1367366578 Q * FireEgl Remote host closed the connection
1367375567 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com
1367376847 Q * imachine Read error: Connection reset by peer
1367380821 J * imachine ~imachine@robot.greenhost24.pl
1367381283 N * Bertl_zZ Bertl
1367381287 M * Bertl morning folks!
1367384433 Q * jrayhawk Remote host closed the connection
1367388692 J * jrayhawk ~jrayhawk@nursie.omgwallhack.org
1367390791 M * Bertl off for now ... bbl
1367390796 N * Bertl Bertl_oO
1367395230 J * nkukard ~nkukard@197.87.148.190
1367398559 J * bonbons ~bonbons@2001:a18:209:3a01:f8f5:c385:3381:9b02
1367398885 J * ser ~ser@host1.tldp.ibiblio.org
1367399382 J * Ghislain ~aqueos@adsl1.aqueos.com
1367406647 Q * ircuser-1 Ping timeout: 480 seconds
1367407304 M * alex3 hi, I need a method to identify the host on that a vserver is running out of a vserver, what could I do?
1367407448 M * alex3 oh thing that i could do is matching the mac address if the network interfaces agains a collected list of all mac addresses of all hosts, but I am looking for something more clever
1367410109 J * ircuser-1 ~ircuser-1@35.222-62-69.ftth.swbr.surewest.net
1367410358 J * nlm_ ~nlm@host178.186-124-177.telecom.net.ar
1367410462 Q * nlm_ Read error: Connection reset by peer
1367410574 J * nlm_ ~nlm@host178.186-124-177.telecom.net.ar
1367410712 Q * nlm Ping timeout: 480 seconds
1367412380 J * nlm ~nlm@host178.186-124-177.telecom.net.ar
1367412485 Q * nlm_ Ping timeout: 480 seconds
1367412904 M * ptitoliv_ hello Bertl_oO 
1367412923 M * ptitoliv_ i finally had time to generate the archive for namespace issue : send the link in private
1367413655 J * melbar ~me@177.17.100.121
1367413772 M * melbar Hi. When I enable network namespaces (/etc/vserver/<vsname>/spaces/net) and create some interfaces in the namespaces, almost everything works fine except /proc/net comes out empty, which breaks netstat.
1367413787 M * melbar Anyone knows a fix for that?
1367413829 M * ptitoliv_ melbar: hey
1367413831 M * ptitoliv_ i have the same issue
1367413849 M * melbar Actually, most classic unix programs (ifconfig, route, etc) also fail because of the same reason: /proc/net is empty
1367413854 M * ptitoliv_ i reported it to chan here
1367413855 M * melbar the 'ip' utility works fine though
1367413860 M * ptitoliv_ we try to investiage
1367413869 M * ptitoliv_ melbar: you are exactly in the same case than me
1367413881 M * melbar any progress on this, ptitoliv_?
1367413898 M * melbar The only thing I miss is netstat
1367413912 M * melbar The 'ip' utility works fine and does almost everything I need
1367413928 M * ptitoliv_ melbar: not really progress
1367413932 M * ptitoliv_ but it"s my fault
1367413939 M * melbar how so?
1367413952 M * ptitoliv_ i didn't had time to send my vserver configuration for furthner investigation
1367413958 M * ptitoliv_ i just did it today
1367414029 M * melbar I'm trying to read the code to see if there's an obvious 'if' preventing it from working
1367414051 M * melbar but I guess I am far too inexperienced about the kernel code (:
1367414083 M * melbar I guess the underlying reason is buried deep in some obscure data structure 
1367414132 M * melbar ptitoliv_: how can I help?
1367414213 M * ptitoliv_ melbar: i don't know i'm like you
1367414220 M * ptitoliv_ too inexperimented in the kernel code
1367414342 M * melbar well
1367414363 M * melbar If anyone knows this and would like to help me fix it, contact me!
1367414412 M * ptitoliv_ for know the only way is to use chbind if you want to use /proc/net
1367414417 M * ptitoliv_ melbar: i have an additional question
1367414446 M * ptitoliv_ did you find an elegant way to attach a network namespace usable with netns to a vserver ?
1367414472 M * melbar depends on what you consider 'elegant' (:
1367414510 M * melbar I wrote a script that locates a process in the vserver context to get to the namespace
1367414527 M * melbar then I create the interface and migrate it to the ns
1367414538 M * ptitoliv_ of so you do it after the vserver start 
1367414546 M * ptitoliv_ me i would want to do the opposite
1367414559 M * melbar yep, at post-start.d
1367414570 M * ptitoliv_ me i wanted to do before
1367414584 M * melbar But I guess it is fine, because the namespace starts only with the loopback
1367414587 M * ptitoliv_ but in that case if you have services on your vserver that you xwant to bind only in a specific card
1367414594 M * melbar before would be nice
1367414598 M * ptitoliv_ you need to start the service after
1367414666 M * melbar yep.
1367414675 M * melbar So I guess it is far from elegant
1367414840 M * ptitoliv_ well it works
1367414852 M * ptitoliv_ but my dream would be a parameter wich would bne
1367414869 M * ptitoliv_ use /var/run/netns/<inser_the_ns_name_here>
1367414879 M * ptitoliv_ using setns
1367415004 M * melbar can't you set up the namespace beforehand?
1367415031 M * melbar spaces/net can contain the namespace ID if I am not mistaken
1367415069 M * ptitoliv_ yes but it doesn"t seems to work
1367415087 M * ptitoliv_ when i try i have a no_such_name process returned by the vc_enter_namespace function
1367415108 M * melbar yeah. the same I got here.
1367415128 M * melbar oh boy. seems like I have some dense code reading ahead of me.
1367415293 M * ptitoliv_ :)
1367416484 M * Bertl_oO alex3: what about putting a file in each guest with the host id?
1367416548 M * Bertl_oO melbar, ptitoliv_ for the /proc/net issue, this seems to be a problem with the 'net' entry being created within the network namespace
1367416660 M * melbar Bertl_oO: guessed as much. It's still unclear to me where to fix that though.
1367416736 M * Bertl_oO well, the best way to fix it is probably to set the hide/unhide attribute correctly for those entries, assuming (and the debug so far confirms that) it is actually the hide mechanism which removes those entries
1367416760 M * Bertl_oO if there is a different (mainline) mechanism at work, it will get complicated
1367416847 M * melbar you mean something like setattr --~hide /proc/net, but within that namespace?
1367416896 M * Bertl_oO well, /proc/net points to /proc/self/net and /proc/self points to /proc/<pid>, so it's not so simple, but yeah, the idea is the same
1367416974 M * melbar yeah, I followed the symlinks
1367417022 M * melbar and with the varying pid number, seems like we've got a moving target
1367417112 M * Bertl_oO it is part of the per process dynamic values
1367417139 M * Bertl_oO so, by default, it should be visible, which makes this a little strange
1367417158 M * melbar I felt the strangeness as well (:
1367417174 M * Bertl_oO but I have to do some debugging to figure out what's going on
1367417181 M * melbar my gut tells it should work yet it doesn't
1367417190 M * melbar can I help in any way?
1367417230 M * Bertl_oO it would be beneficial to figure out a 'setup sequence' to create a minimal namespace/context environment which exposes the issue
1367417270 M * Bertl_oO i.e. a sequence/combination of vcontex/vnamespace commands which should show /proc/net but do not because of the issue at hand
1367417306 M * Bertl_oO (similar to a guest startup, but without the unrelated stuff)
1367417330 M * melbar sure. isolate the issue, remove the crap.
1367417353 M * melbar to find out the exact spot where the issue shows up
1367417367 M * melbar i'm trying to do this as we speak.
1367417857 M * melbar here's what I found so far... tell me if I'm the right direction
1367417891 M * melbar I created a vserver named 'nsvs' with network namespaces and I have a nc -l -p 5000 running there so netstat -tanp should show it
1367417904 M * melbar however
1367417909 M * melbar vspace -e nsvs --net -- vcontext --migrate --xid nsvs -- netstat -tanp
1367417913 M * melbar triggers the problem
1367417921 M * melbar :
1367417922 M * melbar netstat: no support for `AF INET (tcp)' on this system.
1367417924 M * melbar yet
1367417940 M * melbar vspace -e nsvs --net -- netstat -tanp
1367417942 M * melbar works just fine
1367417984 M * melbar I'm guessing the context isolation might be conflicting with the network namespaces thing
1367418016 M * melbar by making /proc/<pid> on that context not show because it is unaware of the netns
1367418025 M * Bertl_oO that's the interesting part, because the context isolation does not really care about network namespaces at all
1367418046 M * Bertl_oO so, the question is more:
1367418062 M * Bertl_oO why does it work with vcontext --migrate --xid nsvs -- ...
1367418085 M * Bertl_oO after all, the host network namespace is a network namespace as well
1367418098 M * melbar if I do 
1367418101 M * melbar vcontext --migrate --xid nsvs -- netstat -tanp
1367418110 M * melbar by itself, without the vspace
1367418117 M * melbar I get the sockets on the 'root vserver'
1367418137 M * Bertl_oO yeah, so why isn't /proc/net hidden there?
1367418145 M * melbar which makes sense to me because I haven't switched to the network namespace
1367418153 M * melbar yeah... here's the mystery
1367418203 M * melbar my (wild) guess is that the data needed to make /proc/net work is in some _other_ data structure
1367418246 M * melbar notice that within the namespace, /proc/net exists... it is the files within it that do not
1367418280 M * Bertl_oO would make sense, but the attributes (including the hide flag) are in the dentry for proc entries :)
1367418345 M * Bertl_oO so it really is a kind of mystery, but we'll figure it out ... what I meant with sequence to recreate was something which doesn't actually need a running guest
1367418376 M * Bertl_oO i.e. something creating the spaces/contexts on the fly in the command sequence
1367418823 M * melbar you mean something like
1367418825 M * melbar vspace --new --net -- vcontext --create --xid 41234 -- cat /proc/net/tcp
1367418826 M * melbar ?
1367418833 M * melbar this one triggers the problem
1367418864 M * melbar it says
1367418865 M * melbar cat: /proc/net/tcp: No such file or directory
1367419017 M * Bertl_oO that's probably because /proc is missing
1367419051 M * melbar oot@melbar:/usr/lib/util-vserver# vspace --new --net -- vcontext --create --xid 41234 --namespace -- cat /proc/
1367419052 M * melbar New security context is 41234
1367419052 M * melbar cat: /proc/: Is a directory
1367419065 M * Bertl_oO yeah, but I guess it's empty
1367419080 M * melbar vspace --new --net -- vcontext --create --xid 41234 --namespace -- ls /proc/
1367419080 M * melbar New security context is 41234
1367419080 M * melbar 11546	 execdomains  ioports  locks	mounts	  stat	   tty
1367419080 M * melbar cpuinfo  filesystems  kcore    meminfo	net	  swaps    uptime
1367419080 M * melbar crypto	 interrupts   kmsg     misc	self	  sys	   version
1367419081 M * melbar devices  iomem	      loadavg  modules	slabinfo  sysvipc
1367419461 M * melbar the --namespace is redundant in this case, the same happens
1367419522 M * melbar so if I understand correctly, merely combining context isolation with namespaces seem to trigger the problem
1367420425 J * BenG ~bengreen@bmex-gw.bristolwireless.net
1367421984 M * alex3 Bertl_oO: a file in each vserver could work... maybe something with a bind mount
1367421989 M * alex3 Bertl_oO: thanks
1367423106 Q * melbar Remote host closed the connection
1367424347 Q * BenG Quit: I Leave
1367424725 N * ensc Guest4010
1367424735 J * ensc ~irc-ensc@p54ADEADA.dip0.t-ipconnect.de
1367425147 Q * Guest4010 Ping timeout: 480 seconds
1367425273 M * fback Bertl_oO: with 3.4.42-vs2.3.3.9 it's not possible to write to routing table from the guest anymore
1367426341 J * benl ~benl@dockoffice.sonassihosting.com
1367426452 J * nlm_ ~nlm@host178.186-124-177.telecom.net.ar
1367426767 Q * nlm Ping timeout: 480 seconds
1367426783 M * benl Hi all
1367426824 M * benl Is there any reason a Vserver would be slow to "enter" (vserver GUEST enter)
1367426848 M * benl Some guests are taking a few seconds to "enter" (despite the load being 0.00)
1367427268 M * benl Doh. I found out why.
1367427284 M * benl Something being slow to execute in either /etc/profile, .bashrc or .bash_profile
1367427610 Q * benl Quit:  HydraIRC -> http://www.hydrairc.com <- Like it?  Visit #hydrairc on EFNet
1367433885 J * melbar ~me@177.17.100.121
1367433968 M * melbar hi again. Bertl_oO, did you have a chance to look into the missing /proc/net/ entries issue?
1367437395 M * melbar Bertl_oO: disabling vx_hide_check on fs/proc/generic.c:proc_lookup_de makes the missing /proc/net/tcp entry show up even with network namespaces
1367437405 M * melbar but reading it gives 'permission denied'
1367438941 J * BenG ~bengreen@cpc35-aztw23-2-0-cust207.18-1.cable.virginmedia.com
1367440552 Q * BenG Remote host closed the connection
1367441864 Q * bonbons Quit: Leaving
1367446202 Q * Ghislain Quit: Leaving.
1367449312 Q * puck Ping timeout: 480 seconds
1367449468 J * puck ~puck@2404:130:0:1000::23:10
1367449619 M * melbar ptitoliv_, are you there?