1448499562 Q * fstd Remote host closed the connection
1448499573 J * fstd ~fstd@xdsl-87-78-16-206.netcologne.de
1448502743 M * Bertl off to bed now ... have a good one everyone!
1448502744 N * Bertl Bertl_zZ
1448508608 Q * bzed Remote host closed the connection
1448508625 J * bzed ~bzed@bzed.netrep.oftc.net
1448519399 Q * thierryp_ Remote host closed the connection
1448522773 J * thierryp ~thierry@zeta.inria.fr
1448522797 Q * thierryp Remote host closed the connection
1448522808 J * thierryp ~thierry@zeta.inria.fr
1448522949 Q * ensc|w Remote host closed the connection
1448523669 Q * thierryp Quit: ciao folks
1448524236 J * Ghislain ~aqueos@adsl1.aqueos.com
1448527280 M * Ghislain 'morning
1448527307 Q * aj__ Ping timeout: 480 seconds
1448527502 N * Bertl_zZ Bertl
1448527503 M * Bertl morning folks!
1448527980 M * Ghislain hello bertl, how things are going ? bathing in the sun with a mojito near the piscine as usual ?
1448527990 M * Ghislain i mean the pool
1448527997 M * Ghislain piscine is in french lol
1448528075 M * Bertl unfortunately the pool is not an option, we have heavy snowfall :)
1448528228 M * Ghislain hum snowfall do not mix with the pool dream and bikini girls. You should move south :)
1448528263 M * Ghislain i have a plan to stop sysadmin and convert to drug dealing this is much more worth in revenu
1448528503 M * bXi hah
1448528706 M * Ghislain ok so here is the plan ! 4.1 madness, 3.4 stabilisation !
1448528729 M * Ghislain how can i help, other than bothering you ocuntless time here :)
1448529198 J * aj__ ~aj@fw.gkh-setu.de
1448533462 M * Bertl testing various things is a good start, unfortunately I won't have much time before the weekend
1448533968 M * Ghislain ok, fi will see if i can come up with more tests
1448534782 M * Ghislain on the FS side vserver must use specific code only for dlimits and such or do it needs it for quota also and other ?
1448534810 M * Ghislain meaning can i use btrfs if i use no quota and no dlimits (yes i like to live on the edge)
1448535519 J * Gremble ~Gremble@cpc87151-aztw31-2-0-cust755.18-1.cable.virginm.net
1448538523 M * Bertl we have code for btrfs in place (not for limits though)
1448539925 M * Gremble :)
1448542580 M * Ghislain Bertl: you mean dlimits ?
1448542710 M * Bertl the necessary code for file attributes is there (has been for some years now for btrfs)
1448542725 M * Bertl there is no dlimit support though
1448542760 Q * fstd Remote host closed the connection
1448542772 J * fstd ~fstd@xdsl-84-44-226-1.netcologne.de
1448542810 M * Ghislain ok and probably no testing done by anyone other than you :)
1448542838 M * Ghislain well if i get around the 3.4 and the 4.1 work i will perhaps go that way too
1448542855 M * Ghislain i dont want to loose my bleeding edge nutswack title here
1448542875 M * Ghislain and what is better to smell the kernel panic in the morning ! :)
1448543627 M * Ghislain but more generaly if you pick a FS that is not "supported" what would be the issue, no vroot and no dlimits and quota will nto work even if the quota is embeded in the FS like btrfs ans xfs ones ?
1448543639 M * Ghislain or will it be worse than that ?
1448543794 M * Bertl no support for barrier would be the most prominent one
1448543817 M * Bertl but it is unclear if we even need that in recent setups with namespaces
1448543859 M * Ghislain ah yes that was i remembered that barrier were something that namespace should  account for
1448543870 M * Ghislain we do not use pid namespace in vserver ?
1448543884 M * Bertl off for now ... bbl
1448543890 N * Bertl Bertl_oO
1448543893 M * Ghislain ah ok ++
1448543910 M * Bertl_oO no pid namespaces at the moment, but mount namespaces are the relevant one
1448543964 M * Ghislain if you use a non shared partition barrier is not a real issue ?
1448552802 J * Ghislain1 ~aqueos@adsl1.aqueos.com
1448553188 Q * Ghislain Ping timeout: 480 seconds
1448553700 M * Bertl_oO the problem is not the sharing, the problem is escaping the chroot confinement :)
1448553716 M * Bertl_oO so it doesn't matter much if the partition is shared or not
1448553757 M * Ghislain1 back sorry i crashed and lost the conversation
1448553783 M * Ghislain1 i searched barrier in my google friedn without finding any clue about what it is
1448553908 M * undefined Ghislain1: try searching for: setattr barrier
1448553988 M * Bertl_oO but we have been suspecting that the namespace magic obsoletes the barrier flags for some time, just it wasn't tested/proven yet, so we keep the barrier around just to be sure
1448554071 M * Bertl_oO there have been some improvements on chroot as well, so that might already provide enough security nowadays
1448554105 M * Bertl_oO a century ago, the barrier was essential :)
1448554300 Q * Ghislain1 Read error: Connection reset by peer
1448554334 J * Ghislain ~aqueos@adsl1.aqueos.com
1448554444 M * Ghislain well i don't know how i could test an escape to see
1448555056 Q * Ghislain Read error: Connection reset by peer
1448555117 J * Ghislain ~aqueos@adsl1.aqueos.com
1448556088 M * undefined Ghislain: breakout methods: http://linux-vserver.org/Secure_chroot_Barrier
1448556127 M * undefined and i think there's a barrier test in testfs.sh
1448556148 M * undefined when you run it you should see something in the kernel log about "hit the barrier"
1448556155 M * undefined if i remember correctly
1448556797 Q * aj__ Ping timeout: 480 seconds
1448558127 M * Ghislain ok thanks, will try some ^^
1448558179 Q * Defaultti Quit: Quitting.
1448558238 J * Defaultti defaultti@lakka.kapsi.fi
1448559622 J * aj__ ~aj@88.128.80.49
1448560747 M * daniel_hozac i think that the barrier is only needed these days if you use a shared filesystem.
1448561338 M * Bertl_oO is it needed there?
1448562507 M * daniel_hozac yeah, it prevents the "i know the root starts at inode 2" escape.
1448562907 Q * Gremble Quit: I Leave
1448563937 Q * aj__ Ping timeout: 480 seconds
1448565210 Q * guerby Quit: Leaving
1448565254 J * guerby ~guerby@ip165-ipv6.tetaneutral.net
1448565309 J * sannes ~ace@2a02:fe0:c120:9660:380a:8f1b:6b78:c7fb
1448568563 M * Guy- fwiw, based on minimal initial testing, 4.1.13-vs2.3.8.3-arcadia seems to work for me as well
1448568590 J * aj__ ~aj@46.246.47.70
1448568805 M * Bertl_oO off for a nap ... bbl
1448568813 N * Bertl_oO Bertl_zZ
1448572603 Q * Ghislain Quit: Leaving.
1448573985 Q * sannes Remote host closed the connection
1448575533 J * xe ~ex@valis.net.pl
1448575551 J * eyck_ ~eyck@u28n61.nowanet.pl
1448575565 J * [Guy] ~korn@elan.rulez.org
1448575583 J * AndrewLe1 ~andrew@210.240.39.201
1448575585 J * Carpoon_ ~Carpoon@carpoon.hu
1448575587 J * fback_ fback@red.fback.net
1448575589 J * yang_ yang@irs.si
1448575596 Q * Carpoon charon.oftc.net helix.oftc.net
1448575596 Q * eyck charon.oftc.net helix.oftc.net
1448575596 Q * fback charon.oftc.net helix.oftc.net
1448575596 Q * yang charon.oftc.net helix.oftc.net
1448575596 Q * Guy- charon.oftc.net helix.oftc.net
1448575596 Q * l0kit charon.oftc.net helix.oftc.net
1448575596 Q * snixor charon.oftc.net helix.oftc.net
1448575596 Q * ex charon.oftc.net helix.oftc.net
1448575596 Q * AndrewLee charon.oftc.net helix.oftc.net
1448575597 N * xe ex
1448575601 J * l0kit_ ~1oxT@ns3096276.ip-94-23-54.eu
1448575661 J * snixor ~sn-x@93-103-10-34.static.t-2.net
1448575663 J * fback fback@red.fback.net
1448575663 J * yang yang@yang.netrep.oftc.net
1448575663 J * Guy- ~korn@elan.rulez.org
1448575663 J * l0kit ~1oxT@0001b54e.user.oftc.net
1448575675 Q * yang Read error: No route to host
1448575691 Q * Guy- Ping timeout: 480 seconds
1448575701 Q * l0kit Ping timeout: 480 seconds
1448575706 Q * fback Ping timeout: 480 seconds
1448578281 Q * gamingrobot_ Remote host closed the connection
1448579272 Q * FireEgl Quit: Leaving...
1448579738 J * gamingrobot_ sid10990@id-10990.highgate.irccloud.com