1306376455 M * Bertl off to bed now ... have a good one everyone! 1306376461 N * Bertl Bertl_zZ 1306378969 Q * hparker Quit: Quit 1306382995 Q * ntrs_away Remote host closed the connection 1306383001 J * ntrs_away ~ntrs@vault08.rosehosting.com 1306384676 Q * tolkor Ping timeout: 480 seconds 1306384716 J * tolkor ~rj@tdream.lly.earlham.edu 1306385696 Q * Marillion Remote host closed the connection 1306385951 Q * bsingh Ping timeout: 480 seconds 1306391230 J * ghislain ~AQUEOS@adsl2.aqueos.com 1306392371 Q * derjohn_mob Ping timeout: 480 seconds 1306392837 N * BobR_zZ BobR 1306392954 N * BobR BobR_afk 1306393189 J * bsingh ~balbir@122.248.161.59 1306394870 J * derjohn_mob ~aj@213.238.45.2 1306395515 J * Wonka_ produziert@chaos.in-kiel.de 1306395520 J * ncopa_ ~ncopa@3.203.202.84.customer.cdi.no 1306395525 J * trippeh_ atomt@uff.ugh.no 1306395531 J * AndrewLe1 ~andrew@n201.enc.hlc.edu.tw 1306395542 J * Roomster ~romster@202.168.100.149.dynamic.rev.eftel.com 1306395565 J * cehteh` ~ct@pipapo.org 1306395596 Q * nkukard reticulum.oftc.net kilo.oftc.net 1306395596 Q * ncopa reticulum.oftc.net kilo.oftc.net 1306395596 Q * trippeh reticulum.oftc.net kilo.oftc.net 1306395596 Q * wurtel_ reticulum.oftc.net kilo.oftc.net 1306395596 Q * Romster reticulum.oftc.net kilo.oftc.net 1306395596 Q * Wonka reticulum.oftc.net kilo.oftc.net 1306395596 Q * AndrewLee reticulum.oftc.net kilo.oftc.net 1306395596 Q * cehteh reticulum.oftc.net kilo.oftc.net 1306395596 N * Wonka_ Wonka 1306395611 J * nkukard ~nkukard@41-133-112-179.dsl.mweb.co.za 1306399108 M * Mr_Smoke Morning here 1306399125 M * Mr_Smoke Has anyone had some experience with running postgresql inside a vserver ? 1306399136 M * daniel_hozac sure 1306399149 M * Mr_Smoke I told pgsql to bind to 127.0.0.1, which it does, but for some reason, a Zope application is tryint to connect from the public IP 1306399162 M * Mr_Smoke and pg_hba.conf HAS en entry for that IP, but that doesn't help 1306399178 M * Mr_Smoke I still get FATAL: no pg_hba.conf entry for host "my.ip" 1306399254 M * Mr_Smoke Hm could it be a tab vs space issue in the conf file 1306399256 M * Mr_Smoke let's see 1306399312 M * Mr_Smoke Nope 1306399339 M * Mr_Smoke In fact, from the command line, if I do a psql -h 127.0.0.1, I get "kicked" because apparently it's using the public IP as a default 1306399353 M * daniel_hozac sounds like single_ip 1306399359 M * Mr_Smoke Yes 1306399377 M * Mr_Smoke You'd suggest disabling single_ip in that case ? 1306399393 M * Mr_Smoke or else, I could run pgsql bound to public IP and firewall it off the internet 1306399416 M * Mr_Smoke What would you recommend ? 1306400639 J * harobed ~harobed@pda57-1-82-231-115-1.fbx.proxad.net 1306400812 Q * josef_ Remote host closed the connection 1306400943 M * Mr_Smoke well ~single_ip is enough, I'll go with that 1306401018 Q * Roomster Quit: Geeks shall inherit properties and methods of object earth. 1306402383 J * wurtel_ ~paul@gw-office.telegraaf.net 1306403477 J * josef_ ~josef@gw-gbg.ilait.se 1306404009 Q * bsingh Ping timeout: 480 seconds 1306405142 N * Bertl_zZ Bertl 1306405146 M * Bertl morning folks! 1306406573 J * VirMan c113a53b@ircip2.mibbit.com 1306406632 M * VirMan hi.. i freshly set up new vserver machine.. and when i built first guest and run vserver-stat i got : 1306406642 M * VirMan gemini ~ # vserver-stat vc_rlimit_stat(RLIMIT_AS): Invalid argument 1306406983 M * Bertl kernel/patch/util-vserver version? 1306407011 M * VirMan 2.6.35-vs2.3.0.36.32-gentoo 1306407120 M * VirMan util-vserver: 0.30.216-pre2910; May 25 2011, 19:18:50 1306407172 M * Bertl so you definitely want to update that 1306407191 M * Bertl i.e. your 'old' kernel is too 'new' for this util-vserver version :) 1306407229 M * Bertl but I'd suggest to update to 2.6.36+ if possible, preferably 2.6.38.x 1306407248 M * VirMan well -that ebuild is marked as stable by my portage :) i guess boys from gentoo are outdatred any ebuild from portage dir won't work except that 1306407260 M * VirMan hm. 1306407270 M * VirMan i'll try manually 1306407285 M * Bertl yeah, maybe notify hollow or the maintainers to update there 1306407304 M * VirMan i did.. several times. 1306407352 M * Bertl well, then maybe time to change the distro or as you said, switch to self built kernel/util-vserver 1306407415 M * VirMan it's quite big deal for me.. :) but i think i will do that.. 1306407654 M * VirMan i tried out of curiosity to once again build masked 2955 ebuild and it worked. 1306407657 M * VirMan i'm amazed 1306407692 M * VirMan it works :D 1306407897 M * VirMan it won't work for my other machine - i'll try upgrade compiler and libs 1306408826 M * Bertl IIRC, it was a problem with your toolchain confusing builtins with external functions (last time) 1306408852 M * Bertl so yeah, an update of the involved toolchain might fix it 1306409335 M * VirMan yup 1306409346 M * VirMan 12 items remaining 1306409383 M * VirMan i hope it won't compile whole day 1306409960 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com 1306410663 J * sannes1 ~ace@62.101.223.178 1306410738 M * sannes1 What is the upstream util-vserver git tree? Only found planet lab and fedoras .. 1306412165 Q * ryker Quit: Leaving. 1306413523 M * daniel_hozac http://git.linux-vserver.org/cgi-bin/gitweb.cgi?p=util-vserver.git;a=shortlog 1306414343 J * petzsch ~markus@dslb-092-078-116-200.pools.arcor-ip.net 1306415728 J * SwenTjuln_ ~SwenTjuln@193.164.140.194 1306416029 Q * SwenTjuln Ping timeout: 480 seconds 1306416029 N * SwenTjuln_ SwenTjuln 1306416110 Q * petzsch Quit: Leaving. 1306419335 J * hparker ~hparker@2001:470:1f0f:32c:beae:c5ff:fe01:b647 1306419354 J * BenG ~bengreen@cpc12-aztw24-2-0-cust146.aztw.cable.virginmedia.com 1306421340 Q * BenG Quit: I Leave 1306421554 M * sannes1 daniel_hozac: Thank you ! :) 1306421823 M * sannes1 daniel_hozac: Uhm, how do I clone it? tried git://git.linux-vserver.org/projects/util-vserver.git and some other http:// variances over that .. 1306421959 M * daniel_hozac http://git.linux-vserver.org/git/util-vserver.git 1306422052 M * sannes1 thank you again :) 1306422171 M * ecapriolo Reading this. http://linux-vserver.org/util-vserver:Cgroups#Draft_-_Distributing_cpu_shares_with_cgroups . Works fine is is it required to set the SCHED_PRIO cflag or does this work out of the box ? 1306422241 M * daniel_hozac works out of the box. 1306422600 M * sannes1 Does unshare -m (unshare(NEWNS)) work inside a vserver now? 1306422868 M * sannes1 ah, wait found something in the docs :P 1306422873 J * ryker ~Adium@CF3840C2.endinfosys.com 1306422971 M * sannes1 Do I need anything else than namespace in ccapabilities to make unshare -m work? 1306423241 M * sannes1 hm, is there a way to set the namespace mask? (If I read the vs kernel code correctly?) 1306423591 M * Bertl where do you read about the namespace mask? 1306423710 M * sannes1 The vx_can_unshare define .. 1306423795 M * sannes1 But, I don't know the code, so only looking for things that may help me get things going, got some spare time the next two days, so either I find the correct way of configuring stuff, or I'll try to implement support for it .. 1306423852 M * Bertl so your goal is what exactly? 1306423882 M * sannes1 To be able to use stuff like pam_namespace in a vserver 1306423899 M * sannes1 or unshare -m for that matter 1306423936 M * sannes1 or unshare(CLONE_NEWNS) in C. 1306423993 M * sannes1 unsigned long vx_umask; /* unshare mask (guest) */ .. hm 1306424031 M * Bertl unsharing the mnt/filesystem namespace should work, given that you have the necessary capabilities 1306424093 M * Bertl i.e. you need the NAMESPACE ccap and the proper bcaps inside the guest 1306424145 M * sannes1 What bcaps? SYS_ADMIN ? 1306424167 M * Bertl inside, so you do not need to give it to the guest as bcap 1306424265 M * sannes1 If I start a guest with namespace ccapabilities, and do vserver guest enter it should have all the capabilities I could give it right? 1306424298 M * Bertl depends on your guest config, but usually yes 1306424456 M * sannes1 Could you do me a big favor? And try it ? If you have a recent util-linux you could just do "unshare -m ls" to see if it works? 1306424514 M * Bertl what distro? 1306424536 M * sannes1 gentoo 1306424629 M * Bertl where do I get a proper stage4 template? 1306424663 M * sannes1 Just use a stage3, and edit the /etc/rc.conf to have rc_sys="vserver" 1306424676 M * Bertl okay, where do I get that? 1306424698 M * sannes1 ftp://ftp.klid.dk/gentoo/releases/amd64/autobuilds/20110520/stage3-amd64-20110520.tar.bz2 1306424759 M * sannes1 I usually just do vserver build ... --initstyle gentoo -m template -- -d gentoo -t tage3-amd64-20110520.tar.bz2 1306424849 M * Bertl build is running 1306424883 M * sannes1 thank you :) 1306424974 M * Bertl -bash: unshare: command not found 1306424999 M * Bertl that's what I get in the newly created gentoo guest :) 1306425010 M * sannes1 two secs 1306425226 M * sannes1 When I unpack it has usr/bin/unshare in it 1306425273 M * Bertl vserver gentoo build -m template --context 4224 --hostname gentoo --initstyle gentoo -- -d gentoo -t /vservers/.templates/stage3-amd64-20110520.tar.bz2 1306425290 M * Bertl this is what I used, and after that I added the rc_sys part to the guest 1306425296 M * sannes1 md5sum of that stage3-amd64-20110520.tar.bz2 ? 1306425316 M * Bertl f96b8bfbbaacdc0ad1ed3fc7f751cba5 /vservers/.templates/stage3-amd64-20110520.tar.bz2 1306425348 M * sannes1 same as me 1306425427 M * Bertl okay, I guess I know what causes this 1306425428 M * Bertl sec 1306425465 M * Bertl yep, there are no services running inside the guest 1306425486 M * sannes1 oh, chroot /vservers/gentoo rc-update add sshd default 1306425510 J * thierryp ~thierry@zanzibar.inria.fr 1306425515 M * sannes1 then it should start 1306425540 M * hparker The latest stages have problems 1306425562 M * Bertl nah, did that, doesn't keep running either, I'll try with syslog 1306425597 M * hparker They're missing /dev/(console|null) 1306425608 M * hparker Well, null is there but it's a file 1306425704 M * Bertl doesn't help either, let's run a sleep 10000 in rc.local :) 1306425730 M * sannes1 Bertl: hm, did the exact same thing you did, with chroot and rc-update and it worked for me :P 1306425820 M * Bertl nope, it says it's starting sshd, but nothing is left 1306425828 M * Bertl but the sleep works, checking the unshare now 1306425832 M * sannes1 :) 1306425858 J * BenG ~bengreen@cpc12-aztw24-2-0-cust146.aztw.cable.virginmedia.com 1306425861 M * sannes1 Ah, I have default creation of 127.0.0.1 in my vservers, I guess you have not .. 1306425879 J * bonbons ~bonbons@2001:960:7ab:0:d95f:9ba7:d78a:f59e 1306426014 M * Bertl how do I get strace? 1306426040 Q * harobed Ping timeout: 480 seconds 1306426055 M * sannes1 emerge strace 1306426061 M * sannes1 But I can give you the trace if you want 1306426073 M * sannes1 but then you have to do emerge --sync first 1306426082 M * sannes1 and that takes time, and you need an internet connection .. 1306426093 M * sannes1 maybe I should just tarball it up to you or something? 1306426114 M * Bertl nah, sec, I probably need an IP for that to work :) 1306426138 M * sannes1 emerge-webrsync 1306426146 M * sannes1 fastest first time sync 1306426214 Q * derjohn_mob Ping timeout: 480 seconds 1306426333 J * jrklein ~osx@2001:470:1f0f:572::250:160 1306426353 M * Bertl okay, emerge-webrsync running 1306426623 M * sannes1 The fastest way to get strace is to wget http://www.sannes.org/strace-4.5.20.tbz2 and unpack it inside the guest at /. 1306426659 M * Bertl sync done 1306426675 M * Bertl emerge strace running 1306426693 M * sannes1 :) 1306426797 M * sannes1 If I understood the mask stuff correctly it seems vc_set_umask sets it, but that it is not run from anywhere .. (from the little grep foo I have tried) 1306427049 M * jrklein Hello everyone! I need to share a large data directory in one VPS guest mountpoint with another VPS guest on the same host. It sounds like mount bind is my best option? 1306427067 M * daniel_hozac yes 1306427073 M * jrklein ie: /vserver//store also accessible as /vserver//store 1306427129 M * jrklein I'd like R/W access to that VPS1 directory from VPS2 on same host. I've tried various mount bind commands (on host.. "mount --bind /vservers//store /vservers//store" ..also.. "vnamespace -e mount --rbind /vservers//store /vservers//store" ), but second guest always gets "Permission Denied" when trying to view files (ls /store) in the bind mounted directory. 1306427150 M * Bertl sannes1: I don't see EPERM in sys_unshare 1306427176 M * jrklein I am using chxid to tag files in and . Could this be causing problems? 1306427278 M * sannes1 unshare(CLONE_NEWNS) = -1 EPERM (Operation not permitted) I suppose? 1306427386 M * sannes1 Bertl: Where do you see it then? 1306427533 J * Marillion ~dirk@178.63.150.30 1306427659 M * daniel_hozac jrklein: yes. 1306427668 M * sannes1 Bertl: Ah so it works? 1306427734 M * Bertl no, it doesn't work, but I do not see where the EPERM comes from 1306427772 M * Bertl i.e. it must result from the actual unshare nsprocy 1306427827 M * Bertl *nsproxy, so next step is to enable the Linux-VServer debugging (space, bit 4) 1306427855 M * jrklein daniel_hozac: would I just move the directory out of the VPS and mount bind to both VPS? if I need to untag the files, how is this done? not seeing anything pertinent when running "chxid --help" 1306427867 M * daniel_hozac chxid -c 0 1306427930 M * Bertl daniel_hozac: how do you set the umask via guest config? 1306427954 M * daniel_hozac i'm not sure that you can right now... 1306427966 M * Bertl okay, via util-vserver at runtime? 1306427966 M * jrklein thanks! :) 1306427974 M * daniel_hozac same answer :) 1306428032 M * Bertl okay, sannes1: you need to add umask support to util-vserver :) 1306428162 M * sannes1 great :) uhm, who can I ask for some guidance on that? It would be stupid to implement something that only I can use .. :P 1306428183 M * Bertl I'd suggest the current maintainer :) 1306428191 M * sannes1 Is that daniel_hozac ? 1306428196 M * Bertl yep 1306428237 M * sannes1 I suppose if we follow what is in there, there should be some kid of umask file just as there are ccapabilities file where one could put newns and such in? 1306428272 M * Bertl yeah, I'd start with adding the actual syscall command support 1306428291 M * Bertl once that works, i.e. runtime can set the mask properly, you can think about the config layout 1306428325 M * sannes1 hm, is there a syscall yet? Is vc_set_umask it? 1306428425 M * Bertl the syscall is there since a long time, it is a multiplexer and supports so called syscall commands 1306428436 M * Bertl (they are handled by the syscall command switch) 1306428484 M * sannes1 Bertl: Ah, so i need to add what I need to the switch too? 1306428524 M * sannes1 daniel_hozac: I guess I should make a wrapper for it in lib/ and then actual util in src/ before trying to put any configuration in there? 1306428526 M * Bertl no, the kernel interface already has everything you need 1306428552 M * Bertl so you basically could get away with an updated vcmd for testing 1306428781 M * sannes1 That is what I meant, add it to the do_vserver the function I need 1306428816 M * sannes1 Okay, dinner time :) bbl and thanks :) 1306429694 Q * ryker Quit: Leaving. 1306430053 J * manana ~mayday090@nat049-252-205-109.tvoe.tv 1306430447 J * derjohn_mob aj@88.128.236.248 1306432570 M * thierryp Bertl: hi 1306432653 Q * BenG Quit: I Leave 1306432776 M * Bertl thierryp: hey 1306432794 M * thierryp Hey Bertl - long time no see :) 1306432807 M * thierryp I just ran into a fairly simple problem 1306432807 M * Bertl not my fault :) 1306432810 M * thierryp :) 1306432822 M * thierryp one host, 2 guests, each its IP 1306432844 M * thierryp I just need to have both guests be able to bind, say 0.0.0.0:80 1306432880 M * thierryp I used to run this under a rather old centos5 setup with 2.6.22 1306432883 M * thierryp yeah I know 1306432895 M * thierryp and I've moved recently to f14+2.6.32 1306432905 M * thierryp and the setup I had does not seem to work anymore 1306432919 M * Bertl util-vserver version? 1306432925 J * ryker ~Adium@CF3840C2.endinfosys.com 1306432936 M * thierryp 0.30.216-15 1306432964 M * Bertl 0.30.216 has not been released yet :) 1306433000 M * thierryp well this is what we ship in planetlab 1306433023 Q * hparker Quit: Quit 1306433076 M * Bertl well, so what version is behind that? 1306433292 M * thierryp searching.. 1306433371 M * thierryp must be something around http://people.linux-vserver.org/~dhozac/t/uv-testing/util-vserver-0.30.216-pre2938.tar.bz2 1306433402 M * Bertl so probably should be fine for your setup, single_ip special casing enabled? 1306433450 M * thierryp not that I know of 1306433456 M * thierryp this is a ncaps or something ? 1306433496 M * Bertl check with nattribute 1306433549 M * thierryp how do I use that ? 1306433569 M * Bertl nattribute --get --nid 1306433576 M * Bertl (please use paste.linux-vserver.org for everything longer than 3 lines) 1306433751 M * thierryp http://paste.linux-vserver.org/19983 1306433940 M * Bertl okay, that looks fine as well, so what exactly is the problem? 1306433997 M * thierryp well, if vserver1 runs nc -l 0.0.0.0 80, then vserver 2 can't and issue address already in use 1306434078 M * Bertl each guest has a separate IP, yes? 1306434084 M * thierryp yes 1306434213 M * Bertl sounds like a problem with that kernel, update and try again 1306434266 M * thierryp just a question about single_ip 1306434282 J * hparker ~hparker@2001:470:1f0f:32c:beae:c5ff:fe01:b647 1306434294 M * thierryp single_ip is for using a single IP for all guests, right ? 1306434307 M * thierryp is this something that can be senabledi n the kernel ? 1306434321 M * thierryp is this something that can be enabled in the kernel ? 1306434340 M * thierryp in this case would it show in nattribute ? 1306434501 M * Bertl single_ip special casing is per guest, and it is shown in nattribute 1306434509 M * fback thierryp: single_ip is the case when guest has only one ip assigned, and 127.0.0.1 counts 1306434812 M * thierryp ok thanks for the help] 1306434816 M * thierryp cheers 1306434817 Q * thierryp Remote host closed the connection 1306436148 N * ensc Guest2346 1306436157 J * ensc ~irc-ensc@p5DF2C9E2.dip.t-dialin.net 1306436396 Q * ecapriolo Ping timeout: 480 seconds 1306436565 Q * Guest2346 Ping timeout: 480 seconds 1306437111 M * fback Bertl: do you create patches for 2.6.32 krenel still? 1306437143 M * Bertl on demand 1306437235 M * fback But preferred way to upgrade is to move to 2.6.38? 1306437269 M * Bertl 2.6.38 is a rather good choice, yes 1306437375 M * fback Bertl: I have 2.6.32.10-vs2.3.0.36.29.2-c7 on debian lenny host here, high time to upgrade 1306438012 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg 1306440195 Q * derjohn_mob Ping timeout: 480 seconds 1306440809 M * fback daniel_hozac: what is minimum required version of util-vserver for 2.3.0.37-rc series of vserver patch? (no fancy features used, rather better chroot for services separation, that's it) 1306441002 J * petzsch ~markus@dslb-092-078-116-200.pools.arcor-ip.net 1306442035 J * derjohn_mob aj@88.128.160.50 1306442050 Q * bonbons Quit: Leaving 1306442246 Q * hijacker_ Quit: Leaving 1306443042 Q * derjohn_mob Ping timeout: 480 seconds 1306443701 Q * puck Quit: Coyote finally caught me 1306444075 Q * ex Read error: Connection reset by peer 1306444281 J * ecapriolo ~kvirc@209.249.216.2 1306444295 J * ex ex@valis.net.pl 1306445354 Q * petzsch Quit: Leaving. 1306446195 Q * ex Ping timeout: 480 seconds 1306446377 J * ex ex@valis.net.pl 1306447685 Q * fback Ping timeout: 480 seconds 1306448149 N * ensc Guest2367 1306448159 J * ensc ~irc-ensc@p5DF2D542.dip.t-dialin.net 1306448186 J * fback fback@red.fback.net 1306448420 Q * Guest2367 Ping timeout: 480 seconds 1306450369 Q * VirMan Quit: http://www.mibbit.com ajax IRC Client 1306450862 Q * manana Remote host closed the connection 1306451552 Q * ghislain Quit: Leaving. 1306451813 J * derjohn_mob ~aj@p4FFD0C4D.dip.t-dialin.net 1306452022 Q * ryker Quit: Leaving. 1306452564 N * ensc Guest2371 1306452573 J * ensc ~irc-ensc@p5DF2F20A.dip.t-dialin.net 1306452734 Q * Guest2371 Ping timeout: 480 seconds 1306453198 J * er ~sapan@c-68-36-169-19.hsd1.nj.comcast.net 1306453220 M * er hi 1306454150 J * Piet_ ~Piet__@82VAABRFI.tor-irc.dnsbl.oftc.net