1270772136 Q * dowdle Remote host closed the connection 1270772210 Q * dna Quit: Verlassend 1270772785 Q * yarihm Quit: Leaving 1270774793 Q * fzylogic Quit: fzylogic 1270780537 Q * imcsk8 Quit: Leaving 1270782046 J * SauLus_ ~SauLus@c192225.adsl.hansenet.de 1270782457 Q * SauLus Ping timeout: 480 seconds 1270782457 N * SauLus_ SauLus 1270783764 Q * balbir Ping timeout: 480 seconds 1270784530 J * balbir ~balbir@122.172.37.3 1270787983 M * Bertl off to bed now ... have a good one everyone! 1270787997 N * Bertl Bertl_zZ 1270788278 Q * selim_ Quit: ChatZilla 0.9.86 [SeaMonkey 2.0.3/20100205174005] 1270788910 Q * nenolod Read error: No route to host 1270789803 J * nenolod ~nenolod@petrie.dereferenced.org 1270791361 J * petzsch ~markus@dslb-188-103-059-216.pools.arcor-ip.net 1270792345 Q * sladen Ping timeout: 480 seconds 1270792922 Q * derjohn_mob Remote host closed the connection 1270793124 J * ncopa ~ncopa@180.40.189.109.customer.cdi.no 1270793515 J * derjohn_mob ~aj@c152026.adsl.hansenet.de 1270794038 Q * derjohn_mob Ping timeout: 480 seconds 1270794262 Q * petzsch Quit: Leaving. 1270795559 J * ghislain ~AQUEOS@adsl2.aqueos.com 1270795583 Q * nkukard_ Ping timeout: 480 seconds 1270797219 J * derjohn_mob ~aj@213.238.45.2 1270798521 M * djMedrzec um, will a fstab entry for / (root fs) be mounted? because it doesn't seem to be doable: /etc/vservers/devel/fstab:1:1: failed to mount fstab-entry 1270798548 Q * balbir Read error: Connection reset by peer 1270799569 J * balbir ~balbir@122.166.162.125 1270800147 M * sid3windr no 1270800227 M * djMedrzec I am having trouble binding a directory from a rw filesystem as ro (so that vserver's / will be ro)... 1270800315 M * djMedrzec I've tried with the vserver's fstab, with mounting rootfs before vserver enter (directory is ro for host and rw for vserver) and with mount $PWD -o remount,ro in pre-start (device or resource busy) 1270800326 M * djMedrzec and I'm running out of ideas ;p 1270800359 J * bosx ~bosx@193.104.33.130 1270800446 M * ghislain what util-vserver version do you use ? if you do the bind in the fstab it should work if i remember right 1270800506 M * djMedrzec ghislain: Installed: 0.30.216~r2842-2ubuntu2 1270800564 M * djMedrzec ghislain: funny thing is that it DOES mount the directory, says it didn't (failed to mount fstab-entry) but the machine starts. yet / is writable for the machine (despite bind,ro options) 1270800589 M * djMedrzec this is crazy 1270800808 M * djMedrzec ghislain: check this out: http://paste.linux-vserver.org/14869 1270801057 M * ghislain of course the fstab is in unix format not dos ? (test with vim just to be sure) 1270801164 M * ghislain the strange thing is that util vserver 2842 does nt appear to exist in daniel repository 1270801175 M * djMedrzec ghislain: root@tefnet:~# file /etc/vservers/devel/fstab 1270801175 M * djMedrzec /etc/vservers/devel/fstab: ASCII text 1270801191 M * ghislain util-vserver-0.30.216-pre2841.tar.bz2 26-Jun-2009 02:32 711K Patches 1270801192 M * ghislain util-vserver-0.30.216-pre2848.tar.bz2 14-Sep-2009 18:09 711K Patches 1270801194 M * djMedrzec ghislain: my version comes straight from ubuntu repos 1270801528 M * ghislain they do not have more recent versions ? 1270801536 M * djMedrzec nope 1270801545 M * djMedrzec : util-vserver is already the newest version. 1270801547 M * ghislain do you think you could try to compile from source once to test 1270801554 M * djMedrzec sure 1270801569 M * djMedrzec gimme a minute 1270801575 M * ghislain vserver-info should give you all that is needed to configure 1270801596 M * ghislain compile is very quick on recent hardware 1270801627 M * ghislain i do not use them for RO but i use them with noexec, nosuid nodev and it works fine 1270801636 M * ghislain but i use 2882 1270803278 J * yarihm ~yarihm@80-219-171-61.dclient.hispeed.ch 1270803429 M * _Shiva_ . o 0 ( funny, that Ubuntu has a util-vserver package in their repos, but do not provide a linux-image-vserver flavor anymore.. ;-) ) 1270804023 M * ghislain yep 1270804100 M * ghislain dj: it works for me -rwSr-Sr-- 1 root root 0 Apr 9 10:32 /var/tmp/test 1270804106 M * ghislain (root)> /var/tmp/test 1270804107 M * ghislain /var/tmp/test: Permission denied. 1270804113 M * ghislain the nosuid optiohn is working 1270804128 M * ghislain noexec also obviously 1270804187 M * ghislain i use (rbind,rw,noexec,nosuid,nodev,noatime) 1270804480 M * djMedrzec hm, what are the proper versions of autoconf and automake for svn trunk? 1270804540 M * djMedrzec I get stuff like: ./configure: line 2260: syntax error near unexpected token `1.9' 1270804543 M * djMedrzec ./configure: line 2260: `AM_INIT_AUTOMAKE(1.9 gnits dist-bzip2 subdir-objects)' 1270804634 M * djMedrzec with autoconf (GNU Autoconf) 2.64 and automake (GNU automake) 1.9.6 1270804988 M * djMedrzec nvm, aclocal has helped :) 1270806157 M * djMedrzec oh my... ./configure: line 3922: ENSC_CXXCOMPILER: command not found 1270806164 J * ghislain1 ~AQUEOS@adsl2.aqueos.com 1270806273 Q * balbir Ping timeout: 480 seconds 1270806331 M * djMedrzec ghislain: how did you create the ./configure script? 1270806449 Q * ghislain Ping timeout: 480 seconds 1270806957 J * manana ~mayday090@84.17.25.149 1270806999 Q * manana Remote host closed the connection 1270807074 J * manana ~mayday090@84.17.25.149 1270807149 M * ghislain1 what do you mean it allready exist, ./configure --help will give you the options 1270807415 Q * manana Remote host closed the connection 1270807820 M * djMedrzec ghislain1: yeah, I pulled from svn. now I have it built (from the tarball) 1270807837 M * djMedrzec ghislain1: still, bind,ro is ignored 1270807843 M * djMedrzec I can write to it 1270808549 Q * yarihm Quit: Leaving 1270811428 J * manana ~mayday090@84.17.25.149 1270811513 J * yarihm ~yarihm@80-219-150-83.dclient.hispeed.ch 1270811574 J * Pazzo ~ugelt@reserved-225136.rol.raiffeisen.net 1270812939 M * ghislain1 then i have no clue it works for me with noexec etc. at least 1270813408 M * djMedrzec neither do I 1270814133 N * Bertl_zZ Bertl 1270814137 M * Bertl morning folks! 1270814180 M * Bertl djMedrzec: you need to do that manually in one of the startup scripts 1270814241 M * Bertl secure-mount by default updates /etc/mtab, but with / ro, that will fail, so no go for / there, but e.g. /usr is no problem with /etc/vservers/*/fstab 1270814619 M * _Shiva_ hmm.. just a thought: what if the Host bind-mounts the dir as ro and let the guest (secure-mount I suppose) mount it in any way... that will not alter the ro-mode, does it? 1270814714 M * Pazzo Morning Bertl :) 1270815120 M * Bertl _Shiva_: same problem, secure-mount will try to write to the guest's /etc/mtab ... if that is ro, it will fail 1270815261 M * Bertl but as I said, no problem to do it manually on the guest startup helper scripts 1270817233 M * ensc|w djMedrzec: 'autoreconf -i -f' is your friend 1270817304 M * Bertl hey ensc|w! LTNS! 1270817475 Q * derjohn_mob Ping timeout: 480 seconds 1270817481 M * djMedrzec nah, I've found the cuplrit 1270817539 M * djMedrzec in /usr/lib/util-vserver/vserver.functions around lines 977/979 root directory is mounted twice with bind 1270817548 M * djMedrzec without ro/rw option 1270817560 M * djMedrzec which causes it to go rw regardless of previous state 1270817978 M * Bertl off for now ... bbl 1270817983 N * Bertl Bertl_oO 1270817986 J * petzsch ~markus@dslb-188-103-059-216.pools.arcor-ip.net 1270819505 Q * djMedrzec Ping timeout: 480 seconds 1270820373 J * balbir ~balbir@122.172.26.126 1270820486 N * BobR BobR_oO 1270820491 J * shedi ~siggi@89.150.145.215 1270820541 J * derjohn_mob aj@88.128.89.192 1270821149 Q * petzsch Quit: Leaving. 1270822182 Q * derjohn_mob Ping timeout: 480 seconds 1270822502 Q * balbir Ping timeout: 480 seconds 1270822801 J * djMedrzec ~filip@filip.math.uni.lodz.pl 1270822981 J * derjohn_mob aj@88.128.89.192 1270823445 Q * bosx Read error: Connection reset by peer 1270823456 J * bosx ~bosx@193.104.33.130 1270823595 J * balbir ~balbir@122.172.157.96 1270824704 Q * ncopa Quit: Ex-Chat 1270825065 Q * bosx Quit: Leaving 1270826915 J * dowdle ~dowdle@scott.coe.montana.edu 1270828363 Q * balbir Read error: Connection reset by peer 1270829128 J * balbir ~balbir@122.167.249.104 1270830107 N * Bertl_oO Bertl 1270830111 M * Bertl back now ... 1270830615 Q * theocrite Ping timeout: 480 seconds 1270831091 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg 1270832705 Q * derjohn_mob Ping timeout: 480 seconds 1270832931 Q * balbir Read error: Connection reset by peer 1270833358 J * petzsch ~markus@p4FF47982.dip.t-dialin.net 1270833421 Q * petzsch 1270833700 J * balbir ~balbir@122.172.14.72 1270834759 J * theocrite ~Hubert@kim.theocrite.org 1270835957 M * _Shiva_ is that vunify/vhashify thingie somewhere as standalone app? ;-) 1270836005 M * _Shiva_ i've thought about (space-)cleaning up my duplicate media.. ;-) 1270836083 M * _Shiva_ so i seek something that recurses through and replaces dupe files with hardlinks - then I thought about vunify.. 1270836146 Q * yarihm Quit: Leaving 1270836308 M * MooingLemur how do I pass additional params to iproute2 for vserver (IPv6) IPs being brought up at vserver start? 1270836331 M * MooingLemur or do I have to resort to pre-upping the IPs at the host level if I want that kind of control 1270836347 M * MooingLemur I want to pass "preferred_lft 0" to the ip addr add line 1270836479 M * Bertl _Shiva_: not that I'd know 1270836489 J * petzsch ~markus@p4FF47982.dip.t-dialin.net 1270836493 M * Bertl MooingLemur: please check with daniel_hozac 1270836598 M * _Shiva_ Bertl: ah - just found a patch to "fdupes" that does hardlinks rather than only delete 1270836603 M * _Shiva_ tnx anyway 1270836735 M * ruskie hmm any particular reason why vserver couldn't generate a fake console or something so that even plain init output would be seen?(if I'm reading the docs correctly it doesn't do so) 1270836792 M * Bertl where would that 'fake console' output to? 1270836816 M * ruskie maybe a text file and tail that? 1270836826 M * MooingLemur a text file is not a tty :) 1270836856 M * Bertl ruskie: just replace /dev/console by a pipe/text file then 1270836868 M * ruskie that should work? 1270836877 M * _Shiva_ ruskie: http://oldwiki.linux-vserver.org/ttyHowto ? 1270836916 M * _Shiva_ or wrap it with screen(1) 1270836926 M * ruskie erm wrap it? 1270836943 M * ruskie and yeah was thinking maybe tmux/dtach/screen could be an option as well 1270836987 M * ruskie I'd like to use vserver to play around with various init systems 1270836997 M * ruskie hence the questions ;) 1270837067 M * ruskie hmm a pipe and dtach might actually work 1270837206 N * tam_ tam 1270837879 Q * Pazzo Quit: ... 1270837971 Q * nkukard Ping timeout: 480 seconds 1270838110 J * ju ~ju@93.10.66.123 1270838290 Q * petzsch Quit: Leaving. 1270838406 M * ju hello 1270838454 M * ju I want to share a partition beetween two vservers. However, I want also use dlimit and cgroups. But, with the tag option (compulsory), if a file is created by the first vserver, the second can't view it. 1270838462 M * ju How share a partition, and monitor resources ? 1270838474 M * ju (i'm sorry for my english, i'm french) 1270838759 M * Bertl well, you can't really have both :) 1270838773 M * Bertl if you want to account resources, you need to tag the files 1270838792 M * Bertl if the files are tagged, they are off limit to other contexts 1270838847 M * Bertl so, IMHO the best option you have is to dedicate a partition of limited size (lvm?) to the 'sharing' 1270838854 J * nkukard ~nkukard@196.212.73.74 1270838865 M * Bertl and mount that without tagging/dlimit 1270838917 M * ju Bertl: yes thought about lvm, but it does not resolv the problem for cpu limits, for ex 1270838974 M * Bertl well, cpu limits are unaffected by a shared partition :) 1270839009 M * ju if a user execute a big program that is on the partition, the process is not tagged, no ? 1270839009 M * Bertl you might also hack the kernel to allow access to files belonging to a different guest (tag) 1270839039 M * Bertl tagging is file system specific, cpu limits are not 1270839050 M * ju ho... cool 1270839064 M * Bertl i.e. it doesn't matter where the executable comes from, the guest starting it will be accounted for (cpu/resources wise) 1270839148 M * ju i thought that the system identified process with the xid 1270839164 M * Bertl yes, and the xid is the process context 1270839189 M * Bertl similar to that, there is the nid (network context) and tag (filesystem id) 1270839191 M * ju but, if the partition is not tagged, the process has xid ? 1270839218 M * ju ok ok 1270839230 M * Bertl you can have a filesystem tag of 23 and an xid of 42 :) 1270839259 M * ju ho, I did not understand it 1270839284 M * ju tag option is only for files, ok 1270839291 M * ju thanx, it's super 1270839357 M * Bertl you're welcome! and yes! :) 1270839375 M * ju another question, why the context 0 is visible to all ? 1270839420 M * Bertl xid=0 and xid=1 are special, 0 is the host context and 1 is the spectator context 1270839488 M * ruskie spectator? 1270839583 M * ju but if a user comes to see the host (with a flaw, for example), it can see all files ... it not good for security, right? 1270839625 M * Bertl that is why it is suggested to keep the host clean 1270839636 M * Bertl i.e. no services except for management 1270839682 M * ju ok :) (I already did that) 1270839727 M * ju I agree with the question of Ruskie, what is the spectator context ? 1270839728 M * Bertl ruskie: it is called spectator context, because it can see all processes 1270839779 J * petzsch ~markus@p4FF47982.dip.t-dialin.net 1270839785 M * ju (thx ^^) and what is the difference between 0 and 1 then ? 1270839816 M * ruskie Bertl, hmm so 1 would be read only basically? 1270839903 J * imcsk8 ~ichavero@148.229.1.11 1270840002 M * Bertl no idea how you define a read only context :) 1270840032 M * Bertl ju: the host context cannot see guest processes 1270840052 M * mnemoc ctx1? 1270840076 M * ju then, when I execute vtop, i'm with the context 1 ? 1270840083 M * Bertl correct 1270840112 M * Bertl you can do the same with vcontext 1270840167 M * ju ok :) 1270840225 M * ju I have no more questions, thx a lot, again :o 1270840513 M * Bertl have fun! feel free to hang around! 1270840522 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1270841270 Q * petzsch Quit: Leaving. 1270841605 J * ntrs ~ntrs@77.28.31.196 1270846645 J * ViRUS ~mp@p579B5D17.dip.t-dialin.net 1270847581 J * ktwilight_ ~keliew@91.178.146.147 1270847805 Q * ktwilight Ping timeout: 480 seconds 1270848107 Q * hijacker_ Quit: Leaving 1270849308 Q * nkukard Ping timeout: 480 seconds 1270849352 J * sladen ~paul@starsky.19inch.net 1270849384 J * nkukard ~nkukard@196-210-242-112.dynamic.isadsl.co.za 1270849444 J * petzsch ~markus@p4FF47982.dip.t-dialin.net 1270849596 Q * ntrs Ping timeout: 480 seconds 1270849747 Q * bonbons Ping timeout: 480 seconds 1270850931 J * nkukard_ ~nkukard@196.212.73.74 1270851012 Q * petzsch Quit: Leaving. 1270851112 Q * nkukard Ping timeout: 480 seconds 1270851417 Q * nkukard_ Ping timeout: 480 seconds 1270851950 J * nkukard_ ~nkukard@196-210-242-112.dynamic.isadsl.co.za 1270853219 J * nkukard ~nkukard@196-210-242-112.dynamic.isadsl.co.za 1270857267 J * selim ~chatzilla@e181084179.adsl.alicedsl.de