1289693183 M * Mr_Smoke evening
1289693192 M * Mr_Smoke I think I (still) need some advice here
1289693227 M * Mr_Smoke When using only Linux, in which cases would Xen be preferable over VServer ?
1289693251 M * Mr_Smoke More isolation ? That's for sure. More precise resource control ? I don't know about that yet
1289693256 M * Mr_Smoke Any thoughts ?
1289693343 M * Bertl well, on the isolation part I'm not so sure :)
1289693360 M * Bertl given that there were already two exploits to escape a Xen domain ...
1289693393 M * Bertl anyway, you definitely want Xen or better kvm if you want to test different kernels or develop driver modules, etc
1289693402 M * PowerKe Different linux kernels, high availability (running replica on other host)
1289693445 M * Mr_Smoke Bertl: hm nothing so exotic I'm afraid. I'm after a stable and secure isolation/consolidation intrastructure
1289693460 M * Mr_Smoke So VServer fits in quite nicely
1289693490 Q * derjohn_mob Ping timeout: 480 seconds
1289693508 M * Mr_Smoke I'm only waiting for a "stable" grsec release, and by stable I mean "one that has pretty much everything in it and that won't need another patch in 3 days" :)
1289693544 M * Mr_Smoke PowerKe: yeah, I thought about that too. I'd need to request a VLAN across my servers for that. Not planned yet
1289693669 M * PowerKe you can always run vserver inside Xen offcourse for the HA and still use the vserver guests to better share resources among the guests
1289693822 M * Mr_Smoke Hm, could be
1289693859 M * Mr_Smoke I'm just an amateur here, meaning I don't make money out of this. It's mostly for non-profit organisations I'm a member of, experimenting a little, family stuff etc
1289693866 M * Mr_Smoke VServer alone is quite sufficient
1289693875 M * Mr_Smoke But I like the added security of grsec
1289694005 M * Mr_Smoke I need to re-read the latest exchange on the mailing-list about the grsec kernel
1289694675 M * Mr_Smoke Hm latest vserver patch sounds good enough
1289694690 M * Mr_Smoke I'd need a crash course on CGROUPS too though, I hear they're hype :)
1289695061 Q * bonbons Quit: Leaving
1289699220 Q * ju Quit: Lost terminal
1289700160 Q * ghislain1 Quit: Leaving.
1289701814 M * fLoo im bored
1289703717 M * Bertl off to bed now ... have a good one everyone!
1289703722 N * Bertl Bertl_zZ
1289706341 Q * ensc Ping timeout: 480 seconds
1289706813 J * ensc ~irc-ensc@93.159.121.26
1289715413 Q * matti Ping timeout: 480 seconds
1289715596 Q * ensc Remote host closed the connection
1289715610 J * ensc ~irc-ensc@93.159.121.26
1289716706 Q * ensc Ping timeout: 480 seconds
1289721955 J * petzsch ~markus@dslb-092-078-154-180.pools.arcor-ip.net
1289722134 Q * AndrewLee Ping timeout: 480 seconds
1289724042 J * derjohn_mob ~aj@p54B0388F.dip.t-dialin.net
1289725528 Q * petzsch Read error: Connection reset by peer
1289725747 J * petzsch ~markus@dslb-092-078-154-180.pools.arcor-ip.net
1289727572 J * manana ~mayday090@84.17.25.149
1289727686 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1289727993 Q * derjohn_mob Ping timeout: 480 seconds
1289728318 Q * Walex Ping timeout: 480 seconds
1289728381 Q * manana Read error: Connection reset by peer
1289728421 J * manana ~mayday090@84.17.25.149
1289733411 J * ghislain ~AQUEOS@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr
1289735534 J * ensc ~irc-ensc@93.159.121.26
1289736191 N * Bertl_zZ Bertl
1289737330 Q * Piet Remote host closed the connection
1289738265 J * Piet ~Piet__@1RDAAA1JA.tor-irc.dnsbl.oftc.net
1289740877 M * geb hi folks
1289741639 Q * manana Read error: Connection reset by peer
1289741679 J * manana ~mayday090@84.17.25.149
1289744031 Q * petzsch Quit: Leaving.
1289745065 Q * manana Write error: connection closed
1289745098 J * manana ~mayday090@84.17.25.149
1289746857 M * nkukard is there a way to see what caps I've given a virtual host?
1289746867 M * Bertl guest
1289746909 M * Bertl and yes, vattribute/nattribute --get
1289747117 M * nkukard vattribute  --xid 400    <= like that if my context is 400?
1289747138 M * nkukard got it :)
1289747139 M * nkukard thanks
1289747141 M * Bertl with --get, yes
1289747163 M * nkukard just need to find out why my oom_adjust is not showing up
1289747168 M * nkukard as I put it in my ccaps file
1289747197 M * Bertl kernel/util-vserver version?
1289747226 M * nkukard  patch-2.6.32.15-vs2.3.0.36.29.4
1289747340 J * petzsch ~markus@dslb-088-075-164-078.pools.arcor-ip.net
1289747392 M * nkukard one sec, let me try figure it out on my own :)
1289747508 M * nkukard hrmmm, OOM_ADJUST is now saying its not supported ... :/
1289747525 M * Bertl didn't tell me the util-vserver version yet
1289747531 M * nkukard ah, one sec
1289747544 M * nkukard util-vserver-0.30.216-pre2849
1289748139 M * Bertl too old, doesn't know about that flag
1289748199 M * Bertl s/flag/capability
1289748202 M * nkukard no prob, I"ll just fuck with the code :)
1289748220 M * Bertl I'd suggest to update util-vserver to a more recent version
1289748267 M * Bertl (the version you are using is almost a year old)
1289748357 M * nkukard fully aware of that :), but we have alot of patches we apply to it  (our own distro), and this particular server runs too many vservers for me to mess with it right now :)
1289748471 M * Bertl then I'd suggest to use the ^13 notation instead
1289748482 M * nkukard ah ..
1289748489 M * Bertl (untill you update util-vserver)
1289748490 M * nkukard never knew i could
1289748561 M * nkukard Bertl, take my hat off to you and daniel_hozac :) think of everything
1289752344 M * Mr_Smoke ^13 notation ? What is that, out of curiosity ?
1289752370 M * Bertl short for 2^13 which is the capability number
1289752383 M * Mr_Smoke 'k
1289752385 M * Mr_Smoke Thanks :)
1289752489 M * Bertl np
1289752576 M * Mr_Smoke I think I'll test the latest grsec patch soon
1289752600 M * Mr_Smoke Upgrading from the old 2.6.22.19-grsec should prove interesting :)
1289752619 M * Mr_Smoke I probably should learn about control groups to take full advantage of the latest patch
1289758794 Q * manana Read error: Connection reset by peer
1289758835 J * manana ~mayday090@84.17.25.149
1289761750 J * derjohn_mob ~aj@pD95760DC.dip.t-dialin.net
1289769225 Q * derjohn_mob Ping timeout: 480 seconds
1289770284 Q * petzsch Quit: Leaving.
1289770792 Q * ghislain Quit: Leaving.
1289773531 J * petzsch ~markus@dslb-088-075-164-078.pools.arcor-ip.net
1289774489 Q * petzsch Quit: Leaving.
1289775524 J * derjohn_mob ~aj@pD95760DC.dip.t-dialin.net
1289775617 Q * manana Read error: Connection reset by peer
1289775658 J * manana ~mayday090@84.17.25.149
1289778153 Q * _nono_ Remote host closed the connection
1289778641 Q * manana Remote host closed the connection