1389488377 Q * bonbons Quit: Leaving 1389488401 Q * fisted Remote host closed the connection 1389488465 J * fisted ~fisted@xdsl-87-78-9-86.netcologne.de 1389491331 Q * MooingLemur Read error: Operation timed out 1389491809 J * MooingLemur ~troy@phx-pnap.pinchaser.com 1389492741 Q * Ghislain Quit: Leaving. 1389492744 J * Ghislain ~aqueos@adsl1.aqueos.com 1389493225 Q * Ghislain Ping timeout: 480 seconds 1389493947 P * undefined 1389494725 J * undefined ~undefined@00011a48.user.oftc.net 1389504544 Q * MC71 Ping timeout: 480 seconds 1389515158 Q * geos_one Quit: ChatZilla 0.9.90.1 [Firefox 26.0/20131215185306] 1389517836 J * Ghislain ~aqueos@adsl1.aqueos.com 1389518514 M * Bertl off to bed now ... have a good one everyone! 1389518525 N * Bertl Bertl_zZ 1389521912 Q * eyck_ Read error: Operation timed out 1389522012 J * eyck ~eyck@u28n61.nowanet.pl 1389522037 J * bonbons ~bonbons@2001:a18:203:e401:8c04:fbae:2760:2ec6 1389523854 Q * FireEgl Read error: Connection reset by peer 1389524654 J * FireEgl ~FireEgl@173-23-77-153.client.mchsi.com 1389526991 Q * guerby Read error: Connection reset by peer 1389527029 J * guerby ~guerby@ip165-ipv6.tetaneutral.net 1389528683 Q * ircuser-1 Ping timeout: 480 seconds 1389529354 Q * Aiken Remote host closed the connection 1389530598 M * ptitoliv * 1389531213 J * ircuser-1 ~ircuser-1@35.222-62-69.ftth.swbr.surewest.net 1389531354 Q * Ghislain Quit: Leaving. 1389531602 Q * fisted Remote host closed the connection 1389531627 J * fisted ~fisted@xdsl-78-35-87-188.netcologne.de 1389531684 Q * Romster Quit: Geeks shall inherit properties and methods of object earth. 1389533143 J * Ghislain ~aqueos@adsl1.aqueos.com 1389534409 J * Ghislain1 ~aqueos@adsl1.aqueos.com 1389534796 Q * Ghislain Ping timeout: 480 seconds 1389535121 Q * Ghislain1 Read error: Connection reset by peer 1389536028 J * MC71 ~MadCow@0001c2a3.user.oftc.net 1389538691 J * Ghislain ~aqueos@adsl1.aqueos.com 1389538912 P * undefined 1389539099 J * wiuempe ~wmp-freen@62.244.154.97 1389539229 J * geos_one ~chatzilla@80.123.185.198 1389540736 Q * Ghislain Read error: Connection reset by peer 1389542921 N * l0kit Guest3564 1389542927 J * l0kit ~1oxT@0001b54e.user.oftc.net 1389543328 Q * Guest3564 Ping timeout: 480 seconds 1389546421 Q * wiuempe Quit: Konversation terminated! 1389550590 M * arekm Bertl_zZ: 3.13 final next week (said Linus) 1389551133 N * Bertl_zZ Bertl 1389551156 M * Bertl thanks for the info! 1389552012 Q * FireEgl Remote host closed the connection 1389552966 J * FireEgl ~FireEgl@173-23-77-153.client.mchsi.com 1389555090 Q * ggherdov Read error: No route to host 1389555108 J * ggherdov sid11402@id-11402.ealing.irccloud.com 1389559845 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f 1389564307 Q * bonbons Quit: Leaving 1389565872 J * undefined ~undefined@00011a48.user.oftc.net 1389566708 J * glen ~glen@scratchy.delfi.ee 1389566742 M * glen hey. i'm having such weird /proc/PID issue with docker (lxc): http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-January/023786.html 1389566749 M * glen i narrowed it down to vserver patch in 1389566750 M * glen y kernel 1389566756 M * glen my kernel* 1389566979 M * Bertl the problem is when you are not using Linux-VServer? 1389567034 M * glen the problem is in vserver-host, if you ask is it guest or host 1389567064 M * glen i mean i compiled the same distro kernel that fails --without vserver, thus it disabled vserver patch. so lxc /proc stuff started to work 1389567068 M * Bertl so to clarify, you have problems accessing certain pids on the host, yes? 1389567082 M * glen not certain, all pids 1389567090 M * glen and in lxc container, not host 1389567101 M * glen the lxc container was started from vserver-host so to speak 1389567111 M * Bertl okay, and what namespaces does it use? 1389567129 M * Bertl (and what kernel/patch/util-vserver version?) 1389567135 M * glen how to check what namespaces it uses? 1389567167 M * glen linux-3.10.21-vs2.3.6.8/ 1389567197 M * glen [root@e6817e6fea21 ns]# echo /proc/self/ns/* 1389567197 M * glen /proc/self/ns/ipc /proc/self/ns/mnt /proc/self/ns/net /proc/self/ns/pid /proc/self/ns/uts 1389567203 M * glen is that answer to "what ns it uses"? 1389567229 M * Bertl looks like, so it is using pid namespaces 1389567236 M * glen kernel itself is 3.10.26-1, and patch seems to be vs2.3.6.8 1389567272 M * glen yes. definately pid namespaces 1389567306 M * glen ... as there's pid 1 in container 1389567318 M * Bertl okay, and you cannot access any pid, e.g. not even /proc/self/ ? 1389567329 M * glen yep. all dead 1389567340 Q * undefined Quit: Closing object 1389567359 M * glen ok. there's some newer vs patch. maybe it fixes something 1389567373 J * undefined ~undefined@66-190-97-211.dhcp.unas.tx.charter.com 1389567374 M * glen patch-3.10.25-vs2.3.6.8.diff 1389567401 M * Bertl won't hurt to give it a try, just to be in sync with what I'm looking at, but I doubt it will change much 1389567441 M * glen yeah, i don't think it will change too, as imho the bug is very long, i just didn't had time to look into it closer 1389567449 M * glen and now it bites, earlier it was just annoying 1389567525 M * Bertl there is a debug print associated with the pid access checks 1389567538 M * Bertl VXD_CBIT(misc, 7) 1389567555 M * Bertl ah, sorry, that's for the signalling 1389567664 M * glen how's it going anyway with vserver now that lxc is somewhat usable? 1389567724 M * Bertl well, lxc is somewhat useable for some time, but still lacks a few features essential for hosting and/or hostile environments 1389567752 M * glen does vserver have also similar veth networking that lxc has? 1389567759 M * Bertl somewhere in the (hopefully near) future Linux-VServer will be obsolete 1389567771 M * Bertl yes, you can use the network namespace in Linux-VServer as well 1389567773 M * glen so far i've always used networking where ip's visible in vserver-host 1389567788 M * Bertl most of the LXC features are available in Linux-VServer 1389567813 M * Bertl i.e. we support any mainline features as soon as they become (somewhat) useable 1389567854 M * Bertl so you get ENOENT not EACCESS, yes? 1389567858 M * glen there's still lots of code as patch is 731K in size 1389567872 M * glen Bertl: yes, i get ENOENT, but readdir returns the entries 1389567876 M * Bertl yes, correct 1389567900 M * glen and ls prints stuff as ???? it apparently gets really puzzled what's going on 1389567955 M * glen if you can allow yourself installing virtualbox and vagrant then you can get yourself that env very easily, 3 commands or so 1389567982 M * Bertl how is virtualbox involved? 1389568008 M * glen vagrant is cli frontend to virtualbox 1389568023 M * glen vagrant actually can do other backends too, but vbox is imho simpliest 1389568058 M * Bertl okay, but both are not related to the issue you are observing or are they? 1389568060 M * glen and uh, my .box is for virtualbox, imho other vagrant backends need some different format 1389568092 M * glen nah, vbox is not related to the bug, i just mentioned that you can get that broken pld box up easily 1389568107 M * glen it's actually written in that mailinlist post i started this problem here 1389568122 M * Bertl well, if it is a kernel/patch issue, it shouldn't depend on the distro 1389568123 M * glen hmm, i found pld applies this patch: this could be source of this evillness? http://sprunge.us/SPNS 1389568186 M * glen commit for that patch is here: http://git.pld-linux.org/?p=packages/kernel.git;a=commitdiff;h=0232a98e8d387532cf4d7934aca2df312e56732d 1389568197 M * glen what you think? related? 1389568212 M * glen (as i'm still building latest patch, disabling this patch has to wait first) 1389568231 M * Bertl do you have hidepid enabled? 1389568251 M * glen the feature or host mount? 1389568274 M * glen i did disable hidepid=2 from host fstab and rebooted, so the mount option is off 1389568281 M * Bertl the additional check in the patch only seems to override the hidepid feature 1389568307 M * Bertl how do you test the LXC setup? 1389568322 M * glen with docker 1389568336 M * glen docker run -i -t ubuntu bash 1389568396 M * glen i try to do some lxc container, test there 1389568418 M * Bertl that would be useful for testing, yes 1389568603 M * glen altho i'm not very certain what the lxc commands would be 1389568782 M * glen ok. got something 1389568936 M * glen so, yes, just starting lxc container and ls /proc shows the same problem 1389568969 M * Bertl do you have the command(s) at hand? 1389569017 M * glen which commands? 1389569048 M * Bertl well, basically everything from a root login to the failing ls /proc :) 1389569049 M * glen i just ran lxc-start --name, which gave me shell prompt as setup was incomplete, but then i did ls -l /proc 1389569064 M * glen root login in container? 1389569110 M * Bertl 'lxc-start --name' gives a syntax error :) 1389569123 M * glen you haver used lxc? 1389569139 M * glen lxc-start --name CONTAINER_NAME 1389569159 M * Bertl lxc-start: no configuration file for '/sbin/init' (may crash the host) 1389569176 M * glen i created pld from pld template, you probably don't have pld template unless you used the vagrant lines i mentioned earlier 1389569190 M * glen the container your start, you created how? 1389569211 M * Bertl that was my question to you 1389569229 M * Bertl i.e. create a sequence of commands to easily recreate the issue with lxc 1389569238 M * glen but it's rather os dependant 1389569261 M * glen here's how you may be able to reach to same point: lxc-create -t busybox busybox; lxc-start --name busybox; ls -l /proc 1389569264 Q * undefined Quit: Closing object 1389569298 J * undefined ~undefined@66-190-97-211.dhcp.unas.tx.charter.com 1389569316 M * glen you can recreate the issue 100% if you use the pld image from here: http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-January/023786.html 1389569349 M * glen "poldek -u vagrant" like can be replaced with "install vagrant and virtualbox" the rest is os independant 1389569432 M * Bertl the busybox target doesn't work here either 1389569471 M * glen i needed to install busybox to host first, then lxc-create succeeded 1389569500 M * Bertl well, first, it seems to require -n busybox (for name) 1389569502 M * glen but anyway, there's no special config needed for lxc, *any* lxc container has the same issue here 1389569518 M * Bertl the second is, it doesn't find a busybox template 1389569526 M * glen ok. i used lxc 1.0.0beta1, options may have changed 1389569577 M * Bertl yeah, it doesn't seem to be very well tested either, as in my case it is looking for templates in the wrong place :) 1389569599 M * glen debian? 1389569638 M * Bertl mageia 1389569653 M * Bertl templates are in /usr/lib/lxc/templates/, but it looks in /usr/lib64 :) 1389569680 M * glen well, some errors may be misleading 1389569715 M * glen for me it said can't mount /usr/lib64/lxc/rootfs/proc, but the real error was that i had /var/lib/lxc/FOO/rootfs empty, i.e template put files to wrong subdir 1389569766 Q * undefined Quit: Closing object 1389569781 M * Bertl okay, fixed the template issue with a symlink 1389569841 M * Bertl now it fails with: 1389569858 M * Bertl lxc-start: No such file or directory - failed to access to '/usr/lib64/lxc/rootfs', check it is present 1389569868 J * undefined ~undefined@66-190-97-211.dhcp.unas.tx.charter.com 1389570159 M * glen that empty dir must exist 1389570179 M * glen and if it gives same about proc check if lxc container dir has issues 1389570243 M * Bertl I guess lxc on mageia is not packaged to be used at all :) 1389570268 M * Bertl the rootfs is placed in /var/lib/lxc//rootfs/ 1389570271 M * glen yes 1389570281 M * Bertl but searched in /usr/lib64/lxc/rootfs 1389570301 M * glen no no 1389570312 M * glen /usr/lib64/lxc/rootfs is empty rootfs that is used to do some magic 1389570326 M * glen it should contain some README in that dir, if it's packaged 1389570356 M * glen mine says: 1389570356 M * glen 01:45:42 root[load: 0.00]@pld64 ~# cat /usr/lib64/lxc/rootfs/README|sprunge 1389570356 M * glen http://sprunge.us/DOZE 1389570422 M * Bertl ah, now it kind of started and killed the host 1389570431 M * Bertl (or at least the host networking) 1389570465 M * Bertl any idea how to keep busybox from touching the host networking with lxc? 1389570595 M * glen huh? 1389570616 M * glen default lxc conf it creates is network.emppty 1389570623 M * Bertl well, it started busybox with udhcp 1389570633 M * Bertl and that instantly killed networking on the host 1389570647 M * glen http://sprunge.us/GPVS <- here's mine buysbox config 1389570660 M * glen then your kernel doesn't have netns perhaps? 1389570685 M * glen here busybox lxc does not see any network 1389570708 M * glen "ip a" sees only "lo" 1389570720 M * Bertl will check once the host is back up 1389570776 M * glen vagrant rules in that manner that it's managing vbox not real box 1389570789 M * glen or you have some machine physically at hand? or some remote management? 1389570809 M * Bertl remote, I had to reboot it, will be up soon 1389570845 M * Bertl but it very nicely illustrates the problems with lxc :) 1389570854 M * glen like some management card? 1389570870 M * Bertl yup 1389570937 M * glen hp ilo? ibm rsa? ipmi sol? 1389570945 M * Bertl hp ilo 1389570962 M * glen ok :) 1389570978 M * glen but what kernel you have and lxc version? 1389571013 M * Bertl kernel is the recent one, lxc version whatever mageia provides 1389571041 M * glen check maybe, or host still not up? 1389571082 M * Bertl raid/filesystem check ... 1389571118 M * glen it wasn't some random test box? :) 1389571140 M * Bertl I wish I had a number of test boxes available ... 1389571195 M * Bertl but after 12 years of Linux-VServer, contributions are almost non existant, and I'm glad that I have a single test box 1389571196 M * glen virtualbox? :)