1321920195 J * derjohn_mob ~aj@d025186.adsl.hansenet.de 1321920773 J * BenG ~bengreen@cpc10-aztw24-2-0-cust114.aztw.cable.virginmedia.com 1321921062 Q * BenG 1321921194 Q * nkukard Ping timeout: 480 seconds 1321921261 J * nkukard ~nkukard@41-133-198-167.dsl.mweb.co.za 1321921508 J * chrissbx ~chrissbx@184.151.115.95 1321922364 Q * dowdle Remote host closed the connection 1321924293 M * Bertl off to bed now ... have a good one everyone! 1321924298 N * Bertl Bertl_zZ 1321924385 Q * chrissbx Quit: Leaving 1321926839 Q * geb Ping timeout: 480 seconds 1321928425 Q * fisted Ping timeout: 480 seconds 1321928535 J * fisted ~fisted@xdsl-87-78-214-100.netcologne.de 1321929990 Q * dlehr Ping timeout: 480 seconds 1321934320 Q * derjohn_mob Ping timeout: 480 seconds 1321934616 J * ichavero_ ~ichavero@189.155.228.182 1321935039 Q * imcsk8 Ping timeout: 480 seconds 1321936134 Q * ichavero_ Quit: This computer has gone to sleep 1321939485 J * dlehr ~dlehr@c-24-23-251-28.hsd1.ca.comcast.net 1321940038 Q * bergerx Quit: Leaving 1321940261 Q * dlehr Quit: dlehr 1321940471 J * dlehr ~dlehr@c-24-23-251-28.hsd1.ca.comcast.net 1321940491 Q * dlehr 1321943676 J * sannes ~ace@cm-84.209.106.118.getinternet.no 1321945191 J * derjohn_mob ~aj@d025186.adsl.hansenet.de 1321945857 Q * derjohn_mob Ping timeout: 480 seconds 1321946441 J * ncopa ~ncopa@3.203.202.84.customer.cdi.no 1321946804 J * dlehr ~dlehr@c-24-23-251-28.hsd1.ca.comcast.net 1321946898 Q * dlehr 1321947565 J * derjohn_foo ~aj@87.253.171.211 1321948262 J * ghislain ~AQUEOS@adsl2.aqueos.com 1321949685 J * dlehr ~dlehr@c-24-23-251-28.hsd1.ca.comcast.net 1321950207 Q * dlehr Quit: dlehr 1321951338 M * arekm + if (vs_check_bit(VXC_CAP_MASK, cap) && !vx_mcaps(1L << cap)) 1321951339 M * arekm + return true; 1321951354 M * arekm is now gone in current code in capability.c 1321951360 M * arekm not needed anymore? 1321951394 M * arekm or is this checked in other place/other way 1321951700 M * daniel_hozac it was never really used. 1321951862 M * arekm ok, will have to track the guy who made local change here (and why it was needed) - http://cvs.pld-linux.org/cgi-bin/viewvc.cgi/cvs/packages/kernel/kernel-grsec-common.patch?view=markup 1321952236 J * dlehr ~dlehr@c-24-23-251-28.hsd1.ca.comcast.net 1321953145 J * calvin 6329ae83@ircip4.mibbit.com 1321953161 M * calvin anybody know why tux3 never got released in '08? 1321953215 M * pmjdebruijn tux3 ? 1321953224 M * calvin tux3 filesystem 1321953232 M * calvin #tux3 1321953264 M * pmjdebruijn no clue 1321953269 M * pmjdebruijn is it sitll maintained? 1321953272 M * pmjdebruijn anyhow 1321953279 M * calvin no, but google it... tons of coverage 1321953300 M * calvin http://tux3.org/ 1321953659 M * daniel_hozac not really Linux-VServer related... 1321953751 Q * calvin Quit: http://www.mibbit.com ajax IRC Client 1321953978 M * pmjdebruijn right 1321955824 Q * dlehr Quit: dlehr 1321955893 J * BenG ~bengreen@cpc10-aztw24-2-0-cust114.aztw.cable.virginmedia.com 1321956539 M * arekm [ 66.239097] 1,1 100,100 1321956543 M * arekm hmm, some debugging leftover 1321956558 M * pmjdebruijn 6713 1321956562 M * pmjdebruijn sorry 1321956973 M * arekm + printk("%d,%d %d,%d\n", 1321956973 M * arekm + vx_check(task->xid, VS_IDENT), 1321956973 M * arekm + task_vx_flags(task, VXF_STATE_ADMIN, 0), 1321956973 M * arekm + current->xid, task->xid); 1321956976 M * arekm in ptrace.c? 1321957015 M * daniel_hozac yep 1321957015 M * daniel_hozac safe to remove. 1321957334 M * BenG Bertl_zZ, same issue of wrong subversion in the 3.0.9 patch: 1321957336 M * BenG -SUBLEVEL = 9 1321957336 M * BenG -EXTRAVERSION = 1321957336 M * BenG +SUBLEVEL = 7 1321957336 M * BenG +EXTRAVERSION = -vs2.3.2.1 1321959187 N * Bertl_zZ Bertl 1321959193 M * Bertl morning folks! 1321959207 M * Bertl BenG: hmm? which patch are you looking at? 1321959406 J * thierryp ~thierry@zankai.inria.fr 1321960035 M * ccxCZ just wondering - did anyone attempt to do hardened vetsion of linux-3.x vserver? 1321960079 M * Bertl where 'hardened' means? 1321960136 M * ccxCZ PAX or whole grsec 1321960162 M * Bertl ah, arekm is trying his luck there, IIRC 1321960182 M * ccxCZ good to hear that :-) 1321960268 M * ccxCZ I tried to apply just the pax patches last time I did new kernel, but the result was uncompilable 1321960691 J * gucki ~gucki@80-218-125-247.dclient.hispeed.ch 1321960696 M * gucki hi there :) 1321960701 M * gucki http://linux-vserver.org/Networking_vserver_guests 1321960710 M * gucki Packet counts may be useful to an attacker with control of a vServer guest who wishes to perform side-channel attacks during cryptanalysis, or network traffic analysis against your host or other vServer guests 1321960747 M * gucki I wonder how *only* paket counters might be usefull when the attacker can not capture any actual packets/data? :) 1321960751 M * arekm ccxCZ: on 3.0 that works, on 3.1 oopses - reason unknown yet 1321960809 M * gucki assuming the guest has no net_raw capabilites, there should be no way to capture any packets from other guest nor the host, right? :) 1321960890 M * ccxCZ arekm: can you tell me exact versions that create useable kernel for you? 1321961031 M * Bertl gucki: well, assuming that the 'attacker' has a _very_ restricted account on the host as well, in a chroot without /proc and similar, it might actually help to get that leaked information, but considering that both the packet counters and the connection information _is_ available to a _normal_ user I consider it paranoid :) 1321961181 M * gucki Bertl: ah ok, so he needs another account to do anything useful with it. if he only has access to the guest, he wont be able to do anything useful with it (other than seeing the amount of data is transfered..) 1321961247 M * Bertl that's what I'd assume, but best contact the author of this section if you're really interested in this possibiliy ... 1321961381 M * arekm ccxCZ: http://cvs.pld-linux.org/cgi-bin/viewvc.cgi/cvs/packages/kernel/?pathrev=LINUX_3_0 1321961436 M * arekm ccxCZ: kernel-vserver-2.3.patch, kernel-grsec_full.patch are the most interesting patches, vserver needs to be applied first 1321961472 M * BenG BenG: hmm? which patch are you looking at? 1321961486 M * BenG patch-3.0.9-vs2.3.2.1.diff 1321961526 M * Bertl url please 1321961637 M * BenG http://vserver.13thfloor.at/Experimental/patch-3.0.9-vs2.3.2.1.diff 1321961659 M * BenG ah, okay, it's fixed at that URL now 1321961664 M * BenG sorry to bother you 1321961677 M * Bertl np, it was updated in place 4 days ago 1321961701 M * Bertl what I wonder is, how you ended up with the old version today 1321961730 M * BenG well I ran my compile scripts about 5 days ago, and they handle the downloads 1321961772 M * Bertl ah, okay, that explains, please update 1321961777 M * BenG I'd been wondering why my packages came out at 3.0.7 until I saw the IRC log 1321961792 M * BenG I've fixed manually since then 1321961801 M * BenG are there other changes in the newer patch? 1321961840 M * Bertl nope, it was actually a bug in my kernel/patch prepare scripts, which didn't understand 3.x 1321961881 M * BenG in that case, new packages to upload in a minute for the repo 1321961895 M * Bertl so no functional change, just a correction of the version as it was obviously wrong 1321961923 M * arekm Bertl: please drop that debug printk from ptrace.c, thanks 1321961941 M * Bertl already done in my tree 1321961949 M * Bertl btw, it's all on the ML :) 1321961980 M * arekm not even subscribed :/ maybe I should 1321962027 M * Bertl maybe ... no problem to ask the same questions here again though 1321962081 M * Bertl personally I prefer IRC over ML, but obviously a lot of folks prefer the ML, which is fine with me 1321962134 M * ccxCZ so if I get 3.0.9 kernel and patch it with the patch-3.0.9-vs2.3.2.1.diff and then the kernel-grsec_full.patch it should work? btw did you get fuse/aufs to work with vserver? 1321962184 M * Bertl we didn't spend any further time with fuse/aufs as there seems to be no active user 1321962258 M * ccxCZ ok. not really using it now and there is fuse variant in case I wanted to experiment 1321964071 M * ccxCZ I get three rejects with this configuration: arch/x86/kernel/process.c arch/x86/kernel/dumpstack.c and drivers/gpu/drm/nouveau/nouveau_fence.c 1321964953 M * Bertl off for now .. bbl 1321964957 N * Bertl Bertl_oO 1321964965 Q * BenG Quit: I Leave 1321965271 M * ccxCZ merged it manually, but I doubt it'll work 1321965286 M * ccxCZ arekm: did the patch apply cleanly to you? 1321965354 J * geb ~geb@mars.gebura.eu.org 1321966744 M * arekm ccxCZ: raw from upstream - no, needed modifications and the modified one is at cvs.pld- 1321966758 M * arekm ccxCZ: http://buildlogs.pld-linux.org/index.php?dist=th&arch=x86_64&ok=1&ns=&cnt=50&off=0&name=kernel&id=7e288e0e-efe0-4758-81b9-58ac25768e3d 1321966880 M * ccxCZ it compiled. how do you guys go quick testing a kernel, do you have a script to build a bootable image for kvm or something? 1321966896 M * daniel_hozac boot kvm with -kernel 1321966911 M * daniel_hozac (and don't use modules) 1321967000 M * ccxCZ nah, din't compile, -j2 confused me 1321967028 M * ccxCZ http://paste.pocoo.org/show/511361/ 1321967117 M * ccxCZ arekm: I took the kernel-grsec_full.patch from that cvs 1321967139 M * ccxCZ more specificaly I used http://cvs.pld-linux.org/cgi-bin/viewvc.cgi/cvs/packages/kernel/kernel-grsec_full.patch?view=co&pathrev=LINUX_3_0 1321967149 M * ccxCZ is that not the correct one? 1321967207 M * ccxCZ or do I need the -caps -common and _fixes over it? I assumed it has them budled hence the _full 1321967631 M * arekm ccxCZ: it's correct one. see that buildlog for in what order patches are aplied 1321968036 M * ccxCZ arekm: you have apparmor working with all that? I was wondering if there was some RBAC to further restrict some parts 1321968183 M * daniel_hozac you're patching in grsec, but want to use something else's RBAC? 1321968240 M * ccxCZ heard that grsec's rbac does not play so well with vservers, haven't tried myself 1321968254 M * arekm ccxCZ: I'm using apparmor on this kernel on some machines but I don't use grsec rbac or vservers on these 1321968261 M * arekm ccxCZ: still have one kernel for "everything" 1321968314 M * arekm one most commonly used grsec feature is hidding taks from other users :) rarely people use grsec rbac here 1321968443 M * ccxCZ I want to restrict php_cgi and other webapps as much as possible, so far I went just with ulimit 1321969022 M * ccxCZ arekm: can I checkout the cvs somehow? 1321970385 Q * Aiken Remote host closed the connection 1321970463 M * arekm ccxCZ: -d:pserver:cvs@cvs.pld-linux.org:/cvsroot/packages/kernel/ afaik 1321970737 A * ccxCZ hasn't used cvs in ages 1321971104 M * ccxCZ hopefully I checked out the correct tag, I'll try patching and compiling 1321971987 M * ccxCZ arekm: I see 3.0.10 in the log, so it's not against 3.0.9? also there's Patch #0 followed by Patch #4 1321972684 J * imcsk8 ~ichavero@201.144.130.30 1321972915 Q * fisted Read error: Connection reset by peer 1321973352 Q * imcsk8 Quit: This computer has gone to sleep 1321973396 J * fisted ~fisted@xdsl-87-78-215-247.netcologne.de 1321974714 J * imcsk8 ~ichavero@201.144.130.30 1321975160 Q * thierryp Remote host closed the connection 1321976237 Q * ncopa Quit: Leaving 1321976380 J * ncopa ~ncopa@3.203.202.84.customer.cdi.no 1321976447 M * gucki I got another question :) 1321976450 Q * imcsk8 Quit: This computer has gone to sleep 1321976467 M * gucki Do I need to setup anything special so that /proc/virtual/xxx/cacct actually shows correct numbers? :) 1321976541 M * daniel_hozac no 1321976713 M * gucki daniel_hozac: sorry, i blame myself. 1321976722 M * gucki daniel_hozac: i was in the wrong container when looking at the stats ;) 1321977393 J * dowdle ~dowdle@scott.coe.montana.edu 1321977699 Q * dowdle Remote host closed the connection 1321977952 Q * ncopa Quit: Leaving 1321977959 J * dowdle ~dowdle@scott.coe.montana.edu 1321979491 J * chrissbx ~chrissbx@69-196-180-202.dsl.teksavvy.com 1321979542 M * chrissbx Hello. I'm having a new problem with my quest for a cross-vserver Xorg setup: 1321979601 M * chrissbx X runs in vserver "x", and I'm bind mounting /tmp/.X11-unix/X0 into another vserver ("t3"). 1321979658 M * chrissbx I've also confirmed with strace that x clients (at least "xmessage"), when failing with opening that path as an abstract socket (and it does fail, i.e. confirms that separation between vservers works for abstract sockets), 1321979690 M * chrissbx it tries again to connect to the path as non-abstract socket, which succeeds. 1321979770 M * chrissbx But it then fails in the authentication: I just copied over the .Xauthority file. And also tried with a file generated with "xauth -f file generate :0 ." which will give this with "xauth list -f file": A/unix:0 MIT-MAGIC-COOKIE-1 .... 1321979783 M * chrissbx (and DISPLAY=:0) 1321979812 M * chrissbx But the client always returns with: No protocol specified \n Error: Can't open display: :0 1321979841 M * chrissbx s/A/x/ in A/unix above 1321979864 M * chrissbx Now I suspect that here might lie the problem; except that "hostname x" inside t3 doesn't solve it either. 1321979875 M * gucki daniel_hozac: mh, where can i get loadavg, sys time and usr time from the /proc/virtual/... ?:) 1321979919 M * chrissbx I've asked on #xorg without getting an answer, and googled around for a detailed (not the standard shallow) explanations of the xauth mechanism, so that I would find a solution, to no avail. 1321979935 M * chrissbx Any ideas? 1321980012 M * Bertl_oO sure that your xorg is listening at all? 1321980070 M * Bertl_oO run xhost + in the xorg init script, to allow connections from every host regardless of xauth and see if that works 1321980100 M * Bertl_oO if not, chances are good your X is restricted, e.g. only listens to 127.0.0.1 or unix sockets 1321980157 M * Bertl_oO also, do not 'just' copy xauth files, export the magic cookie with xauth and import it on the client 1321980179 M * chrissbx Well I *do* connect to the unix socket, so that shouldn't be it. Hm export import is an idea. 1321980211 M * Bertl_oO note that unix sockets do not cross namespaces 1321980227 M * Bertl_oO so you won't be able to use that across guests without disabling the namespace 1321980255 M * chrissbx I use bind mount and have the socket on the root fs, so it *is* visible in t3 and the connect succeeds. 1321980339 M * gucki or maybe anyone else knows? :-) 1321980874 M * chrissbx Wow, with ssh x "xauth list" -> key=thehexkey -> ssh t3 "xauth add :0 MIT-MAGIC-COOKIE-1 $key" it *works* 1321980878 M * chrissbx Thanks Bertl! 1321980920 M * chrissbx Now on to the likely issues with X shm extension and whatever else.. 1321980929 M * chrissbx :) 1321981839 J * bonbons ~bonbons@2001:960:7ab:0:e484:1872:ea89:4069 1321982548 M * chrissbx Yep, shm is an issue for mplayer even if I'm trying to avoid its xv and x11 output drivers; I guess even using DRI or whatever requires shm somewhere (maybe temporarily). 1321982579 M * chrissbx Any way to map select shm segments visible? 1321982664 J * BenG ~bengreen@cpc10-aztw24-2-0-cust114.aztw.cable.virginmedia.com 1321982714 M * arekm ccxCZ: it's for 3.0.10 1321982728 M * arekm ccxCZ: and patches aren't numbered one by one 1321982738 M * chrissbx (Maybe I should ask on the mplayer channel what's needed exactly. Since I want to watch video, I need something. Framebuffer driver works, but that's just ugly (draws all over the X screen without consideration for windows etc.) and doesn't even do vertical synchronization.) 1321982773 M * Bertl_oO chrissbx: only way to 'share' shm is to share the corresponding space 1321982807 M * arekm ccxCZ: 3.0.9 is on different auto-th... tag 1321982893 M * BenG someone has just asked about a vulnerability with 3.0.9 1321982899 M * BenG anyone any idea on this? 1321982905 M * BenG (on the mailing list that is) 1321982927 M * Bertl_oO chrissbx: -vo x11 should be fine, that shouldn't use anything 'evil', but I'd go for something like gl2 which should work fine if xorg supports it 1321983104 J * qwerty1_ ~werty@19NAAE6QK.tor-irc.dnsbl.oftc.net 1321983243 Q * qwerty1 Ping timeout: 480 seconds 1321983455 M * BenG anyone know if the latest patch working on 3.0.10? 1321983461 M * BenG going to give it a go in a bit 1321983523 Q * derjohn_foo Ping timeout: 480 seconds 1321983547 M * ccxCZ arekm: patched cleanly against 3.0.10, dunno if it compiled well as I'm not at my work machine, but it looked that the compilation was going fine 1321983550 M * ccxCZ thanks 1321983570 M * BenG cheers ccxCZ 1321983621 M * arekm Bertl_oO: are you aware of any issue where openvpn stops seeing tun/tap interfaces in guests on 3.x kernels while that works on earlier 2.6.x kernels? (aka possibly some bug in vserver patch) 1321983643 M * arekm Bertl_oO: someone mentioned such problem and I don't have more info yet 1321983765 M * Bertl_oO no, first time that I hear it 1321983791 M * daniel_hozac probably someone not setting it up right... 1321983826 M * Bertl_oO well, that's not unusual with openvpn :) 1321983837 M * daniel_hozac yeah. 1321983928 M * arekm possible, the thing is he only updated kernel and things stopped working 1321984365 M * daniel_hozac well, updating the kernel means you reboot ;) 1321984625 Q * gucki Remote host closed the connection 1321984764 M * arekm but also means that you reboot back to working kernel and suprise... things start working again 1321985651 J * imcsk8 ~ichavero@148.229.1.11 1321986149 Q * Radiance Ping timeout: 480 seconds 1321986171 J * arosen ~arosen@108-210-49-123.lightspeed.chtnsc.sbcglobal.net 1321986193 M * arosen Hello, I'm seeing some weird TCP issues now that I'm running a vserver kernel. 1321986199 Q * imcsk8 Ping timeout: 480 seconds 1321986229 M * arosen Before this host was running ubuntu and TCP between two end hosts could grow to 30Mb/sec now after switching to vserver it's only able to achieve 1Mb/sec. 1321986249 M * arosen This machine has the same tcp settings and congestion control settings as another machine on the lan who can get 30Mb/sec 1321986294 M * arosen The weird thing is this machine can achieve 1gbps between two hosts on the same lan were the rtt is very low. 1321986305 M * arosen So I'm not sure what could be causing this issue. 1321986309 M * arosen Anyone see anything like this before? 1321986529 M * chrissbx Bertl_oO: -vo x11 is exactly one of the many which give these errors: 1321986533 M * chrissbx X11 error: BadAccess (attempt to access private resource denied) 1321986540 M * chrissbx X11 error: BadShmSeg (invalid shared segment parameter) 1321986565 M * chrissbx -vo gl2 simply says: Error opening/initializing the selected video_out (-vo) device. 1321986587 M * chrissbx going to ask on #mplayer now for the latter. 1321986674 M * chrissbx Also, not sure what you've meant with "share the corresponding space": filesystem space? Is X using /dev/shm/* or are sysvipc now handled as virtual files? 1321986719 A * chrissbx checking if he can find some evidence of a shm segment when running mplayer in the same vserver 1321987216 M * Bertl_oO arosen: sounds strange, what kernel/patch are we talking about? 1321987267 M * arosen Bertl_oO: it's a planetlab image :/ 2.6.32-11.planetlab.i686 1321987301 M * Bertl_oO well, then it's probably best to contact planetlab about it 1321987319 M * Bertl_oO unless you can recreate the issue with mainline Linux-VServer 1321987322 M * daniel_hozac the planetlab kernel has all sorts of extra patches for that stuff. 1321987627 J * imcsk8 ~ichavero@148.229.1.11 1321988467 J * dlehr ~dlehr@c-24-23-251-28.hsd1.ca.comcast.net 1321990688 J * thierryp ~thierry@home.parmentelat.net 1321991328 J * ichavero_ ~ichavero@148.229.1.11 1321991995 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f 1321992110 Q * ichavero_ Ping timeout: 480 seconds 1321992132 Q * thierryp Remote host closed the connection 1321992182 J * ichavero_ ~ichavero@148.229.1.11 1321992817 Q * dlehr Quit: dlehr 1321993504 Q * Aiken reticulum.oftc.net resistance.oftc.net 1321993504 Q * chrissbx reticulum.oftc.net resistance.oftc.net 1321993504 Q * dowdle reticulum.oftc.net resistance.oftc.net 1321993504 Q * dkg reticulum.oftc.net resistance.oftc.net 1321993504 Q * MooingLe1ur reticulum.oftc.net resistance.oftc.net 1321993504 Q * tolkor reticulum.oftc.net resistance.oftc.net 1321993504 Q * DreamerC reticulum.oftc.net resistance.oftc.net 1321993504 Q * ntrs reticulum.oftc.net resistance.oftc.net 1321993504 Q * fisted reticulum.oftc.net resistance.oftc.net 1321993504 Q * nkukard reticulum.oftc.net resistance.oftc.net 1321993504 Q * cuba33ci reticulum.oftc.net resistance.oftc.net 1321993504 Q * geos_one reticulum.oftc.net resistance.oftc.net 1321993504 Q * click reticulum.oftc.net resistance.oftc.net 1321993504 Q * jrklein reticulum.oftc.net resistance.oftc.net 1321993504 Q * thal reticulum.oftc.net resistance.oftc.net 1321993504 Q * FIChTe reticulum.oftc.net resistance.oftc.net 1321993504 Q * puck reticulum.oftc.net resistance.oftc.net 1321993504 Q * FloodServ reticulum.oftc.net resistance.oftc.net 1321993504 Q * arosen reticulum.oftc.net resistance.oftc.net 1321993504 Q * PowerKe reticulum.oftc.net resistance.oftc.net 1321993504 Q * Guest15983 reticulum.oftc.net resistance.oftc.net 1321993504 Q * jrayhawk reticulum.oftc.net resistance.oftc.net 1321993504 Q * quasisane reticulum.oftc.net resistance.oftc.net 1321993504 Q * ccxCZ reticulum.oftc.net resistance.oftc.net 1321993504 Q * ser reticulum.oftc.net resistance.oftc.net 1321993504 Q * ichavero_ reticulum.oftc.net resistance.oftc.net 1321993504 Q * imcsk8 reticulum.oftc.net resistance.oftc.net 1321993504 Q * qwerty1_ reticulum.oftc.net resistance.oftc.net 1321993504 Q * ghislain reticulum.oftc.net resistance.oftc.net 1321993504 Q * FireEgl reticulum.oftc.net resistance.oftc.net 1321993504 Q * brc reticulum.oftc.net resistance.oftc.net 1321993504 Q * micah reticulum.oftc.net resistance.oftc.net 1321993504 Q * disposable reticulum.oftc.net resistance.oftc.net 1321993520 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f 1321993520 J * chrissbx ~chrissbx@69-196-180-202.dsl.teksavvy.com 1321993520 J * dowdle ~dowdle@scott.coe.montana.edu 1321993520 J * fisted ~fisted@xdsl-87-78-215-247.netcologne.de 1321993520 J * nkukard ~nkukard@41-133-198-167.dsl.mweb.co.za 1321993520 J * cuba33ci ~cuba33ci@114-36-234-121.dynamic.hinet.net 1321993520 J * geos_one ~chatzilla@chello080109195117.4.graz.surfer.at 1321993520 J * dkg ~dkg@lair.fifthhorseman.net 1321993520 J * click click@ice.vcon.no 1321993520 J * jrklein ~osx@2001:470:1f0f:572::250:160 1321993520 J * MooingLe1ur ~troy@ipv4.pinchaser.com 1321993520 J * thal ~thalunil@walledcity.de 1321993520 J * tolkor ~rj@tdream.lly.earlham.edu 1321993520 J * FIChTe ~fichte@bashpipe.de 1321993520 J * puck ~puck@leibniz.catalyst.net.nz 1321993520 J * DreamerC ~DreamerC@122-116-181-118.HINET-IP.hinet.net 1321993520 J * ntrs ~ntrs@vault08.rosehosting.com 1321993520 J * FloodServ services@services.oftc.net 1321993545 J * ichavero_ ~ichavero@148.229.1.11 1321993545 J * imcsk8 ~ichavero@148.229.1.11 1321993545 J * arosen ~arosen@108-210-49-123.lightspeed.chtnsc.sbcglobal.net 1321993545 J * qwerty1_ ~werty@19NAAE6QK.tor-irc.dnsbl.oftc.net 1321993545 J * ghislain ~AQUEOS@adsl2.aqueos.com 1321993545 J * PowerKe ~tom@94-226-105-186.access.telenet.be 1321993545 J * brc ~bruce@72.20.27.65 1321993545 J * Guest15983 ~transacid@transacid.de 1321993545 J * jrayhawk ~jrayhawk@nursie.omgwallhack.org 1321993545 J * quasisane ~sanep@c-24-218-184-186.hsd1.nh.comcast.net 1321993545 J * ccxCZ ~ccxCZ@new.webprojekty.cz 1321993545 J * micah ~micah@micah.riseup.net 1321993545 J * ser ~ser@host1.tldp.ibiblio.org 1321993545 J * disposable disposable@shell2.vps.websupport.sk 1321994115 J * FireEgl FireEgl@2001:470:e056:1:d9ef:fde8:c400:25ab 1321995411 Q * sannes Remote host closed the connection 1321996409 J * dlehr ~dlehr@63.81.0.20 1321996984 M * dlehr Is there much interest in getting vservers running inside of EC2? I've managed to make it happen, but one of the tests under testme.sh is failing. 1321997386 M * Bertl_oO EC2? 1321997403 M * dlehr Amazon's virtualization service 1321997452 M * Bertl_oO and what's behind that? 1321997474 M * dlehr xen or kvm, can't recall offhand. 1321997494 M * Bertl_oO well, then it should work out of the box 1321997520 M * dlehr Could be that i've just been looking in the wrong places for documentation then. Hmm. 1321997543 M * Bertl_oO what guest kernel/patch did you try/use? 1321997692 M * dlehr I took the official ubuntu 10.04 EC2 image, merged the patch-2.6.32.48-vs2.3.0.36.29.8 patch 1321997743 M * dlehr it wasn't 100% match, and to be perfectly honest it was a lot of blind "let's see if this works" without understanding what's going on. Interested in seeing if it even got close to functional before chasing down if it was right. 1321997845 M * Bertl_oO well, I test all Linux-VServer kernels under kvm, so it should definitely work if done properly 1321997846 M * daniel_hozac would likely be a lot easier to just build your own vanilla 3.1.. 1321997886 M * dlehr I'm attempting to match versions as closely as possible with what my company's using in production…leading to a few restrictions. 1321997919 Q * ghislain Quit: Leaving. 1321998115 M * dlehr Okay, looks like EC2 is on xen. Even so, your docs say things should work out. Looks like i need to do more digging into what might be unique to the EC2 kernels. 1321998473 M * chrissbx Where has the ipv4root field of /proc/self/status gone? 1321998655 Q * bonbons Quit: Leaving 1321998753 M * Bertl_oO chrissbx: hmm? 1321998884 M * Bertl_oO dlehr: yeah, xen domU should be fine, dom0 might require some adjustments 1321999041 Q * arosen Remote host closed the connection 1321999203 M * chrissbx Bertl_oO: I've got a script that parses status for ipv4root to find the IP to use for inter-vserver communication 1321999225 M * chrissbx It doesn't work anymore because there's no such field anymore. So is there a new way to find what IP is bound by default? 1321999225 M * daniel_hozac (although i'm not sure whether anyone actually uses the domU support, so it might not be 100%) 1321999244 M * daniel_hozac getsockname(2)? 1321999272 M * chrissbx Was this^ for me? 1321999286 M * daniel_hozac yes 1321999312 M * chrissbx So do you suggest to create/open a random socket then see which IP it uses? 1321999330 M * daniel_hozac you are using it to do communication no? 1321999339 M * chrissbx Yes but I'm using bash plus netcat. 1321999357 M * daniel_hozac i fail to see why you need the IP at all. 1321999394 M * chrissbx Actually it's a perl library that finds the IP, so I could actually open a socket. 1321999410 M * dlehr As i understand all this, with EC2 we're given access only to domU. 1321999482 M * chrissbx I'm using this library always when I need to find the "publicly reachable IP of the machine this program is running on" 1321999515 M * chrissbx Which generally is useful to give this information to the user / through other channels. 1321999551 M * chrissbx For example I've got a script "netoffer" which takes paths as arguments and prints a command that can copypasted into another session on another vserver or machine, and then fetches these files over. 1321999571 M * chrissbx For this it's useful to figure out the publicly reachable IP automatically. 1321999618 M * daniel_hozac or use `hostname`... 1321999635 M * chrissbx Those aren't usually configured everywhere. 1321999639 J * hparker ~hparker@2001:470:1f0f:32c:beae:c5ff:fe01:b647 1321999678 M * chrissbx I mean: I don't have my vservers in my DNS (actually I don't have any dns server in my current setup), and putting all vservers in each other's hosts files is a bit of a pain. 1321999782 M * daniel_hozac seems like a good use of 5 minutes :) 1321999812 M * chrissbx And update all of them each time I create a new vserver? 1321999838 M * chrissbx Or, the dns server? 1321999848 M * daniel_hozac no, install a DNS server guest, and update that from your guest creating script. or a .defaults/scripts/pre-start. 1321999868 M * chrissbx Well anyway, this would be the first time I'd actually need the vservers in dns. 1321999999 A * chrissbx takes break 1322000758 Q * BenG Quit: I Leave 1322002838 J * BenG ~bengreen@cpc10-aztw24-2-0-cust114.aztw.cable.virginmedia.com 1322003032 Q * fisted Remote host closed the connection 1322003371 J * nicholi ~nicholi@rrcs-76-79-196-34.west.biz.rr.com 1322003572 M * BenG anyone using 3.0 kernel and getting dmesg output like this: 1322003578 M * BenG [ 217.294445] 1,0 0,0 1322003598 M * Bertl_oO apply patch from ML 1322003707 M * BenG ah 1322003727 M * BenG which thread is that Bertl_oO ? 1322003808 J * derjohn_mob ~aj@88.128.55.235 1322003829 M * Bertl_oO the one about removing the debug info 1322003874 M * BenG patch-3.0.9-vs2.3.2.1-remove-debug-printk.diff 1322003883 M * BenG cool cheers 1322004208 M * Bertl_oO you're welcome! 1322004968 M * BenG that's compiling away now 1322004976 Q * Aiken Remote host closed the connection 1322006112 J * fisted ~fisted@xdsl-87-78-215-247.netcologne.de