1397692801 Q * fisted Remote host closed the connection
1397692812 J * fisted ~fisted@xdsl-84-44-224-117.netcologne.de
1397692845 M * Bertl let me ask a question first, how many KVM/Xen guests can you run on a typical amd64 system?
1397692870 M * gnarface i guess it depends on how much ram you got
1397692885 M * Bertl okay, so, 20?
1397692889 M * gnarface sure why not
1397692894 M * Bertl maybe 100?
1397692904 M * gnarface i honestly never did more than 16
1397692916 M * gnarface go on...
1397692927 M * Bertl okay, well, we tested with >1000 Linux-VServer guests :)
1397692936 M * gnarface ha
1397692940 M * gnarface ok, cool
1397692942 M * Bertl but it is easy to explain
1397692960 M * Bertl if you run KVM/Xen, then each 'guest' is running a kernel
1397692971 M * gnarface right, i follow that much
1397692984 M * Bertl and this kernel provides the interface to userspace, which usually is located on a virual disk
1397692997 M * Bertl which needs to be mapped to physical resources somehow
1397693026 M * gnarface yea :-/ tends to suck unless you use some sort of iscsi magic too
1397693038 M * Bertl Linux-VServer OTOH, uses a single kernel for all guests, so if your guest consists of a single process, it is identical to running this process on the host
1397693064 M * Bertl this also allows to share resources like disk and network on a much higher layer
1397693070 M * gnarface so segmenting the memory space up is of trivial additional overhead, you're saying basically?
1397693093 M * Bertl yes, and it even goes further if you configure it properly
1397693105 M * gnarface good to know
1397693108 M * Bertl for example, if you set up unification (basically hard links between guest files)
1397693127 M * Bertl then you can run several guests with similar/identical userspace without wasting any memory
1397693143 M * gnarface oh that works in vservers too?
1397693144 M * Bertl because the libraries and executeables get only mapped once into memory
1397693160 M * gnarface nice
1397693208 M * Bertl so basically if you host can run 10k processes, you can run 1000 guests with 10 processes each, or 100 with a 100 processes each, etc
1397693229 M * gnarface well that will be fun
1397693236 M * Bertl there is no noticeable overhead compared to running it on the host
1397693392 M * gnarface so, i'm reading a little bit about grsecurity now
1397693400 M * gnarface and i'm curious if it complicates maintenance tasks
1397693430 M * gnarface i like the idea of non-excutable memory, buffer overflow protection and such
1397693445 M * Bertl that is more pax than grsec
1397693462 M * Bertl note that the pax part is easy to merge with Linux-VServer AFAIK
1397693526 M * gnarface what about RBAC? 
1397693594 M * Bertl rbac, as all other access control systems, require proper configuration to be useful 
1397693604 M * gnarface so that's optional, basically ? 
1397693620 M * gnarface or is it like selinux where it gets in the way unless you know how to grant access to what you're doing
1397693621 M * gnarface ?
1397693659 M * Bertl to me, it was not much different from selinux or tomoyo
1397693673 J * SteeleNivenson ~SteeleNiv@pool-108-29-139-222.nycmny.fios.verizon.net
1397693680 M * gnarface i'm basically just trying to gauge how much new stuff i'd have to learn if i went with a grsecurity enabled vserver patch
1397693684 M * Bertl but note, I'm not using it, so I'm in no way qualified to judge
1397693739 M * gnarface alright, well thanks for the info
1397693746 M * Bertl you're welcome!
1397697397 J * Sendell ~sendell@124.224.0.109.rev.sfr.net
1397697398 M * Sendell hi
1397697420 M * Bertl hello
1397697515 M * Sendell I'm quite new to vservers, using it thru repo.psand.net : aptitude upgrade wants me to upgrade  util-vserver util-vserver-build util-vserver-core util-vserver-legacy util-vserver-python util-vserver-sysv
1397697525 M * Sendell what will be the effect on my running vservers ?
1397697569 M * Bertl depends on what is installed right now :)
1397697631 M * Sendell I guess that all these packages are already installed
1397697661 M * Bertl then it probably shouldn't affect your guests at all
1397697677 M * Sendell ok :)
1397697687 M * Bertl but note that debian used to shut down/restart guests on upgrades
1397697703 M * Sendell hmm
1397697713 M * Bertl so maybe check the pre/post scripts first (or whatever that is called on deb)
1397697731 M * Sendell ok, I'll take a look :)
1397697890 Q * Sendell Quit: a+
1397703465 J * thierryp_ ~thierry@home.parmentelat.net
1397703595 Q * thierryp Read error: Connection reset by peer
1397713553 Q * zerick Read error: Connection reset by peer
1397715172 J * Ghislain ~aqueos@adsl1.aqueos.com
1397715465 M * Bertl off to bed now ... have a good one everyone!
1397715483 N * Bertl Bertl_zZ
1397718603 J * bonbons ~bonbons@2001:a18:209:4501:a1d9:ba2b:43de:ced2
1397718625 Q * thierryp_ Remote host closed the connection
1397718645 J * thierryp ~thierry@home.parmentelat.net
1397719128 Q * thierryp Ping timeout: 480 seconds
1397720699 J * thierryp ~thierry@2a01:e35:2e2b:e2c0:9074:12b6:f1a8:e7fd
1397723800 J * fisted_ ~fisted@xdsl-87-78-82-20.netcologne.de
1397724254 Q * fisted Ping timeout: 480 seconds
1397724254 N * fisted_ fisted
1397727683 Q * snixor Remote host closed the connection
1397730775 Q * sannes Ping timeout: 480 seconds
1397731130 J * sannes ~ace@2a02:fe0:c120:5e60:224:1dff:fe14:d24
1397731157 Q * brambles Quit: leaving
1397731489 J * brambles lechuck@s0.barwen.ch
1397733717 J * beng_ ~BenG@cpc29-aztw22-2-0-cust128.18-1.cable.virginm.net
1397734326 Q * yang Remote host closed the connection
1397735310 J * yang yang@yang.netrep.oftc.net
1397735685 Q * Aiken Remote host closed the connection
1397736001 Q * fisted Remote host closed the connection
1397736012 J * fisted ~fisted@xdsl-87-78-82-20.netcologne.de
1397736238 N * Bertl_zZ Bertl
1397736250 M * Bertl morning folks!
1397736344 M * hijacker afternoon
1397736462 M * hijacker fellows, I am trying to build a centos6 guest on a gentoo host, latest kernel + utils here
1397736472 M * hijacker the build method is yum
1397736475 M * hijacker and it fails at:
1397736476 M * hijacker ++ /usr/sbin/vrpm /etc/vservers/vcentos6 -- --initdb
1397736476 M * hijacker mount: mount point /etc/rpm does not exist
1397736486 M * hijacker any clues?
1397736597 M * beng_ do you have yum installed?
1397736627 M * beng_ that's what I'd have to do on Debian to get yum based guests installed
1397736633 M * beng_ yum on the host
1397736663 M * hijacker beng_, aye i have it
1397736684 M * hijacker thou it seems not to be used in this case
1397736698 M * hijacker it starts vrpm command which is part of util-vserver,no ?
1397736711 M * beng_ ah, yes I see the error actually suggests something completely different
1397736722 M * hijacker aye
1397736732 M * hijacker I bumped to this page: http://linux-vserver.org/util-vserver_talk:Setup_CentOS_Guest
1397736742 M * hijacker someone complaining about the same some long time ago ;-)
1397737182 M * Bertl does /etc/rpm exist?
1397737294 Q * thierryp Remote host closed the connection
1397739388 M * hijacker Bertl, it does not exist
1397739399 M * daniel_hozac have you tried creating it?
1397739411 M * hijacker nope, should that be a file or a directory ?
1397739438 M * daniel_hozac directory
1397740298 Q * FireEgl Ping timeout: 480 seconds
1397740355 M * hijacker thanks guys, will retry now
1397741498 M * Bertl it should be part of the rpm package
1397743941 M * hijacker # equery f rpm | grep /etc/rpm - finds nothing
1397743948 M * hijacker so it is not, yet ;-)
1397744073 M * Bertl yeah, IIRC, debian doesn't have it in the package as well, but it seems rpm requires it
1397744112 M * hijacker aye, we will have to file a bug report against it
1397744130 M * daniel_hozac i think it's only needed if you're actually installing rpms and want to set macros.
1397744147 M * daniel_hozac which i'm guessing they assume people won't be doing on Gentoo/Debian.
1397744168 M * Bertl which leaves the question, what else you would do with rpm?
1397744236 M * Bertl for filling up disk space, tex is much better suited :)
1397744366 M * hijacker next issue now: CRITICAL:yum.cli:Config error: Error accessing file for config file:///etc/vservers/vcentos6/apps/pkgmgmt/base/yum/etc/yum-hack.conf
1397744600 M * daniel_hozac i assume the file exists?
1397744743 M * hijacker it does not
1397744761 M * daniel_hozac do you have a --debug run?
1397744770 M * hijacker aye, that comes from the debug
1397744792 M * daniel_hozac the rest would be the interesting part in that case.
1397744911 M * hijacker daniel_hozac, http://paste.linux-vserver.org/60234
1397746380 Q * SteeleNivenson Ping timeout: 480 seconds
1397747136 M * Bertl off for now ... bbl
1397747152 N * Bertl Bertl_oO
1397747454 M * hijacker Happy Easter guys!
1397747462 J * SteeleNivenson ~SteeleNiv@207.97.167.52
1397747467 M * hijacker off to home now...
1397747833 Q * SteeleNivenson Quit: Leaving
1397747848 J * SteeleNivenson ~SteeleNiv@207.97.167.52
1397748682 Q * beng_ Quit: I Leave
1397751792 J * thierryp ~thierry@LMontsouris-656-01-281-166.w80-12.abo.wanadoo.fr
1397752348 Q * thierryp Remote host closed the connection
1397753056 J * thierryp ~thierry@LMontsouris-656-01-281-166.w80-12.abo.wanadoo.fr
1397757510 Q * thierryp Remote host closed the connection
1397757530 J * thierryp ~thierry@sop012r.vpn.inria.fr
1397758026 N * Bertl_oO Bertl
1397758734 Q * thierryp Read error: Connection reset by peer
1397759070 J * thierryp ~thierry@LMontsouris-656-01-281-166.w80-12.abo.wanadoo.fr
1397760137 Q * thierryp Remote host closed the connection
1397763478 Q * yang Remote host closed the connection
1397763576 J * alpha_one_x86 ~kvirc@190.186.178.183
1397763586 M * alpha_one_x86 Hello, new for the last kernel patch?
1397763637 M * Bertl my interpretation of the question: any news regarding the latest kernel patches? 
1397763859 M * alpha_one_x86 yes, because I wish the 3.10.37...
1397763956 M * Bertl ah, 3.10.37, that is long term yes, I thought you are eyeing 3.14.1 :)
1397763957 N * l0kit Guest6804
1397763963 J * l0kit ~1oxT@0001b54e.user.oftc.net
1397763984 M * Bertl yes, there will be an update to all the existing kernel patches soon, after all, the weekend is coming :)
1397764028 Q * Guest6804 Read error: Operation timed out
1397764116 M * alpha_one_x86 thanks
1397764280 M * Bertl you're welcome!
1397764463 J * yang yang@yang.netrep.oftc.net
1397766755 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f
1397770242 J * fisted_ ~fisted@xdsl-87-78-188-143.netcologne.de
1397770696 Q * fisted Ping timeout: 480 seconds
1397770696 N * fisted_ fisted
1397770804 J * thierryp ~thierry@LMontsouris-656-01-281-166.w80-12.abo.wanadoo.fr
1397771368 Q * SteeleNivenson Read error: Connection reset by peer
1397775465 Q * thierryp Remote host closed the connection
1397775533 Q * bonbons Quit: Leaving
1397775862 J * thierryp ~thierry@LMontsouris-656-01-281-166.w80-12.abo.wanadoo.fr
1397776534 Q * thierryp Remote host closed the connection