * Bertl Rendy: sure, have fun! 1267098459 Q * Rendy Quit: Leaving 1267098474 Q * bonbons Quit: Leaving 1267098475 M * fleischergesell 'does not work' means naddress says "Added 192.168.1.201" but I can't ping it from the host nor shows it up in the guests ifconfig 1267098590 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267098618 M * Bertl did you add it with 'ip a add'? 1267098643 M * fleischergesell oh wait, I have to add the very same ip on the host too? 1267098680 M * fleischergesell is that what the host normally does during the start of guests? 1267098715 M * Bertl correct 1267098733 M * Bertl (unless you specify nodev, which means not to add it on the host) 1267098760 M * BenG Bertl, a list of available subsystems excluding ns can be created thus: cat /proc/cgroups | grep -v subsys_name | grep -v ns | awk '{print $1}' 1267098857 M * fleischergesell Bertl: worked, thank you! 1267099002 M * Bertl you're welcome! 1267099443 M * BenG daniel_hozac, you around? 1267100852 M * BenG Bertl, the current util-vserver has the following line: 1267100888 M * BenG $_MOUNT -t cgroup -o "$CGROUP_SUBSYS" vserver "$CGROUP_MNT" 1267100901 M * BenG but $CGROUP_SUBSYS is not set 1267100920 M * BenG so currently -o "" is used 1267100970 M * BenG so, so far as I can tell, setting $CGROUP_SUBSYS to an appropriate value is all that's need for Linux-Vserver to work with ns enabled 1267101002 M * BenG would an appropriate place to set that be util-vserver-vars? 1267101041 M * Bertl excellent! thanks for looking into it! I guess if unset (or in general), it won't hurt to filter out ns 1267101139 M * BenG true, so still worth doing a patch 1267102589 M * BenG ah, further information, it seems that the default is actually set in scripts/vserver.functions 1267102608 M * BenG set by default as "all" 1267102635 M * BenG and then overwritten by .defaults/cgroups/subsys if it's set 1267102653 Q * fback Ping timeout: 480 seconds 1267102875 J * fback fback@red.fback.net 1267103011 M * BenG Bertl, I've written a quick script to produce correct default mount option, what should I do with it? Don't know were daniel_hozac would want it in the scripts 1267103048 M * ktwilight what's a safe way to completely disable hashify on a hashified guest? 1267103114 M * Bertl BenG: I'd suggest to post it on the ML and cc daniel on it 1267103124 M * BenG cheer Bertl will do 1267103149 M * Bertl ktwilight: you need to break the hardlinks, and remove the config files 1267103239 Q * marcin_ Remote host closed the connection 1267103258 M * ktwilight so deleting /etc/vservers/$guest/apps/vunify and /etc/vservers/.defaults/apps/vunify/hash/root would suffice? wouldn't that affect all hashified guests? 1267103569 J * marcin ~marcin@flip.wutanic.com 1267103621 M * Bertl ktwilight: you don't want to remove the global config files 1267103856 M * ktwilight so, 1) remove $guest/apps/vunify, 2) reboot $guest? 1267103875 M * ktwilight Bertl, breaking hardlinks would be a matter of stopping the hashification of the guest in cron? 1267104003 Q * BenG Quit: I Leave 1267104370 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com 1267105170 Q * yarihm Quit: Leaving 1267105301 M * ncopa I have uploaded alpine-vserver-1.10_rc3, with debootstrap included 1267105354 M * Bertl okay, what's that? 1267105477 M * BenG added a wiki section: http://linux-vserver.org/util-vserver:Cgroups#Ben.27s_install_on_Debian_Squeeze.2FSid 1267105654 Q * marcin Ping timeout: 480 seconds 1267105682 J * marcin ~marcin@flip.wutanic.com 1267105941 Q * BenG Quit: I Leave 1267108202 Q * sharkjaw Remote host closed the connection 1267108631 J * tpo ERROR@fw.zhdk.ch 1267109885 Q * derjohn_mob Ping timeout: 480 seconds 1267110624 Q * kir Quit: Leaving. 1267111669 Q * tpo Ping timeout: 480 seconds 1267111907 J * mindo ~mindo@122-62-16-132.jetstream.xtra.co.nz 1267111925 Q * mindo 1267111993 J * _mart ~mart@122-62-16-132.jetstream.xtra.co.nz 1267112136 J * balbir ~balbir@122.172.106.247 1267112181 Q * grant Quit: Changing server 1267112418 Q * petzsch Quit: Leaving. 1267112443 M * Bertl balbir: hey, do you have a hard CFS patch for 2.6.33 somewhere? 1267112539 M * balbir Bertl: I can check with bharata 1267112547 M * balbir Bertl: We've been developing on top of -tip 1267112583 M * Bertl well, the last version I have (v5) crashes the kernel when applied to 2.6.33 1267112605 M * Bertl probably because of the scheduler cleanups/changes there 1267112695 M * Bertl i.e. I had to remove the 'active' code for now (from the Linux-VServer patch) 1267113034 M * Bertl arekm: JFYI, test version has been uploaded 1267113277 M * _Shiva__ . o 0 ( wow - mainline seems to implement even more vserver features in 2.6.33 .. the patch shrinks by 40k ;-) ) 1267113623 M * arekm Bertl: cool 1267113800 M * Bertl arekm: the ipv4 and ipv6 part needs some testing 1267113820 M * Bertl _Shiva__: mainly the missing hard CFS scheduler 1267113970 J * tpo ERROR@fw.zhdk.ch 1267114037 Q * ncopa Quit: Ex-Chat 1267114529 Q * SauLus Ping timeout: 480 seconds 1267114685 Q * tpo Ping timeout: 480 seconds 1267115434 M * Bertl balbir: if you need a kernel trace, I can upload one :) 1267115483 M * balbir Bertl: please do 1267115489 M * balbir Bertl: It would really help 1267115556 J * tpo ERROR@fw.zhdk.ch 1267115591 M * Bertl balbir: http://paste.linux-vserver.org/14610 1267115670 M * balbir Bertl: looks like an uninitialized spin lock problem, I'll take a closer look 1267116300 Q * tpo Ping timeout: 480 seconds 1267116310 J * derjohn_mob ~aj@80.187.231.88 1267116422 M * Bertl nap attack ... bbl 1267116426 N * Bertl Bertl_zZ 1267117404 J * yarihm ~yarihm@office-zrh.youngsolutions.ch 1267117505 Q * derjohn_mob Ping timeout: 480 seconds 1267119140 Q * bonbons Quit: Leaving 1267119292 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267119441 J * petzsch ~markus@dslb-094-222-103-145.pools.arcor-ip.net 1267119528 Q * barismetin Quit: Leaving... 1267119601 Q * yarihm Quit: Leaving 1267120399 Q * petzsch Quit: Leaving. 1267123876 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com 1267124583 J * ktwilight_ ~keliew@91.178.150.61 1267124790 Q * ktwilight Ping timeout: 480 seconds 1267125031 Q * gnuk Quit: NoFeature 1267125092 Q * jrdnyquist Quit: Leaving 1267125528 Q * BenG Quit: I Leave 1267125741 J * jrdnyquist ~jrdnyquis@slayer.caro.net 1267126240 J * harobed_ ~harobed@arl57-1-82-231-110-14.fbx.proxad.net 1267129116 M * micah when I use the /usr/lib/util-vserver/vserver-wrapper script to start some vservers after rebooting, they start fine, but if I try to enter them, I get this: vlogin: openpty(): No such file or directory 1267129140 M * micah if i restart the guest, using vserver guest restart (or stop/start), then the problem goes away. what causes that missing pty? 1267129554 M * daniel_hozac does the guest have /dev/pts and /dev/ptmx when you first try to enter it? 1267130234 M * micah daniel_hozac: i cannot tell by entering, because I get kicked out immediately 1267130255 M * micah but maybe I can find out via mtab or something 1267130306 M * daniel_hozac vnamespace -e ls -l /vservers//dev/{ptmx,pts}; vnamespace -e cat /proc/mounts 1267130306 M * micah brb 1267130308 Q * micah Remote host closed the connection 1267130713 J * micah ~micah@micah.riseup.net 1267130814 M * micah daniel_hozac: the guests that have this problem have no /dev/pts/0, they have a /dev/pts, just nothing in it 1267130841 M * daniel_hozac /dev/pts/0 doesn't get created until you vserver ... enter 1267130843 M * daniel_hozac or use ssh to enter 1267130848 M * daniel_hozac or something else allocates a tty 1267131073 M * micah well, when I do: vnamespace -e test ls -l /vservers/test/dev/{ptmx,pts} -- it is empty on an affected guest, but has a '0 on ones that are not 1267131190 M * micah and a vserver ... enter doesn't seem to be able to create it 1267131483 J * derjohn_mob ~aj@pD95FD140.dip.t-dialin.net 1267131763 M * daniel_hozac and /proc/mounts shows what? 1267131829 M * daniel_hozac (in the guest's namespace) 1267131861 J * petzsch ~markus@dslb-094-222-103-145.pools.arcor-ip.net 1267131891 Q * petzsch 1267131970 M * micah daniel_hozac: http://micah.riseup.net/pastes/2010-02-25T160629.irV6lqt9OS 1267132027 M * daniel_hozac so it doesn't have the mount 1267132041 M * daniel_hozac do you log errors from vserver-wrapper somewhere? 1267132116 M * micah yeah its invoked with: /usr/lib/util-vserver/vserver-wrapper start >/dev/tty8 /dev/tty8 & 1267132182 M * daniel_hozac so does /dev/tty8 have anything interesting on it? 1267132226 M * micah i'm trying to see if I can read it remotely 1267132284 M * daniel_hozac note that if you don't have /etc/vservers/{.defaults,guest}/apps/init/tty, it'll get sent to /dev/null 1267132418 M * micah ah I do not 1267132468 M * micah i'll have to make some changes and restart things so I can get that 1267132516 M * micah interesting, my tty8 has a segfault 1267132524 M * micah in /usr/lib/util-vserver/vserver.functions 1267132539 M * daniel_hozac what line? 1267132540 M * micah line 907 1267132553 M * daniel_hozac umm 1267132555 M * daniel_hozac what version? 1267132564 M * daniel_hozac because that's a blank line here. 1267132570 M * micah heh 1267132572 M * micah let me see 1267132588 N * Bertl_zZ Bertl 1267132591 M * micah it is this part: 1267132592 M * micah function _mountVserverInternal 1267132592 M * micah { 1267132595 M * micah 907 is the { 1267132600 M * Bertl back now ... 1267132626 M * micah this is a slightly older version of the utilities (r2777) 1267132650 M * daniel_hozac slightly :) 1267132771 M * micah i think the most recent debian stable kernel upgrde exposed this, so I'm trying to figure out where that regression is, and what needs to be fixed 1267133334 M * Bertl daniel_hozac: what would be the preferred way to have an fstab based mount inside the guest context? 1267133396 M * daniel_hozac what? 1267133400 M * Bertl (e.g. for mounting dm devices only known inside the guest) 1267133456 M * Bertl currently I need three scripts, all doing chcontext/vcontext stuff to do the mount, plus a fake entry in mtab 1267133502 M * Bertl I'd like to simplify that in a way which could be merged 'upstream' i.e. by you :) 1267133513 M * daniel_hozac so basically an fstab.context? 1267133518 M * Bertl yeah 1267133549 M * daniel_hozac okay 1267133590 M * Bertl also, is it intentional that the current fstab syntax does not understand 'auto' as filesystem type? 1267133623 M * daniel_hozac hmm? 1267133639 M * Bertl or at least it seemed so, maybe a different problem 1267133666 M * daniel_hozac anything not understood by secure-mount is just handed to mount as-is. 1267133677 M * daniel_hozac so if mount -t auto works, then it should work in fstab too. 1267133725 M * Bertl hmm, I presume -t auto doesn't work, but mount (when reading fstab) simply ignores the type in that case 1267133743 M * Bertl I'll do some tests in this regard and come back with that later 1267133778 M * Bertl so fstab.context would be fine? 1267133814 M * Bertl also, is there some way to run a script at/after context destruction? 1267133838 M * daniel_hozac i.e. on the vshelper event? 1267133849 M * Bertl i.e. similar to initialize, at a point where e.g. mounts have already disappeared? 1267133856 Q * ghislain Quit: Leaving. 1267133875 M * daniel_hozac no, not at the moment. 1267133882 M * daniel_hozac because vserver.stop itself is run inside the namespace. 1267133920 M * Bertl would something like 'finalize' be appropriate? 1267133936 M * daniel_hozac sure... 1267133969 M * Bertl does util-vserver currently wait on context shutdown in the stop/restart? 1267133974 M * daniel_hozac no 1267133980 M * daniel_hozac only for 30 seconds 1267133987 M * daniel_hozac (or whatever the timeout is) 1267134000 M * daniel_hozac after that, it doesn't care anymore. 1267134003 M * Bertl okay, with the wait syscall command? 1267134006 M * daniel_hozac yes 1267134031 M * Bertl okay, so then it kills off the tasks, but doesn't wait anymore, yes? 1267134041 M * daniel_hozac right 1267134048 M * daniel_hozac because killing the tasks doesn't always work. 1267134072 M * Bertl would it be fine to keep/restart the wait on the kill with another timeout? 1267134087 M * daniel_hozac i guess. 1267134090 M * Bertl maybe the same/different one? 1267134108 M * daniel_hozac but you know the namespace will still be around, right? 1267134129 M * Bertl how so? 1267134136 M * daniel_hozac vserver stop is run in the namespace. 1267134150 M * daniel_hozac the entire script. 1267134175 M * Bertl ah, hmm, but it does enter the namespace at some point, yes? 1267134191 M * daniel_hozac ye 1267134191 M * daniel_hozac s 1267134210 M * Bertl okay, will look into that, any ideas are welcome, of course 1267135346 Q * grobie Ping timeout: 480 seconds 1267138729 Q * cehteh Ping timeout: 480 seconds 1267140640 Q * dowdle Remote host closed the connection 1267140649 J * dowdle ~dowdle@scott.coe.montana.edu 1267141656 J * cehteh ~ct@pipapo.org 1267141800 Q * harobed_ Ping timeout: 480 seconds 1267141960 J * Piet ~Piet__@7R1AAAAQY.tor-irc.dnsbl.oftc.net