1383092744 Q * SteeleNivenson Ping timeout: 480 seconds 1383093264 J * treaki__ b0eee94a87@p4FF4BCB1.dip0.t-ipconnect.de 1383093688 Q * treaki Ping timeout: 480 seconds 1383093753 J * Ghislain ~aqueos@adsl1.aqueos.com 1383094593 Q * Ghislain Quit: Leaving. 1383110637 Q * distemper Ping timeout: 480 seconds 1383111393 J * distemper ~user@2001:4dd0:ff00:9484:3f2f:58c8:2997:3dd2 1383112137 Q * distemper Ping timeout: 480 seconds 1383112283 J * distemper ~user@2001:4dd0:ff00:9484:3f2f:58c8:2997:3dd2 1383117559 J * Ghislain ~aqueos@adsl1.aqueos.com 1383122611 J * SteeleNivenson ~SteeleNiv@cpe-172-248-130-44.socal.res.rr.com 1383123119 Q * SteeleNivenson Ping timeout: 480 seconds 1383123602 Q * fisted Remote host closed the connection 1383123622 J * fisted ~fisted@xdsl-87-78-10-26.netcologne.de 1383124605 M * harry_ is vserver still alive actually? 1383124611 M * harry_ it's been awefully quiet here... 1383124639 A * renihs thinks the history is kinda not quiet 1383124713 M * harry_ mkay then 1383124717 M * harry_ even better ;) 1383124722 M * arekm slowly dying 1383124741 A * harry_ looking for a working 12.04 linux-vserver kernel 1383124754 M * harry_ but the one from psladen doesn't boot on my (hetzner) machine 1383124767 M * harry_ and i don't have the time (anymore) to investigate every detail 1383125493 M * renihs i always compile my own kernels 1383125500 M * renihs didnt even know a "12.04" kernel exists :) 1383125505 M * harry_ i used to do that too 1383125507 M * renihs still on 3.10.16 :) 1383125515 M * harry_ but as i said... don't have the time anymore to do all that 1383125520 M * harry_ i just want it to ... work :) 1383125532 M * harry_ (hence the no-more grsec updates :( ) 1383125995 A * sladen wonders what 'psladen' kernel this might be 1383126347 M * harry_ no yes... sorry 1383126348 M * harry_ i missed 1383126383 M * harry_ psand.net kernels 1383126389 M * harry_ http://repo-ubuntu.psand.net/pool/main/l/ 1383126390 M * renihs funny i red binladen kernel, thought thats a stupid name 1383126397 M * renihs but with ubuntu 1383126400 M * renihs nothing surprises me :) 1383126512 M * harry_ bleh... i don't want to recompile my own kernels anymore :( 1383126516 M * harry_ -re 1383126697 M * daniel_hozac what was your problem with the psand kernel? 1383126730 M * daniel_hozac and which kernel was it? 1383127253 M * harry_ doesn't boot 1383127264 M * harry_ probably because ext4 is not compiled in but as module 1383127276 M * harry_ but i have no console access 1383127280 M * harry_ so i'm working blind here 1383127288 M * harry_ 3.10 kernel 1383127612 M * renihs um, there is no initrd? :) 1383127630 M * renihs i thought bindistros or distros in general use initrds :) 1383127703 M * harry_ there is an initrd 1383127707 M * harry_ but it probably isn't in it 1383127712 M * harry_ so i added ext4 to it now.. 1383127718 M * renihs makes ...sense :) 1383127718 M * harry_ but god knows how much more is missing ;) 1383127738 M * renihs so hmm fixing distro kernels is easier then baking own kernels it seems :p 1383127748 M * renihs dunno, without serial console/console 1383127750 M * renihs could become tricky 1383127754 M * harry_ indeedio 1383127757 M * renihs to figure out whats going on 1383127770 M * renihs how do you even reboot? :p 1383127840 M * harry_ type: reboot ;) 1383127851 M * harry_ and do a hard reset on the website of the provider 1383127856 M * harry_ then boot a rescue image 1383127860 M * harry_ remove the "buggy" version 1383127862 M * harry_ reboot again 1383127866 M * renihs you have all that, but no console access? :) 1383127869 M * renihs evil provider 1383127869 M * harry_ and try again 1383127873 M * harry_ bleh ;) 1383127881 M * renihs must be catbert in disguise 1383128151 M * harry_ and then there is this: 1383128153 M * harry_ update-initramfs: Generating /boot/initrd.img-3.10.11-vs2.3.6.6-beng 1383128153 M * harry_ W: Possible missing firmware /lib/firmware/rtl_nic/rtl8168g-3.fw for module r8169 1383128156 M * harry_ W: Possible missing firmware /lib/firmware/rtl_nic/rtl8168g-2.fw for module r8169 1383128159 M * harry_ W: Possible missing firmware /lib/firmware/rtl_nic/rtl8106e-2.fw for module r8169 1383128162 M * harry_ W: Possible missing firmware /lib/firmware/rtl_nic/rtl8106e-1.fw for module r8169 1383128440 M * renihs "possible"? :p 1383128458 M * renihs must be a schroedinger person who writes those scripts 1383129855 M * Ghislain you won't know until you boot the kernel :p 1383129871 M * Ghislain until then they are here and not here 1383130378 Q * geos_one Quit: ChatZilla 0.9.90.1 [Firefox 23.0/20130824204146] 1383132497 M * renihs just out of curiosity, anyone here using vserver + network namespaces + iptables 1383132723 J * thierryp ~thierry@zebra.inria.fr 1383132730 A * arekm has one test setup like that 1383132800 M * arekm renihs: https://www.pld-linux.org/docs/vserver#network_namespace_in_vservers 1383132804 M * arekm hacky but worked 1383132917 M * renihs arekm, hmm oh, i still need net_raw for iptables to work? 1383132935 M * renihs i thought due to the use of namespaces i could ommit that 1383133065 M * daniel_hozac namespaces make net_raw safe to use. 1383133080 M * daniel_hozac that's pretty much the point. 1383133084 M * renihs daniel_hozac, ah ok :) 1383133129 M * renihs ok, i need a better testing box 1383133138 M * renihs having more than 500 namespaces doesnt make things less confusing 1383133190 M * renihs thanks arekm, daniel_hozac 1383133284 M * arekm what sucks is pid finding in guest, so interface can be moved into guest ns 1383133293 M * arekm maybe there is some smarter way 1383133303 M * daniel_hozac i thought mainline added some other way to do that recently 1383133307 M * daniel_hozac that didn't require a pid. 1383133383 M * renihs also, hmm should i really avoid having the veths up before the vserver guest is up? i wuold prefer them to be there independet if the guest is up or not 1383133400 M * renihs and not for them to be created/removed on guest start/stop 1383133566 M * arekm you can have them earlier 1383133577 M * arekm just you need to move one veth end into guest at some point 1383133582 M * renihs hmm i guess i am gonna canibalise that start-stop script :) 1383133587 M * renihs arekm, yeah 1383133603 M * renihs though its abit confusing in the script, partially ip is used, then ifup, then .. :) 1383133609 M * renihs quite a mixture 1383133611 M * renihs neat though 1383133708 M * arekm looking at ip-netns and ip-link man pages it seems possible to give name to namespace and use that instead of guest pid 1383133722 M * renihs yeah, i am doing that now 1383133731 M * renihs name of the vserver for the namespace 1383133739 M * renihs or maybe i should use the context id? hmm 1383133774 M * arekm but hmm, vserver creates own ns that won't match that "ip netns" created one 1383133781 M * arekm so no fun 1383133796 M * daniel_hozac only if you tell it to. 1383133824 M * renihs mine didnt create one or i am confused 1383133841 J * beng_ ~BenG@cpc35-aztw23-2-0-cust207.18-1.cable.virginm.net 1383133855 M * renihs meh, stupid zfs takes forever to compile, wanna reboot before testing around :( 1383133883 M * renihs should have started using namespaces alot sooner i guess :( 1383133893 M * arekm if it won't create own net ns then it also won't use ip route netns 1383133909 M * arekm unless I missed something 1383134757 Q * Aiken Remote host closed the connection 1383134936 M * daniel_hozac arekm: yeah, it'd require some modifications 1383135376 J * geos_one ~chatzilla@85-125-139-162.work.xdsl-line.inode.at 1383137451 M * daniel_hozac arekm: renihs: https://github.com/linux-vserver/util-vserver/commit/17934b20a950a27e1b2e887eee718f0e29ab9981 please give it a try if you can... i have to upgrade iproute on my test system. 1383137524 M * daniel_hozac mkdir -p /etc/vservers/$guest/netns/interfaces/0; echo ${guest}0 > /etc/vservers/$guest/netns/interfaces/0/host; should be all that's required... 1383138258 M * Bertl morning folks! 1383138267 M * daniel_hozac morning Bertl! 1383138270 M * undefined Bertl: morn 1383138327 M * undefined Bertl: okay, you shamed me into spending 5 to 10 minutes (re)learning how to "manually" recompile a kernel (been doing "make deb-pkg", and not kernel debugging, for too long) and so far i've chased the failure of mounting the proc fs within a vserver guest to the fs-specific mount returning an error (in super.c) 1383138368 M * Bertl okay 1383138562 M * undefined Bertl: i'll continue working it, but just wanted to let you know as i'm not getting it done as quickly as i would like (not as much free time as i would like) 1383138726 M * Bertl no problem, so where is the call which returns EPERM or causes the return value? 1383138830 M * undefined super.c, ~1112, "root = type->mount(type, flags, name, data);" 1383138877 M * undefined i put a printk right before the "goto out_free_secdata" 1383138957 M * undefined but i'm not familiar with the kernel's types (and i'm "lazy"), so i didn't try to print anything (ie error value) 1383139032 M * undefined and now i'm trying to find mount() under fs/proc/ 1383139039 M * undefined to "instrument" it 1383139054 M * undefined (all before i run out of "free time" this morning) 1383139072 M * Bertl so procfs itself refuses the mount? 1383139086 M * karasz hello, do i need yum on the host to be able to install a centos guest? 1383139159 M * Bertl undefined: ah, I see, they have placed another CAP_SYS_ADMIN check in proc_mount() :) 1383139186 M * undefined i presume type->mount() points to a mount() within procfs 1383139197 M * Bertl fs/proc/root.c line 119 1383139199 M * undefined sneaky, aren't they 1383139223 M * Bertl yep, that needs to be modified as well 1383139229 M * undefined yep, i see it 1383139336 M * undefined if you don't have time today, then tonight (free time availing) i'll change that ns_capable (or add relevant code) like elsewhere in the vserver patch 1383139589 M * Bertl yep, I'll prepare a patch but that should fix it (similar for sysfs I guess) 1383141635 M * renihs daniel_hozac, i just recompiled everything, um hmm kk will test with that too :) 1383141672 M * renihs that approach would sound preferable :) 1383141855 M * renihs ah dont need to recompile for those patches 1383142383 Q * undefined Quit: Leaving 1383143293 J * thierryp_ ~thierry@zebra.inria.fr 1383143293 Q * thierryp Read error: Connection reset by peer 1383145933 M * beng_ hey all 1383145947 M * beng_ I'm getting this problem when logrotate reloads apache: 1383145949 M * beng_ /usr/sbin/apache2ctl: 87: ulimit: error setting limit (Operation not permitted) 1383145972 M * beng_ its the "ulimit -n 8192" which is causing the problem 1383146063 M * beng_ http://linux-vserver.org/Ulimit_Nofiles - lots of info there, but nothing specific to this case 1383146089 M * Bertl what's the limit inside your guest? 1383146154 M * beng_ when I go in with vserver enter - it says 1024 1383146165 M * beng_ but I appear to be able to raise that to 2048 1383146216 M * Bertl 'it' being? 1383146254 M * beng_ ulimit -n 2048 works 1383146265 M * Bertl check with 'ulimit -Ha' 1383146267 M * beng_ sure 1383146281 M * Bertl I expect you got a hard limit of 2048 1383146289 M * Bertl or something in that range 1383146297 M * beng_ 1048576 1383146337 M * Bertl and what's the soft limit? 'ulimit -a' 1383146429 M * beng_ ulimit -n and ulimit -Sn give different answers 1383146456 M * beng_ ah, not, both 1024 1383146462 M * beng_ ah, no, both 1024 1383146483 M * Bertl and you can raise the limit to 2048 but not 8192? 1383146492 M * beng_ well I could before, hang on 1383146518 M * beng_ strange, I can now raise the limit 1383146574 M * beng_ ah, okay, that's when I SSH in 1383146592 M * beng_ this appears to be a PAM thing as on the wiki 1383146601 M * beng_ as that wiki page points out 1383146614 M * Bertl pam is evil! :) 1383146742 M * beng_ I see the problem now, I need to define a limit for cron, as that's what run logrotate, which in turn runs the apache reload 1383146773 M * beng_ thanks Bertl 1383146991 M * Bertl you're welcome! 1383148961 Q * geos_one Quit: ChatZilla 0.9.90.1 [Firefox 23.0/20130824204146] 1383149297 J * SteeleNivenson ~SteeleNiv@cpe-172-248-130-44.socal.res.rr.com 1383149387 Q * thierryp_ Remote host closed the connection 1383150673 Q * snixor Quit: KVIrc 4.1.3 Equilibrium http://www.kvirc.net/ 1383152800 Q * beng_ Quit: I Leave 1383153670 J * thierryp ~thierry@home.parmentelat.net 1383153904 M * Bertl off for now ... bbl 1383153910 N * Bertl Bertl_oO 1383154153 Q * thierryp Ping timeout: 480 seconds 1383154445 J * bonbons ~bonbons@2001:a18:224:2e01:e145:b9d9:902b:e8be 1383158860 Q * hparker Ping timeout: 480 seconds 1383158962 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f 1383159470 J * hparker ~hparker@0000fb24.user.oftc.net 1383160382 J * thierryp ~thierry@home.parmentelat.net 1383161148 Q * Ghislain Quit: Leaving. 1383161151 J * Ghislain ~aqueos@adsl1.aqueos.com 1383161633 Q * Ghislain Ping timeout: 480 seconds 1383161871 J * hijacker ~hijacker@cable-84-43-134-121.mnet.bg 1383162326 J * geos_one ~chatzilla@80.123.185.198 1383165081 Q * thierryp Remote host closed the connection 1383165102 J * thierryp ~thierry@home.parmentelat.net 1383165586 Q * thierryp Ping timeout: 480 seconds 1383166163 J * fisted_ ~fisted@xdsl-87-78-10-26.netcologne.de 1383166194 Q * fisted Read error: Connection reset by peer 1383166195 N * fisted_ fisted 1383166371 N * l0kit Guest3877 1383166376 J * l0kit ~1oxT@0001b54e.user.oftc.net 1383166778 Q * Guest3877 Ping timeout: 480 seconds 1383166802 Q * fisted Remote host closed the connection 1383166826 J * fisted ~fisted@xdsl-78-35-84-170.netcologne.de 1383169138 Q * bonbons Quit: Leaving 1383169243 J * thierryp ~thierry@2a01:e35:2e2b:e2c0:d897:c4df:ac2b:1300 1383169911 Q * hijacker Quit: Leaving 1383171391 Q * thierryp Remote host closed the connection 1383171412 J * thierryp ~thierry@2a01:e35:2e2b:e2c0:d897:c4df:ac2b:1300 1383171895 Q * thierryp Ping timeout: 480 seconds 1383172056 Q * ntrs Ping timeout: 480 seconds 1383172071 Q * ntrs_ Ping timeout: 480 seconds 1383173170 Q * SteeleNivenson Ping timeout: 480 seconds 1383173323 J * SteeleNivenson ~SteeleNiv@cpe-172-248-130-44.socal.res.rr.com 1383177070 Q * SteeleNivenson Ping timeout: 480 seconds