1279498545 J * imcsk8 ~ichavero@201.116.140.243 1279499721 N * Bertl_oO Bertl 1279499771 M * Bertl urbee, geb: well, that depends on whether you use network namespaces or not, but in general (i.e. the default is ip isolation) 1279503747 M * Bertl off to bed now ... have a good one everyone! 1279503751 N * Bertl Bertl_zZ 1279504838 J * aj__ ~aj@e180213240.adsl.alicedsl.de 1279505271 Q * derjohn_foo Ping timeout: 480 seconds 1279506446 Q * imcsk8 Quit: This computer has gone to sleep 1279507070 Q * aj__ Ping timeout: 480 seconds 1279507593 J * aj__ aj@88.128.77.60 1279508126 Q * infowolfe Ping timeout: 480 seconds 1279508300 Q * aj__ Ping timeout: 480 seconds 1279508461 J * SauLus_ ~SauLus@d074214.adsl.hansenet.de 1279508870 Q * SauLus Ping timeout: 480 seconds 1279508870 N * SauLus_ SauLus 1279511443 J * infowolfe ~infowolfe@c-67-166-127-67.hsd1.ut.comcast.net 1279514535 J * aj__ aj@tmo-068-242.customers.d1-online.com 1279516312 J * petzsch ~markus@p4FF46809.dip.t-dialin.net 1279516946 Q * petzsch Quit: Leaving. 1279519430 J * ncopa ~ncopa@180.40.189.109.customer.cdi.no 1279519563 N * DoberMann[ZZZzzz] DoberMann[PullA] 1279523279 J * ntrs ~ntrs@77.28.167.46 1279525091 J * barismetin ~barismeti@zanzibar.inria.fr 1279525746 Q * aj__ Ping timeout: 480 seconds 1279525780 M * urbee Bertl_zZ, geb: i know that 1279525789 M * urbee but there must be a way to add ips to cpanel thats why i'm asking :p 1279526710 J * ghislain ~AQUEOS@adsl2.aqueos.com 1279527421 J * ntrs_ ~ntrs@77.28.171.109 1279527443 J * thierryp ~thierry@lns-bzn-47f-62-147-212-202.adsl.proxad.net 1279527842 Q * ntrs Ping timeout: 480 seconds 1279529284 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1279531096 J * _nono_ ~gomes@libation.ircam.fr 1279533790 J * aj__ ~aj@213.238.45.2 1279535253 J * imcsk8 ~ichavero@evdomip-15-233.iusacell.net 1279535347 Q * geb Ping timeout: 480 seconds 1279536345 Q * infowolfe Ping timeout: 480 seconds 1279536957 Q * thierryp Remote host closed the connection 1279537630 N * Bertl_zZ Bertl 1279537635 M * Bertl morning folks! 1279538285 M * urbee hi bertl 1279538302 M * urbee about that cpanel and "UnRouting 91.185.201.69 SIOCDELRT: Operation not permitted" error 1279538311 M * Bertl yep? 1279538314 M * urbee is there some way around? i see cpanel is supporting vserver-linux 1279538322 M * urbee and i've seen providers with cpanel on it 1279538328 M * urbee so there must be a way to add those ips 1279538342 M * Bertl well, as far as I understand, you are running it _inside_ a guest, yes? 1279538368 M * urbee yep 1279538420 M * Bertl so, if the guest is properly configured, but doesn't use network naemspaces (a quite recent feature) then there is no way for a guest process to add/remove IPs or routes without help from the host 1279538429 M * Bertl (that is part of the security/isolation) 1279538460 M * urbee yeah but the ips are added outside the guest 1279538463 M * urbee they ping and all 1279538470 M * urbee i dont know how cpanel adds them into the system 1279538491 M * Bertl when they have been added from outside, then there is no need/sense to do anything from inside the guest 1279538508 M * urbee i know 1279538519 M * Bertl i.e. they 'just' appear is new IPs on existing/new interfaces 1279538527 M * urbee they dont 1279538541 M * urbee thats th eproblem 1279538542 M * Bertl are you sure that you added them then? 1279538552 M * urbee yep 1279538556 M * Bertl i.e. how did you add them outside the guest? 1279538564 M * urbee interfaces/2 1279538565 M * urbee and 1 1279538568 M * urbee same as main ip 1279538574 M * urbee dev, prefix and ip 1279538574 M * Bertl and you restarted the guest? 1279538576 M * urbee yes 1279538585 M * urbee they ips are fine outside the guest 1279538590 M * urbee i had no problems with this on directadmin 1279538592 M * urbee but cpanel is strange 1279538593 M * Bertl and what does 'ip a l' show inside the guest? 1279538605 M * urbee 2: eth0: mtu 1500 qdisc mq qlen 100 1279538605 M * urbee link/ether 00:25:b3:ac:de:62 brd ff:ff:ff:ff:ff:ff 1279538605 M * urbee inet 91.185.201.67/27 brd 91.185.201.95 scope global secondary eth0 1279538605 M * urbee inet 91.185.201.68/27 brd 91.185.201.95 scope global secondary eth0 1279538605 M * urbee inet 91.185.201.69/27 brd 91.185.201.95 scope global secondary eth0 1279538622 M * urbee and loopback 1279538623 M * Bertl looks like 3 IPs to me, no? 1279538626 M * urbee yes 1279538661 M * Bertl so what are you trying to tell me? 1279538672 M * urbee http://nopaste.voric.com/paste.php?f=te1f7d 1279538675 M * urbee this is the full error 1279538682 M * urbee this ipaliases script should add them to cpanel 1279538686 M * urbee i cant see them inside 1279538691 J * infowolfe ~infowolfe@c-67-166-127-67.hsd1.ut.comcast.net 1279538697 M * urbee and if i try to "add" it it says its already added 1279538726 M * Bertl well, the 'errors' you pasted are expected when something inside the guest tries to mess with the IPs 1279538733 M * urbee that i understand 1279538737 M * Bertl (or the routes, FWIW :) 1279538760 M * Bertl and that they indeed show up inside the guest is what you proved with the 'ip a l' 1279538794 M * Bertl IIRC, cpanel is a commercial product, right? 1279538796 M * urbee yeah 1279538801 M * urbee maybe i should ask them huh 1279538806 M * Bertl so why not ask their support 1279538811 M * urbee i shall :) 1279538827 M * Bertl if they 'claim' that it works with Linux-VServer, they sure should know how :) 1279538874 M * Bertl you can also try to use aliases instead of 'normal' secondaries, maybe cpanel is just too old to handle them properly 1279539071 M * urbee aliases as? 1279539075 M * urbee eth0:1 1279539076 M * urbee and such ? 1279539220 M * Bertl yep, 'just 1279539230 M * Bertl ' add a 'name' entry to the config 1279540749 Q * SauLus Ping timeout: 480 seconds 1279541221 J * SauLus ~SauLus@d126246.adsl.hansenet.de 1279542030 N * Bertl Bertl_oO 1279542341 J * jrdnyquist ~jrdnyquis@slayer.caro.net 1279542637 Q * ntrs_ Ping timeout: 480 seconds 1279542880 Q * Piet Remote host closed the connection 1279543575 J * Piet ~Piet__@7GDAADWTV.tor-irc.dnsbl.oftc.net 1279544485 Q * PowerKe Ping timeout: 480 seconds 1279546180 Q * nou Ping timeout: 480 seconds 1279546617 J * nou Chaton@2001:6f8:328:bbc:6666:6667:: 1279546790 Q * nou Remote host closed the connection 1279546855 J * PowerKe ~tom@d5153A6A9.access.telenet.be 1279547329 J * petzsch ~markus@dslb-092-078-225-130.pools.arcor-ip.net 1279548636 J * Pazzo ~ugelt@p57AF3DD6.dip.t-dialin.net 1279548783 J * geb ~geb@mars.gebura.eu.org 1279550430 M * blathijs Hey folks 1279550438 M * isodude Hey 1279550448 M * blathijs I'm having a bit of trouble letting util-vserver create a tun device for me 1279550463 M * blathijs It is created just fine, but it can no longer be deleted afterwards 1279550478 M * blathijs Is this a common problem in older util-vservers perhaps? 1279550502 J * dowdle ~dowdle@scott.coe.montana.edu 1279550537 M * blathijs (I'm getting: tunctl: ioctl(TUNSETIFF): Operation not permitted) 1279550553 M * blathijs Looking at the kernel sources, I can't really see what causes this error, though 1279550665 M * blathijs Hmm, updating to 0.30.216-pre2864-2+b1 (Debian squeeze version) doesn't improve things 1279550750 J * jfst ~jfs@ip-80-236-230-30.dsl.scarlet.be 1279550783 Q * jfst 1279550840 M * blathijs It seems the difference is in the --nid argument: If I manually run /usr/lib/util-vserver/tunctl --tun --~persist tun-test I can delete it again with /usr/lib/util-vserver/tunctl --tun --~persist tun-test 1279550857 M * blathijs but when I add --nid 40017 when creating it, I can't delete it anymore 1279551561 M * geb hi 1279551569 M * geb harry, you are here ? 1279551578 M * geb i am configuring a 2.6.32 using your patch 1279551597 M * geb i saw that some grsec option that were in 2.6.31 are missing 1279551601 M * geb is that normal ? 1279551617 M * geb for example in the chroot_jail_restriction 1279551621 M * blathijs Hmm, it seems adding a "shared" file suppresses the --nid (or rather, --nid-failure-ok) option and makes things work (at least, prevents the error) 1279551746 J * BenG ~bengreen@cpc6-aztw22-2-0-cust100.aztw.cable.virginmedia.com 1279552108 Q * BenG Quit: I Leave 1279552261 J * BenG ~bengreen@cpc6-aztw22-2-0-cust100.aztw.cable.virginmedia.com 1279552393 M * daniel_hozac blathijs: can you delete it with ncontext --nid tunctl...? 1279552402 M * daniel_hozac what kernel? 1279552461 Q * BenG 1279552729 J * BenG ~bengreen@cpc6-aztw22-2-0-cust100.aztw.cable.virginmedia.com 1279552827 M * blathijs daniel_hozac: That says "Neither '--create' nor '--migrate' specified; try '--help' for more information" 1279552836 M * blathijs This is 2.6.26 1279552873 M * blathijs With 2.3.0.35 1279552880 M * blathijs (Debian standard kernel, not self-compiled) 1279552885 M * daniel_hozac i would hope not. 1279552889 M * daniel_hozac that's about the worst kernel you can run. 1279552958 M * blathijs It's too bad Debian ships it, then... 1279553009 J * ntrs ~ntrs@77.28.10.34 1279553023 M * daniel_hozac yes, but that should give you some insight into how well maintained the Debian kernel is... 1279553145 M * blathijs daniel_hozac: Do you think that updating to a newer kernel would actually help with this issue? 1279553170 M * blathijs If so, is there any combination of kernel and vserver version that you would recommend for a production system? 1279553221 M * daniel_hozac i believe Bertl recommends 2.6.33. 1279553253 M * daniel_hozac for util-vserver, the latest is best. 1279553284 M * blathijs So that means using experimental vserver patches? 1279553336 M * daniel_hozac you're already using an expiremental, known broken version. 1279553345 M * daniel_hozac so it can't really get any worse... 1279553380 M * blathijs fair point :-) 1279553430 Q * ntrs Read error: Operation timed out 1279553938 Q * BenG Quit: I Leave 1279554274 M * blathijs daniel_hozac: It is working now, the "shared" parameter was enough to stop tunctl from complaining 1279554286 M * blathijs daniel_hozac: I'll consider a kernel upgrade, but not right now 1279554353 N * Bertl_oO Bertl 1279554359 M * Bertl back now ... 1279554615 M * isodude Wb! 1279554674 A * isodude is trying out apache2 and fcgid on a quad core. load average: 462.53, 248.23, 115.6, and 2000 processes. 1279554686 M * isodude Think I need to tweak fcgid some. 1279554996 M * geb ghislain, hi 1279555018 M * geb there is something i don't understand with your util-vserver-basic-debian package 1279555057 M * geb degun:~# apt-cache show util-vserver-basic-debian | grep Version 1279555057 M * geb Version: 0.30.216-pre2864-2 1279555057 M * geb Version: 0.30.216-pre2882.1 1279555204 M * geb but if i try to install the last one, apt tell me that i already have the last version 1279555369 J * ntrs ~ntrs@77.28.10.34 1279555899 M * blathijs Hmm, why is this line from vserver.functions commented? #_addInterfaceCmd IP_ROUTE "$ip${prefix:+/$prefix}" dev "$dev" 1279555929 M * blathijs I think it would add a route to the network when setting up network interface 1279555944 M * daniel_hozac the kernel does that automatically. 1279555961 M * blathijs It doesn't for p2p addresses 1279555971 M * daniel_hozac then set peer 1279555998 M * blathijs I did, but that only routes the peer address over the device. I want the entire /24 to be routed over the tun device 1279556005 M * blathijs Hmm, 1279556014 M * blathijs I guess I want the /24 to be routed _to_ the peer 1279556087 M * blathijs So that IP_ROUTE line wouldn't do what I want anywa 1279556169 M * blathijs Is there some kind of post-up thingy for vserver networking interfaces that I could put a manual route command for this? 1279556238 M * daniel_hozac /etc/vservers//scripts/pre-start 1279556241 M * blathijs Ah, pre-start would do... 1279556246 M * blathijs thanks :-) 1279557190 Q * barismetin Remote host closed the connection 1279558068 J * fzylogic ~fzylogic@dsl081-243-128.sfo1.dsl.speakeasy.net 1279560165 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1279561721 Q * Pazzo Quit: Bye! 1279561813 Q * ghislain Quit: Leaving. 1279561906 Q * gnuk Ping timeout: 480 seconds 1279562327 J * skoolkid ~skoolkid@63.81.0.20 1279562439 M * skoolkid Can we setup up LDAP authentication on vserver guest? Is it possible? 1279563280 M * Bertl why shouldn't it? 1279563380 Q * aj__ Ping timeout: 480 seconds 1279564692 M * daniel_hozac i use it on most of mine. 1279564896 J * dna ~dna@p54BCA8D0.dip0.t-ipconnect.de 1279566227 M * skoolkid I got confused, the FAQ mention about disabling PAM, so I thought we cannot use LDAP 1279566237 M * daniel_hozac just pam_loginuid. 1279566247 M * skoolkid Oh, I see 1279567335 Q * MeCooL Ping timeout: 480 seconds 1279567491 J * harobed ~harobed@arl57-1-82-231-110-14.fbx.proxad.net 1279567662 Q * dannf Ping timeout: 480 seconds 1279567686 Q * micah Ping timeout: 480 seconds 1279568479 Q * harobed Quit: Ex-Chat 1279568693 Q * dna Read error: Connection reset by peer 1279568707 J * dna ~dna@p54BCA8D0.dip0.t-ipconnect.de 1279570642 J * dannf ~dannf@utter.lackof.org 1279571983 J * micah ~micah@micah.riseup.net 1279572412 J * thierryp ~thierry@lns-bzn-47f-62-147-212-202.adsl.proxad.net 1279573378 J * yarihm ~yarihm@217-162-96-248.dclient.hispeed.ch 1279573568 Q * bonbons Quit: Leaving 1279573951 N * DoberMann[PullA] DoberMann[ZZZzzz] 1279574219 Q * dna Quit: Verlassend 1279574577 J * aj__ aj@80.187.230.228 1279574796 Q * petzsch Quit: Leaving. 1279575535 Q * ntrs Ping timeout: 480 seconds 1279575582 J * petzsch ~markus@dslb-092-078-225-130.pools.arcor-ip.net 1279575706 J * MeCooL mecool@94.129.157.38 1279575858 Q * thierryp Remote host closed the connection 1279575868 A * MeCooL is back 1279577673 Q * petzsch Quit: Leaving. 1279580569 Q * dowdle Remote host closed the connection