1268525207 Q * mindo Quit: Leaving
1268526827 J * MeCooL mecool@94.129.167.9
1268527249 J * starcode ~ircclient@mail.marketoolz.com
1268527264 M * starcode Moin
1268527333 M * starcode I need more than 16 IPs in vserver guests and I found an outdated 64-IP Patch from derjohn...
1268527354 M * starcode Is there a newer patch available somewhere?
1268527381 M * starcode Or some other way to use more than 16 IPs?
1268527594 J * mart ~mart@122-62-16-132.jetstream.xtra.co.nz
1268527669 M * mart i have a question, is it possible debugging X application with gdb step and breakpoints somehow, without crashing the system with vserver or some technique?
1268528073 M * daniel_hozac starcode: that patch hasn't been needed since Linux-VServer 2.0
1268528120 M * daniel_hozac mart: i'm not sure how vserver would help you there.
1268528204 M * mart daniel_hozac, i think i tried year back and it didn't needs some stronger isolation, but i didn't search where the problem actually lived, nor had much more tries then just remote debugging from default vserver container
1268528478 M * mart maybe pid namespaces though
1268528489 M * mart could help there
1268529201 P * mart Leaving
1268529724 Q * starcode Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org
1268531416 J * mart ~mart@122-62-16-132.jetstream.xtra.co.nz
1268531453 M * mart nah was maybe stupid, vserver still uses this feature too pid namespaces
1268532014 J * ktwilight_ ~keliew@34.91-136-217.adsl-dyn.isp.belgacom.be
1268532231 Q * ktwilight Ping timeout: 480 seconds
1268533035 P * mart Leaving
1268533692 J * mart ~mart@122-62-16-132.jetstream.xtra.co.nz
1268535360 Q * mart Quit: Leaving
1268535641 J * derjohn_foo ~aj@e180192081.adsl.alicedsl.de
1268536074 Q * derjohn_mob Ping timeout: 480 seconds
1268537497 J * aj__ ~aj@e180193133.adsl.alicedsl.de
1268537872 Q * derjohn_foo Ping timeout: 480 seconds
1268537893 J * mart ~mart@122-62-16-132.jetstream.xtra.co.nz
1268537967 Q * balbir Ping timeout: 480 seconds
1268539242 J * SauLus_ ~SauLus@c150085.adsl.hansenet.de
1268539652 Q * SauLus Ping timeout: 480 seconds
1268539652 N * SauLus_ SauLus
1268541691 Q * mart Read error: Connection reset by peer
1268542535 J * mart ~mart@122-62-16-132.jetstream.xtra.co.nz
1268542912 Q * mart Read error: Connection reset by peer
1268543213 J * mart ~mart@122-62-16-132.jetstream.xtra.co.nz
1268545919 P * mart Leaving
1268547327 J * balbir ~balbir@122.172.111.161
1268552972 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com
1268554188 Q * BenG Quit: I Leave
1268554462 J * mart ~mart@122-62-16-132.jetstream.xtra.co.nz
1268554521 M * mart daniel_hozac, something like this actuatlly https://wiki.ubuntu.com/X/Backtracing#DRI%20/%20drm%20problems gdv active Xorg session, i wasn't clear enough i see hangs only with gdb --pid $(pidof Xorg)
1268555197 Q * mart Read error: Connection reset by peer
1268557124 J * mart ~mart@122-62-16-132.jetstream.xtra.co.nz
1268557797 Q * mart Read error: Connection reset by peer
1268557815 J * __mart ~mart@122-62-16-132.jetstream.xtra.co.nz
1268557920 M * __mart daniel_hozac, i hope you forgat this one, i was noticeably stupid imo again, i understood how it is suppose to work now, x backtraces
1268558058 M * __mart bye, time to go
1268558064 P * __mart 
1268558739 J * ghislain ~AQUEOS@adsl2.aqueos.com
1268558776 J * ntrs ~ntrs@77.28.31.170
1268560036 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1268560884 Q * aj__ Ping timeout: 480 seconds
1268562882 Q * DreamerC Quit: leaving
1268562898 J * DreamerC ~DreamerC@122-116-181-118.HINET-IP.hinet.net
1268563147 Q * balbir Ping timeout: 480 seconds
1268563296 J * thierryp ~thierry@home.parmentelat.net
1268563801 J * balbir ~balbir@122.172.54.179
1268566087 Q * balbir Ping timeout: 480 seconds
1268566796 J * balbir ~balbir@122.172.147.12
1268568308 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com
1268568627 Q * BenG Quit: I Leave
1268569866 Q * ntrs Read error: Connection reset by peer
1268569878 J * ntrs ~ntrs@77.28.11.141
1268571057 Q * thierryp Remote host closed the connection
1268572340 J * imcsk8 ~ichavero@evdomip-44-245.iusacell.net
1268572552 J * derjohn_mob ~aj@e180193133.adsl.alicedsl.de
1268572897 J * thierryp ~thierry@home.parmentelat.net
1268572907 Q * thierryp 
1268573916 Q * imcsk8 Quit: This computer has gone to sleep
1268574517 Q * balbir Ping timeout: 480 seconds
1268574900 J * mrjack mrjack@office.smart-weblications.net
1268575179 J * balbir ~balbir@122.172.144.35
1268575274 N * Bertl_zZ Bertl
1268575278 M * Bertl morning folks!
1268575448 M * sur5r hi Bertl 
1268576019 J * hijacker ~hijacker@87-126-142-51.btc-net.bg
1268576146 M * sur5r mmh. how do i allow write access to sth. in /proc from a guest?
1268576307 M * Bertl you mean, something you are not allowed to write to?
1268576440 M * sur5r yes
1268576452 M * sur5r i made it visible with vprocunhide
1268576458 M * Bertl well, that depends on why you are not allowed to write there
1268576478 M * sur5r i'm trying to get openafs working from inside a vserver
1268576497 M * Bertl usually the entry requres some capability to be present
1268576497 M * sur5r it needes write access to /proc/fs/openafs/afs_ioctl
1268576501 M * sur5r mh
1268576527 M * Bertl openafs is not part of mainline (yet) correct?
1268576532 M * sur5r right
1268576541 M * sur5r and will never be, because of license issues
1268576545 M * Bertl so, do you have the patch somewhere to look at?
1268576568 M * sur5r it's a kernel module that get's built out-of-tree
1268576578 M * Bertl source code then?
1268576584 J * pmenier ~pmenier@ACaen-152-1-91-228.w83-115.abo.wanadoo.fr
1268576586 M * sur5r yes
1268576621 M * Bertl if you point me to it, I can take a look what checks happen there
1268576673 M * sur5r http://git.openafs.org/?p=openafs.git;a=tree;f=src/afs;h=d4381dcf49ad3f24bbbb0d811f43ad5f69bf0c8e;hb=HEAD
1268576716 M * sur5r what i get is: [3363801.399159] vxW: [�aklog�,21332:#42|42|42] denied 26 access to proc:ffff88007c99ecd8[#0,4026532173]
1268576746 M * sur5r 26 is basically "write", right?
1268576757 M * Bertl can be anything
1268576823 M * sur5r strace shows: open("/proc/fs/openafs/afs_ioctl", O_RDWR) = -1 EACCES (Permission denied)
1268576927 M * Bertl openafs does ioctl via proc?!
1268576965 M * sur5r looks like, i never dug in there so far
1268577025 M * sur5r i remember it was working some time ago. but that might have been vs2.0.x back then
1268577198 M * Bertl it looks to me like it is creating a custom procfs hierarchy in LINUX/osi_proc.c
1268577218 M * Bertl basically you need to adjust that to have the proper taging
1268577281 M * sur5r adjust in the code or where?
1268577300 M * Bertl yep
1268577337 M * sur5r uh
1268577363 M * Bertl or you do the necessary setup/etc on the host and just --bind mount it into the guest
1268577386 M * sur5r bind mount the proc stuff?
1268577413 M * sur5r i have a bind mount of /afs, that works already
1268577430 Q * balbir Ping timeout: 480 seconds
1268577431 M * Bertl bind mounting proc won't change anything regarding the checks
1268577439 M * sur5r but for authenticated access to afs, users inside the vserver need to write to this proc entry
1268577605 M * sur5r did i overlook some docs?
1268577644 M * Bertl sounds interesting ... but in this case, you'll have to adapt the afs code
1268577679 M * sur5r can you point me at some example code for this?
1268577712 Q * hijacker_ Ping timeout: 480 seconds
1268577712 M * sur5r if i can get it to work cleanly, it might be adopted upstream for openafs
1268577798 M * Bertl the code you are hitting right now is in fs/namei.c, ~242
1268577804 M * Bertl in dx_permission()
1268577853 M * Bertl _dx_permission has a separate section for procfs, ~198
1268577981 M * Bertl if you enable some of the Linux-VServer debugging, we'll probably see that it hits the xid check around line ~219
1268578057 J * balbir ~balbir@122.172.110.142
1268578070 M * sur5r ok, thanks for the hints so far
1268578094 M * Bertl it also looks to me like the entry was created on the host and tagged with xid=0
1268578107 M * sur5r will set up a devel machine with debugging enabled
1268578123 M * sur5r the afs_ioctl entry?
1268578124 M * Bertl so, you might try to chxid it to the guest context id
1268578128 M * sur5r mh
1268578171 M * sur5r lsxid just shows ERR
1268578223 M * sur5r and chxid doesn't work, -EINVAL
1268578261 M * Bertl kind of expected, the fs is not marked with the tag feature
1268578294 M * sur5r but won't chxid restrict me to using afs inside one vserver only?
1268578337 M * Bertl the question is, if afs in more than one container would work at all, considering that it does strange things with uid and procfs :)
1268578366 M * Bertl but I have no idea how it works and what it does there, so it might work if adjusted properly
1268578386 M * sur5r what i remember from when it was working back then, is, that you had to be careful with user ids inside the vservers
1268578447 M * Bertl you could, for a start, disable the entire if ((mask & (MAY_WRITE | MAY_APPEND))) check in __dx_permission() (note that this is opening up your ekrnel to dangerous things)
1268578449 M * sur5r so if uid 1000 in guest A has more rights in AFS, uid 1000 in guest B will have the same rights though he never authenticated to afs
1268578463 M * sur5r ok
1268578472 M * Bertl just to see if it would work
1268578492 M * sur5r ok
1268578523 M * sur5r and if it does, start thinking on how to do it correctly with separation and stuff
1268579111 Q * balbir Read error: Connection reset by peer
1268580106 J * balbir ~balbir@122.172.60.103
1268583178 J * ntrs_ ~ntrs@77.28.11.141
1268583178 Q * ntrs Read error: Connection reset by peer
1268583242 J * the_hydra ~mulyadi@fm-ip-118.136.89.99.fast.net.id
1268588194 Q * pmenier Quit: Konversation terminated!
1268592367 Q * the_hydra Quit: Leaving
1268598423 P * mugwump 
1268600054 M * Bertl off to bed now .. have a good one everyone!
1268600060 N * Bertl Bertl_zZ
1268601267 J * imcsk8 ~ichavero@evdomip-43-221.iusacell.net
1268601902 Q * imcsk8 Quit: This computer has gone to sleep
1268603096 Q * hijacker Quit: Leaving
1268603410 Q * bonbons Quit: Leaving
1268604049 J * imcsk8 ~ichavero@evdomip-43-221.iusacell.net
1268605054 Q * ghislain Quit: Leaving.
1268605857 Q * imcsk8 Quit: This computer has gone to sleep
1268607805 J * imcsk8 ~ichavero@evdomip-43-221.iusacell.net
1268607840 Q * imcsk8 
1268610202 Q * ntrs_ Ping timeout: 480 seconds