1325635457 Q * dowdle 1325636890 J * clopez ~clopez@238.10.117.91.dynamic.mundo-r.com 1325638824 Q * FireEgl Quit: Leaving... 1325639958 Q * clopez Ping timeout: 480 seconds 1325640931 Q * ghislain Quit: Leaving. 1325641104 J * click click@ice.vcon.no 1325652364 J * ser ~ser@host1.tldp.ibiblio.org 1325652491 M * ser OMG I am back! My provider backbone has lost connectivity to almost all OFTC servers for two weeks! 1325652541 M * ser I have just realised there is one OFTC server on a working network. 1325652691 M * Bertl_oO congrats! 1325655546 J * sannes ~ace@cm-84.209.106.118.getinternet.no 1325656464 J * FireEgl FireEgl@2001:470:e056:1:b9cb:f261:e8c4:4539 1325659135 M * Bertl_oO off to bed now .. have a good one everyone! 1325659140 N * Bertl_oO Bertl_zZ 1325660030 J * Pogs241 ~user@cpe-71-72-126-188.insight.res.rr.com 1325660039 M * Pogs241 Hey 1325660087 M * Pogs241 any way to virtualize the network interface with vserver 1325660361 Q * fisted Read error: Connection reset by peer 1325660446 J * fisted ~fisted@xdsl-87-78-219-86.netcologne.de 1325660813 J * Hollow ~Hollow@91-66-255-107-dynip.superkabel.de 1325660830 N * Hollow Guest22614 1325660830 Q * Guest22614 Read error: Connection reset by peer 1325660830 J * Hollow ~Hollow@91-66-255-107-dynip.superkabel.de 1325661765 J * ghislain ~AQUEOS@adsl2.aqueos.com 1325662656 M * ncopa linux-3.0.15 is out 1325663017 M * arekm and is totally not interesting because contains only one line fix 1325663095 Q * sladen Read error: Connection reset by peer 1325663102 J * sladen ~paul@starsky.19inch.net 1325665331 Q * LuckyLuke Remote host closed the connection 1325665363 J * LuckyLuke ~luca@host65-83-static.228-95-b.business.telecomitalia.it 1325665376 J * Marbug ~Marbug@83.101.67.3 1325665786 Q * LuckyLuke Remote host closed the connection 1325665923 Q * Hunger Quit: _._ 1325666059 J * LuckyLuke ~luca@host65-83-static.228-95-b.business.telecomitalia.it 1325666933 Q * LuckyLuke Remote host closed the connection 1325666965 J * LuckyLuke ~luca@host65-83-static.228-95-b.business.telecomitalia.it 1325667363 Q * ensc|w Remote host closed the connection 1325667373 J * ensc|w ~ensc@www.sigma-chemnitz.de 1325667452 J * Hunger hunger@proactivesec.com 1325667926 Q * geos_one Ping timeout: 480 seconds 1325668072 J * geos_one ~chatzilla@chello080109195117.4.graz.surfer.at 1325668708 J * petzsch ~markus@dslb-092-078-233-184.pools.arcor-ip.net 1325670908 Q * sannes Ping timeout: 480 seconds 1325671714 Q * Marbug Ping timeout: 480 seconds 1325672501 M * Mr_Smoke Pogs241: I use an iptables accounting rule on the host 1325672537 M * Pogs241 Mr_Smoke: ah 1325672553 M * Mr_Smoke It's quite easy, munin has a plugin for it, for example 1325672557 M * Mr_Smoke collectd too I believe 1325672702 Q * petzsch Quit: Leaving. 1325672866 Q * fisted Ping timeout: 480 seconds 1325673098 Q * Hunger Ping timeout: 480 seconds 1325673356 J * Hunger hunger@proactivesec.com 1325673639 J * fisted ~fisted@xdsl-87-78-219-86.netcologne.de 1325673984 Q * MooingLemur Remote host closed the connection 1325673987 J * MooingLemur ~troy@ipv4.pinchaser.com 1325674417 J * gucki ~gucki@80-218-125-247.dclient.hispeed.ch 1325676499 J * clopez ~clopez@238.10.117.91.dynamic.mundo-r.com 1325677029 J * kshannon ~kris@122.252.14.166 1325677690 J * BenG ~bengreen@cpc10-aztw24-2-0-cust114.aztw.cable.virginmedia.com 1325678583 Q * clopez Ping timeout: 480 seconds 1325678629 M * renihs out of curiousity, i have 6 identical vservers, however the VSZ of them is kinda odd, in order: 153, 76, 153, 76, 153, 76 respectivly 1325678642 M * renihs feels very homogenous, but dont really understand why 1325679954 J * clopez ~clopez@238.10.117.91.dynamic.mundo-r.com 1325680150 J * petzsch ~markus@dslb-092-078-233-184.pools.arcor-ip.net 1325680808 Q * Aiken Remote host closed the connection 1325680875 Q * fisted Read error: Connection reset by peer 1325681031 Q * BenG Quit: I Leave 1325681115 J * fisted ~fisted@xdsl-87-78-219-86.netcologne.de 1325681326 Q * fback Ping timeout: 480 seconds 1325683049 J * fback fback@red.fback.net 1325690404 N * ensc Guest22647 1325690414 J * ensc ~irc-ensc@p54ADF1AF.dip.t-dialin.net 1325690881 Q * Guest22647 Ping timeout: 480 seconds 1325693151 N * Bertl_zZ Bertl 1325693165 M * Bertl morning folks! 1325694696 J * dowdle ~dowdle@scott.coe.montana.edu 1325697111 J * bonbons ~bonbons@2001:960:7ab:0:2049:7d97:97a4:e0c2 1325698591 Q * mrjack 1325698867 Q * gucki Remote host closed the connection 1325700058 J * sannes ~ace@cm-84.209.106.118.getinternet.no 1325700213 M * Bertl renihs: kernel/patch/util-vserver version? 1325700303 M * Bertl Pogs241: if you want a 'virtual' nic you need to use network namespaces or a full machine virtualization, but usually there is no need for that unless you do some kind of lowlevel network testing or similar 1325701488 J * Marbug ~Marbug@83.101.67.3 1325704369 Q * fisted Read error: Connection reset by peer 1325704423 J * fisted ~fisted@xdsl-87-78-216-239.netcologne.de 1325704668 M * Bertl off for now ... bbl 1325704673 N * Bertl Bertl_oO 1325706544 J * gucki ~gucki@84-72-9-188.dclient.hispeed.ch 1325706912 J * gucki_ ~gucki@84-72-9-188.dclient.hispeed.ch 1325706912 Q * gucki Read error: Connection reset by peer 1325707315 Q * gucki_ Remote host closed the connection 1325707331 J * gucki ~gucki@84-72-9-188.dclient.hispeed.ch 1325707804 J * gucki_ ~gucki@84-72-9-188.dclient.hispeed.ch 1325707923 Q * gucki Ping timeout: 480 seconds 1325708597 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f 1325709813 Q * wurtel__ Ping timeout: 480 seconds 1325710061 Q * Hunger Ping timeout: 480 seconds 1325714454 Q * padde Quit: leaving 1325714465 J * padde ~padde@patrick-nagel.net 1325714882 Q * petzsch Quit: Leaving. 1325714891 J * petzsch ~markus@dslb-092-078-233-184.pools.arcor-ip.net 1325714937 Q * Aiken Remote host closed the connection 1325714968 Q * petzsch 1325715173 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f 1325715219 M * ghislain daniel_hozac: hi daniel, i tried to build a vserver in a mounted hierachy of dir but it refused, had to use force and it renamed the dir ignoring my setup. So it is still impossible to build a vserver in a mounted dit :( 1325715354 M * daniel_hozac what error did you get? 1325715359 M * daniel_hozac do you have a --debug run? 1325715418 M * ghislain the setup is: /vservers is a global dir for hashification, /vservers/guest01 is a normal dir, /vservers/guest01/var is a mounted dir 1325715436 M * ghislain then i launch the build and it ask me to force: exist already; please try to use '--force', or remove them manually. 1325715447 M * daniel_hozac well, that's not what's meant to work. 1325715454 M * ghislain if i force it rename Renamed '/etc/vservers/.defaul ... 1325715492 M * daniel_hozac building in a mounted dir is supposed to work. 1325715494 M * ghislain ok you check for the guest root to be a mounted FS i guess ? 1325715508 M * ghislain but not for subdirs 1325715537 M * ghislain do you think it would be possible one day to have a switch that tells util to build in it without renaming at all ? :) 1325715553 M * ghislain i know i allway do special stuff that do not fit lol 1325715612 M * ghislain for now i just build and then mv the file so nothing really hard, just would be a convenience 1325715677 M * ghislain while i have you on the line 1325715695 M * ghislain is there a way to easely convert a /usr/local setup to a /usr one ? 1325715718 M * ghislain seems there is quite a lot of links and dirs and i fear to leave some behind 1325715738 M * Bertl_oO what's the big deal, just build it 'normally' and move the data into your mount afterwards 1325715771 M * ghislain yes this is what i do :) 1325715820 M * ghislain i do not say it is a big deal at all, was just helpful in my scenario 1325715820 M * daniel_hozac a find should be able to take care of that. 1325715852 M * ghislain i need to document that for me, i will put the result in the wiki when i finish it 1325715937 M * ghislain there is quite some little gems in the tools so i just asked to know if i missed one, not want to rebuild vsomething another time eheh 1325715951 Q * clopez Ping timeout: 480 seconds 1325715959 J * ryker ~jalberts@c-67-176-243-86.hsd1.in.comcast.net 1325716012 M * ryker is anyone running rkhunter or chkrootkit successfully on vserver using cgroups? I get a lot of false positives due to hidden processes and ports. 1325716032 M * ryker I thought there might be a way around it somehow by using vspace or vcontext, but I have no idea 1325716082 M * ghislain vnamespace perhaps from the host ? 1325716091 M * Bertl_oO well, you can upload the false positives and we can go through them if you like? 1325716176 M * ryker well, i'm looking for a way to deploy rkhunter or chkrootkit to all of our servers. Pretty much every server will have different false positives. 1325716203 M * ryker i'm sure the server isn't infected, I'm just trying to figure out how to get this deployed and use it on all of the servers 1325716217 M * daniel_hozac ignore the known false positives? 1325716255 M * ghislain difficulty here will be to sort out false from new one, perhaps record the first run and compare result but become quite hard :) 1325716291 M * ryker I guess I could build a list of all false positives for all of my servers eventually, but I thought it might be easier and more reliable if I was able to run rkhunter in a context in a context/namespace that could see everything. 1325716309 M * ryker ghislain: yes, exactly 1325716324 M * Bertl_oO ryker: well, xid=1 aka spectator context does that 1325716379 M * ryker Bertl_oO: so, would something like vnamespace -e 1 -- rkhunter -c probably work? 1325716385 M * ryker not sure about the syntax 1325716392 Q * gucki_ Remote host closed the connection 1325716500 M * Bertl_oO chcontext --xid 1 -- ... (should do the trick) 1325716530 J * wurtel__ ~paul@gw-office.telegraaf.net 1325716593 Q * Marbug Ping timeout: 480 seconds 1325716616 M * ryker thx. i'll give that a try 1325716675 M * Bertl_oO daniel_hozac: with a centos5 testguest, I get the following error ... is that a centos or a yum (not patched) or even an util-vserver problem? http://paste.linux-vserver.org/20699 1325716713 M * Bertl_oO the [url] is http://mirrorlist.centos.org/?release=5&arch=x86_64&repo=addons 1325716956 Q * bonbons Quit: Leaving 1325717104 M * Bertl_oO daniel_hozac: nevermind, I forgot that the guest needs to have network access for vyum to work 1325717414 Q * sannes Remote host closed the connection 1325717435 M * ryker unfortunately using chcontext --xid 1 -- rkhunter -c didn't work. It still shows hidden processes and hidden ports. Any other options to have a process be able to view everything? 1325717487 M * Bertl_oO what processes does it show as hidden? 1325717533 M * Bertl_oO and does it work properly on an unpatched kernel (same version/config)? 1325717541 M * ryker unfortunately, it doesn't show them. let me see if I can figure out what they are 1325717572 M * ryker unfortunately, I don't have an unpatched kernel of the same version/config 1325717601 M * ryker ooh, two unfortunately's in a row. That's unfortunate. ;) 1325717656 M * ryker ah, i see. it lists them in a log file it creates. checking that. 1325717775 M * ryker hmm. it seems like it found more hidden pids when I used chcontext than when I didn't. I'm going to clear the log file and try again. It's kind of messy right now. 1325718212 M * Bertl_oO daniel_hozac: any ideas on 'rpmdb: /var/lib/rpm/Packages: unsupported hash version: 9' after internalizing packagemanagement for a centos5 guest? 1325718287 M * daniel_hozac recent rpm version outside? 1325718319 M * Bertl_oO probably, very likely I'd sya, any way to fix that? 1325718322 M * Bertl_oO *say 1325718331 M * Bertl_oO (for the guest I mean) 1325718347 M * daniel_hozac i haven't looked too much at it, but db_dump outside and using db_import (or whatever it is), should do the trick. 1325718372 M * Bertl_oO okay, will give it a try, tx! 1325718484 M * daniel_hozac let me know how it goes. 1325719249 M * Bertl_oO yep, works fine, dump of Packages/Pubkys on the host, db_load inside the guest and everything seems happy 1325719269 M * Bertl_oO the tricky part is to find and install the db4-utils package 1325720012 M * ryker Bertl_oO: so, running rkhunter by itself, it detects every guest process as a hidden process, but host processes are fine. when I run rkhunter using chcontext --xid 1 -- rkhunter -c, it detects EVERY process as a hidden process. :/ 1325720021 M * ryker odd 1325720081 M * ryker seems like using something like rkhunter or chkrootkit is just not an option on a vserver. 1325720102 M * Bertl_oO well, probably needs a deeper look and some adjustments for a Linux-VServer kernel 1325720227 M * ryker well, chcontext --xid 1 -- ps aux does show all processes, including the guest processes. 1325720244 M * Bertl_oO yup 1325720249 M * ryker ah, but those processes don't have an entry under /proc/ 1325720252 M * ryker so that's probably why 1325720272 M * Bertl_oO that might even be a Linux-VServer bug 1325720286 M * Bertl_oO kernel/patch version? 1325720289 M * ryker i'm using cgroups 1325720299 M * ryker shouldn't they be under a cgroup container? 1325720304 N * Bertl_oO Bertl 1325720311 M * ryker i mean, under something like /dev/cgroup/something 1325720323 M * Bertl you use cgroups for process isolation? 1325720342 M * ryker yes 1325720344 M * Bertl i.e. pid namespaces? 1325720370 M * ryker isn't that the recommended method now for resource limits? 1325720382 M * ryker seems to work fine 1325720387 M * Bertl for the resources, yes, not for the basic isolation 1325720404 M * ryker maybe I'm understanding the question wrong 1325720406 M * Bertl anyway kernel/patch version? 1325720431 M * ryker 2.6.38 mainline with vserver patches on centos 5.6 1325720462 M * ryker i'm john alberts. The person bugging you about a support quote today. :) 1325720488 M * Bertl ah, I see, well, would be interesting to see how a 3.x kernel does 1325720520 M * ryker true, but that doesn't help me on all of my machines today or tomorrow. :) 1325720610 M * Bertl no, but it might clarify the bug part 1325720612 M * ryker so, looking at the rkhunter source, I can see that's exactly what the problem is. It checks the pids against what's in /proc/ 1325720623 M * ryker so, it will never work until the code is modified to support cgroups 1325720663 M * ryker if cgroups are used, it should also be checking for pids in /dev/cgroup/cgroup.procs 1325720687 M * daniel_hozac no. 1325720719 M * ryker daniel_hozac: no? why not? 1325720736 M * Bertl /proc/ should be fine in guests and in the spectator context, unless you use pid namespaces 1325720750 M * Bertl (which I doubt you do :) 1325720800 M * ryker well, /proc/pid exists inside each guests filesystem, but not in the host. so running rkhunter on the hosts finds the running pids, but doesn't see the appropriate /proc/pid in the hosts filesystem. 1325720817 M * ryker are you saying, don't run rkhunter on the host? 1325720826 M * daniel_hozac they would exist in the host. 1325720839 M * daniel_hozac in the spectator context. 1325720847 M * ryker spectator context = 1? 1325720900 M * daniel_hozac yes. 1325720949 M * ryker running this on my host 1325720951 M * ryker [root@dc02vh0020na ~]# ls -d /proc/[0-9]* | wc -l 1325720951 M * ryker 271 1325720952 M * ryker [root@dc02vh0020na ~]# chcontext --xid 1 -- ls -d /proc/[0-9]* | wc -l 1325720953 M * ryker 271 1325720961 M * daniel_hozac because it expans it on the host. 1325720968 M * daniel_hozac just do ls -1 /proc 1325721027 M * ryker well, that shows a difference of 15 lines. let me see what they re 1325721028 M * ryker *are 1325721322 M * ryker ok… i suck at diff I guess