1286842700 M * ^jan ok, now I think I understand why Bertl hates me... I did not realise that this site exists: http://vserver.13thfloor.at/Experimental/ ... neither that grsec could create conflicts with vserver... but well, I will try again removing grsec and installing directly vserver patch using latest kernel from kernel.org... now I see that to compile a kernel is not as difficult as I was thinking... 1286842737 M * ^jan my apologies to all but I was in a hurry, I have never compiled a kernel and I did not wanted to disturb nobody, despite I did 1286842738 M * ^jan bye 1286842754 Q * ^jan 1286846671 Q * rgl Ping timeout: 480 seconds 1286851578 Q * balbir_ Ping timeout: 480 seconds 1286854558 J * balbir_ ~balbir@122.172.37.91 1286861393 J * petzsch ~markus@dslb-088-075-122-133.pools.arcor-ip.net 1286861726 J * ghislain ~AQUEOS@adsl2.aqueos.com 1286862326 J * sid4windr luser@bastard-operator.from-hell.be 1286862437 Q * sid3windr Ping timeout: 480 seconds 1286863415 Q * balbir_ Ping timeout: 480 seconds 1286863444 J * ncopa ~ncopa@3.203.202.84.customer.cdi.no 1286864100 J * ntrs ~ntrs@77.29.85.174 1286864475 J * balbir_ ~balbir@122.172.39.125 1286864694 Q * Piet Remote host closed the connection 1286864741 J * Piet ~Piet__@82VAABQGL.tor-irc.dnsbl.oftc.net 1286865182 Q * petzsch Quit: Leaving. 1286865276 Q * Piet Ping timeout: 480 seconds 1286867154 N * Bertl_zZ Bertl 1286867158 M * Bertl morning folks! 1286867181 J * derjohn_mob ~aj@tmo-087-128.customers.d1-online.com 1286867222 Q * derjohn_mob Read error: Connection reset by peer 1286867263 J * derjohn_mob ~aj@tmo-087-128.customers.d1-online.com 1286867333 Q * balbir_ Ping timeout: 480 seconds 1286867650 M * hijacker morning 1286867813 J * rgl ~Rui@a81-84-87-57.cpe.netcabo.pt 1286868015 J * balbir_ ~balbir@122.172.0.118 1286868301 Q * rgl Ping timeout: 480 seconds 1286869920 Q * infowolfe Quit: Leaving 1286870079 N * sid4windr sid3windr 1286870231 J * BenG ~bengreen@cpc6-aztw22-2-0-cust100.aztw.cable.virginmedia.com 1286870282 Q * BenG 1286870926 M * ghislain morning 1286871132 J * BenG ~bengreen@cpc6-aztw22-2-0-cust100.aztw.cable.virginmedia.com 1286872251 J * ^jan ~jan@77.228.228.188 1286872287 M * ^jan hi again :-S 1286872761 M * ^jan should I consider as stable these linux-vserver patches? http://vserver.13thfloor.at/Experimental/ This one: patch-2.6.34.6-vs2.3.0.36.30.4.diff' seems the only available for my current kernel compiled from sources: 2.6.34.6-xxxx-std-ipv6-64 1286873036 M * bzed ^jan: what do you think the word 'Experimental' in the URL means? 1286873064 M * bzed they work well usually, though 1286873088 M * ^jan bzed: thanks, I wanted to be sure, I was not sure if wiki pages were completly updated 1286873157 M * ^jan I am putting linux-vserver in a production enviroment, selling VPS to my hosting customers, so in fact I do not wanted to make experiments 1286873287 M * ^jan but the "current" stable releases from the linux-vserver wiki pages sounds quite old.. with branch kernels too old... and I am not sure if I should use them or better these "experimental" patches 1286873371 Q * BenG Quit: I Leave 1286873509 J * petzsch ~markus@dslb-088-075-122-133.pools.arcor-ip.net 1286874791 Q * derjohn_mob Ping timeout: 480 seconds 1286875327 J * derjohn_mob aj@88.128.148.218 1286875727 M * ghislain most of us use the experimental for that same scenario 1286875732 M * ^jan finally I could get it compiled: Linux xxxxxxxx.ovh.net 2.6.34.6-vs2.3.0.36.30.4-xxxx-std-ipv6-64 #2 SMP Tue Oct 12 11:21:49 CEST 2010 x86_64 GNU/Linux 1286875739 M * ghislain it works very well i have not encoutered any issue for now 1286875770 M * ghislain ovh, hum hope you have good backups ! :p 1286875777 M * ^jan thanks ghislain 1286875799 M * ^jan hehe, I know about ovh... thanks again 1286875813 M * ghislain i build util-server debian package to have the recent version if you use debian 1286875823 M * ghislain they are in ben repository 1286875859 M * ghislain http://repo.psand.net/info 1286875876 M * ^jan I am using debian... I now will follow the rest of instrucctions in linux-vserver wiki page 1286875900 M * ghislain do not use the old util-vserver with 2.3 kernels 1286875908 M * ghislain or isolation will not work 1286875941 M * ghislain 0.30.216-pre29xx is a minimum 1286875947 M * ghislain with recent kernel 1286875996 M * ghislain also if you find anything that is not "right" in the wiki page please ask on the list and if there is an update to make to the wiki make all benefit from you work :) 1286876027 M * ghislain vserver is wonderfull tool, it just lack more documentation to make it widespread ! 1286876041 M * ghislain so any tiny bit of work done there will be great 1286876139 M * ^jan sure, many thanks for this information... I had no idea, I was going to use the old util-vserver from here, as indicated in wiki pages, http://ftp.linux-vserver.org/pub/utils/util-vserver/ 1286876268 J * infowolfe ~infowolfe@c-67-166-127-67.hsd1.ut.comcast.net 1286876493 M * ^jan ghislain: should I install both util-vserver packages from beng repository? util-vserver-basic and util-vserver-basic-debian ? 1286876508 M * ^jan sorry for my ignorance 1286876509 M * ghislain no 1286876534 M * ghislain in fact the -debian use debian like directory settings (ie /var/lib/vservers and /etc/vservers) 1286876557 M * ^jan so, only the -debian... right ? 1286876563 M * ghislain the other one use the util-vserver default directory ( /vservers and /usr/local/etc/vservers) 1286876585 Q * derjohn_mob Ping timeout: 480 seconds 1286876594 M * ghislain if this is a new install yes it makes more sense as you will be able to switch easely to a debian official package later on 1286876596 J * derjohn_mob ~aj@88.128.152.37 1286876604 M * ^jan perfect, thanks 1286876614 M * ghislain anyway they are exclusive so if you have one the other won't install 1286877636 Q * derjohn_mob Read error: No route to host 1286878117 J * derjohn_mob ~aj@88.128.49.175 1286878792 M * hijacker crap, a buggie version of udev on debian testing was not allowing me to boot the latest kernel 1286878800 M * hijacker after software upgrade all looks fine 1286878804 M * hijacker pfu! 1286878954 Q * derjohn_mob Ping timeout: 480 seconds 1286879151 M * Bertl yeah, udev around 2.6.16 was buggy, no wonder debian picked that :) 1286879247 M * bzed hijacker: thats actually not an udev bug 1286879257 A * harry was highlighted! 1286879263 A * harry just back from egypt.. 1286879282 M * hijacker bzed, how do you mean ? 1286879305 M * bzed hijacker: well... you might call it a bug. different versions of udev require different versions of kernels 1286879358 M * hijacker bzed, aye 1286879367 M * hijacker udev worked alright with the 2.6.34.7 1286879381 M * hijacker but failed to initialize the software raid on 2.6.35.7! 1286879400 M * hijacker going into indefinite loop 1286879446 M * Bertl of course, that is not a bug but just an incompatibility :) 1286879454 M * bzed are you sure that was an udev bug? I think that disappeared with a new mdadm verison here 1286879463 J * derjohn_mob aj@tmo-068-195.customers.d1-online.com 1286879518 M * bzed thanks to udev the upgrad from lenny to squeeze might become more painful than necessary :\ 1286879710 M * hijacker indeed 1286879759 M * hijacker which sucks as this might render a remote server stuck in a endless udev loop somewhere in the wild when booting with new kernel... 1286879767 Q * ntrs Read error: Connection reset by peer 1286879778 J * ntrs ~ntrs@77.28.30.24 1286879945 Q * derjohn_mob Ping timeout: 480 seconds 1286879946 Q * groente Ping timeout: 480 seconds 1286879977 J * derjohn_mob ~aj@80.187.245.29 1286882315 Q * derjohn_mob Ping timeout: 480 seconds 1286882923 M * ghislain ohoh this is baaad news 1286882942 M * ghislain 2.6.36 is the one i wait for 1286882953 M * ghislain guess i will have to wait until .1 to be safe 1286883078 M * kupo hijacker: you could boot once with the new kernel 1286883086 M * kupo and on failure revert to the old in grub 1286883280 J * manana ~mayday090@84.17.25.149 1286883487 M * hijacker kupo, if you have someone to reset the computer... 1286883561 Q * renihs Quit: narf 1286883691 J * renihs ~lemming@83-65-34-34.arsenal.xdsl-line.inode.at 1286883992 M * kupo hijacker: no you can actually set a failover kernel in grub 1286883995 M * kupo look it up 1286884506 M * hijacker hey kupo i understand what you mean , but you still need a reset to get the failover kernel to load 1286884523 M * hijacker same as the -R option in /sbin/lilo ;-) 1286885345 J * BenG ~bengreen@cpc6-aztw22-2-0-cust100.aztw.cable.virginmedia.com 1286885797 P * ^jan 1286885883 M * mnemoc extlinux -o :) 1286885954 M * mnemoc and system sets it again, after a successful boot of the production kernel 1286886077 M * hijacker Bertl, i could reproduce the barrier problem on reiserfs on the latest kernel with latest patch with latest utils 1286886116 M * hijacker let me know what information might be of any use to you 1286886369 Q * BenG Quit: I Leave 1286886485 Q * petzsch Quit: Leaving. 1286886608 Q * jrdnyquist Quit: Leaving 1286886963 J * jrdnyquist ~jrdnyquis@slayer.caro.net 1286887227 J * kir ~kir@swsoft-msk-nat.sw.ru 1286887276 Q * manana Remote host closed the connection 1286888183 J * derjohn_mob ~aj@51.42.69.80.in-addr.net-lab.net 1286888783 J * Piet ~Piet__@82VAABQMM.tor-irc.dnsbl.oftc.net 1286889531 Q * ncopa Ping timeout: 480 seconds 1286889569 P * kir Leaving. 1286890325 M * Bertl off for now ... bbl 1286890329 N * Bertl Bertl_oO 1286890586 Q * ntrs Ping timeout: 480 seconds 1286891307 M * ghislain kupo: the failover in grub for me is working one out of ten time ymmv 1286891354 J * ncopa ~ncopa@ti211310a081-0128.bb.online.no 1286891696 Q * hijacker Remote host closed the connection 1286891717 N * Bertl_oO Bertl 1286892198 J * hijacker ~hijacker@213.91.163.5 1286892271 J * pgmateos ~pgmateos@200.68.112.33 1286892283 M * pgmateos Hi ! 1286892339 M * pgmateos I need some help with a vserver DB2 problem that I cannot resolve just with the recomended settings listed in "problematic programs" 1286892689 J * ntrs ~ntrs@77.28.167.224 1286892773 M * pgmateos I tell you what I did 1286892859 M * pgmateos y set up these bcaps: 1286892861 M * pgmateos vps:~# cat /etc/vservers/java/bcapabilities 1286892861 M * pgmateos CAP_NET_RAW 1286892861 M * pgmateos CAP_NET_ADMIN 1286892861 M * pgmateos CAP_SYS_ADMIN 1286892861 M * pgmateos CAP_IPC_LOCK 1286892863 M * pgmateos CAP_IPC_OWNER 1286892874 M * pgmateos y restarted the vps 1286892896 M * pgmateos but I'm getting the following error when I try to start the DB2: 1286892910 M * pgmateos db2inst1@java:~/sqllib/adm$ ./db2start 1286892910 M * pgmateos SQL1220N The database manager shared memory set cannot be allocated. 1286892920 M * pgmateos any ideas ? 1286892946 M * pgmateos I'm using Debian Squeeze Linux vps 2.6.32-5-vserver-amd64 #1 SMP Thu Aug 12 14:32:57 UTC 2010 x86_64 GNU/Linux 1286892963 M * pgmateos vps:~# vserver --version 1286892963 M * pgmateos vserver 0.30.215 -- manages the state of vservers 1286892963 M * pgmateos This program is part of util-vserver 0.30.215 1286892973 M * pgmateos thank you in advance ! 1286893238 J * sf1 ~sf1@200.68.112.33 1286893441 M * Bertl first, why do you use old util-vserver with a new-ish kernel? 1286893468 Q * sf1 Remote host closed the connection 1286893476 M * Bertl second, why do you give a lot of bcaps which lower security dramatically without good reason 1286893533 J * ^jan ~jan@239.Red-88-24-98.staticIP.rima-tde.net 1286893643 M * ^jan hi again... 1286893669 Q * ncopa Read error: No route to host 1286893670 M * ^jan which is the best way to copy/move a guest vserver from one server to other server? 1286893687 J * sf1 ~sf1@200.68.112.33 1286893746 M * Bertl usually rsync 1286893776 M * ^jan ok, thanks... I read about vserver-copy but I was not sure 1286893835 J * ncopa ~ncopa@ti211310a081-0128.bb.online.no 1286894062 M * harry dhetzner down? 1286894096 M * Bertl ^jan: stay away from vserver-copy, it is a legacy script which doesn't work properly since several years now 1286894098 M * harry hm... nur meine server also.. :s 1286894116 M * harry Bertl: maybe remove it then? ;) 1286894179 M * harry hmm... alles kaput ins subnet... 1286894182 M * Bertl that's up to daniel_hozac, but it is in the legacy package, which usually nobody installs nowadays 1286894199 M * harry :) 1286894216 M * harry i just do yum install util-vserver* 1286894221 M * harry like many, i think ;) 1286894229 M * harry anyway... /me off now 1286894239 J * g_en__ ~glen@scratchy.delfi.ee 1286894508 J * petzsch ~markus@dslb-088-075-122-133.pools.arcor-ip.net 1286894528 P * g_en__ 1286894617 J * thierryp ~thierry@home.parmentelat.net 1286895644 J * Radiance ~Radiance@193.16.154.187 1286895853 M * ^jan thanks Bertl, I will use only rsync then 1286896008 Q * ncopa Quit: Ex-Chat 1286896358 Q * derjohn_mob Ping timeout: 480 seconds 1286896800 J * dowdle ~dowdle@scott.coe.montana.edu 1286897484 M * pgmateos Hi Bertl ! 1286897490 M * pgmateos I wasn't here 1286897594 M * pgmateos I just installed vserver with apt-get (squeeze) and it worked like that, look: 1286897596 M * pgmateos vps:~# dpkg -l | grep vserver 1286897596 M * pgmateos ii linux-image-2.6.32-5-vserver-amd64 2.6.32-20 Linux 2.6.32 for 64-bit PCs, Linux-VServer support 1286897596 M * pgmateos ii util-vserver 0.30.216-pre2864-2+b1 user-space tools for Linux-VServer virtual private servers 1286897596 M * pgmateos ii vserver-debiantools 0.6.5 Tools to manage debian virtual servers 1286897646 M * pgmateos and about security issues, I just followed the recommendation I read here (http://linux-vserver.org/Problematic_Programs) about DB2 1286897716 M * pgmateos our environment is not open to anyone, its a private server so security is not a big issue for us, we trust our users 1286897757 M * pgmateos we just need our DB2 work inside the VPS so we can use it inside our development environment 1286897783 M * pgmateos but even using that bcaps, it's not working 1286897925 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg 1286898199 M * Bertl so did you update util-vserver? 1286898223 M * Bertl in any case, get rid of vserver-debiantools, they are broken and useless 1286898261 M * Bertl and if you updated, make sure to restart the guests 1286898307 M * Bertl I don't see why DB2 should require CAP_NET_RAW and/or CAP_NET_ADMIN btw 1286898320 M * Bertl and definitely not CAP_SYS_ADMIN 1286898368 M * Bertl I would suggest to first try with a default guest config, and see how/where it fails, then use strace -fF to narrow the failure down to a syscall 1286898399 M * Bertl once that information is available, we can argue about what DB2 needs and doesn't need 1286898554 Q * thierryp Remote host closed the connection 1286898574 J * thierryp ~thierry@home.parmentelat.net 1286898915 M * ard Bertl : ... db2... 1286898917 M * ard brrrrr 1286898949 M * ard there is one good thing you can do with db2 on any server: remove it :-) 1286899013 M * ard pgmateos : 1286899015 M * ard ard@chode:/etc/vservers/sponldb1$ grep . sysctl/kernel.shmmax/* 1286899015 M * ard sysctl/kernel.shmmax/setting:kernel.shmmax 1286899015 M * ard sysctl/kernel.shmmax/value:1677721600 1286899055 Q * thierryp Ping timeout: 480 seconds 1286899102 M * ard ipc stuff is namespace bound, so you have to set the setting per namespace...(in other words: per vserver) 1286899184 M * ard but anyways: db2 should not need any strange rights, it's namespace just should allow a large shm... 1286899199 M * ard same thing for postgresql... 1286899241 M * ard (We upgraded all our db2 stuff to postgresql to make it way faster, and from websphere to resin...) 1286899282 M * ard Bertl : for what he is doing it should be fine :-) 1286899315 M * pgmateos we are starting a brand new project for a brand new customer for their old brand environment, and that includes DB2... we cannot ask our customer to change de DB.... 1286899335 M * pgmateos I'd love to chage to postgresql ... 1286899340 M * pgmateos but I can't 1286899350 M * ard well, you can advise, but yes, you need db2 for now :-) 1286899360 M * pgmateos absolutely ... 1286899366 M * ard db2 needed 32MB per connection in our setup :-( 1286899402 M * ard but then again, that was on an rs6000, and java jvm was still at 1.2 or so. The jvm to use was blackdown ;-) 1286899427 M * ard (9 years ago) 1286899439 M * pgmateos here the server is an intel 64bits with squeeze and vserver 1286899450 M * ard rs6000 were very expensive pieces of crap 1286899468 M * pgmateos and I don't want to use a physical dedicated server for this project, just because there is no need for that ! 1286899474 M * ard :-) 1286899483 M * ard try the shmmax setting, it will work 1286899492 M * pgmateos I think DB2 has to work inside a vps! 1286899516 M * pgmateos here you have the current value... I think its enough ! 1286899544 M * pgmateos vps:~# cat /proc/sys/kernel/shmmax 1286899544 M * pgmateos 1073741824 1286899553 M * pgmateos what do you think, shoud I raise it ? 1286899557 M * ard is that inside the vserver? 1286899566 M * pgmateos no, outside 1286899570 M * pgmateos in the main server 1286899576 M * ard then you are in the wrong namespace :-) 1286899581 M * pgmateos oops 1286899589 M * pgmateos so how do I put it inside ? 1286899600 M * ard mkdir /etc/vservers//sysctl/kernel.shmmax/ 1286899607 M * pgmateos great !!!! 1286899610 M * pgmateos I'll try it ! 1286899619 M * ard echo kernel.shmmax > /etc/vservers//sysctl/kernel.shmmax/setting 1286899635 M * ard echo 1677721600 > /etc/vservers//sysctl/kernel.shmmax/value 1286899646 M * ard the directory can have any name... 1286899663 M * ard just the content of setting and value are important 1286899668 M * ard and then restart the vserver 1286899689 M * pgmateos what sould I put inside this file "/etc/vservers//sysctl/kernel.shmmax/setting" ? 1286899696 M * ard kernel.shmmax 1286899719 M * ard the name of the sysctl to set 1286899725 M * pgmateos ok ok :) 1286899736 J * bonbons ~bonbons@2001:a18:1:1402:2c0:9fff:fe2d:39d 1286899836 M * pgmateos LOOK !!!!!! 1286899839 M * pgmateos db2inst1@java:~/sqllib/adm$ ./db2start 1286899839 M * pgmateos SQL1063N DB2START processing was successful. 1286899842 M * pgmateos YEAHHHHHHHHHHHHH 1286899846 M * pgmateos it works !!!!!!!!!! 1286899864 M * pgmateos I was doing wrong setting it in the main server instead of inside the vps !!! 1286899910 M * pgmateos thank you very much guys !!! 1286899942 M * pgmateos now we can continue deploying our development environment :) 1286901395 J * ntrs_ ~ntrs@nimitz.rosehosting.com 1286901623 Q * balbir_ Ping timeout: 480 seconds 1286901817 M * Bertl pgmateos: make sure to remove the unnecessary bcaps 1286901844 M * Bertl or do not be surprised if the guest brings down the host (on purpose or accidentially) 1286901845 Q * ntrs Ping timeout: 480 seconds 1286901919 J * thierryp ~thierry@home.parmentelat.net 1286902125 J * balbir_ ~balbir@122.167.173.169 1286904596 Q * thierryp Remote host closed the connection 1286904612 P * ^jan 1286904615 J * thierryp ~thierry@home.parmentelat.net 1286904656 Q * thierryp Remote host closed the connection 1286905845 M * Bertl off to bed now ... have a good one everyone! 1286905849 N * Bertl Bertl_zZ 1286906308 J * dna ~dna@dslb-094-222-112-204.pools.arcor-ip.net 1286908080 Q * FireEgl Ping timeout: 480 seconds 1286909098 M * karasz postgresql does not really need anything special except shm, and even that is for over 100 simultaneous conections 1286909174 M * karasz :-/ just 3 hours behind..... 1286909877 M * pgmateos probably, but my client does use DB2... 1286909913 M * pgmateos I cannot change the more than 100 apps they're running on the DB2 ;) 1286909942 M * pgmateos the just still need to run there instead of replacing the RDBMS 1286910812 J * FireEgl ~FireEgl@173-25-19-139.client.mchsi.com 1286911450 Q * fLoo Ping timeout: 480 seconds 1286911754 J * dna_ ~dna@dslb-094-222-211-182.pools.arcor-ip.net 1286911802 Q * dna Read error: Connection reset by peer 1286912639 J * rgl ~Rui@a81-84-87-57.cpe.netcabo.pt 1286914441 Q * sf1 Quit: Saliendo 1286915402 Q * ghislain Quit: Leaving. 1286915642 Q * bonbons Quit: Leaving 1286916154 Q * petzsch Quit: Leaving. 1286916805 Q * ntrs_ Ping timeout: 480 seconds 1286917452 J * thierryp ~thierry@home.parmentelat.net 1286917603 Q * thierryp Remote host closed the connection 1286918465 J * dna__ ~dna@dslb-088-074-200-084.pools.arcor-ip.net 1286918905 Q * dna_ Ping timeout: 480 seconds 1286922458 Q * dna__ Quit: Verlassend