1270772136 Q * dowdle Remote host closed the connection
1270772210 Q * dna Quit: Verlassend
1270772785 Q * yarihm Quit: Leaving
1270774793 Q * fzylogic Quit: fzylogic
1270780537 Q * imcsk8 Quit: Leaving
1270782046 J * SauLus_ ~SauLus@c192225.adsl.hansenet.de
1270782457 Q * SauLus Ping timeout: 480 seconds
1270782457 N * SauLus_ SauLus
1270783764 Q * balbir Ping timeout: 480 seconds
1270784530 J * balbir ~balbir@122.172.37.3
1270787983 M * Bertl off to bed now ... have a good one everyone!
1270787997 N * Bertl Bertl_zZ
1270788278 Q * selim_ Quit: ChatZilla 0.9.86 [SeaMonkey 2.0.3/20100205174005]
1270788910 Q * nenolod Read error: No route to host
1270789803 J * nenolod ~nenolod@petrie.dereferenced.org
1270791361 J * petzsch ~markus@dslb-188-103-059-216.pools.arcor-ip.net
1270792345 Q * sladen Ping timeout: 480 seconds
1270792922 Q * derjohn_mob Remote host closed the connection
1270793124 J * ncopa ~ncopa@180.40.189.109.customer.cdi.no
1270793515 J * derjohn_mob ~aj@c152026.adsl.hansenet.de
1270794038 Q * derjohn_mob Ping timeout: 480 seconds
1270794262 Q * petzsch Quit: Leaving.
1270795559 J * ghislain ~AQUEOS@adsl2.aqueos.com
1270795583 Q * nkukard_ Ping timeout: 480 seconds
1270797219 J * derjohn_mob ~aj@213.238.45.2
1270798521 M * djMedrzec um, will a fstab entry for / (root fs) be mounted? because it doesn't seem to be doable: /etc/vservers/devel/fstab:1:1: failed to mount fstab-entry
1270798548 Q * balbir Read error: Connection reset by peer
1270799569 J * balbir ~balbir@122.166.162.125
1270800147 M * sid3windr no
1270800227 M * djMedrzec I am having trouble binding a directory from a rw filesystem as ro (so that vserver's / will be ro)...
1270800315 M * djMedrzec I've tried with the vserver's fstab, with mounting rootfs before vserver enter (directory is ro for host and rw for vserver) and with mount $PWD -o remount,ro in pre-start (device or resource busy)
1270800326 M * djMedrzec and I'm running out of ideas ;p
1270800359 J * bosx ~bosx@193.104.33.130
1270800446 M * ghislain what util-vserver version do you use ? if you do the bind in the fstab it should work if i remember right
1270800506 M * djMedrzec ghislain:   Installed: 0.30.216~r2842-2ubuntu2
1270800564 M * djMedrzec ghislain: funny thing is that it DOES mount the directory, says it didn't (failed to mount fstab-entry) but the machine starts. yet / is writable for the machine (despite bind,ro options)
1270800589 M * djMedrzec this is crazy
1270800808 M * djMedrzec ghislain: check this out: http://paste.linux-vserver.org/14869
1270801057 M * ghislain of course the fstab is in unix format not dos ? (test with vim just to be sure)
1270801164 M * ghislain the strange thing is that util vserver 2842 does nt appear to exist in daniel repository
1270801175 M * djMedrzec ghislain: root@tefnet:~# file /etc/vservers/devel/fstab
1270801175 M * djMedrzec /etc/vservers/devel/fstab: ASCII text
1270801191 M * ghislain  util-vserver-0.30.216-pre2841.tar.bz2 26-Jun-2009 02:32  711K  Patches
1270801192 M * ghislain  util-vserver-0.30.216-pre2848.tar.bz2 14-Sep-2009 18:09  711K  Patches
1270801194 M * djMedrzec ghislain: my version comes straight from ubuntu repos
1270801528 M * ghislain they do not have more recent versions ?
1270801536 M * djMedrzec nope
1270801545 M * djMedrzec : util-vserver is already the newest version.
1270801547 M * ghislain do you think you could try to compile from source once to test
1270801554 M * djMedrzec sure
1270801569 M * djMedrzec gimme a minute
1270801575 M * ghislain vserver-info should give you all that is needed to configure
1270801596 M * ghislain compile is very quick on recent hardware
1270801627 M * ghislain i do not use them for RO but i use them with noexec, nosuid nodev and it works fine
1270801636 M * ghislain but i use 2882
1270803278 J * yarihm ~yarihm@80-219-171-61.dclient.hispeed.ch
1270803429 M * _Shiva_ . o 0 ( funny, that Ubuntu has a util-vserver package in their repos, but do not provide a linux-image-vserver flavor anymore.. ;-) )
1270804023 M * ghislain yep
1270804100 M * ghislain dj: it works for me -rwSr-Sr-- 1 root root 0 Apr  9 10:32 /var/tmp/test
1270804106 M * ghislain (root)> /var/tmp/test
1270804107 M * ghislain /var/tmp/test: Permission denied.
1270804113 M * ghislain the nosuid optiohn is working
1270804128 M * ghislain noexec also obviously
1270804187 M * ghislain i use  (rbind,rw,noexec,nosuid,nodev,noatime)
1270804480 M * djMedrzec hm, what are the proper versions of autoconf and automake for svn trunk?
1270804540 M * djMedrzec I get stuff like: ./configure: line 2260: syntax error near unexpected token `1.9'
1270804543 M * djMedrzec ./configure: line 2260: `AM_INIT_AUTOMAKE(1.9 gnits dist-bzip2 subdir-objects)'
1270804634 M * djMedrzec with autoconf (GNU Autoconf) 2.64 and automake (GNU automake) 1.9.6
1270804988 M * djMedrzec nvm, aclocal has helped :)
1270806157 M * djMedrzec oh my... ./configure: line 3922: ENSC_CXXCOMPILER: command not found
1270806164 J * ghislain1 ~AQUEOS@adsl2.aqueos.com
1270806273 Q * balbir Ping timeout: 480 seconds
1270806331 M * djMedrzec ghislain: how did you create the ./configure script?
1270806449 Q * ghislain Ping timeout: 480 seconds
1270806957 J * manana ~mayday090@84.17.25.149
1270806999 Q * manana Remote host closed the connection
1270807074 J * manana ~mayday090@84.17.25.149
1270807149 M * ghislain1 what do you mean it allready exist, ./configure --help will give you the options
1270807415 Q * manana Remote host closed the connection
1270807820 M * djMedrzec ghislain1: yeah, I pulled from svn. now I have it built (from the tarball)
1270807837 M * djMedrzec ghislain1: still, bind,ro is ignored
1270807843 M * djMedrzec I can write to it
1270808549 Q * yarihm Quit: Leaving
1270811428 J * manana ~mayday090@84.17.25.149
1270811513 J * yarihm ~yarihm@80-219-150-83.dclient.hispeed.ch
1270811574 J * Pazzo ~ugelt@reserved-225136.rol.raiffeisen.net
1270812939 M * ghislain1 then i have no clue it works for me with noexec etc. at least
1270813408 M * djMedrzec neither do I
1270814133 N * Bertl_zZ Bertl
1270814137 M * Bertl morning folks!
1270814180 M * Bertl djMedrzec: you need to do that manually in one of the startup scripts
1270814241 M * Bertl secure-mount by default updates /etc/mtab, but with / ro, that will fail, so no go for / there, but e.g. /usr is no problem with /etc/vservers/*/fstab
1270814619 M * _Shiva_ hmm.. just a thought: what if the Host bind-mounts the dir as ro and let the guest (secure-mount I suppose) mount it in any way... that will not alter the ro-mode, does it?
1270814714 M * Pazzo Morning Bertl :)
1270815120 M * Bertl _Shiva_: same problem, secure-mount will try to write to the guest's /etc/mtab ... if that is ro, it will fail
1270815261 M * Bertl but as I said, no problem to do it manually on the guest startup helper scripts
1270817233 M * ensc|w djMedrzec: 'autoreconf -i -f' is your friend
1270817304 M * Bertl hey ensc|w! LTNS!
1270817475 Q * derjohn_mob Ping timeout: 480 seconds
1270817481 M * djMedrzec nah, I've found the cuplrit
1270817539 M * djMedrzec in /usr/lib/util-vserver/vserver.functions around lines 977/979 root directory is mounted twice with bind
1270817548 M * djMedrzec without ro/rw option
1270817560 M * djMedrzec which causes it to go rw regardless of previous state
1270817978 M * Bertl off for now ... bbl
1270817983 N * Bertl Bertl_oO
1270817986 J * petzsch ~markus@dslb-188-103-059-216.pools.arcor-ip.net
1270819505 Q * djMedrzec Ping timeout: 480 seconds
1270820373 J * balbir ~balbir@122.172.26.126
1270820486 N * BobR BobR_oO
1270820491 J * shedi ~siggi@89.150.145.215
1270820541 J * derjohn_mob aj@88.128.89.192
1270821149 Q * petzsch Quit: Leaving.
1270822182 Q * derjohn_mob Ping timeout: 480 seconds
1270822502 Q * balbir Ping timeout: 480 seconds
1270822801 J * djMedrzec ~filip@filip.math.uni.lodz.pl
1270822981 J * derjohn_mob aj@88.128.89.192
1270823445 Q * bosx Read error: Connection reset by peer
1270823456 J * bosx ~bosx@193.104.33.130
1270823595 J * balbir ~balbir@122.172.157.96
1270824704 Q * ncopa Quit: Ex-Chat
1270825065 Q * bosx Quit: Leaving
1270826915 J * dowdle ~dowdle@scott.coe.montana.edu
1270828363 Q * balbir Read error: Connection reset by peer
1270829128 J * balbir ~balbir@122.167.249.104
1270830107 N * Bertl_oO Bertl
1270830111 M * Bertl back now ...
1270830615 Q * theocrite Ping timeout: 480 seconds
1270831091 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg
1270832705 Q * derjohn_mob Ping timeout: 480 seconds
1270832931 Q * balbir Read error: Connection reset by peer
1270833358 J * petzsch ~markus@p4FF47982.dip.t-dialin.net
1270833421 Q * petzsch 
1270833700 J * balbir ~balbir@122.172.14.72
1270834759 J * theocrite ~Hubert@kim.theocrite.org
1270835957 M * _Shiva_ is that vunify/vhashify thingie somewhere as standalone app? ;-)
1270836005 M * _Shiva_ i've thought about (space-)cleaning up my duplicate media.. ;-)
1270836083 M * _Shiva_ so i seek something that recurses through and replaces dupe files with hardlinks - then I thought about vunify..
1270836146 Q * yarihm Quit: Leaving
1270836308 M * MooingLemur how do I pass additional params to iproute2 for vserver (IPv6) IPs being brought up at vserver start?
1270836331 M * MooingLemur or do I have to resort to pre-upping the IPs at the host level if I want that kind of control
1270836347 M * MooingLemur I want to pass "preferred_lft 0" to the ip addr add line
1270836479 M * Bertl _Shiva_: not that I'd know
1270836489 J * petzsch ~markus@p4FF47982.dip.t-dialin.net
1270836493 M * Bertl MooingLemur: please check with daniel_hozac 
1270836598 M * _Shiva_ Bertl: ah - just found a patch to "fdupes" that does hardlinks rather than only delete
1270836603 M * _Shiva_ tnx anyway
1270836735 M * ruskie hmm any particular reason why vserver couldn't generate a fake console or something so that even plain init output would be seen?(if I'm reading the docs correctly it doesn't do so)
1270836792 M * Bertl where would that 'fake console' output to?
1270836816 M * ruskie maybe a text file and tail that?
1270836826 M * MooingLemur a text file is not a tty :)
1270836856 M * Bertl ruskie: just replace /dev/console by a pipe/text file then
1270836868 M * ruskie that should work?
1270836877 M * _Shiva_ ruskie: http://oldwiki.linux-vserver.org/ttyHowto ?
1270836916 M * _Shiva_ or wrap it with screen(1)
1270836926 M * ruskie erm wrap it?
1270836943 M * ruskie and yeah was thinking maybe tmux/dtach/screen could be an option as well
1270836987 M * ruskie I'd like to use vserver to play around with various init systems
1270836997 M * ruskie hence the questions ;)
1270837067 M * ruskie hmm a pipe and dtach might actually work
1270837206 N * tam_ tam
1270837879 Q * Pazzo Quit: ...
1270837971 Q * nkukard Ping timeout: 480 seconds
1270838110 J * ju ~ju@93.10.66.123
1270838290 Q * petzsch Quit: Leaving.
1270838406 M * ju hello
1270838454 M * ju I want to share a partition beetween two vservers. However, I want also use dlimit and cgroups. But, with the tag option (compulsory), if a file is created by the first vserver, the second can't view it.
1270838462 M * ju How share a partition, and monitor resources ?
1270838474 M * ju (i'm sorry for my english, i'm french)
1270838759 M * Bertl well, you can't really have both :)
1270838773 M * Bertl if you want to account resources, you need to tag the files
1270838792 M * Bertl if the files are tagged, they are off limit to other contexts
1270838847 M * Bertl so, IMHO the best option you have is to dedicate a partition of limited size (lvm?) to the 'sharing'
1270838854 J * nkukard ~nkukard@196.212.73.74
1270838865 M * Bertl and mount that without tagging/dlimit
1270838917 M * ju Bertl: yes thought about lvm, but it does not resolv the problem for cpu limits, for ex
1270838974 M * Bertl well, cpu limits are unaffected by a shared partition :)
1270839009 M * ju if a user execute a big program that is on the partition, the process is not tagged, no ?
1270839009 M * Bertl you might also hack the kernel to allow access to files belonging to a different guest (tag)
1270839039 M * Bertl tagging is file system specific, cpu limits are not
1270839050 M * ju ho... cool
1270839064 M * Bertl i.e. it doesn't matter where the executable comes from, the guest starting it will be accounted for (cpu/resources wise)
1270839148 M * ju i thought that the system identified process with the xid
1270839164 M * Bertl yes, and the xid is the process context
1270839189 M * Bertl similar to that, there is the nid (network context) and tag (filesystem id)
1270839191 M * ju but, if the partition is not tagged, the process has xid ?
1270839218 M * ju ok ok
1270839230 M * Bertl you can have a filesystem tag of 23 and an xid of 42 :)
1270839259 M * ju ho, I did not understand it
1270839284 M * ju tag option is only for files, ok
1270839291 M * ju thanx, it's super
1270839357 M * Bertl you're welcome! and yes! :)
1270839375 M * ju another question, why the context 0 is visible to all ?
1270839420 M * Bertl xid=0 and xid=1 are special, 0 is the host context and 1 is the spectator context
1270839488 M * ruskie spectator?
1270839583 M * ju but if a user comes to see the host (with a flaw, for example), it can see all files ... it not good for security, right?
1270839625 M * Bertl that is why it is suggested to keep the host clean
1270839636 M * Bertl i.e. no services except for management
1270839682 M * ju ok :) (I already did that)
1270839727 M * ju I agree with the question of Ruskie, what is the spectator context ?
1270839728 M * Bertl ruskie: it is called spectator context, because it can see all processes
1270839779 J * petzsch ~markus@p4FF47982.dip.t-dialin.net
1270839785 M * ju (thx ^^) and what is the difference between 0 and 1 then ?
1270839816 M * ruskie Bertl, hmm so 1 would be read only basically?
1270839903 J * imcsk8 ~ichavero@148.229.1.11
1270840002 M * Bertl no idea how you define a read only context :)
1270840032 M * Bertl ju: the host context cannot see guest processes 
1270840052 M * mnemoc ctx1?
1270840076 M * ju then, when I execute vtop, i'm with the context 1 ?
1270840083 M * Bertl correct
1270840112 M * Bertl you can do the same with vcontext
1270840167 M * ju ok :)
1270840225 M * ju I have no more questions, thx a lot, again :o
1270840513 M * Bertl have fun! feel free to hang around!
1270840522 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1270841270 Q * petzsch Quit: Leaving.
1270841605 J * ntrs ~ntrs@77.28.31.196
1270846645 J * ViRUS ~mp@p579B5D17.dip.t-dialin.net
1270847581 J * ktwilight_ ~keliew@91.178.146.147
1270847805 Q * ktwilight Ping timeout: 480 seconds
1270848107 Q * hijacker_ Quit: Leaving
1270849308 Q * nkukard Ping timeout: 480 seconds
1270849352 J * sladen ~paul@starsky.19inch.net
1270849384 J * nkukard ~nkukard@196-210-242-112.dynamic.isadsl.co.za
1270849444 J * petzsch ~markus@p4FF47982.dip.t-dialin.net
1270849596 Q * ntrs Ping timeout: 480 seconds
1270849747 Q * bonbons Ping timeout: 480 seconds
1270850931 J * nkukard_ ~nkukard@196.212.73.74
1270851012 Q * petzsch Quit: Leaving.
1270851112 Q * nkukard Ping timeout: 480 seconds
1270851417 Q * nkukard_ Ping timeout: 480 seconds
1270851950 J * nkukard_ ~nkukard@196-210-242-112.dynamic.isadsl.co.za
1270853219 J * nkukard ~nkukard@196-210-242-112.dynamic.isadsl.co.za
1270857267 J * selim ~chatzilla@e181084179.adsl.alicedsl.de