[00:07] shuri (~ipv6@cpu183.adsl.qc.bellglobal.com) left irc: Quit: ipv6 [00:09] Cru (~cru@212.93.7.46) joined #vserver. [00:09] hi [00:10] Hi, cru. [00:10] :) [00:11] Unexpectable me? :) [00:11] I am having problems with a NFS export mounted into a vserver - that worked just fine with Jacques' old patches but now I upgraded to 1.22 and I get "Operation not permitted" inside the vserver when trying to access the mountpoint [00:12] virtuoso: I am always happy if there is life anywhere ;) [00:13] Is that a known problem or a security feature? [00:14] Hm. I don't remember it was allowed to mount anything into vserver. [00:14] no, it is mounted on the host server by the config companion script [00:15] but I am no longer permitted to access the mountpoint... [00:15] I suppose there is something like a one-filesystem feature for security, but that drives me nuts... ;) [00:18] Try --rbind mount? [00:19] tried --bind - what is the difference? [00:19] --bind did not work either [00:20] With bind you mount only 'one-filesystem', but rbind gives you filesystem with everything mounted on it. [00:20] it works for other local directories, but not for the nfs mount [00:21] hmm, will try that, thanks :) [00:21] Try man mount for more accurate explanation though. [00:22] mount: unrecognized option `--rbind' [00:22] This call attaches only (part of) a single filesystem, not possible submounts. The entire file [00:23] hierarchy including submounts is attached a second place using [00:23] mount --rbind olddir newdir [00:23] Your mount is probably outdated a little. :) [00:23] heh, debian woody ;) [00:24] will check backports.org... [00:24] I have mount: mount-2.12 [00:24] On testing/unstable. [00:26] 2.11v [00:27] Well, try to upgrade. The source package is util-linux, I guess. [00:28] http://www.backports.org/debian/dists/woody/util-linux/binary-i386/ [00:28] there is a 2.12 [00:28] but thats just a dirty workaround :/ [00:30] No-no. Bind/rbind mounting r00lz da w0r1d. :) [00:31] but that does not really solve the problem why i cant access an NFS mount from inside a vserver ;) [00:32] ls: .: Stale NFS file handle [00:32] Last message repeated 1 time(s). [00:32] does not work either :( [00:32] Cru: you will have to do this nfs-mount with chbind [00:33] e.g. chbind --ip mount server:/... /vservers/... [00:33] when Savannah would not be dead I could point you to util-vserver alpha branch ;) [00:33] ensc: hmm, why? wouldnt mount be unable to access portmap then? [00:34] works here without problems [00:35] # chbind --ip 195.149.80.108 mount /vservers/dev01/mnt/sites [00:35] ipv4root is now 195.149.80.108 [00:35] mount: RPC: Port mapper failure - RPC: Unable to send [00:35] nathan_ (jimmyk@207.44.202.162) left irc: Quit: BitchX-1.0c19 -- just do it. [00:36] well, it gets mounted just fine and works well from the host server but I get "operation not permitted" from within the vserver when accessing the mountpoint [00:37] nathan_ (jimmyk@207.44.202.162) joined #vserver. [00:37] Cru: what says the NFS server's logfile? [00:38] i seem to be getting an null pointer oops in proc_pid_status on an SMP box w/1.22 [00:38] anyone else running an smp box? [00:38] ensc: no error messages [00:39] Cru: are there strange permissions on the mountpoint (chmod 000, insufficient rights because of root-squashing)? [00:39] I do not think that has something to do with the networking itself as it worked fine with Jacques' patches [00:40] ensc: no, everything fine [00:42] im thinking the reads in proc_pid_status should be locked on tasklist_lock [00:43] anyone around that can confirm this? [00:45] Cru: the 195.149.80.108 ip is in /etc/exports listed, isn't it? [00:46] the connection is established from the host, .20 [00:46] but I can add [00:49] I added them but no change... [00:49] you called 'exportfs -r' and remounted it? [00:59] i did /etc/init.d/unfs reload and remounted [01:03] but I do not understand why the vserver ip address could be involved in this - all communication with the NFS server is dont thru the host server, isnt it? [01:04] s/dont/done/ [01:05] maybe I should migrate to samba + unix permissions ;) [01:06] ah, it works! [01:06] by using the host server's IP address [01:06] for chbind [01:10] nathan_ (jimmyk@207.44.202.162) left irc: Quit: [BX] "got bitchx?" [01:13] no i have got to find a neat way how to mount this ;) [01:15] s/no/now/ [01:31] Doener (~doener@p5082D4C3.dip.t-dialin.net) joined #vserver. [01:52] okay, everything works fine now [01:52] thanks, guys [01:54] bye [01:54] Cru (~cru@212.93.7.46) left irc: Quit: Client wird beendet [02:04] Nick change: riel -> unriel [02:06] zyong (cat@bb220-255-105-230.singnet.com.sg) left irc: [02:19] Bahraini (gdfgdf@217.17.253.111) joined #vserver. [02:19] Bahraini (gdfgdf@217.17.253.111) left #vserver. [02:21] Doener` (~doener@pD9588447.dip.t-dialin.net) joined #vserver. [02:25] Doener (~doener@p5082D4C3.dip.t-dialin.net) left irc: Ping timeout: 485 seconds [02:45] Nick change: Bertl_oO -> Bertl [02:46] hi folks! [02:46] hi! [02:49] hi dan, how are you? [02:49] oh, I'm pretty good [02:49] how about you? [02:50] a little stressed, all that x-mas action around me ;) [02:53] heh [02:53] x-mas snuck up on me this year [02:55] really, did it, no 'hohoho' yet? [02:55] none! [04:12] Doener` (~doener@pD9588447.dip.t-dialin.net) left irc: Quit: Leaving [07:02] Doener (~doener@pD9588447.dip.t-dialin.net) joined #vserver. [07:31] Bertl: can you replace 'asm' with '__asm__' in /usr/include/asm/unistd.h and try to recompile util-vserver for parisc again? [07:31] sure ... [07:34] http://vserver.13thfloor.at/Stuff/parisc_util-vserver-0.26.log.1 [07:35] looks more like the vserver failures now ... ;) [07:35] yep... [07:35] but I do not understand them :( [07:36] me neither ... [07:36] seems to be connected with the syscall definitions ... [07:36] but the vkill syscall definition works like a charme ... [07:37] maybe g++ doesn't allow syscall definitions? or they are broken? [07:38] how are you calling it in your vkill? with syscall() or through _syscallX() functions? [07:38] http://www.13thfloor.at/vserver/s_release/v1.22/vkill-0.01.tar.bz2 [07:40] is it possible to disable the 'old' syscall interface at compile time? [07:41] is parisc 64bit? [07:41] parisc64 yup, but only 32bit userspace yet ... [07:41] perhaps the 'unsigned long' expands to uint64_t which is not allowed in syscall params? [07:42] --enable-apis= ? [07:42] yep [07:42] legacy,compat,v11 is what? [07:42] compat,v11 disables the old interface [07:43] compat means? [07:43] the old syscall with the new interface [07:43] ah, and v11? [07:44] the vserver-1.1.x+ interface [07:44] hmm, what did we change there? [07:45] it has the *rlimit and ctx_kill syscalls [07:45] hmm, so util-vserver-0.26 does support ctx_kill? [07:45] /usr/src/TOOLS/util-vserver-0.26/tests/chrootsafe.cc:47: undefined reference to `vc_chrootsafe' [07:45] no, only the CVS verson [07:45] /usr/src/TOOLS/util-vserver-0.26/tests/chrootsafe.cc:56: undefined reference to `vc_chrootsafe' [07:46] call it with 'make -k' ;) [07:46] chrootsafe vanished CVS... [07:46] +in [07:46] oki ... [07:47] seems to compile ... (still compiling ..) [07:47] can you try to replace the 'unsigned long' parameters with 'uint32_t' in the legacy syscall declarations? [07:48] where would I find the executeables? [07:48] (I don't want to install it yet) [07:48] in src/ [07:48] ahh in src ... [07:48] but neither chcontext nor chbind could be compiled ;) [07:49] mmh, which error? [07:49] /usr/src/TOOLS/util-vserver-0.26/src/chcontext.c:261: undefined reference to `vc_new_s_context' [07:49] /usr/src/TOOLS/util-vserver-0.26/src/chcontext.c:278: undefined reference to `vc_new_s_context' [07:49] /usr/src/TOOLS/util-vserver-0.26/src/chbind.c:213: undefined reference to `vc_set_ipv4root' [07:49] the library failed to compile... [07:50] g++ -g -O2 -ansi -Wall -pedantic -W -fmessage-length=0 -o tests/chrootsafe tests/chrootsafe.o lib/libvserver.a [07:50] tests/chrootsafe.o: In function `main': [07:50] /usr/src/TOOLS/util-vserver-0.26/tests/chrootsafe.cc:47: undefined reference to `vc_chrootsafe' [07:50] /usr/src/TOOLS/util-vserver-0.26/tests/chrootsafe.cc:56: undefined reference to `vc_chrootsafe' [07:51] rm -f lib/libvserver.a [07:51] ar cru lib/libvserver.a lib/lib_libvserver_a-syscall.o lib/lib_libvserver_a-syscall_rlimit.o lib/lib_libvserver_a-checkversion.o lib/lib_libvserver_a-getctx.o lib/lib_libvserver_a-getversion.o lib/lib_libvserver_a-uint2str.o [07:51] ranlib lib/libvserver.a [07:51] looks okay to me ... [07:53] which VC_ENABLE_API* macros are defined in config.h? [07:53] probably chrootsafe() isn't defined with --enable-apis=compat,v11 [07:53] none ... [07:55] oh, stupid error in configure... [07:56] Doener (~doener@pD9588447.dip.t-dialin.net) left irc: Quit: Leaving [07:56] how can I fix it, just define it afterwards? [07:56] checking for ctx_t... no [07:56] is this xid_t ? [07:57] supported_apis='compat,v11' ./configure --enable-apis=xx [07:57] should do it [07:58] hmm, some autoconf magic? [07:58] mdaur__ (mdaur@pD9E05D73.dip.t-dialin.net) joined #vserver. [07:58] thinko... I used 'supported_apis' instead of 'enable_apis' [07:58] #define VC_ENABLE_API_COMPAT 1 [07:58] #define VC_ENABLE_API_V11 1 [07:59] looks good ... [08:00] wow .. it compiled ... [08:01] Linux-VServer Test [V0.03] (C) 2003 H.Poetzl [08:01] chcontext is working. [08:01] chbind is working. [08:02] Linux zaphod 2.4.23-pa3-vs1.22 #1 SMP Fri Dec 19 04:29:41 CET 2003 parisc64 unknown [08:02] hehe [08:02] good work enrico! [08:05] mdaur_ (mdaur@pD9E053D3.dip.t-dialin.net) left irc: Ping timeout: 499 seconds [10:06] Nick change: Bertl -> Bertl_zZ [13:44] re [14:11] serving (~serving@213.186.190.83) joined #vserver. [14:48] JonB (~jon@129.142.112.33) joined #vserver. [15:40] JonB (~jon@129.142.112.33) left irc: Quit: Client exiting [15:59] mcp (~hightower@wolk-project.de) joined #vserver. [17:16] Nick change: unriel -> riel [18:07] Nick change: Bertl_zZ -> Bertl [18:08] hi everyone! [18:47] Bertl: Hi. [18:48] you are a debian guy, right? [19:05] moo? [19:13] mad cow? [19:14] Bertl: Basically I am, but I use different distros. [19:26] well I was asking becaus I try to compile a gcc on debian (as package) [19:26] heh, fun task [19:27] hmm, actually the fun is, that it is a parisc machine, and I'm trying to compile a hppa64 crosscompiler ;) [19:52] JonB (~jon@129.142.112.33) joined #vserver. [19:54] hi jon! [19:54] hey Bertl [20:47] okay, does anybody know how I can 'modify' a deb source to use specific configure/build options? [21:25] sort of [21:25] you can build you own pacakge [21:26] I'm trying that.. already found deb-buildpackage ;) [21:27] Bertl: ok [21:27] the trouble is, I want to compile a hppa64 crosscompiler on hppa ;) [21:28] ok [21:28] so I'm currently modifying debian/rules2 (not sure that this is the way to do it) [21:31] nathan_ (jimmyk@207.44.202.162) joined #vserver. [21:32] hi nathan! [21:46] heya [21:46] sorry about the delay..lost this window [21:46] glad you found it again ;) [21:47] im still trying to track down some stability issues on my box with vserver :/ [21:47] its being very anti-smp [21:47] lets hear about it ... [21:48] its a dual xeon appearing as a quad with ht. ive been trying to stabalize it under vserver but i can consitently make it crash. [21:48] so far the only info was able to obtain from a crash was the oops in the proc status that you saw [21:49] but i fixed the race condition with the locking method you described [21:49] hey that is perfect, nothing better than a crashing system ;) [21:49] JoViaL (~JoViaL@ALamentin-101-2-2-158.w81-48.abo.wanadoo.fr) joined #vserver. [21:49] yea, especially since its remote and i have no physical access :/ [21:49] do you have a serial console attached? [21:49] nope, i have no physical access whatsoever [21:49] hmm, how so? [21:50] its a remote outsourced datacenter [21:50] i am just leasing the box [21:50] and your only machine there? in that dc? [21:50] nathan_: and it's your production machine ? [21:50] JonB, its will be, if i can stabalize it. [21:51] nathan_: the support is only given in french, from 2 am to 10 am, or something like that? [21:51] its not a mission critical box, i just host my personal sites and a few friends. [21:51] JoViaL (~JoViaL@ALamentin-101-2-2-158.w81-48.abo.wanadoo.fr) left #vserver. [21:51] well, I'm interrested in helping you/finding/fixing issues ... [21:51] JonB, nope, its all manage your own box. no 'support' really. they will reboot it if i want :) [21:51] JonB, lilo -R is my friend [21:51] along with panic=10 [21:51] nathan_: thats a pretty nice box for hosting a personal site [21:52] nathan_: have you considered disabling HT ? [21:52] I ask again, is this your only machine there? [21:52] JonB, yep, in the process of testing with noht right now [21:52] Bertl, sorry i missed that, yes its the only box. [21:52] Bertl, even if i had another there is no way they would give me a serial connection between them if thats where you were thinking [21:52] hmm why? [21:53] Bertl, its dirt cheap hosting, really bare bones, they will only reboot and restore. [21:53] hence why ive been trying to do it myself, i dont want to waste anyones time debugging this considering the access i have. [21:53] hmm, and rebooting cost you nothing? [21:53] Bertl, yep, they will be my reboot monkey as many times as i ask. [21:54] okay, keep asking for a day, every 10 minutes, and you will get your serial line/parport reset asap ;) [21:54] JonB, i have a few friends that got me some paying customers who pay for the box and i use the rest for my own stuff. thats the only reason i could afford such a big box. [21:54] nathan_: looks like smarter hosting and a smaller box might be a better choice [21:54] Bertl, na they will just terminate my account with them. they really dont care about me, they have 10k+ customers and could care less about individuals. [21:54] its ev1servers.net if you are curious about these wackos [21:54] hooray for low-margin, high-volume business! [21:55] yep [21:55] hmm, okay ever tried lkcd? [21:55] they provide a great service once the software/hardware is stabalized [21:55] Bertl, yea, thats another thing ive been working on. sadly the patch against 2.4.23 is disabling smp for some reason. [21:56] hmm, and 2.4.23 without SMP is rock solid, I guess ;) [21:56] Bertl, yes based on the tests i did :) [21:57] has anyone been running 1.22+2.4.23 under smp? [21:57] you've read jonathans page about lkcd ... http://jonathan.dsvr.co.uk/kernel/ [21:58] yep, i used his patch that he pulled from the cvs. [21:58] yes, I have a SMP system running without any issues yet ... [21:58] 5 days uptime 2.4.23-vs1.22 [21:58] Bertl, heres the other thing, i havent ruled out a hardware issue yet. there was definitely that race condition in the proc status but that is gone now, there may also be a memory issue working against me. [21:58] i need to do some more extensive memory tests under uni proc [21:59] well, your proc SMP issue made me think, and I guess there are more such races ... [21:59] or possibly even ht is causing a problem as jonb suggested [21:59] so I'm glad somebody is testing on >= 2 CPU ... [21:59] Bertl, yea i took a look around the code, at least with access to s_info. from the other functions i looked at they do it relative to current so those seemed safe. [21:59] could you try vs1.3.0 on that machine? [22:00] sure [22:00] if you get into troubles really fast, (how long does it take to crash, in average?) [22:00] it should be a good test ... [22:01] Bertl, my test is composed of 5 runs of http://people.redhat.com/dledford/memtest.html in the root server, one infinite loop of vserver server stop; vserver server start; and an infinite loop cat cat /proc/*/status in ctx 1. [22:01] it is usually dead within the hour [22:02] hmm, sounds good ... make the vserver stop/start two independant tasks ... [22:02] so actually 2 infinite loops up/downing two separate servers [22:03] as an isolated test, or in addition to the existing ones above? [22:03] in addition ... [22:03] I guess you can skip or reduce the memtests ... we are looking for races ... [22:03] Bertl, you dont happen to run lkcd on your smp box do you? [22:04] nope, I have a good serial connection and a power/reset device as described on my pages ;) [22:04] lucky :) [22:04] Bertl, did you find other race conditions after the one i pointed out on the list? [22:05] I guess I see some ... especially with any access to s_info ... [22:05] MrBawb: people dont want to pay for service [22:06] Action: nathan_ nods at jonb [22:06] JonB: true [22:06] and sometimes, they don't need it :) [22:06] Bertl, the accesses that are in the context of current, wouldnt those be safe? [22:06] MrBawb: but when they do... THEY WANT IT NOW! [22:07] yup, they are safe .. but any access which causes a userspace race is not ... [22:07] JonB: the customers paying the least are always the most demanding :) [22:07] MrBawb: because if they dont demand something, they dont get anything [22:07] i dont expect much from my provider, they are just my reboot buddies :) [22:08] okay, nathan_ could you give vs1.3.0 a spin, meanwhile I'll have a look at the 'possible' races ... [22:08] $200/m for a dedicated dual xeon with 1200gb quota is impossible to offer any sort of support short of just reboots. [22:09] Bertl, yep doing it now. [22:09] nathan_: do you need a dual xeon ? [22:09] adding the ctxstress from jonathans site could also be quite interesting ... [22:09] JonB, nope but im american :) [22:10] nathan_: then you should have gone for the supersized quad IA64 [22:10] ;-P [22:11] nathan_: is the hardware yours ? [22:11] i would have if i could have :) [22:11] JonB, nope [22:11] they can decide to unplug me anytime they want [22:11] nice deakl [22:11] no contracts, no qos agreement, no nothing. [22:11] @JonB quad? are you playing cheap again? [22:12] JonB, i would never do this for anything mission critical. [22:12] nathan_: http://www.realweasel.com/intro.html [22:13] Bertl: it's xmas, he needs to buy a gift for his SO [22:13] JonB, yep ive worked with those before, but i dont have that option here because i dont have ANY access to the hardware. [22:13] nathan_: i never worked with this, but i do want one. How well do they work ? [22:14] JonB, i worked with the ISA version a few years ago. they just appear to the machine as a video card and translate it to RS232. [22:15] nathan_: okay, real server hardware has a serial console support anyway [22:15] yep, its all about making the x86 what it isnt. [22:15] or at least the low end stuff. [22:15] nathan_: some x86 boards have serial console [22:16] ive never worked with them, ive heard random things about them. [22:17] JonB, how do those boards work? is it like the realweasel built in or something different? [22:17] nathan_: i dont know, i never got arround playing with it [22:18] as i just noticed a serverworks board with a bios option "serial console" [22:18] i think some high end compaqs export the serial ports via an ethernet port [22:19] i may give up on this xeon as jonb suggested, but ive got a month to toy with it before i have to pay again. so ill figure out what i can and decide in a few weeks. [22:19] you also get to prepay and they make no promises about anything :) [22:19] nathan_: i hope you make it [22:20] ev1 does quite well for themselves, its rather impressive. [22:20] nathan_: else you can become a customer of my high service hosting ;-P [22:20] JonB, url? [22:20] Ya-ya, URL! ;) [22:21] you arent jonscompany or whatever that virtual server provider was, are you? [22:21] nathan_: havent created the company yet, but i do have an idea of providing service hosting for those that needs it [22:21] ah [22:21] nathan_: nope, thats not me [22:22] johncompanies, thats the one i was thinking of [22:22] nathan_: okay, dont know it [22:22] ive seen them advertisted on kuro5hin for quite some time now, now k5 is flooded with vps advertising. [22:22] JonB: A totally free of charge service, is it? :) [22:23] nathan_: i would let people prepay for their bandwith [22:23] virtuoso: no, there would be charging [22:23] JonB, you would be looking at a vps platform or dedicated hardware? [22:23] nathan_: i dont go to k5 [22:24] nathan_: my end would be dedicated, yours wouldnt [22:24] right [22:24] for some reason i feel i am high enough level to have my own hardware but too damn cheap to pay for hosting to manage the hardware [22:25] nathan_: though i could provide you with almost dedicated hardware (meaning you get 100% cpu time) [22:25] nathan_: right now the needed code isnt ready [22:26] Got free hosting for free software! [22:26] :) [22:26] nathan_: meaning i can not let you buy the size and power you need for your computing services [22:27] nathan_: at least not without getting a s/390 [22:28] ill take a time slice of a s/390 for real cheap if someone is selling real cheap :) [22:28] nathan_: the point is, i'm not selling on price, i'm selling on service [22:28] yep i know [22:29] there is a market for that, i just dont think i fit it. [22:29] nathan_: probably not [22:30] damn, it looks like snow this weekend, i REALLY hope it wont mean my laptop wont get to the store :( [22:31] i could use a new laptop [22:31] a nice dirt cheap pos dell [22:32] heh [22:33] box never came back after a nosmp notht boot [22:33] strange [22:34] heh [22:53] i have to get going, nice chatting with you guys. [22:53] Bertl, i will keep you posted on 1.3.0 and anything else i find [22:53] later [22:53] thanks for the help :) [22:53] nathan_ (jimmyk@207.44.202.162) left irc: Quit: [BX] OH SHIT!\15 [00:00] --- Sat Dec 20 2003