[00:01] ben_ (ben@bengrimm-host229.dsl.visi.com) joined #vserver. [00:01] Nick change: ben_ -> ben [00:04] cyrix, lsof might tell ;) [00:18] hey i dream about a logo for a whille gor all penguin fromm diff distro and a colorfull penguin general ..personated has vserver [00:26] Nick change: cgone -> cdub [00:31] maharaja (maja@ipax.tk) joined #vserver. [00:53] no neither lsof nor fuser is telling me anything [00:56] ok i shouldn't have used lsof with -i only ;) without it it spits out the rebootmgr [00:57] problem solved...thx ;) [01:01] Nick change: Bertl_oO -> Bertl [01:02] okay, I'm back ... [01:05] good evening Bertl [01:08] Bertl: i couldn't sleep last night and so i thought about vserver ;) how is the ip address binding handled? i had at look at i some time ago, but don't remember anymore. i guess it was that every process had ip adresses associated with itself, right? [01:09] evening Cyrix! [01:09] Doener: hum ... [01:09] that sounds like i'm wrong ... [01:10] basically there is a ip_info struct, which can be assigned to one or more processes ... [01:10] if that _is_ assigned, it modifies the way some decisions are made ... [01:11] regarding available IPs to bind to and handling of IPADDR_ANY [01:12] ok, i guess i should have a look at it... [01:12] do you have a specific reason for digging into that? [01:14] just some pre-sleep thinking, stuff like performance improvement when lots of adresses are assigned (iirc it's O(n) atm) and adding addresses on the fly... [01:14] I did a patch for that, but nobody tested/used it ;) [01:14] i must have missed that... [01:15] probably, adds address ranges ... [01:18] digging through the patches now... [01:21] whats that chmod-issue you've dealt with in the last two stable releases ? [01:21] exploit that allows to break out of the chroot [01:22] virtuoso (~shisha@134ppp.telegraph.spb.ru) joined #vserver. [01:22] hmm...for local users only or even through server processes ? [01:22] for local vserver root [01:22] hi [01:23] ok then i don't need to patch this on my system too urgently [01:35] netrose (john877@SP2-24.207.225.23.charter-stl.com) left irc: Read error: Connection reset by peer [02:03] ben (ben@bengrimm-host229.dsl.visi.com) left irc: Read error: Connection reset by peer [02:15] hey Bertl, if I want to connect to localhost from within a vserver can I use 127.0.0.1 or do I need to use its assigned ip-address ? [02:16] depends on what localhost you want to connect to ;) [02:17] isn't that clear ? the vserver to itself ;) [02:17] that is the assigned ip [02:17] unless you want to have all vservers sharing the 127.0.0.1 [02:20] hmm...i rather imagined something like an internal NAT ;) they really can share 127.0.0.1 ? [02:21] the problem is that the lo interface is implemented as a bounce back everything what comes in ... [02:21] so if you bind to lo, you will get any request from any server [02:25] you it wont be bounced back to its origin server rather than to all servers lo is bound to ? [02:25] s/you/you mean [02:25] or the other way round, to any server which binds this port on lo [02:28] hmm...so every service i am running on any port of the vservers are accessible from every local client if not protected by a firewall ? [02:28] if you use lo and 127.0.0.1 [02:28] this doesn't apply to ethX [02:31] if 192.168.0.0/24 is my local network and the vserver have ip-adresses assigned within that range... [02:32] if you put it on eth0 or dummy0 for example ... it won't be visible to others, if they do not share the same IPs [02:33] whatever...it doesn't matter because my firewall is on the same system and protecting from local access too ;) [02:34] s/local/internal [02:38] yup, firewalling rules on the host are always a good idea ... [02:38] same goes for separate routing tables ... [02:42] suhcoolbro (~Suh@67-42-232-200.ptld.qwest.net) joined #vserver. [02:43] can't a host have only one routing table ? [02:47] hmm, you mean one routing table per vserver or what? [02:47] hi suhcoolbro! [02:48] do you mean the output of /sbin/route -n ? [02:50] well, more the tables in /etc/iproute2/rt_tables [02:54] whats the advantage of having different routing tables there ? [02:54] you can control what IPs are routed where, and which packets are assigned to which routing table ... [02:54] allows to have different default gateways for example [02:57] hmm...there is no need for me to change my default gateway ppp0 ;) [02:59] ;) [03:31] netrose (john877@SP2-24.207.225.23.charter-stl.com) joined #vserver. [03:33] sorry have to leave now ... good night guys [03:33] Cyrix (~master@d51-95.dsl.easysurfnet.de) left irc: Remote host closed the connection [03:33] good night! [03:33] hi bobi! [03:38] goodnight [03:38] night James! [03:38] ExpiryJames (~james@h24-71-63-164.ok.shawcable.net) left irc: Quit: Leaving [03:49] suhcoolbro (~Suh@67-42-232-200.ptld.qwest.net) left irc: Quit: NO CARRIER [04:23] virtuoso_ (~shisha@134ppp.telegraph.spb.ru) joined #vserver. [04:23] virtuoso (~shisha@134ppp.telegraph.spb.ru) left irc: Read error: Connection reset by peer [04:44] morninig [04:44] morning alec! [04:44] hey herbert :) [04:45] it's been busy in here recently [04:47] it was? [05:08] yes [05:12] lilo (levin@lilo.usercloak.oftc.net) left irc: Quit: brb [05:12] lilo (levin@lilo.usercloak.oftc.net) joined #vserver. [05:21] serving (~serving@213.186.188.205) left irc: Read error: Connection reset by peer [06:43] expiryjames (~james@cindi.ca) joined #vserver. [06:43] virtuoso_ (~shisha@134ppp.telegraph.spb.ru) left irc: Read error: Connection reset by peer [07:17] serving (~serving@213.186.188.205) joined #vserver. [07:18] urgh [07:18] oglgogl! [07:18] this was a pain in the ass-project... [07:24] but you managed to survive, right? [07:26] no [07:26] hmm ... so you are dead now? [07:26] no, but I will be if I cant fix this shit [07:27] I've put the mailserver inside a vs, thats ok. the other part is that I need an MTA on the root-server as well, forwarding it to the MTA-vs when sending etc [07:28] exim installed nicely, but refuses to let me connect to it, both local and on a non-vserver-related IP. [07:28] telnet 80.64.207.10 25 - nada [07:29] hmm, I use postfix ... [07:29] I'll try postfix as well, gimme a sec. [07:29] configed as satellite system [07:35] still the same [07:35] okay, what does not work .. [07:36] you have the postfix MTA installed in the vserver? [07:36] qmail with patches on the vserver, postfix on the rootserver [07:36] okay, you are trying to connect to which one? [07:37] I need all mail sent by the root-servers processes sent to the root-mailaccount in the vserver [07:38] full satellite, no local users, all local mails goes to the vservers MTA [07:38] what is the root-server? the host? [07:39] my fault. yes. [07:39] okay, so you want to send a message from the host to the vserver MTA? [07:40] yup, everything going to/from the host should be delivered to the vserver MTA instead [07:41] and telnet vserver.ip 25 doesn't work? [07:41] that works, but it doesn't seem to forward it to the vserver [07:42] okay, so the MTA inside the vserver is accepting mails, right? [07:42] even accepting mails from the host (see telnet) [07:42] yup. that one chews all it can get, working 100% [07:42] 80.64.207.3 [07:42] smtp/pop3/imap [07:42] good, what about sending mail to the host from outside (with telnet)? [07:43] telnet host.ip 25 ? [07:43] lets see [07:44] click@sw:~$ telnet 80.64.207.10 25 [07:44] Trying 80.64.207.10... [07:44] telnet: connect to address 80.64.207.10: Connection refused [07:44] telnet: Unable to connect to remote host [07:44] well, that looks like a badly configured mailer on the host, right? [07:44] it doesn't even start [07:44] maybe some entries in hosts.allow or in the config? [07:45] whoa, doesn't start? [07:45] if it doesn't start, what's the error message? [07:45] not at all, and I've tried both daemonized mode and inetd [07:48] argh... it complains about "any_addr in use" - does a vs MTA have access to bind to 0.0.0.0 ? [07:48] Feb 21 05:49:03 fusion postfix/postfix-script: fatal: the Postfix mail system is not running [07:48] Feb 21 05:49:03 fusion postfix/postfix-script: starting the Postfix mail system [07:48] Feb 21 05:49:03 fusion postfix/master[28623]: fatal: bind INADDR_ANY port 25: Address already in use [07:49] that is expected [07:49] you have to configure the host mta to only access host ips or use the v_* wrapper [07:49] simple configuration issue ... [07:50] where in postfix cfg is the listening-IP set? [07:50] http://www.postfix.org/basic.html [07:52] AH! Postfix seems to do the trick [07:52] fucking exim didn't accept me teeling it to listen to only one IP. [07:53] let's seee... from another host then... [07:53] well, if the MTA isn't smart enough/willing, you can always use the chbind (v_* wrapper) [07:53] well, all I need now is to send all mail going locally on the host to the vs-MTA, with an added domainname [07:54] got a working postfix-setup for that? [07:54] Trying 80.64.207.10... [07:54] Connected to fusion.shellparadise.net. [07:54] Escape character is '^]'. [07:54] 220 fusion.shellparadise.net ESMTP Postfix (Debian/GNU) [07:54] click@sw:~$ telnet 80.64.207.3 25 [07:54] Trying 80.64.207.3... [07:54] Connected to 80.64.207.3. [07:54] Escape character is '^]'. [07:54] 220 mail.shellparadise.net ESMTP [07:54] ok, both up and running at least. [07:55] .3 is the vs-MTA [07:55] .10 is postie. [07:55] hm, darned, I ought to read up on postfix one day [07:55] too much qmail makes me blind :/ [07:55] probably today is a good day? [07:56] definately :) [07:56] well, exim can just sod off. [08:30] exim rules!@ [08:30] exim, exim, w00t [08:31] local_interfaces = 1.1.1.1 : 1.1.1.2 [08:31] ^^ this is the love you need [08:31] hehe [08:34] Bertl: in regards to context quotas, I'm looking at the mini howto but it speaks about using a dedicated partition to vservers, but i only have the one shared partition for the whole system (it's how it was installed for me, do'h) - does that mean I'm unable to use context quotas? [08:35] well, basically no, it is possible to use it, but practically speaking, yes, because you will not be very happy with that setup ... [08:35] but it's not that hard to repartition a server remotely [08:36] Action: Bertl has done that several times ... [08:39] mmm [08:39] Nick change: Mcleod[sleep] -> Mcleod [08:39] I'd like the idea of splitting it up but am rather cautious, never done it remotely to an active in use partition! [08:40] Filesystem 1k-blocks Used Available Use% Mounted on [08:40] /dev/hda3 74660160 22619300 48248316 32% / [08:40] you won't do that anyways ... but what does fdisk -l or sfdisk --dump give? [08:40] /dev/hda1 194443 17187 167217 10% /boot [08:41] # sfdisk --dump [08:41] # partition table of /dev/hda [08:41] unit: sectors [08:41] //say /dev/hda1 : start= 63, size= 401562, Id=83, bootable [08:41] //say /dev/hda2 : start= 401625, size= 4192965, Id=82 [08:41] //say /dev/hda3 : start= 4594590, size=151701795, Id=83 [08:41] //say /dev/hda4 : start= 0, size= 0, Id= 0 [08:41] perfect ;) [08:42] how to procede: [08:42] a) disable the swap partition [08:42] b) format the partition as ext2 [08:42] c) copy a minimal but useable system over to that one [08:42] d) add it to your bootloader [08:42] e) boot from the swap partition [08:43] f) resize the filesystem on the other part [08:43] g) resize the partition [08:43] h) create an extended part on hda4 [08:43] i) modify bootloader to boot from hda3 again [08:43] j) partition and format the logical devices on hda5-n [08:43] k) be happy ;) [08:44] specific questions? [08:45] i uh, follow the idea but i have a level of fear about it :) [08:45] such as getting a useable/minimal system to the swap disk.. [08:46] and also modifying grub to boot from swap then back again.. [08:46] well 4GB isn't that small ... [08:46] or is it 2GB? [08:46] 2GB [08:46] anyway, plenty of space [08:46] true [08:47] a remote console would be advantageous ... [08:47] most definately [08:47] how about something crazy like [08:47] cp -R / /swappartition [08:47] its my homedir that has all the rest of the space [08:47] the basic install was about 1.3GB [08:48] better would be dump 0f - / | restore if - [08:48] while cd-ed to the /swappartition [08:49] this way you can interactively select which dirs you want to see there ... [08:49] (and it's probably faster) [08:51] OK, what time is it where you are? any chance you could walk me through this? I'm probably asking for too much so if you don't have the time just say so :) [08:52] probably only bit i'm unclear about is disabling swap partition [08:52] no problem, but it is 7am here and I'm probably off to bed very soon ... [08:52] the daystar rises ;) [08:53] but we can do this, when I'm awake again, will probably be after 8-10 hours ... [08:53] how do I disable swap? and i'llt ake it from there.. [08:54] simple, remove any entries in /etc/fstab [08:54] (mentioning swap, of course ;) [08:54] swapoff :) [08:54] and do a swapoff, right Cmaj! [08:54] in particular swapoff -a [08:54] cheers, I'm mildly confident this should work [08:55] just never thought to do things like this before [08:55] well, linux-vserver is an inspiring community ... [08:55] :D [08:55] yeas thats right [08:56] just like i am [08:56] hmm, you are an inspiring community? [08:57] no i mean i like to share all [08:57] so be it ... okay, have a nice wossname, I'm off to bed then ... [08:58] Nick change: Bertl -> Bertl_zZ [09:09] Nick change: cdub -> cpub [09:36] netrose (john877@SP2-24.207.225.23.charter-stl.com) left irc: Read error: Connection reset by peer [10:04] ensc (~ircensc@ultra.csn.tu-chemnitz.de) left irc: Ping timeout: 501 seconds [11:32] netrose (john877@SP2-24.207.225.23.charter-stl.com) joined #vserver. [11:49] Nick change: cpub -> cgone [13:25] JonB (~NoSuchUse@kg144.kollegiegaarden.dk) joined #vserver. [15:02] virtuoso (~shisha@154ppp.telegraph.spb.ru) joined #vserver. [15:41] kramer (~kramer@80.86.103.47) joined #vserver. [15:41] virtuoso (~shisha@154ppp.telegraph.spb.ru) left irc: Read error: Connection reset by peer [15:41] virtuoso (~shisha@138ppp.telegraph.spb.ru) joined #vserver. [16:01] loger joined #vserver. [16:05] test [16:07] ben_ (ben@bengrimm-host229.dsl.visi.com) joined #vserver. [16:07] hi [16:08] hi Jon [16:08] hi ben [16:08] Nick change: ben_ -> ben [16:09] netrose (john877@SP2-24.207.225.23.charter-stl.com) left #vserver. [16:09] netrose (john877@SP2-24.207.225.23.charter-stl.com) joined #vserver. [16:10] Action: ben is groggy [16:13] ben: hov come ? [16:13] just woke up early ~5:30 [16:13] nasty [16:14] baby ;-) [16:14] oh [16:14] thats your own fault [16:14] yep, that's true [16:14] doesn't change the fact that I'm groggy [16:20] netrose (john877@SP2-24.207.225.23.charter-stl.com) left #vserver. [16:20] netrose (john877@SP2-24.207.225.23.charter-stl.com) joined #vserver. [16:50] virtuoso_ (~shisha@148ppp.telegraph.spb.ru) joined #vserver. [16:52] virtuoso (~shisha@138ppp.telegraph.spb.ru) left irc: Read error: No route to host [17:00] Doener_zZz (~doener@pD9E129EB.dip.t-dialin.net) joined #vserver. [17:08] Doener (~doener@pD9E12E78.dip.t-dialin.net) left irc: Ping timeout: 480 seconds [17:49] uveX (~bw@145.253.155.82) joined #vserver. [17:50] hi, someone know why vps only give an error: /proc must be mounted ? [17:51] mount it [17:51] As far as I [17:51] know, [17:51] have it in the vserver fstab [17:51] but don�t work ... [17:52] vserver-utils communicate with kernel via procfs at most. [17:52] Try mount none /proc -t proc... [17:53] on host or vserver ? [17:54] In vserver, I guess. [17:55] then i got perm denied [17:55] uveX: you need to use vproc [17:56] ah :) [17:56] what does your config file look like ? [17:56] uveX: to set permissions on what entries in /proc you want each vserver to see [17:56] do you have an empty /proc dir in your vserver ? [17:56] nope there are some numbers in it [17:56] uveX: a simple approach, to give every vserver access to all, would be vproc -e /proc/[a-z]* /proc/*/[a-z]* /proc/*/*[a-z]* [17:56] but go vproc -h for more [17:56] uveX: do the above, I had this problem last night. [17:57] ok [17:57] must this be done every restart ? [17:57] yes [17:57] narf [17:57] i assume you are using vs1.37 - where vproc security doesn't allow access to all by default [17:57] hmmm [17:58] there is no vproc on host system [17:58] ... [17:58] get it [17:58] look in devel tools [17:58] devel addons even [17:59] mmm [17:59] hang on [17:59] i'll remember where it is eventually [17:59] :) [17:59] ok [18:00] regarding vproc: http://archives.linux-vserver.org/200401/0125.html [18:00] netrose (john877@SP2-24.207.225.23.charter-stl.com) left irc: Read error: Connection reset by peer [18:00] here we go, vproc down the bottom [18:00] http://www.13thfloor.at/vserver/s_release/v1.26/ [18:00] even tho its only listed in the 1.26 tree, that's what you want. [18:07] good luck :) [18:07] thnx oO [18:07] hope it work [18:07] ... [18:07] Nick change: Mcleod -> Mcleod[Zzz] [18:08] it will :) ... just download the tool, make, then ./vproc -e /proc/[a-z]* /proc/*/[a-z]* /proc/*/*[a-z]* .. and that'll just allow all vservers to access the lot by default, which is the way things were before vproc security was introduced anyway. [18:08] sleep now, 1a.m. here [18:08] hehe [18:08] gn8 [18:08] =) [18:17] uveX (~bw@145.253.155.82) left irc: Read error: Connection reset by peer [18:30] virtuoso_ (~shisha@148ppp.telegraph.spb.ru) left irc: Ping timeout: 480 seconds [19:24] Nick change: Bertl_zZ -> Bertl [19:24] hi everyone! [19:27] hey Bertl [19:29] hi Jon! [19:29] back from the basement? [19:30] yeah [19:30] how was your day so far? [19:30] i couldnt get it to work yesterday though, and i'm not sure it uses com1 on the testmachine [19:31] Bertl: quiet, but i'm beginning to get into gear [19:31] i need to wash some clothes soon [19:31] ad com: doesn't really matter ... we can check that if you want to ... [19:32] well, i could not get it online no matter what comport i used on my server [19:32] okay, let me enable the second com port on the dual pentuim ... [19:52] netrose (john877@FL3-24.217.241.239.charter-stl.com) joined #vserver. [19:57] hi bobi! [19:58] JonB: now both ports are running a terminal [19:58] Bertl, is there a way to message all vservers a system message, like when shutting down the server? [19:59] hmm, this is usually sent to all terminals/consoles right? [19:59] For example: "Server is going down for kernel upgrade in 5 minutes." [19:59] Yes. [19:59] so switching into context 1 and using wall should work, right? [19:59] (never tried that ;) [20:00] Yes, interesting. Never thought about that... [20:02] You know what? You don't even have to be in ctx1. You can do it as root from the host server. [20:02] even better ... probably uses /dev/console ... [20:03] Probably. And even "betterer", you can't do it from inside a virtual server. [20:03] hehe, good! [20:04] Bertl: still offline. I'd better check the connections inside the case [20:05] JonB: are you sure that the cable is the one we want/need? [20:06] Bertl: no [20:06] Bertl: i said i wanted a nullmodem cable, and on the plastikbag is a stikker saying [20:06] "AT-MODEM cable 5M (they didnt have 2 meters) [20:07] dsub 09 - dsub09 f/F [20:07] 7 cond cross assembled [20:07] okay, do you have some multimeter or continuity tester? [20:07] 036-nm-5 [20:07] no, but i can open the connectors and look [20:08] that would be a good idea, let's verify that first, and if necessary do some corrections ... [20:08] however, i'm not sure the comports are connected either, as it has been a long time if i have ever used the comports on that computer [20:08] i'll go and get the cable then [20:08] if you want to check that first, do it ... [20:09] i will, now i am down there [20:21] neither was the problem [20:21] so? [20:21] wrong machine? [20:21] Bertl: the comport was turned off in the bios [20:21] ah [20:21] i think there is a loose connection somewhere in that machine [20:22] if i move it too much, it reboots [20:22] which it did [20:22] and then "let me just check the bios" [20:22] and it was the reson [20:22] ic [20:22] i even tried it [20:22] but i can not login as root [20:22] that is okay ... [20:22] so you have 'Online' now and a logon prompt, right? [20:23] CTRL-A Z for help |115200 8N1 | NOR | Minicom 1.83.1 | VT102 | Online 00:00 [20:23] perfect! [20:23] and Debian GNU/Linux ttyS0 [ttyS0, 115200] (DIRECT) [20:23] . [20:23] dualp200mmx: [20:23] [20:23] okay, so we know that it is ttyS0 too ... on the dual machine [20:24] and ttyS0 on my server [21:06] mhepp (~mhepp@r72s22p13.home.nbox.cz) joined #vserver. [21:06] hi mhepp! [21:06] hi Bertl! [21:07] how's your vserver today? [21:11] I have 0.08 [21:11] I build it today ;) [21:13] great, how is it? [21:14] I did not had time to test it, but it looks well... [21:15] how is it with hostname virtualization? [21:15] good, I'll release 0.09 soon , this will add some features [21:15] :)) [21:16] it is fine! [21:16] but you can test with vuname [21:18] vuname? I do not know it... [21:20] it's in the alpha util-vserver [21:22] aha... [21:22] I will test it [21:30] ...reboot... [21:31] mhepp (~mhepp@r72s22p13.home.nbox.cz) left irc: Remote host closed the connection [21:33] hi Bertl [21:33] hi Cmaj! [21:33] are you gonna rellease 0.09 soon [21:33] yep ... just adding/testing some features [21:33] i was going to try 0.08 [21:34] my first attemp on 2.6 [21:34] you can test a 0.09 prerelease if you want to ... [21:34] why not :) [21:36] just tell me when its avaible [21:38] it's available in about 2 minutes [21:41] got tired of hack and slash game better hack slash in my kernel [21:42] good idea ... [21:53] http://vserver.13thfloor.at/Experimental/delta-2.6.3-vs0.08-vs0.08.4.diff [21:53] Cmaj: you apply it ontop of the vs0.08 [21:54] Ok good . [22:38] kramer (~kramer@80.86.103.47) left irc: Remote host closed the connection [22:57] mhepp (~mhepp@r72s22p13.home.nbox.cz) joined #vserver. [23:03] mhepp (~mhepp@r72s22p13.home.nbox.cz) left irc: Remote host closed the connection [23:08] mhepp (~mhepp@r72s22p13.home.nbox.cz) joined #vserver. [23:19] mhepp (~mhepp@r72s22p13.home.nbox.cz) left irc: Remote host closed the connection [23:20] paul (~irssi@p5089E8F6.dip.t-dialin.net) joined #vserver. [23:20] hi [23:20] hi paul! [23:32] i have looked at some vServer websites but i found no answer: do runlevels exist inside a vServer? [23:34] yep [23:35] ...and i can use telinit(8) as usual to change the runlevel? [23:35] they are there, and are either 'defaulted' on a normal setup, or normally executed in a fakeinit setup ... for example by minit [23:35] if you have a fekinit setup yes, if not no [23:36] then you have to call the rc script by hand ... [23:36] i see [23:55] Nick change: Doener_zZz -> Doener [23:55] Hi [23:56] hi Doener! [00:00] --- Sun Feb 22 2004