1315008046 J * thierryp ~thierry@home.parmentelat.net
1315008127 Q * thierryp Remote host closed the connection
1315008266 Q * dowdle Remote host closed the connection
1315008431 Q * ghislain1 Quit: Leaving.
1315009164 J * davidquist 2e0ec06f@ircip4.mibbit.com
1315009268 M * davidquist Hi guys, i am getting an error like /usr/local/etc/vservers/.defaults/vdirbase/spwebmail01: Function not implemented
1315009301 M * davidquist uname -r => 3.0.4-vs2.3.1-pre10.1
1315009332 M * davidquist util => util-vserver-0.30.216-pre2986
1315009373 M * davidquist cat /etc/redhat-release => Scientific Linux release 6.1 (Carbon)
1315009385 M * davidquist any idea what went wrong?
1315009574 M * Bertl_oO sdoes the guest start?
1315009580 M * Bertl_oO *does
1315009595 M * davidquist i can not even build it ;)
1315009718 M * Bertl_oO could you upload 'vserver-info - SYSIFO' to a pastebin?
1315009722 N * Bertl_oO Bertl
1315009868 Q * vera Quit: Leaving
1315010003 M * davidquist give me a minute
1315010152 M * davidquist here it is: http://dev.quist.ch/vserver/vserver_issue.txt
1315010205 M * Bertl well, you should use dietlibc and I'm not sure your kernel is actually patched
1315010385 M * davidquist i did something like: cat ../patch-3.0.4-vs2.3.1-pre10.1.diff | patch -p1
1315010386 M * davidquist zp
1315010395 M * davidquist to patch the kernel
1315010443 M * Bertl well, rebuild the utils with dietlibc first, then we'll check again
1315010618 M * davidquist ok
1315010858 M * davidquist No package dietlibc available
1315010892 M * davidquist for me dietlibc appears to be depricated starting with RHEL 5.x
1315010894 M * Bertl well, strange distro, but you can always compile it from source or use a source package from a different distro
1315011464 N * nicholi Guest8394
1315011471 J * nicholi ~nicholi@108-89-98-36.lightspeed.irvnca.sbcglobal.net
1315011572 Q * Guest8394 Ping timeout: 480 seconds
1315011768 M * davidquist when compiling dietlibc i get something like: contrib/dnsd.c: In function ârecv6â:
1315011785 M * davidquist contrib/dnsd.c:235: warning: dereferencing type-punned pointer will break strict-aliasing rules
1315011801 M * Bertl well, it's a warning
1315011817 M * davidquist good
1315012714 M * davidquist i made in the meantime some further test
1315012750 M * Bertl okay?
1315012751 M * davidquist i can reproduce the same error on oel 6.1 using daniel's rpms from http://rpm.hozac.com/dhozac/rhel/6/vserver/x86_64
1315012769 M * Bertl kernel or util-vserver?
1315012905 M * davidquist see: http://dev.quist.ch/vserver/reproduce_issue.txt
1315012926 M * davidquist 0.30.216-1.pre2986
1315012967 M * Bertl yeah, as I suspected, it seems your kernel is not properly patched
1315012996 M * Bertl with that util-vserver, which is built with dietlibc, could you upload the vserver-info - SYSINFO?
1315013351 M * davidquist refresh http://dev.quist.ch/vserver/reproduce_issue.txt
1315013391 M * Bertl yeah, kernel doesn't seem to have the Linux-VServer API
1315013426 M * Bertl let's check with 'cat /proc/virtual/info'
1315013508 M * davidquist refresh
1315013576 M * Bertl okay, let's get back to how you patched the kernel
1315013588 M * Bertl i.e. where was the kernel source from?
1315013618 M * davidquist wait that kernel is from daniels repo
1315013623 M * davidquist ;)
1315013701 M * davidquist btw. while booting vserver i got an udevd error
1315013704 M * davidquist see: http://dev.quist.ch/vserver/udev-error.png
1315013714 M * davidquist http://dev.quist.ch/vserver/udev-error.png
1315013722 Q * ccxCZ Ping timeout: 480 seconds
1315013724 M * Bertl on the host?
1315013732 M * davidquist yes
1315013749 M * davidquist see http://dev.quist.ch/vserver/udev-error dot png
1315013759 M * Bertl you sure, looks more like the guest is outputing that
1315013793 M * davidquist why guest
1315013816 M * davidquist its the first message while system is booting
1315013869 M * davidquist right after boot menu selection
1315013970 M * davidquist shall i upload "make menuconfig" config file?
1315014203 M * Bertl no, but I somehow lost the overview of your kernels/tools and the actual issue
1315014227 M * Bertl first we had a 3.0.4 kernel, now you have a 2.6.32 kernel
1315014252 M * davidquist yes
1315014252 M * Bertl but both show no API for whatever reason
1315014312 M * Bertl now the funny part, the API info is in your /proc, but vserver-info doesn't see it
1315014397 M * davidquist shall i give you access to the systems?
1315014408 J * ccxCZ ~ccxCZ@193.209.forpsi.net
1315014475 M * Bertl nah, upload the output of 'strace -fF vserver-info - SYSINFO'
1315014513 M * Bertl stupid question, are you root?
1315014519 M * davidquist sure
1315014527 M * davidquist i am root
1315014531 M * Bertl okay
1315014846 M * Bertl please also upload the output of 'cat /proc/self/status'
1315014927 M * davidquist done
1315014933 M * davidquist refresh http://dev.quist.ch/vserver/reproduce_issue.txt
1315015208 M * Bertl well, that's interesting ... proc says that you have all capabilities, but the strace suggests that you are missing some
1315015293 M * davidquist in which timezone are you?
1315015306 M * davidquist i am getting pretty tired
1315015319 M * davidquist it is 0400 AM
1315015323 M * Bertl probably same timezone as you :)
1315015352 M * davidquist and you are not ready for bed?
1315015358 M * Bertl so maybe continue tomorrow then
1315015366 M * davidquist yup
1315015371 M * davidquist or today
1315015373 M * Bertl anyway, it looks to me like userspace is doing weird things
1315015389 M * davidquist thanks for the moment
1315015393 M * Bertl i.e. like dropping capabilities when executing util-vserver commands or so
1315015427 M * Bertl maybe some special pam or security system is interfering here
1315015517 M * Bertl have a good night then ... off to bed as well ...
1315015522 N * Bertl Bertl_zZ
1315015532 M * davidquist cat /selinux/enforce
1315015535 M * davidquist => 1
1315018455 Q * hparker Quit: Quit
1315024776 J * arekm ~arekm@ixion.pld-linux.org
1315024993 Q * arekm 
1315025179 J * arekm ~arekm@ixion.pld-linux.org
1315030138 J * hparker ~hparker@2001:470:1f0f:32c:beae:c5ff:fe01:b647
1315031278 Q * Aiken Quit: Leaving
1315034586 J * derjohn_mob ~aj@p4FFD25F8.dip.t-dialin.net
1315035531 J * sannes ~ace@cm-84.209.106.118.getinternet.no
1315036353 M * daniel_hozac yeah, SELinux will do that.
1315036365 M * daniel_hozac disable and reboot, and life will be great again.
1315036401 J * ghislain ~AQUEOS@adsl2.aqueos.com
1315036760 J * AndrewLee ~andrew@n201.enc.hlc.edu.tw
1315036769 Q * AndrewLee 
1315036775 J * AndrewLee ~andrew@n201.enc.hlc.edu.tw
1315036779 Q * AndrewLee 
1315036788 J * AndrewLee ~andrew@n201.enc.hlc.edu.tw
1315038476 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f
1315039963 J * bonbons ~bonbons@2001:960:7ab:0:b170:80:e6a6:beb4
1315040440 Q * fisted Ping timeout: 480 seconds
1315040498 J * fisted ~fisted@xdsl-87-78-212-192.netcologne.de
1315041018 Q * ghislain Quit: Leaving.
1315049470 N * Bertl_zZ Bertl
1315049475 M * Bertl morning folks!
1315049626 M * hijacker afternoon
1315049768 M * Bertl davidquist: yeah, please either configure selinux to play nice with Linux-VServer or disable it completely (IIRC, that's part of the FAQ)
1315050049 M * Bertl a quick check showed that it is listed on the fedora and centos installation isntructions, but not in the FAQ, so it would be nice to add an FAQ entry about 'function not implemented' and API/VCI showing ??? in vserver-info - SYSINFO in relation to selinux being misconfigured
1315054237 M * matti Morning Bertl 
1315054748 J * BilBU ~BilBU@2.109.141.88.rev.sfr.net
1315054940 Q * BilBU 
1315055020 Q * derjohn_mob Ping timeout: 480 seconds
1315058673 Q * guerby Ping timeout: 480 seconds
1315058875 J * derjohn_mob aj@88.128.77.233
1315059317 M * Bertl bbl
1315059320 N * Bertl Bertl_oO
1315059873 J * ghislain ~AQUEOS@adsl2.aqueos.com
1315060631 Q * ntrs resistance.oftc.net synthon.oftc.net
1315060631 Q * transacid resistance.oftc.net synthon.oftc.net
1315060631 Q * jrayhawk resistance.oftc.net synthon.oftc.net
1315060631 Q * FloodServ resistance.oftc.net synthon.oftc.net
1315061040 J * transacid ~transacid@transacid.de
1315061040 J * ntrs ~ntrs@vault08.rosehosting.com
1315061040 J * jrayhawk ~jrayhawk@nursie.omgwallhack.org
1315061060 Q * Aiken Remote host closed the connection
1315061760 T * ChanServ http://linux-vserver.org/ |stable 2.2.0.7, exp 2.3.0.36.38, grsec 2.3.0.36.28|util-vserver-0.30.216-pre2914| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute.
1315061760 J * FloodServ services@services.oftc.net
1315064485 J * FireEgl ~FireEgl@173-16-9-169.client.mchsi.com
1315065455 Q * fisted Read error: Connection reset by peer
1315065554 J * guerby ~guerby@nc10d.tetaneutral.net
1315065927 J * fisted ~fisted@xdsl-87-78-212-192.netcologne.de
1315068276 Q * FloodServ charon.oftc.net synthon.oftc.net
1315068673 T * ChanServ http://linux-vserver.org/ |stable 2.2.0.7, exp 2.3.0.36.38, grsec 2.3.0.36.28|util-vserver-0.30.216-pre2914| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute.
1315068673 J * FloodServ services@services.oftc.net
1315073387 Q * derjohn_mob Ping timeout: 480 seconds
1315077681 M * davidquist Hi Bertl. I agree on your recommendations about FAQs. I even knew it in the past, that it has to be disabled. What about adding a simple check into util-vserver? I am open to contribute. 
1315077701 J * manana ~mayday090@178.162.120.195
1315077845 M * Bertl_oO well, it's hard to check for a properly configure selinux
1315079038 M * davidquist ok, i thought that with some simple commands i should be possible
1315079538 M * Bertl_oO well, if you firgure something simple out, just send a patch to daniel
1315079543 M * Bertl_oO *figure
1315079874 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f
1315081119 M * davidquist ok
1315081291 M * davidquist well basically adding a preinstall check in daniel's rpm specs might help
1315081334 M * davidquist since i was getting errors already during package installation
1315081363 M * Bertl_oO well, that won't help if you suddenly decide to enable selinux
1315081411 M * Bertl_oO but putting that aside, with a security system like selinux, which requires a lot of detailed configuration to be effective, it's relly hard to tell when it is configured properly for Linux-VServer
1315081433 M * davidquist that's right, but in my case in would have helped
1315081438 M * Bertl_oO and selinux is not the only one present in mainline (although the one most distros use)
1315081489 M * Bertl_oO I'd say it's probably the best to disable selinux (and friends) in the prebuilt packages, but that's up to daniel
1315081596 M * davidquist i would rather mention some things which have to be fixed rather  than changing system configuration
1315081667 M * davidquist lets see what daniel thinks about it
1315082144 M * daniel_hozac how do you tell if it's enabled and properly configured vs just enabled?
1315082469 M * daniel_hozac (and distinguish that from other failures, like not running as root, and not patching your kernel)
1315082748 M * Bertl_oO a good solution might be to do some tests when the API check fails and simply report the results ... i.e. selinux ... enabled/disabled, proc contains /proc/self/vinfo, etc
1315082808 M * Bertl_oO in vserver-info - SYSINFO of course, not on every api check
1315082996 M * davidquist I do not agree with SYSINFO since i did not know it until yesterday
1315083022 M * Bertl_oO (uid, gid, capability set, and context capability would probably do)
1315083028 M * davidquist during the last weeks and moths i was mainly working with vserver command
1315083054 M * Bertl_oO davidquist: well, folks with misconfigurations of all kinds come here to ask, and SYSINFO is one of the first checks we do
1315083067 M * davidquist ok
1315083088 M * davidquist if you do not mind to answer thats fine for me
1315083133 M * Bertl_oO so it would have saved us all the debugging and testing, because my first question would have been something along the lines of "soo, you have seling enabled, did you configure it porperly as well?"
1315083173 M * Bertl_oO and your answer would have been something like "no, what do I need to configure" :)
1315083216 M * Bertl_oO and no I don't mind answering questions here, otherwise I wouldn't be here most of the time :)
1315083237 M * davidquist that's fine for me
1315083322 M * Bertl_oO so a patch to check for those things, if daniel_hozac agrees, would probably be the best solution for the future
1315083378 M * Bertl_oO anyway, kind of tired today and I missed my nap, so I'm off to bed early ... have fun
1315083394 N * Bertl_oO Bertl_zZ
1315083723 M * davidquist furthermore as you already recommended adding entry in FAQ with error message "/vservers: Function not implemented" might be good as well
1315083810 M * daniel_hozac meaning all of those things, yes...
1315084154 M * davidquist daniel i have a question which i would like to ask you
1315084190 M * davidquist bertl recommended me yesterday to use a recent kernel
1315084254 M * davidquist on the other hand i used yesterday you rhel 6.0 rpms which i think do not use a recent kernel
1315084277 M * daniel_hozac most recent RHEL 6.1 kernel.
1315084311 M * davidquist ok, then that's the answer
1315084317 M * daniel_hozac about a week and a half old.
1315084365 M * davidquist i was able to build centos5 guest with your rpms
1315084380 M * davidquist but not centos 6
1315084392 M * davidquist i only updated yum conf
1315084452 M * daniel_hozac i don't really want to encourage people to use CentOS anymore.
1315084476 M * davidquist me too
1315084486 M * daniel_hozac the 6 series was already not getting updates by the time they released it...
1315084504 M * davidquist what do you recommend instead
1315084519 M * daniel_hozac RHEL or SL.
1315084526 M * davidquist for the moment i think SL could be an option
1315084615 M * davidquist is there a plan that sl5 and sl6 will be included util-vserver-build package?
1315084657 M * davidquist yesterday i got on centos 6 an error like "chroot-sh: open("/etc/init.d/halt"): No such file or directory" at the end of the build process
1315084696 M * davidquist guest did not start
1315084707 M * daniel_hozac did you install initscripts?
1315084740 M * davidquist i did nothing
1315084750 M * davidquist i just noted
1315084788 M * davidquist that compared with centos 5 there are much less packages installed with coreutils
1315084860 M * daniel_hozac yes, you need initscripts in pkgs/03 as well.
1315084888 M * davidquist that's all?
1315084918 M * davidquist let me check
1315085072 Q * sannes Quit: Leaving.
1315085267 J * cuba33ci_ ~cuba33ci@111-240-164-242.dynamic.hinet.net
1315085467 M * davidquist build was better however there was another issue
1315085478 M * davidquist about context id
1315085546 M * davidquist let me restart from a virgin system
1315085558 M * davidquist in a couple of minutes i will know more
1315085617 Q * cuba33ci Ping timeout: 480 seconds
1315085626 N * cuba33ci_ cuba33ci
1315085966 Q * fisted Read error: Connection reset by peer
1315086173 J * fisted ~fisted@xdsl-87-78-210-37.netcologne.de
1315086379 Q * bonbons Quit: Leaving
1315086541 M * davidquist i still get the same error
1315086559 M * davidquist while trying to start centos6 guest
1315086561 M * davidquist vshelper.init: can not determine xid of vserver 'spwebmail01'; returned value was ''
1315087153 M * daniel_hozac is it strting any service?
1315087493 M * davidquist no but i just added rsyslog to pkgs/03
1315087498 M * davidquist let's see
1315087625 M * davidquist Starting system logger:                                    [  OK  ]
1315087631 M * davidquist (y)
1315087639 M * davidquist now it's better
1315087728 M * davidquist rhel 6.1 uses yum-3.2.29 but for this version i did not see a patch
1315087781 M * davidquist shall i rebuild yum based on 3.2.27?
1315088570 Q * FloodServ resistance.oftc.net synthon.oftc.net
1315088590 J * FloodServ services@services.oftc.net
1315089509 N * nicholi Guest8555
1315089516 J * nicholi ~nicholi@108-89-98-36.lightspeed.irvnca.sbcglobal.net
1315089618 Q * Guest8555 Ping timeout: 480 seconds
1315090015 J * Walex ~Walex@188-223-31-80.zone14.bethere.co.uk
1315090721 M * Aiken trying dual ipv4 ipv6 with a guest, it is normal for the host to use the guests ipv6 address or for outgoing connections instead of it's own ipv6 address?
1315091359 M * Walex Aiken: IIRC VServer does not really virtualize IP addresses, and the LInux networking has weird rules about which sources address gets autoselected when the app specifies '0.0.0.0'
1315091405 M * Walex Aiken: also note that 'VServer' does not have "guests" in the sense of a VM system, they are better called "containers" or "namespaces".
1315091571 M * Aiken so basically when the host makes an outgoing ipv6 connection I can not be sure what address will be used?
1315091648 J * orzel ~orzel@berlioz.ethernet.freehackers.org
1315091695 M * orzel hello. Inside a vserver, and only since today, I have an init script failing with "start-stop-daemon: failed to exec `/usr/olocal/web-ro/colibri/daemon/colibrid.py': Bad file descriptor"
1315091706 M * orzel i'm not sure this is vserver's fault, but i suspect it is
1315091721 M * orzel i can read/execute the script mentionned, outside of init.d
1315091728 M * orzel there's no hard disk problem according to dmesg
1315091773 M * orzel do you have an idea what to do to know some more about this issue ? I have 3 other  very similar scripts (just using other daemons), and they still work well
1315091789 M * orzel i tried stopping/restarting the vserver, but this does not solve the pb
1315093250 J * derjohn_mob aj@80.187.233.212
1315093313 M * Walex Aiken: that's indeed the situation with Linux in general. The source address is only guaranteed if the app binds to a specific one. If it is specific as '0.0.0.0' that is explicit permission to the kernel to put in whatever.