1349309213 Q * nakacya Ping timeout: 480 seconds 1349312018 Q * clopez Ping timeout: 480 seconds 1349325156 Q * macmaN Read error: Connection reset by peer 1349325231 J * vn585 R3h@89.205.104.146 1349325233 J * macmaN ~chezburge@138.167.190.90.dyn.estpak.ee 1349327495 J * nkukard_ ~nkukard@41.177.83.250 1349327526 Q * nkukard Read error: Connection reset by peer 1349330720 J * ghislain ~AQUEOS@adsl2.aqueos.com 1349331724 M * Bertl off to bed now ... have a good one everyone! 1349331729 N * Bertl Bertl_zZ 1349332905 J * fisted_ ~fisted@xdsl-87-78-231-133.netcologne.de 1349333327 Q * fisted Ping timeout: 480 seconds 1349333958 Q * ensc|w Remote host closed the connection 1349333969 J * ensc|w ~ensc@www.sigma-chemnitz.de 1349335338 J * thierryp ~thierry@home.parmentelat.net 1349340704 Q * AndrewLee Ping timeout: 480 seconds 1349342186 J * AndrewLee ~andrew@n201.enc.hlc.edu.tw 1349344094 J * clopez ~clopez@fanzine.igalia.com 1349350323 J * nakacya ~nakacya@KD118152083243.ppp-bb.dion.ne.jp 1349350470 Q * nkukard_ Quit: Leaving 1349350478 J * nkukard ~nkukard@41.177.83.250 1349350601 J * BenG ~bengreen@cpc4-aztw24-2-0-cust228.aztw.cable.virginmedia.com 1349352214 J * nakacya_ ~nakacya@KD118152083243.ppp-bb.dion.ne.jp 1349352227 Q * nakacya Read error: Connection reset by peer 1349352439 J * nakacya ~nakacya@KD118152083243.ppp-bb.dion.ne.jp 1349352440 Q * nakacya_ Read error: Connection reset by peer 1349353259 J * X-ian ~chris@p579524D8.dip.t-dialin.net 1349353328 M * X-ian using vserver webshop build --force -m debootstrap --context 1611 --hostname webshop --interface webshop=br0:10.0.0.1 -- -d squeeze results in "vcontext: jailIntoTempDir(): Permission denied" 1349353361 M * X-ian last message before was: "I: Base system installed successfully." 1349353417 M * X-ian system is Debian 6.0.4, Kernel 3.2.2-vs2.3.2.6 1349353492 M * daniel_hozac do you have SELinux or something enabled? 1349353541 M * X-ian i don't think so. 1349353724 M * X-ian no - selinux tools aren't even installed nor configured 1349354258 M * Bertl_zZ the kernel is custom built? 1349354262 N * Bertl_zZ Bertl 1349354394 M * X-ian yup 1349354442 M * Bertl could it be that you enabled some security mechanism in the kernel? 1349354897 M * X-ian compile was done by a colleage. reading the .config I would say no: 1349354947 M * X-ian CONFIG_SECURITY_SELINUX_DISABLE=y ; CONFIG_SECURITY_APPARMOR is not set ; CONFIG_IMA is not set 1349355069 M * Bertl okay, as it is debian, id you happen to update from an older (debian based) kernel? 1349355187 M * X-ian system got installed with stock 2.6.32-41 from scratch and changed to 3.2.2-vs2.3.2.6 afterwards 1349355246 M * Bertl util-vserver version is? 1349355305 M * X-ian util-vserver 0.30.216-pre3034-1 1349355306 M * X-ian util-vserver-build 0.30.216-pre3034-1 1349355306 M * X-ian util-vserver-core 0.30.216-pre3034-1 1349355306 M * X-ian util-vserver-sysv 0.30.216-pre3034-1 1349355330 M * Bertl why do you have --force in the command line? 1349355431 M * X-ian for accepting already premounted logical volumes. we have distinct LVs per VS here. 1349355465 M * Bertl that shouldn't require --force, IIRC 1349355784 M * X-ian just ran it without --force and lv. same error 1349355791 M * X-ian I: Base system installed successfully. 1349355791 M * X-ian vcontext: jailIntoTempDir(): Permission denied 1349355803 M * Bertl okay, please run it with --debug and upload the output to a pastebin 1349355930 M * X-ian in progress... 1349356016 M * Bertl what filesystem is used for the guests and how is the LV mounted? 1349356092 M * X-ian ext4 mounted from host's /etc/fstab 1349356173 J * nlm_ ~nlm@host230.200-117-23.telecom.net.ar 1349356572 Q * nlm Ping timeout: 480 seconds 1349356703 M * X-ian finally: http://www.citecs.de/d029346f21c7d4b04090a281da39c53a 1349356821 M * Bertl okay, it seems that the error happens in the initpost script, so let's try the following: 1349356838 M * Bertl bash -x /usr/lib/util-vserver/distributions/squeeze/initpost /etc/vservers/webshop /usr/lib/util-vserver/util-vserver-vars 1349357181 M * X-ian www.citecs.de/6760308152b636ec1febd40a196a2755 1349357272 M * Bertl okay, next one: 1349357310 M * Bertl /usr/sbin/vserver /etc/vservers/webshop start --debug --rescue --rescue-init bash 1349357445 M * X-ian vserver ... start: unknown option '--debug' 1349357476 M * Bertl put the --debug right after vserver 1349357730 M * X-ian www.citecs.de/htdocs/2cdba41fc9b6c448bc99a5abb625a80d 1349357755 M * X-ian strange thing: the ip-adress is crippled, first octet missing ?! 1349357775 M * Bertl gives me 404 1349357794 M * Bertl works without htdocs :) 1349357801 M * X-ian sry ;-) 1349357809 M * Bertl np 1349357898 M * Bertl could you do an 'xxd /etc/vservers/webshop/interfaces/0/ip' 1349357971 M * X-ian customer ip with trailing \n 1349358023 M * Bertl hmm, any relation to the .0.0.1 we see? 1349358124 M * X-ian in real these were the octets of the ip address 1349358145 M * Bertl okay, this is what gets executed: 1349358148 M * Bertl /usr/sbin/chbind --silent --secure --nid 1611 --ip .0.0.1/27 /usr/lib/util-vserver/exec-ulimit /etc/vservers/webshop/ulimits /usr/sbin/vtag --create --tag 1611 --silent -- /usr/sbin/vspace --new --default -- /usr/sbin/vcontext --create --silent --xid 1611 -- /usr/sbin/vspace --mount --fs --set -- /usr/sbin/vspace --set --default -- /usr/lib/util-vserver/exec-remount /proc /sys -- /usr/sbin/vlimit --dir /etc/vservers/webshop/rlimits --missingok -- /usr/sbin 1349358192 M * Bertl now the --ip .0.0.1/27 seems definitely wrong, so I'd ask you to check with the correct IP there 1349358240 M * Bertl (in case the line was cripled because of the max line length, take the command right before the vcontext: jailIntoTempDir(): Permission denied 1349358351 M * Bertl but I expect it to fail with or without the correct IP 1349358352 M * X-ian same here (with the correct ip). next: vserver webshop start: flawlessly. vserver webshop enter: also. ip a l reports the correct ip. 1349358414 Q * BenG Quit: I Leave 1349358421 M * Bertl okay, so the command with the correct IP also fails, yes? 1349358452 M * X-ian i'd assume: basic dbootstrap done, vserver tweacks not. 1349358487 M * Bertl no, what I meant was, if you copy/paste the long command line and correct the IP, does it give you the same error? 1349358507 M * X-ian the command with the correct IP also fails. i ran command with the correct ip and just replaced the ip in the debug output afterwards 1349358537 M * Bertl okay, so let's narrow down the command to the 'failing' part 1349358572 M * Bertl first, let's remove the chbind up to (including) the ip 1349358590 M * Bertl i.e. start with /usr/lib/util-vserver/exec-ulimit /etc/vservers/webshop/ulimits ... 1349358681 M * Bertl next step is to start with /usr/sbin/vtag ... 1349358742 M * X-ian ok. buffer overrun here. :-) 1349358783 M * X-ian I should run the long chbind cmd incl. the right ipaddress? 1349358788 M * Bertl sec, I'll upload the commands to try 1349358800 M * X-ian fine :-) 1349358903 M * Bertl http://paste.linux-vserver.org/22974 1349359155 M * X-ian results online 1349359200 M * Bertl hmm, you probably need to remove the /var/run/vservers/webshop between the tests 1349359215 M * Bertl hmm, is the guest stopped? 1349359613 M * Bertl daniel_hozac: regarding the mnt_is_reachable(), can a recent util-vserver be configured to run a guest without mnt namespaces? i.e. assuming that util-vserver is somewhat recent, is there a legit way to require the mnt_is_reachable() check? 1349359655 M * Bertl s/legit way to/legit config which would/ 1349359667 M * X-ian yes, vserver-stat says it's down. removed /var/run/vservers/webshop now every time. results online 1349359703 M * daniel_hozac you can run without namespaces 1349359708 M * daniel_hozac nonamespace still works. 1349359731 M * Bertl okay, and that works without pivot? 1349359768 M * Bertl or does it simply put the old root into the guest? :) 1349359878 M * daniel_hozac but i think it's fine for the mount table to include things in that case. 1349359902 M * X-ian webshop has it's own root, I put a flag file into it to be sure 1349359947 M * daniel_hozac nonamespace disables pivot_root. 1349359980 M * Bertl okay, got it, well, we can easily make it a kernel compile time option which gets faded out slowly 1349359997 M * Bertl (and defaults to mnt_is_reachable() off) 1349360103 M * Bertl X-ian: try this one: http://paste.linux-vserver.org/22977 1349360109 Q * fisted_ Ping timeout: 480 seconds 1349360125 M * Bertl you'll end up in a shell, take a look around, specifically look for the guest root mount 1349360154 M * Bertl see if there is something odd with it, like permission issues 1349360223 M * X-ian ... this is host's root-dir & ip setup 1349360277 M * Bertl yup, any problems when you try to access the guest's root? 1349360297 M * X-ian cd /var/lib/vservers/ 1349360297 M * X-ian bash: cd: /var/lib/vservers/: Permission denied 1349360307 M * Bertl ah, now we are getting somewhere 1349360357 M * Bertl anything in dmesg (on the host)? 1349360411 M * X-ian [20147144.158146] vxW: [�bash�,3900:#1611|0|0] did hit the barrier. 1349360415 M * X-ian [20147144.158150] vxW: [�bash�,3900:#1611|0|0] denied [0x41] access to inode dm-0:ffff8817d23754b0[#0,265805] 1349360423 M * X-ian (several) 1349360445 J * fisted ~fisted@xdsl-87-78-231-133.netcologne.de 1349360445 Q * fisted Remote host closed the connection 1349360465 M * Bertl so, let's start with checking your filesystem (on the host) for unwanted barriers :) 1349360477 M * X-ian showattr /var/lib/vservers/ 1349360477 M * X-ian ----Buic- /var/lib/vservers/ 1349360477 M * X-ian ----buic- /var/lib/vservers/webshop 1349360479 M * X-ian ----buic- /var/lib/vservers/... 1349360506 M * Bertl check above as well, i.e. / /var /var/lib 1349360516 M * X-ian showattr /var/lib 1349360520 M * X-ian ----buic- /var/lib/... 1349360533 M * X-ian showattr /var 1349360536 M * X-ian ----buic- /var/.. 1349360563 M * X-ian showattr / 1349360571 M * X-ian ----buic- /... 1349360581 M * X-ian ----Buic- /tmp 1349360601 J * fisted ~fisted@xdsl-87-78-231-133.netcologne.de 1349360611 M * Bertl you got a barrier on /tmp? 1349360619 M * X-ian seems so. 1349360657 M * daniel_hozac that'll do it 1349360679 M * Bertl please remove that one and try again with the postinit 1349360741 M * Bertl daniel_hozac: judging from the places folks have barriers on, I'd suggest you do a barrier check on every directory you want to access :) 1349360869 M * daniel_hozac yeah.. 1349360873 J * kir ~kir@swsoft-msk-nat.sw.ru 1349360988 M * X-ian no more complaints from the system. 1349360996 M * Bertl excellent! 1349361004 M * X-ian Wonderful world of IT: You're doin' it right and it works. Magic. 1349361030 M * X-ian we need a naggios check here. 1349361081 M * X-ian many many thanks to you :-) 1349361090 M * Bertl you're welcome! 1349361105 M * Bertl and now it's a good time to point to this: http://linux-vserver.org/Donations 1349361111 M * Bertl :) 1349361129 M * X-ian yep. d'accord :-) 1349361203 P * kir PING 1349361203 1349363708 Q * X-ian Quit: leaving 1349364840 J * hijacker_ ~hijacker@cable-84-43-134-121.mnet.bg 1349364919 J * nkukard_ ~nkukard@41.177.37.231 1349364935 Q * nkukard Read error: Connection reset by peer 1349366631 Q * thierryp Remote host closed the connection 1349366706 J * bonbons ~bonbons@2001:960:7ab:0:be:e357:8ada:ef0 1349367106 M * ser i am lost, i have a software which want to store big files, and it seems vserver magically limits those in guests 1349367149 M * ser how can i check all possible limits i have? 1349368003 J * thierryp ~thierry@home.parmentelat.net 1349368172 Q * thierryp Remote host closed the connection 1349369019 M * Bertl unless you have explicitely set a dlimit (disk limit), Linux-VServer will not limit your files 1349369054 M * Bertl how large are those files and what is the error you are seeing 1349369260 J * isAAAc ~isaaac@2a01:6600:8081:3701:e4b7:5ff:fec8:eb19 1349377027 J * fisted_ ~fisted@xdsl-87-78-140-10.netcologne.de 1349377436 Q * fisted Ping timeout: 480 seconds 1349379048 Q * clopez Ping timeout: 480 seconds 1349381268 J * cuba33ci_ ~cuba33ci@114-36-225-219.dynamic.hinet.net 1349381616 Q * cuba33ci Ping timeout: 480 seconds 1349381619 N * cuba33ci_ cuba33ci 1349382498 Q * hijacker_ Quit: Leaving 1349383044 J * clopez ~clopez@48.16.165.83.dynamic.mundo-r.com 1349384741 Q * bonbons Quit: Leaving 1349384746 Q * vn585 Ping timeout: 480 seconds 1349388779 J * thierryp ~thierry@2a01:e35:2e2b:e2c0:b449:cb59:f2f2:5eed 1349389971 Q * ghislain Quit: Leaving. 1349390796 Q * isAAAc Quit: Konversation terminated!