[00:46] Kalasa (~Kalasa@dslam160-246-58-62.adsl.zonnet.nl) left irc: [01:33] Nick change: Madkiss_ -> Madkiss [01:37] kestrel (~athomas@dialup51.optus.net.au) left irc: Ping timeout: 480 seconds [01:41] hey Madkiss! [01:43] yeah? [01:45] how was xmas? [01:49] :) [01:52] hi dan! how are you? [01:52] I am well, how are you? [01:53] I'm only a small step away from releasing 1.3.2 ;) [01:53] good news :) [01:59] tanjix (ViRu_@c-180-200-254.n.dial.de.ignite.net) left irc: [01:59] tanjix (ViRu_@pD904A82E.dip.t-dialin.net) joined #vserver. [02:04] wheeee [02:04] home at last :) [02:05] congrats! [02:28] hm [02:28] strange [02:28] I can not reproduce the 'quota-off' hang [02:31] hmm, bad for me, good for you ;) [02:31] i'm going to see if i can reproduce it :D [02:31] hm i did change something to my fstab though [02:33] also, another strange thing i just noticed when starting the vserver [02:33] hmm, what? [02:33] as long as the 'rc' script is not run, the vserver status is set to non-running [02:34] i have a quotacheck in my rc :) [02:34] takes a bit [02:36] ahh yes, this is because the vserver tools (vserver-stat) do not query the kernel, but read the info from /var/run/vserver/* [02:38] ah k :) [02:38] Action: Tamama is going to try and reproduce the hang *reboot* [02:38] changed my fstab back [02:40] hmm, what do/did you change in your fstab? [02:40] let me see if this is bad first :) [02:40] else i just pollute heh [02:40] ahh, good man! [02:41] hrm [02:42] i need to have quotas enabled both on the 'root' partition and also in the vservers? Or can i just have it in the vservers? [02:42] since now it is quotachecking the same disk twice ;) [02:42] just in the vserver ... [02:42] do not add a quota hash for the host, and there will be no quota on the host ;) [02:43] right but i have usrquota in fstab heh so it automagically enables checking [02:45] you can safely remove it ... [02:45] everything but tagctx then? [02:45] yup ... [02:45] or even that can be removed? ;) [02:46] nope ;) [02:46] its sortoff weird to have quotas on the root device heh... now that i think of it :P [02:46] you eman / [02:46] you mean / [02:47] /dev/sda4 [02:47] yeah, it's not necessary on a good setup (except vserver) [02:47] the quotas in my case are just a 'handy enforcer' in a vserver.. nothing critical like [02:48] but the thing i thought would poop didnt [02:48] so its not that [02:48] hm... [02:48] maybe its just the wrong order of doing things... [02:48] hard to figure that one out heh [02:56] hm, i have a bare vserver now.. how can i duplicate that one easily? any easy cp command that will also copy device links ok, and also ignore /proc and the like? heh [02:56] yes, there is, but you do not want that on a shared vserver partition ... [02:56] there should be a copy vserver script ... [02:56] heh.. hardlinks? [02:57] your distro is? [02:57] slack [02:57] hmm rpm based? [02:57] nah [02:58] i'm too masochistic to use rpm [02:58] hmm, I don't know if there is any support for non rpm based to unify vservers ... [02:58] well, you can do it yourself ... [02:58] i'll just make one myself.. not that hard [02:59] but you have to make sure, that log/config/etc files are _not_ unified ... [02:59] unified? i just want a _copy_ :) [03:00] okay, copy means if your server uses 1G, your copy uses 1G ... [03:00] true [03:00] it would be possible to share 500MB or so between both ... [03:00] that is the power of unification ;) [03:00] well my vserver is only 250MB [03:01] and most of it could proably be shared i guess [03:01] okay, simple copy, either use cp -va on a stopped vserver [03:01] but then individual customization of each vserver would be harder (ie, remove packages etc) [03:02] or dump/restore if it is active ... [03:02] i guess unified means they share the data as long as it is the same, doesn't it? [03:02] Nick change: Doener` -> Doener [03:03] basically ... a little more complex ... [03:07] the unification uses the ILI flag [03:07] well cp -va works, and after that remove /aquota.* :) [03:07] Immutable Link(age) Invert ... [03:08] which allows to 'alter' the immutable flag in such way, that the file can be removed, but not changed ... [03:24] hm [03:24] # Uncomment the onboot line if you want to enable this [03:24] ONBOOT=yes [03:24] # virtual server at boot time [03:24] yup? [03:24] its not booting if i dont stuff it in rc.local too [03:25] well, there is a runlevel script on sysV based distros ;) [03:25] slack is.. [03:25] /etc/*/init.d/vservers [03:25] if this is called ... it will auto-start them ;) [03:25] hm dont have an init.d [03:25] heh [03:27] pluh [03:27] ok so i can ignore auto_boot :D [03:28] well, you should start the vservers script in your rc control (if you have sysv) [03:29] its in rc.local now [03:29] and sysv well.. dont see anything about it :D [03:30] where is your runlevel system? [03:30] does telinit exist/work? [03:30] root@powerhouse:/etc/rc.d# telinit [03:30] Usage: telinit 0123456SsQqAaBbCcUu [03:31] okay, this suggests sysv based init ... [03:31] ls -la /etc/rc* [03:31] right, just no init.d heh [03:31] or first: ls -lda /etc/rc* [03:31] just /etc/rc.d that exists [03:31] ;) [03:32] hmm, what's in /etc/rc.d ? or what is /etc/rc.d? [03:32] dir with rc.0 rc.4 rc.6 etc [03:32] all files [03:33] it has rc.service files [03:33] but all just in /etc/rc.d [03:33] in rc.0 rc.1 and so on should be symlinks, right? [03:34] rc.0 yes, rc.1 does not exist [03:34] just look where they are pointing to, should be init.d [03:34] nah [03:34] there is _no_ init.d [03:34] rc.0 links to rc.6 [03:34] thats it [03:34] the rest are scripts [03:35] hmm, how is this distro called? [03:35] ehr, i mean rc0.d and so on ;) [03:35] none there [03:35] nothing .d except /etc/rc.d [03:35] no directories in there [03:36] ah, slackware is bsd style [03:36] not SysV [03:36] it has a rc.sysvinit though [03:37] which seems to want to execute all scripts in /etc/rc.d/rc$runlevel.d/ starting with S [03:37] but the dir is not there [03:37] and it somehow still works so... :) [03:37] ah [03:38] the scripts yabbers about some lalalalala magix [03:38] then says: [03:38] # from /etc/rc.d/rc.M. This makes for a lot more init scripts, [03:38] # and a more complicated execution path to follow through if [03:38] # used the traditional BSD style init script layout. [03:38] # something goes wrong. For this reason, Slackware has always [03:38] but it _does_ support it [03:39] just that the rc$runlevel.d directories do not exist yet [03:39] :) [03:43] g'night all [03:43] Nick change: Doener -> doener_zZz [03:44] night! [03:44] nitey [04:25] Tamama (~Tamama@a62-216-20-152.adsl.cistron.nl) left irc: Read error: Connection reset by peer [04:31] xsbyme (xsbyme@D5E0EDEB.kabel.telenet.be) left irc: [06:21] night everyone ... cu 2morrow ... [06:21] Nick change: Bertl -> Bertl_zZ [06:23] say (~say@212.86.243.154) left irc: Read error: Connection reset by peer [06:29] tanjix (ViRu_@pD904A82E.dip.t-dialin.net) left irc: [08:20] kestrel (~athomas@dialup51.optus.net.au) joined #vserver. [08:20] hi there [09:34] MedivhWrk (ck@netops.multimedia-centrum.de) left irc: Ping timeout: 499 seconds [09:53] Doener` (~doener@pD9588874.dip.t-dialin.net) joined #vserver. [10:00] doener_zZz (~doener@pD9E129C1.dip.t-dialin.net) left irc: Ping timeout: 485 seconds [10:07] MedivhWrk (ck@netops.multimedia-centrum.de) joined #vserver. [10:32] noel- (~noel@pD9E09741.dip.t-dialin.net) joined #vserver. [10:40] noel (~noel@pD9FFA5AB.dip.t-dialin.net) left irc: Ping timeout: 493 seconds [11:09] _MedivhWrk (ck@netops.multimedia-centrum.de) joined #vserver. [11:10] MedivhWrk (ck@netops.multimedia-centrum.de) left irc: Read error: Connection reset by peer [11:11] Nick change: _MedivhWrk -> MedivhWrk [11:55] MedivhWrk (ck@netops.multimedia-centrum.de) left irc: Quit: changing servers [11:56] MedivhWrk (ck@netops.multimedia-centrum.de) joined #vserver. [13:14] serving (~serving@213.186.189.119) left irc: Ping timeout: 512 seconds [13:16] xsbyme (xsbyme@D5E0EDEB.kabel.telenet.be) joined #vserver. [13:17] xsbyme (xsbyme@D5E0EDEB.kabel.telenet.be) left irc: Client Quit [14:55] MedivhWrk (ck@netops.multimedia-centrum.de) left irc: Ping timeout: 512 seconds [15:03] MedivhWrk (ck@netops.multimedia-centrum.de) joined #vserver. [15:05] serving (~serving@213.186.189.100) joined #vserver. [15:33] Doener` (~doener@pD9588874.dip.t-dialin.net) left irc: Quit: Leaving [16:29] mcp (~hightower@wolk-project.de) left irc: Ping timeout: 485 seconds [16:33] tanjix (ViRu_@pD9049C6B.dip.t-dialin.net) joined #vserver. [16:40] mcp (~hightower@wolk-project.de) joined #vserver. [17:02] Tamama (~Tamama@a62-216-20-152.adsl.cistron.nl) joined #vserver. [17:06] oy [17:35] fleshcrawler (~fleshcraw@port-212-202-204-131.reverse.qdsl-home.de) joined #vserver. [17:46] hi Tamama [17:47] holas tanjix [17:49] hope xmas was a blast for you :) [18:05] yes :) [18:07] Nick change: Bertl_zZ -> Bertl [18:07] morning everyone! [18:07] afternoon :) [18:08] hehe [18:08] morning bertl [18:08] I guess I'll return to 'a good wossname, everyone!' [18:17] hello [18:18] hi powermage! [18:19] you're sleeping long! [18:19] well, I almost finished 1.3.2 yesterday ;) [18:19] okay! i don't say anything... [18:20] and guess what, it's available for 2.4.23 and 2.4.23-ck1 ;) [18:20] or will be after some final tests ;) [18:20] great! I haven't 2.4.23 yet. I hope it gets release for debian soon... maybe it is. didn't have a look. Was too busy on christmas ;-). [18:21] well, you don't need a deb kernel for debian ... [18:21] i know... it's a religious issue... [18:22] hmm, you believe in local kernel exploits? [18:22] yes. I do. [18:23] okay, you ahve to wait for the debian kernel, then ;) [18:23] was a funny thing that do_brk stuff... [18:25] I have a question: Is it possible that the ctx patch somehow decreases the ability to listen for packets on the wire that have no connected host? [18:26] on the host or within the vserver? [18:28] both [18:29] I'm doing this crazy suicide experiment with vservers and honeyd. [18:29] on the vserver it will for sure limit the ip packets (at least the incoming) [18:30] I set up the honeyd on the host because it should have all the abilities but then I experienced strange occurance. [18:30] like? [18:31] I let the honeyd listen on eth0 for 10.0.0.0/8 IPs and it won't answer. It answered when I routed the 10.0.0.0/8 net through eth1. [18:31] and about what vserver version are we talking? vs1.22? [18:31] so I created weird routing table to make it work. right now it's working but this is not the way it should be. [18:31] vs1.0.0 [18:32] I'm doing a clean kernel now with no patches and I'll check if it's working or not. If it still doesn't work something else is wrong. [18:32] okay, try to reproduce with vs1.22 .. please [18:32] okay [18:32] url? [18:33] http://www.13thfloor.at/vserver/s_release/v1.22/ [18:36] IIRC there is a debian version somewhere too ... [18:36] thank you [18:36] well... the vs1.0.0 worked with the debian sources. [18:37] hmm, there was a debian version for 1.00 too ... [18:37] I'll try it out. If it won't work I'll grab a kernel from kernel.org [18:39] are you interested in testing the debian kernel patches? [18:41] fleshcrawler (~fleshcraw@port-212-202-204-131.reverse.qdsl-home.de) left irc: Read error: Connection reset by peer [18:49] Doener (~doener@pD9588874.dip.t-dialin.net) joined #vserver. [18:49] fleshcrawler (~fleshcraw@port-212-202-204-131.reverse.qdsl-home.de) joined #vserver. [18:50] powermage: are you interested in testing the debian kernel patches? [18:51] why not [18:51] okay, you are using 2.4.22-3 or is there a newer kernel? [18:52] 3 or 4 dunno now. [18:52] okay, can you verify that? [18:52] -5 [18:53] [18:53] could you do the folowing: unpack the debian kernel/patches, and apply them as debian does, then make a diff between the vanilla sources and the debian kernel, this way producing one patch which contains the entire debian stuff? [18:55] you mean unpacking debian-5 apply ctx and do a diff [18:55] no need to do so [18:55] such a patch is available ... just a sec [18:55] powermage: no I need a patch which makes a debian kernel from a vanilla 2.4.22 ... [18:56] vanilla [18:56] you mean I should grab a kernel.org kernel, apply debian patches and then a diff? [18:57] well, the vanilla kernel will be in the debian source package, I guess ... [18:57] !?!?!?!? [18:57] You mean the debian kernel sources? [18:57] okay, lets wait for Doener ... [18:58] :'( [18:59] vanilla is a security enhanced kernel, isn't it? [18:59] http://doener.homeip.net/debian-patches.tgz [18:59] untar into an empty directory [19:01] okay, those are the debian patches for all versions? cool! [19:01] those can be applied one by one so you can create every single debian-kernel [19:01] at least th 2.4.22 ;) [19:01] s/th/the/ [19:02] do I have to apply -4 before -5 or are they independant? [19:02] in fact they even have to be applied one by one [19:02] i can't seem to find the all-in-one patch i once had [19:03] okay in what sequence? [19:03] patch-2.4.22-2.bz2 [19:03] patch-2.4.22-2woody.1.bz2 [19:03] just as they are numbered, the list file explains it [19:03] patch-2.4.22-2woody.2.bz2 [19:04] patch-2.4.22-1.bz2 <-- is that one not in the tar file? [19:04] okay, missed the list file ;) [19:04] thanks ... [19:04] uh it's not as numbered, the 2woody-X comes after -3 ... weird [19:09] http://vserver.13thfloor.at/Stuff/patch-2.4.22-5-vs1.22.diff.bz2 [19:12] I hate kernel baking... [19:13] well, make some cookies, in the meantime ... [19:13] (or if you are not good at baking, have some cookies ... ;) [19:14] Action: Bertl offers a cookie ... [19:17] oh thank you! [19:18] Action: fleshcrawler offers some tea... [19:24] I have some more stupid questions: Is it possible to hide routeing entries and network device names inside a vserver? [19:24] yes, of course ... [19:24] great [19:25] how? [19:25] well, you have to modify some parts of the kernel, add some checks here and there ... [19:26] like if I have security context > 0 then don't show tables for routing to net bla... [19:26] yeah ... [19:27] I was thinking about removing the 'empty' network interfaces in ifconfig, but decided that a better solution, the virtual network device, would be more appropriate ... [19:27] great! this is a chellenge. [19:28] So I think I can get the functions inside the kernel with an strace? [19:30] well, you can get the syscalls (strace >= 4.5 is recommended) [19:30] you then have to search the kernel for the syscall (sys_...) [19:30] have it [19:31] and look what it does ... sometimes it's the ioctl interface, or something similar ... [19:31] some things are communicated via sysctl or proc ... [19:31] really depends on the information ... [19:31] We'll see what will happen when I put my hands on kernel code... If I'm not back here then something went wrong... [19:33] I would appreciate a 'stealth' version of vserver, which hides everything traitorous, looking like a normal server ... [19:33] some people started this, and I did some patches myself (see no-mounts) [19:34] lsof shows also some info [19:34] but it needs someone who cares so much about this 'stealth' approach, that he actually does the testing, and maintaining ... [19:35] I'll take a look at this. Never put my hands inside the kernel. [19:35] I hope nothing starts burning. [19:35] http://vserver.13thfloor.at/Experimental/no-proc-mounts.diff [19:35] (just as an example ;) [19:36] got it. I'll take a loot. [19:36] look [19:37] hey! that doesn't look to evil! [19:37] goto? I learned that goto is very evil! [19:40] Nick change: Doener -> doener_aw [19:48] okay. I'm testing now something. cu l8er. [19:53] fleshcrawler (~fleshcraw@port-212-202-204-131.reverse.qdsl-home.de) left irc: Read error: Connection reset by peer [19:54] fleshcrawler (~fleshcraw@port-212-202-204-131.reverse.qdsl-home.de) joined #vserver. [19:58] fleshcrawler (~fleshcraw@port-212-202-204-131.reverse.qdsl-home.de) left irc: Read error: Connection reset by peer [20:14] fleshcrawler (~fleshcraw@port-212-202-204-131.reverse.qdsl-home.de) joined #vserver. [20:47] is there a way to build a kernel fast for testing? [20:48] well, usually you do not build it from scratch ... [20:49] so a 'built' kernel source ... after some changes, is quite quick 'rebuilt' with make bzImage >../Build.log [20:49] how to just link the already build objects? [20:50] ah okay... the old style [20:50] also I would suggest to use some emulator (like QEMU) to test the kernel ... [20:50] I'm goind it with make-dpkg now. [20:50] hey! thanks. I'll check that out. [20:50] well make-dpkg will be orders above in the amount of time ... [20:51] it also is very beneficial to only compile the stuff you really need, not a module for every hardware you don't even know it exists ;) [20:51] I'm doing that. I have a custom configured kernel. but it still needs ages. [20:52] a 'recompile' on a modern machine will take about a inute or so ... (not a fresh build) [20:53] I'll do it the old make bzImage way and install the kernel by hand when I start fooling arround. [20:53] you do not even have to install it, when you use QEMU or bochs/plex [20:53] how does it work? [20:53] also developing with UML is an option ... [20:55] http://fabrice.bellard.free.fr/qemu/qemu-doc.html [20:56] I'll check it out. [20:56] I think you have to setup a seperate system for qemu don't you? [20:57] for kernel booting, nothing except the kernel is required ... [20:57] but testing the functionality. [20:57] if you want a distro (like debian) you have to setup a 'disk image' ... [20:57] Hell! What is virtual root device support? [20:58] ah! okay [20:58] ;) [20:58] I put my vservers on a new harddisk. this even speeds up booting time. [21:00] hmm, does it? and what is the relation? [21:00] The root partition is not interrupted by the vserver boot process. [21:00] at least it feels so. [21:01] Also I didn't want to have my vservers fill the main partition with stuff if something goes wrong. [21:01] Ah! This just reminds me on some more questions. [21:01] ahh, yes might be so, you do not have the entire host fs on one partition do you? [21:01] no [21:02] okay, for a moment I was worried ;) [21:02] lol [21:02] I've been thinking about server unification. [21:02] Right now I mount the bin and sbin dirs from a template server into the running vservers. [21:03] hmm, well RPM people, like me, just use unufication ;) [21:03] This doesn't save a big ammount of space. Is there a plan what dirs can be mounted and shared between the servers? [21:03] unification I mean ... [21:03] I've been doing my own startup skripts to mount --bind all needed dirs into the vservers. [21:04] I do not mount anything inside a vserver ... [21:04] is there a security issue with that? [21:04] the mounting? no not really ... [21:05] The idea behind it was to seperate the outside-service network from the inside network but still maintain a connection within some directories like public FTP or webserver. [21:06] hmm, 'shared' writable mounts, can be used to interconnect vservers in various ways .. not only beneficial but also malicious ones ... [21:06] most are read only [21:07] the only writeables are ftp-dirs. [21:07] and that dir is only mounted inside the ftp-vserver. [21:07] where you can easily put a pipe between two vserver ;) [21:09] to come back to my question. are there a couple of directories that could be shared by the vservers for saving space? [21:10] you can share all 'files' which are a) common, and b) do not change over time ... [21:10] as I said, 'we' RPM people, do not think about that for more than a fraction of a second, as it is done automatically ... [21:10] :-( [21:11] I'm old school debian. [21:11] there where some projects do do that for debian or non-rpm too, but I don't know the outcome ... [21:11] do you have any insights what is shared betweeen the servers? [21:12] maybe I should get the source package of that and take a look. [21:12] any file specified as binary or library in every RPM installed is unified/shared ;) [21:12] I've already been doing a script that will make a copy of a template server with vserver-copy and then change important configuration for IPs and so on. [21:13] so it uses a pool where to place the bins? [21:13] if you find a way to tell which file is a config file or a log file, or unrelated to any deb package, you can unify them across vservers ... [21:13] I mean the other files ... [21:15] this unification. does it work with links or mounts? must be links if it is file specific and not directory dependent. [21:15] hard links, set immutable, and weakened by the ILI flag ... [21:15] no wait. links won't work because of the chroot environment? [21:15] ah. okay [21:17] hmmm... I'll do some tests. Maybe it works to unify the complete template server without /usr /etc /var [21:17] hmm, /usr is a good place to unify ... [21:18] many binaries and libraries ... [21:19] maybe I come up with a unification vserver copy skript. [21:19] would be nice ... [21:20] for all those distro challenged out there ;) [21:20] rightnow one server uses about 250MB and that's too much. I have 15 vservers running and they use about 3GB. [21:20] my template uses about 200MB and almost 180MB are shared ... [21:21] the template is at 200MB, too. But now I only share /bin /sbin. [21:21] I've experienced some problem with the vserver-copy tool. When I use the -r option it stops with an internal error. [21:21] I had to mount my template vserver into /vservsers and then the copy process worked without the -r option. [21:22] on debian the vservers root is under /var/lib/vservers [21:33] are you using util-vserver? [21:34] no [21:34] well, maybe you should ... [21:34] it's within the vserver package [21:35] it replaces the vserver tools from jacques ... [21:36] I think you send me an url for them but it didn't compile on my system. [21:37] well, it does compile for other debian users ... [21:43] personally, I do not understand, why the debian vserver maintainer (Ola Lundquist) thinks, that vservers have to be in /var/lib/vservers, because I do not consider them a library ... [21:43] or library stuff ... [21:44] but when he 'decides' that this is the 'right' place for them, I have to 'trust' his judgement, and his ability to modify all places where the /vservers path is used ... [21:44] hmmm... [21:46] I don't know if util-vserver solves your issues, but the path is configurable there ... [21:46] with the vserver-copy tool you can specify it with the -r option but it sais internal error. [21:46] hmm, now that I think of it, it is also configurable in jacks latest version .. which probably didn't make it into the debian packages ... [21:47] well, nobody complains, so it's fine, isn't it? [21:47] as I said. when I add the -r option it abborts with internal error. [21:48] let me try to reproduce, your command is? [21:52] vserver-copy -r [21:52] then it already happend [21:52] sorry... I was phoning. [21:54] hm [21:56] LL0rd (~dr@pD9507ECB.dip0.t-ipconnect.de) joined #vserver. [21:57] powermage: yup seems like a bug in jacques tools ... please send him a bug report ... [22:01] when entering a copied vserver i get: New security context is 10003 [22:01] bash: /dev/null: Permission denied [22:02] you are using tagctx (context file tagging), right? [22:02] right.. it had occured to me that one might be wrong :P [22:02] bot how to change it? heh [22:03] well, the 'copy' doesn't handle the context tags correctly ... [22:03] so... [22:03] either you use chctx to assign the new context, or you change the files back into context 0 (host) ... [22:03] the latter can be achieved by simpy touching them from the host context ... [22:04] (or by chctx) [22:04] Linux_Lord (~dr@pD9507EE6.dip0.t-ipconnect.de) left irc: Ping timeout: 480 seconds [22:04] Sorry... Phone again. I'll do a bug report. [22:06] and where is chctx? :) [22:07] http://vserver.13thfloor.at/Experimental/patch-e2fsprogs-1.34-cti0.01.diff.bz2 [22:07] together with e2fsprogs, this will build chctx and lsctx ... [22:07] okay. gotta go now! cu soon and thanx for the help! [22:07] ur welcome, have a nice one ... [22:08] thanx! byebye! [22:08] fleshcrawler (~fleshcraw@port-212-202-204-131.reverse.qdsl-home.de) left irc: [22:08] how did you get there on the vserver pages? [22:09] because i've been clicking quita a lot around heh [22:09] yeah, I know it's a little tricky, I have to update that, but I was hoping that the vserver tools would 'incorporate' those or 'better' tools very fast ... no luck yet :( [22:10] well the tools all use ioctls? [22:10] or.. how do they work? heh [22:10] yes, just IOCTL [22:10] are they documented? [22:11] but it would be very useful to have better tools (yes they are documented, or at least I can document them) [22:11] just a short list and a small comment on how to use them would help in getting ebtter tools i'd think.. [22:11] for example, it would be easy to write a tool, which calculates the space assigned to one vserver context 'correctly' [22:12] or to move all files from one context into another ... [22:12] 273, sys_vserver [22:13] ahve a look at the http://vserver.13thfloor.at/Experimental/patch-e2fsprogs-1.34-cti0.01.diff.bz2 [22:13] +#define EXT2_IOC_GETCONTEXT _IOR('x', 1, long) [22:13] +#define EXT2_IOC_SETCONTEXT _IOW('x', 2, long) [22:14] it isn't only for ext2, also for others ... [22:14] +int fgetctx (const char * name, unsigned long * ctx) [22:14]