1272413003 Q * dowdle Remote host closed the connection 1272413775 N * DoberMann[PullA] DoberMann[ZZZzzz] 1272420285 J * imcsk8 ~ichavero@evdomip-28-83.iusacell.net 1272422334 Q * imcsk8 Ping timeout: 480 seconds 1272423664 J * SauLus_ ~SauLus@d003097.adsl.hansenet.de 1272424073 Q * SauLus Ping timeout: 480 seconds 1272424073 N * SauLus_ SauLus 1272424399 J * misc-- ~misc@202-154-80-42.people.net.au 1272424427 M * misc-- hi all, how can I forcibly kill a guest? There is a "umount" process that will not die 1272424935 M * misc-- it looks like a tcp connection is hanging without any process associated to it so I can't kill the process (this is from the vserver itself) 1272425348 M * Bertl well, you can kill processes with vkill, unless they are stuck in the kernel 1272425356 M * Bertl (i.e. device I/O, unkillable) 1272425385 M * misc-- yeah it looks like it. If I run (from the vserver) netstat -napl|grep 192.168.1.11 then it returns for example: 1272425390 M * Bertl which is most likely the case if the mount is a network mount and the server is gone (and the mount was done without the proper flags to make it interruptible) 1272425390 M * misc-- tcp 0 0 192.168.1.203:44864 192.168.1.11:445 ESTABLISHED - 1272425413 M * misc-- which means there's no process attached to the socket. I've never seen that before, but I can't even kill it with tcpkill 1272425448 M * Bertl if it is nfs or cifs, then there is a kernel thread for the mount, which might not be visible inside the guest 1272425469 M * misc-- I have SYS_ADMIN bcapabilities and SECURE_MOUNT/BINARY_MOUNT ccap flags, the mounting was all done in the guest 1272425475 M * misc-- oh right 1272425502 M * misc-- there is no mount process though on the vserver, except 'automount'. It is cifs btw 1272425575 M * misc-- I also restarted the winows server service that the guest was connected, thinking it may have then stopped the connection on the vserver 1272425670 M * Bertl cifs usually spawns a kernel thread, so I'd use the spectator context and look for one there 1272425715 M * misc-- spectator context? OK... what is the spectator context? 1272425747 M * misc-- oh chcontext 1272425772 M * misc-- well I'll brb I need to get some lunch 1272425773 M * Bertl xid = 1 aka. the spectator context :) 1272425794 M * Bertl take your time ... I'm off to bed anyways ... 1272425807 M * misc-- oh damn =) ok no worries, thanks for your help 1272425815 N * Bertl Bertl_zZ 1272432126 J * sharkjaw ~gab@90.149.128.29 1272433349 J * ghislain ~AQUEOS@adsl2.aqueos.com 1272433917 Q * balbir Ping timeout: 480 seconds 1272434748 Q * derjohn_foo Ping timeout: 480 seconds 1272435242 J * raceme ~tof@ombos.raceme.org 1272435537 Q * ensc|w_ Remote host closed the connection 1272435833 J * knoppix_ ~knoppix@pool-71-179-188-143.bltmmd.fios.verizon.net 1272435853 Q * knoppix_ 1272435864 J * knoppix_ ~knoppix@pool-71-179-188-143.bltmmd.fios.verizon.net 1272435900 N * knoppix_ Guest1541 1272436090 J * ncopa ~ncopa@180.40.189.109.customer.cdi.no 1272436361 M * theocrite Hello. 1272436506 M * theocrite Just to be sure : the vlimits settings are supposed to be applied immediatly right? 1272436522 M * theocrite Cause I tried it and here is what it gives : http://pastebin.com/4tbUAv3z 1272436547 M * theocrite Wasn't is supposed to give N/A 7500 7500? 1272436701 M * ghislain how did you set the limits ? 1272436714 M * ghislain oh with vlimit 1272436719 M * ghislain yes they should be instant 1272437226 M * pmjdebruijn theocrite: drop the grep, so you can still see what each column means 1272437253 M * theocrite Then could it be a bug? 1272437264 M * theocrite pmjdebruijn: nope, this doesn't display anything. 1272437294 M * theocrite pmjdebruijn: http://pastebin.com/KjiQFQFa 1272437365 M * pmjdebruijn oh wait 1272437370 M * pmjdebruijn try cat /proc/virtual/24/limit 1272437388 M * pmjdebruijn theocrite: which kernel and util-vserver are you using? 1272437569 M * theocrite pmjdebruijn: http://pastebin.com/gLjkbAXZ 1272437613 M * theocrite I know it's an old kernel, we're planing to upgrade it, but unfortunately, we can't do this right now. 1272437747 M * pmjdebruijn theocrite: that's ancient with a vengeance 1272437759 M * pmjdebruijn theocrite: Debian's out-of-the-box kernel has always been crap to begin with 1272437776 M * pmjdebruijn theocrite: I can highly recommend the 2.6.27.x tree 1272437801 M * pmjdebruijn theocrite: your problem is probably just Debian kernel crappy ness 1272437812 M * pmjdebruijn nothing against Debian, we run it too, but with our own kernels 1272437954 Q * Guest1541 Quit: Leaving 1272438249 M * theocrite Yeah I know, I already had this feedback. And we're planing to change that. But we need some thime. 1272438253 M * theocrite So I guess I'm stuck. 1272438255 M * theocrite Thank you for your answer. 1272438395 M * pmjdebruijn :) 1272438410 M * pmjdebruijn sorry I couldn't do better :) 1272438569 M * ghislain anyone has experience running fstab.remote ? I try and get mount.nfs: rpc.statd is not running but is required for remote locking. 1272438586 M * ghislain of course statd is running on the host 1272439512 J * derjohn_foo ~aj@213.238.45.2 1272440660 N * Bertl_zZ Bertl 1272440664 M * Bertl morning! 1272440857 M * Bertl theocrite: I can highly recommend the 2.6.33.x tree :) 1272440889 M * theocrite Bertl: ok thank you very much for this advice. I'll update the whishlist. 1272440912 M * theocrite Bertl: what version of util-vserver would you recommand with that ? 1272440933 M * Bertl the latest prerelease available 1272440948 M * theocrite Ok thanks. 1272441214 M * Bertl you might try a recent util-vserve with that kernel 1272441229 M * Bertl it might actually work better than the old one (regarding vlimit) 1272441853 Q * derjohn_foo Ping timeout: 480 seconds 1272442006 J * thierryp ~thierry@zankai.inria.fr 1272442097 M * ghislain this is strange the vnamespace mount work but the fstab.remote do not 1272442127 M * ghislain humm 1272442138 M * ghislain not it does not work ! 1272442144 M * Bertl vnamespace does not enter the network context, but fstab.remote does (which is fstab.remote's purpose) 1272442149 M * ghislain ok, must investigate further.. 1272442155 M * ghislain oh 1272442180 M * ghislain so in fstab.remote portmap and rpc.statd should run in the guest? 1272442180 M * Bertl i.e. your server is not configured to allow mounts from the guest IP I presume 1272442196 M * ghislain not from the main one 1272442210 M * Bertl and yes, stuff is done from inside the guest network context 1272442237 M * ghislain which is where statd and portmaps wiould not run 1272442250 M * ghislain so i will put a post-start script to do the vmount 1272442260 M * ghislain i mean the vnamespace mount 1272442367 M * Bertl if you want it to happen on the host, just use fstab instead 1272442395 M * Bertl will still happen _inside_ the guests mount namespace 1272442408 M * ghislain ok i see 1272442473 J * derjohn_foo ~aj@213.238.45.2 1272443680 M * _are_ if I really want to shoot myself in the leg: which capability do I need to add to a VServer to enable it running a NFSv4 server? SYS_ADMIN? 1272444019 Q * thierryp Remote host closed the connection 1272444062 J * thierryp ~thierry@zankai.inria.fr 1272444141 M * Bertl _are_: no idea 1272444796 J * balbir ~balbir@122.248.163.1 1272447052 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com 1272447084 J * kir ~kir@swsoft-msk-nat.sw.ru 1272447873 Q * BenG Quit: I Leave 1272450344 J * kolorafa ~kolorafa@irc.kolorafa.dlk.pl 1272450748 Q * balbir Ping timeout: 480 seconds 1272451808 J * balbir ~balbir@122.248.163.1 1272454133 Q * zbyniu_ Ping timeout: 480 seconds 1272455543 Q * balbir Ping timeout: 480 seconds 1272456218 N * opuk_ opuk 1272456902 J * zbyniu ~zbyniu@ip-62.181.188.13.static.crowley.pl 1272458056 J * balbir ~balbir@122.248.163.1 1272458863 Q * ichavero__ resistance.oftc.net weber.oftc.net 1272458863 Q * blathijs resistance.oftc.net weber.oftc.net 1272458863 Q * infowolfe resistance.oftc.net weber.oftc.net 1272459032 J * petzsch ~markus@dslb-094-222-102-222.pools.arcor-ip.net 1272459206 J * blathijs ~matthijs@drsnuggles.stderr.nl 1272459350 J * ichavero__ ~ichavero@201.174.32.226 1272459350 J * infowolfe ~infowolfe@c-71-236-152-35.hsd1.or.comcast.net 1272459952 Q * balbir Ping timeout: 480 seconds 1272462071 J * Pazzo ~ugelt@reserved-225136.rol.raiffeisen.net 1272464661 J * emcepe ~mcp@wolk-project.de 1272465067 Q * mcp Ping timeout: 480 seconds 1272465141 J * mcp ~mcp@wolk-project.de 1272465326 J * speed47 ~speed@box2.speed47.net 1272465521 Q * emcepe Ping timeout: 480 seconds 1272466800 Q * sharkjaw Remote host closed the connection 1272467510 J * dowdle ~dowdle@scott.coe.montana.edu 1272468798 Q * thierryp Quit: ciao folks 1272468847 M * Bertl nap attack ... bbl 1272468862 N * Bertl Bertl_zZ 1272469413 P * kir Leaving. 1272469539 J * thierryp ~thierry@zankai.inria.fr 1272469737 Q * thierryp 1272471009 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1272471283 Q * fback Ping timeout: 480 seconds 1272472060 J * ghislain1 ~AQUEOS@adsl2.aqueos.com 1272472382 Q * ghislain Ping timeout: 480 seconds 1272472525 J * fback fback@red.fback.net 1272473386 Q * derjohn_foo Ping timeout: 480 seconds 1272474000 N * DoberMann[ZZZzzz] DoberMann[PullA] 1272474244 Q * eyck Quit: leaving 1272474262 J * eyck ~eyck@77.79.198.60 1272474267 Q * eyck Read error: Connection reset by peer 1272474298 Q * Pazzo Quit: Bye! 1272474554 J * eyck ~eyck@77.79.198.66 1272478453 Q * petzsch Quit: Leaving. 1272478545 J * petzsch ~markus@dslb-094-222-102-222.pools.arcor-ip.net 1272479512 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com 1272480937 J * ktwilight_ ~keliew@224.178-247-81.adsl-dyn.isp.belgacom.be 1272481186 J * balbir ~balbir@122.172.9.164 1272481198 Q * ktwilight Ping timeout: 480 seconds 1272482527 Q * BenG Remote host closed the connection 1272483808 Q * balbir Ping timeout: 480 seconds 1272484933 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg 1272485145 N * Bertl_zZ Bertl 1272485149 M * Bertl back now ... 1272485688 J * imcsk8 ~ichavero@201.174.32.226 1272485740 Q * hijacker_ Quit: Leaving 1272486234 J * ichavero_ ~ichavero@148.229.9.200 1272486668 Q * imcsk8 Ping timeout: 480 seconds 1272486924 M * Django Bertl: i've used the cgroup memory limiting feature as you suggested but it still seems to show RSS+Cache+Buffers of the host and doesn't show the memory.limit_in_bytes in the guest when using the VIRT_MEM 1272487006 M * Bertl what kernel/patch/util-vserver version? 1272487008 M * Django also /dev/cgroup shows the limit as being set, is that confirmation that I have set things up correctly or is there another way top confirm I have cgroups support in my kernel 1272487031 M * Bertl /proc/config.* should have the details 1272487041 M * Django 2.6.32.9 / vs2.3.0.36.29.1 1272487146 M * Django cat /proc/cgroups 1272487146 M * Django #subsys_name hierarchy num_cgroups enabled 1272487146 M * Django cpuset 0 1 1 1272487146 M * Django ns 0 1 1 1272487147 M * Django cpu 0 1 1 1272487147 M * Django cpuacct 0 1 1 1272487149 M * Django devices 0 1 1 1272487149 M * Django freezer 0 1 1 1272487151 M * Django net_cls 0 1 1 1272487163 M * Django # /proc/config.* don't exist although /proc/cgroups does: 1272487173 M * Django see above* 1272487203 M * Django no memtion of memory in it, little concerning 1272487238 M * Bertl (please use paste.linux-vserver.org for everything longer than 3 lines) 1272487258 M * Django sorry 1272487292 Q * petzsch Quit: Leaving. 1272487351 M * Bertl your kernel should have the proper mechanisms isntalled 1272487369 M * Bertl make sure that the cgroup mem controller is configured in the kernel 1272487402 M * Bertl and if not (i.e. you have to recompile) go with a newer patch as your version is missing two cgroup fixes 1272487479 M * Django ok thanks, i followed this to the letter: http://linux-vserver.org/util-vserver:Cgroups#Ben.27s_install_on_Debian_Lenny in relation to setting up the kernel for cgroup mem control 1272487542 M * Django trying to avoid a custom compile but if there's no way round that i'll oblige 1272487582 M * Bertl read and check the part about cgroups and memory limits 1272487707 M * Bertl also your util-vserver might be too old to set up the cgroup memory limits for you 1272487714 M * Django is there a changelog for the experiemental patches? I couldn't find one 1272487742 M * Bertl nope 1272487788 M * Django i used the provided util-vserver patch on the wiki and set the kernel config flags for cgroup mem limits 1272487793 M * Django understandable 1272487860 M * Bertl what does /proc/self/mounts show for the cgroup mount? 1272487923 M * Django http://paste.linux-vserver.org/14965 1272487980 M * Bertl hmm, don't see a cgroup mount there ... 1272488302 M * Django hmm indeed, I added the fstab entry "vserver /dev/cgroup cgroup cpuset,cpu,cpuacct,devices,freezer,net_cls,memory 0 0" and dmesg shows all cgroup subsys as intialised apart from memory :/ 1272488539 J * derjohn_foo ~aj@d062182.adsl.hansenet.de 1272488706 Q * bonbons Quit: Leaving 1272490678 Q * ghislain1 Quit: Leaving. 1272491900 N * DoberMann[PullA] DoberMann[ZZZzzz] 1272492224 Q * Django Quit: HydraIRC -> http://www.hydrairc.com <- *I* use it, so it must be good! 1272492705 J * opuk_ ~kupo@pipe.intertubez.net 1272492817 Q * opuk Ping timeout: 480 seconds 1272494425 J * imcsk8 ~ichavero@148.229.9.200 1272494802 Q * ichavero__ Ping timeout: 480 seconds 1272496943 J * ichavero__ ~ichavero@201.174.32.226 1272497372 Q * ichavero_ Ping timeout: 480 seconds 1272497382 Q * imcsk8 Ping timeout: 480 seconds 1272497400 J * imcsk8 ~ichavero@201.174.32.226 1272497544 J * ichavero_ ~ichavero@148.229.9.200 1272497653 J * Django ~Django@cpc4-seac20-2-0-cust615.7-2.cable.virginmedia.com 1272497697 M * Django Bertl: took the plunge and custom compiled with latest patch all works fine, ty for your help 1272497872 M * Bertl you're welcome! 1272497972 Q * ichavero__ Ping timeout: 480 seconds 1272497982 Q * imcsk8 Ping timeout: 480 seconds 1272498001 J * ichavero__ ~ichavero@148.229.9.200 1272498041 Q * dowdle Remote host closed the connection 1272498231 Q * ichavero_ Read error: Operation timed out