1285459210 M * urbee I've got 150GB (Port 1) 150GB (Port 2) 500GB (Port 3) 500GB (Port4) 1285459229 M * urbee linux finds 150GB (sda) 500GB (sdb) 150GB (sdc) 500GB (sdd) 1285459260 M * Bertl that's fine, just try to boot with and without the first disk 1285459305 M * urbee ok, so if i get the grub screen without first hard drive, then its ok? 1285459311 M * Bertl see what happens and how grub sees the disks 1285459330 M * Bertl i.e. mark the disk in question somehow, so that you can identify it 1285459343 M * urbee this started happening when i turned of AHCI in bios 1285459357 M * urbee with AHCI enabled the drives were found correctly in linux 1285459366 M * Bertl that's not too unusual, the BIOS does strange things 1285459416 M * urbee now i'm at the grub install 1285459418 M * urbee and i can see that 1285459434 M * urbee grub> root (hd 1285459434 M * urbee Possible disks are: hd0 hd1 hd2 hd3 1285459434 M * urbee grub> root (hd1,0) 1285459440 M * urbee hd1 is really 500gb 1285459449 M * urbee cuz it has only '0' (one partition) 1285459456 M * urbee if it was 150gb it would have three 1285459463 M * urbee so, this wont work 1285459464 M * Bertl don't make the mistake to try with the first disk in place 1285459481 M * urbee huh? 1285459497 M * Bertl the easiest way is to put a grub on each disk and see what happens if you pull the first 1285459514 M * Bertl the problem is, first, there are two possible failure cases 1285459528 M * Bertl 1) the disk is still on the bus but cannot boot for whatever reason 1285459553 M * Bertl 2) the disk is electrically gone (in which case the bios will boot from the second listed disk) 1285459569 M * Bertl the first case can be handled if grub still boots/works 1285459588 M * Bertl the second case really depends on what the BIOS does 1285459622 M * urbee but if grub finds hd1 as 500gb then its sure that it wont be booting from the correct drive 1285459627 M * urbee isnt it? 1285459646 M * Bertl no 1285459752 M * urbee so should i just setup grub on all 4 drives? 1285459771 M * Bertl could even be that the bios maps the disk now visible as hdc as hda in a failure case 1285459792 M * Bertl there is only one way to find out, try it :) 1285459808 M * urbee is it a problem if i set it up to a partition which isnt /boot ? 1285459816 M * Bertl (unless you have a really well documented bios :) 1285459846 M * urbee i'll try it on hd0 and hd2 and try to fail hd0 1285459852 M * urbee fail as, disconnect :p 1285459861 M * Bertl the basic grub loader (stage 1/1.5) should fit on any disk 1285459887 M * Bertl and you should end up in a grub shell where you can decide what to do next 1285459903 M * Bertl you might also boot from floppy (with grub on it) and see from there 1285459941 Q * derjohn_mob Ping timeout: 480 seconds 1285459976 M * urbee the problem is this server has no remote console like kvm or ilo to access from home 1285459990 M * urbee if it fails in the future and doesnt boot after reboot 1285459994 M * urbee i gotta drive 200km :) 1285460079 M * Bertl that's why you should test all failure cases beforehand 1285460179 M * Bertl you cannot cover all cases anyway, but it helps to know that you've covered those cases you can handle 1285460483 J * derjohn_mob aj@tmo-013-137.customers.d1-online.com 1285460771 M * Bertl off to bed now .. good luck! 1285460778 N * Bertl Bertl_zZ 1285460861 M * urbee thanks 1285460868 M * urbee nite 1285462839 Q * FireEgl Quit: bbl 1285467418 J * tokkee_ tokkee@osprey.tokkee.org 1285467418 Q * tokkee Read error: Connection reset by peer 1285468915 N * DLange_ DLange 1285470115 J * FireEgl FireEgl@WTF.4.1.0.c.0.7.4.0.1.0.0.2.ip6.arpa 1285472856 Q * FireEgl Quit: Leaving... 1285474820 J * FireEgl FireEgl@Sebastian.Atlantica.CJB.Net 1285476966 Q * click Remote host closed the connection 1285477786 J * click click@ti0127a340-0789.bb.online.no 1285481812 J * ghislain ~AQUEOS@adsl2.aqueos.com 1285484170 J * ntrs ~ntrs@77.28.171.139 1285488896 J * niki ~niki@94.145.207.11 1285490592 Q * derjohn_mob Ping timeout: 480 seconds 1285490604 J * derjohn_mob ~aj@tmo-084-45.customers.d1-online.com 1285491027 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1285491058 J * petzsch ~markus@p4FF45B0A.dip.t-dialin.net 1285494765 Q * petzsch Quit: Leaving. 1285494794 N * Bertl_zZ Bertl 1285494798 M * Bertl morning folks! 1285495149 M * yang hi Bertl 1285495991 Q * Piet Ping timeout: 480 seconds 1285496837 J * petzsch ~markus@p4FF45B0A.dip.t-dialin.net 1285497537 Q * petzsch Quit: Leaving. 1285498195 Q * ensc Ping timeout: 480 seconds 1285498746 J * ensc ~irc-ensc@93.159.121.26 1285499462 J * petzsch ~markus@p4FF45B0A.dip.t-dialin.net 1285500352 Q * petzsch Quit: Leaving. 1285501423 J * Piet ~Piet__@7R1AAABDF.tor-irc.dnsbl.oftc.net 1285503105 J * petzsch ~markus@p4FF457C5.dip.t-dialin.net 1285503169 J * ntrs_ ~ntrs@77.28.23.169 1285503604 Q * ntrs Ping timeout: 480 seconds 1285503635 Q * petzsch Quit: Leaving. 1285503817 Q * derjohn_mob Remote host closed the connection 1285504649 M * Bertl off for now ... bbl 1285504654 N * Bertl Bertl_oO 1285509382 J * fLoo ~fLoo@coresec.de 1285509972 J * petzsch ~markus@p4FF457C5.dip.t-dialin.net 1285513794 J * derjohn_mob aj@80.187.226.219 1285514466 Q * derjohn_mob Ping timeout: 480 seconds 1285514476 J * derjohn_mob ~aj@tmo-084-45.customers.d1-online.com 1285515885 J * pmenier ~pmenier@ACaen-152-1-23-87.w83-115.abo.wanadoo.fr 1285517428 Q * julius Ping timeout: 480 seconds 1285518193 Q * Piet Quit: Piet 1285518831 J * julius ~julius@217.20.127.15 1285519255 Q * geb Read error: Connection reset by peer 1285519674 Q * petzsch Quit: Leaving. 1285519693 J * geb ~geb@mars.gebura.eu.org 1285519825 Q * pmenier Quit: Konversation terminated! 1285519897 J * petzsch ~markus@p4FF457C5.dip.t-dialin.net 1285520322 M * _are_ do I have to expect extra trouble running a VServer on top of aufs? 1285520386 M * pmjdebruijn I don't think you need too 1285520394 M * pmjdebruijn vserver has it's own copy-on-write mechanism 1285520400 M * pmjdebruijn anyhow, I haven't used it 1285520411 M * pmjdebruijn so I can't tell you anything about it :p 1285520414 Q * ntrs_ Read error: Connection reset by peer 1285520422 Q * geb Quit: ZNC - http://znc.sourceforge.net 1285520435 J * ntrs_ ~ntrs@77.28.172.112 1285520574 M * Bertl_oO nap attack ... bbl 1285520581 N * Bertl_oO Bertl_zZ 1285520610 J * geb ~geb@mars.gebura.eu.org 1285521447 Q * petzsch Quit: Leaving. 1285521524 M * _are_ pmjdebruijn: it is a very different case, I found USB-VGA adapters (displaylink) and found it possible to auto-setup X-servers via udev wenever another complete set of keyboard/mouse/vga is connected 1285521580 M * _are_ and so my imagination went far away and I dream of a dynamically crated VServer per seat, autostarted and always in a clean shape 1285521632 M * _are_ for this to work I need a way to deploy a standard VServer really fast and I think aufs might be a possiblity 1285521753 M * _are_ not that the dynamic creation part is really, really needed, but i'd like to have it, just to have it. we will show it with our local LUG on an exhibition in november. all types of nerds there ;) 1285521782 M * daniel_hozac vclone doesn't take very long. 1285521799 M * daniel_hozac if you have a completely hashified guest. 1285521813 M * daniel_hozac we do this on PlanetLab and guest creation usually takes a few seconds. 1285521820 M * _are_ full featured kde+gnome+xfce is 2GB data 1285521855 M * daniel_hozac the amount of space doesn't matter. 1285521871 M * daniel_hozac you're just creating hardlinks and the directory structure. 1285521920 M * _are_ I found that might take some time, I do rsnapshot backups for years now, but I guess I will just try and check if it is sufficiently fast for an exhibition booth 1285522840 Q * Rockj Ping timeout: 480 seconds 1285522863 Q * yang Ping timeout: 480 seconds 1285523258 J * Rockj rockj@pi.geekrevolution.net 1285523388 J * yang yang@boneym.mtveurope.org 1285524110 Q * yang Ping timeout: 480 seconds 1285524241 J * petzsch ~markus@p4FF457C5.dip.t-dialin.net 1285524279 J * yang yang@boneym.mtveurope.org 1285524787 J * ntrs__ ~ntrs@77.28.23.169 1285525216 Q * ntrs__ Read error: Connection reset by peer 1285525227 J * ntrs__ ~ntrs@77.29.87.199 1285525237 Q * ntrs_ Ping timeout: 480 seconds 1285526258 Q * petzsch Quit: Leaving. 1285527334 N * tokkee_ tokkee 1285527579 J * petzsch ~markus@p4FF457C5.dip.t-dialin.net 1285528775 M * _are_ daniel_hozac: 3.4GB VServer, fully vhashified, takes 2m36s here to vclone 1285528805 M * daniel_hozac "fully" means what? 1285528817 M * _are_ nothing excluded 1285528825 M * _are_ not even the package manager stuff 1285528849 M * _are_ single sata disk, ext3. probably not the best choice in hardlink performance 1285528857 M * daniel_hozac what we do on PL to help speed it up even more is to keep hot spares around. 1285528876 M * daniel_hozac i.e. already vlconed directories that we then just move to the right name. 1285528912 M * _are_ yes, considered that, but is obviously not as cool as just deploying on the fly with almost no latency 1285528939 M * _are_ and this is only for the show as we will never have mor ethan 4 running seats there, not more hardware available :-) 1285528948 M * _are_ sort of an academic problem 1285529325 M * _are_ well, 2nd try takes 24s, fs-cache is helpful, I doubt it will be populated at the right time with the right stuff, though 1285529736 J * petzsch1 ~markus@p4FF451BF.dip.t-dialin.net 1285529741 Q * petzsch Ping timeout: 480 seconds 1285531467 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg 1285531719 Q * ntrs__ Ping timeout: 480 seconds 1285531889 Q * ghislain Quit: Leaving. 1285532310 Q * petzsch1 Quit: Leaving. 1285533397 J * petzsch ~markus@p4FF451BF.dip.t-dialin.net 1285535376 Q * derjohn_mob Read error: No route to host 1285535439 Q * bonbons Quit: Leaving 1285535632 P * mugwump 1285536062 Q * petzsch Quit: Leaving. 1285536753 Q * hijacker_ Quit: Leaving 1285538020 M * urbee I'd like to add noexec,nosuid to /tmp in fstab 1285538023 M * urbee is that a problem? 1285538029 M * urbee (for a guest) 1285538222 M * daniel_hozac no 1285538285 M * urbee none /tmp tmpfs size=16m,mode=1777,noexec,nosuid 0 0 1285538288 M * urbee is this correct 1285538321 M * daniel_hozac sure 1285538528 J * ntrs ~ntrs@77.29.112.194 1285539250 M * urbee hm 1285539259 M * urbee i cant get the keys to function correctly 1285539261 M * urbee keymaps 1285539265 M * urbee it works great in root 1285539266 M * urbee but in guest 1285539267 M * urbee it doesnt 1285539275 M * urbee cant even do ` 1285539404 M * urbee loadkeys /usr/share/keymaps/i386/qwertz/slovene.kmap.gz 1285539404 M * urbee Couldnt get a file descriptor referring to the console 1285539404 M * urbee KDGKBMODE: Bad file descriptor 1285539404 M * urbee loadkeys: error reading keyboard mode 1285539430 N * Bertl_zZ Bertl 1285539438 M * Bertl back now ... 1285539444 M * Bertl urbee: try on the host 1285539466 M * urbee try what? 1285539473 M * urbee wb 1285539476 M * Bertl loading the keymap 1285539478 M * urbee host is gentoo, guest is debian 1285539482 M * urbee keys on the host are OK 1285539495 M * Bertl then it isn't the keymap 1285539520 M * urbee what could it be? 1285539546 M * Bertl what exaclty happens and when you do what? 1285539552 M * urbee ok something is wrong 1285539580 M * urbee if the first key is something random (not š, c ` or something) then the next key is correct 1285539588 M * urbee (scarons that is) 1285539599 M * urbee its like its trying to run some command :) 1285539629 M * urbee weird 1285539643 M * Bertl maybe you are sharing the tty with something? 1285539651 M * urbee (arg: 22) 1285539651 M * urbee ? 1285539652 M * Bertl (and that something capture away characters) 1285539687 M * Bertl try to press ESC a few times, then blindly type 'reset' and press enter (without the quotes) 1285539719 M * urbee it resets 1285539723 M * urbee but same thing 1285539751 M * urbee ok, maybe its a putty issue! 1285539993 M * urbee god damn it 1285540008 M * urbee funny thing is it works just fine on some other machine with the same damn config 1285540035 M * Bertl could be a special escape sequence which messes up the terminal 1285540048 M * Bertl (because of incomplete vt100 implementation) 1285540110 M * urbee perl -pi -e ’s/ServerTokens Major/ServerTokens Full/’ 1285540116 M * urbee does this replace Major with Full ? 1285540119 M * urbee or is it the opposite 1285540129 M * urbee i'm just gonna do it manually :p 1285540164 M * Bertl yes, once in the presence of any string ending in ServerTokens Major 1285540652 M * fLoo is there an easy way to manage traffic ? 1285540655 M * fLoo of guests i mean 1285540666 M * fLoo like limiting them to 1mbit/s or smth like that 1285540681 M * Bertl yes, traffic shaping 1285540792 M * fLoo k 1285540797 M * fLoo i thought there might be another method 1285540980 M * Bertl why, it is perfect, no? 1285540985 M * fLoo it is yep 1285540985 M * fLoo :) 1285541009 M * fLoo just read your message from 2005 ( http://www.mail-archive.com/vserver@list.linux-vserver.org/msg04355.html ) 1285541010 M * fLoo :) 1285541014 M * urbee fLoo: i'd like that too 1285541020 M * urbee but i think its abit too complicated for me :p 1285542539 M * urbee if /tmp is mounted noexec, it shouldnt allow to execute anything on it, right? 1285542608 M * Bertl yep, but double check with /proc/mounts first 1285542645 M * urbee none /tmp tmpfs rw,nosuid,nodev,noexec,relatime,size=131072k 0 0 1285542708 M * urbee I'm tryin to secure my LAMP, i did mod_security2, disable_functions, suphp+suexec, noexec on /tmp ... 1285542712 M * urbee am i missing anything? :p 1285542732 M * urbee (i know this isnt lamp channel:) 1285542739 M * Bertl and? you can now exec stuff in /tmp or what? 1285542760 M * urbee tmp# exec 1285542760 M * urbee tmp# 1285542776 M * urbee or is this the wrong way of trying it if it works 1285542783 M * Bertl yep, wrong way 1285542787 M * urbee thought so :) 1285542793 M * Bertl copy something, e.g. /bin/ls there 1285542802 M * Bertl then try to execute it like /tmp/ls 1285542809 M * urbee right! :P 1285542831 M * urbee would u suggest anything else to do about "basic" security? 1285542834 M * urbee besides iptables 1285542843 M * urbee & updating 1285542903 M * Bertl properly setup selinux or grsec is definitely a security gain 1285542917 M * urbee grsec - thats kernel right? 1285542926 M * Bertl both is kernel side, yes 1285543000 M * urbee i've been having a LOT of issues with users not updating their damn scripts and script kiddies "hacking" their way in, i hope this will solve the most of it :) 1285543051 M * daniel_hozac you might also want to start considering having system provided scripts for the most common things... 1285543072 M * urbee to prevent users from installing older versions? 1285543107 M * daniel_hozac to keep one version up to date.