[00:04] With the new util-vvserver. It sets up the directory "/usr/local/etc/vservers/test/". Do I set up test.conf in this directory or /usr/local/etc/vservers/ ? [00:09] esands: the *.conf files are not supported anymore [00:09] (at least, not by the non-legacy part) [00:09] ok. is there documentation on how to setup the network interfaces with the new utils? [00:09] doc/configuration.xml ;) [00:11] basically, you have a directory in $(sysconfdir)/vservers//interfaces/ for every interface. There you can configure 'ip', 'name', 'mask', 'dev' and 'prefix' in the corresponding files [00:12] Sounds like a nicer system. [00:12] just try 'vserver ... build -m skeleton' with some additional options [00:13] see vserver - build --help [00:13] thanks. [00:22] (hi infowolfe :) [00:33] ok, got the network setup figured. 8) Can ping the vserver. 8) [00:35] Now the question is to do with /proc/ [00:37] Is it sufficent to "sudo mount -t proc proc /uml/vservers/test/proc" on the host? [00:38] what issues do you see with the proc? [00:40] Hmm. where to start. Ok ,first... [00:40] Bertl: ... [00:40] we still need to use the ctxquota option right? [00:40] [nic@stateless:/usr/local/etc/vservers] sudo vserver test status [00:40] Vserver 'test' is not running [00:40] oh shit, it's ctxtag isn't it? [00:40] tagxid ;) [00:40] ttagcx [00:40] gotcha [00:40] tagctx or now (preferred) tagxid [00:40] do user/quotis there a difference? [00:40] Even though I just started it. [00:40] er, is therree adiffence [00:41] hum?! [00:41] and do user/group quotes need to be enabled? [00:41] 'is there a difference' [00:41] stupid computer [00:41] nope [00:41] no difference, quota have to be enabled as usual ... [00:41] so my mount option is tagxid [00:41] and remember, DO NOT USE TAGXID on ROOT PARTITIONS ;) [00:41] right [00:42] yup, tagix should be fine ... [00:42] even tagxid ;) [00:42] wew [00:43] oh, fucking a [00:43] mother fucking a [00:43] why did i do that?!?! [00:43] ughh [00:43] hrm, interesting ... [00:44] i only made a /boot and / [00:44] oh well, i'll just make another virtual disk [00:48] ok, so how do I set memory limits these days? still -v in ULIMIT ? [00:48] nope [00:49] there is a vlimit tool to do that ... [00:49] ah, ok [00:50] this one is generic, and will allow to set/query all the limits ... [00:50] hrm [00:50] and doesn't require restart the context I take it [00:50] yup [00:50] do I need 0.29, or newer ? [00:51] enrico? vlimit is included since when? [00:51] perhaps 0.27 [00:52] but it's buggy before 0.29.2 [00:52] but the latest version is advices, even alpha, because the display was fixed somewhat ... [00:52] hrm [00:52] >.29.2 == ? [00:53] guess 0.29.2 is okay ... [00:53] 0.29.2 is development version of stable branch and it *should* be safe to use it [00:53] ok [00:53] under pre [00:56] eyck (~eyck@62.233.189.138) joined #vserver. [00:57] hi eyck! [00:59] hi herbert [00:59] Nick change: Doener_zZz -> Doener [01:03] hi Doener! [01:03] ahhh.... feeling way better... [01:03] that headache really was killing me, but now i'm feeling just great :) [01:03] good! [01:03] heh [01:03] headaches [01:03] i have a headache 24/7 these days [01:03] :( [01:03] hrm [01:03] so are people trying to run 2.6 vserver in production? [01:03] sorta looks like it from the lists [01:03] ben (~ben@bengrimm-host225.dsl.visi.com) left irc: Read error: Connection reset by peer [01:04] matta: yep seems so .. well it's pretty stable ... [01:04] yeah? [01:04] and it has all the features of 1.3.7 except vroot... [01:05] almost ... [01:05] so i guess it's just missing the disk limit stuff [01:05] is tbf done for it? [01:05] not yet ... [01:05] ah [01:06] hell, if people say it's stable once it has the disk limits and the new memory limits we were talking about i'd try it on a production server [01:06] but that isn't something I worry about too much ... [01:06] why not? because no one seemed to care if it existed? [01:06] heh, no, the TBF stuff is easily implemented, that is what I meant ... [01:07] oh, understood [01:07] i remember that working out extremely well [01:07] you know if anyone runs 2.6 on SMP ? [01:08] all in all 2.6 seems quite smooth ... yep one reported acompile time issue .. [01:08] or do you have a test SMP server yet? [01:08] yes I have but not testing 2.6 on that yet .. [01:08] ah [01:08] was just gonna say you could emulate SMP under UML I believe [01:11] doesn't help very much, but I'm confident that QEMU will support SMP simulation soon ... [01:11] have you looked at the cfq i/o scheduler yet? [01:11] nope ... [01:11] been in andrew mortons patchset forever... so once he officially takes over it should get included [01:11] Bertl: i'm trying to write a short paper on proc security in the wiki, which devel. version introduced it? [01:11] complete fair queueing [01:12] i'm sure it would help just using it under vserver normally [01:12] matta: without your 'gentle' push, no progress ... ;) [01:13] anyhow, it does what it states [01:13] btw, I really appreciate it, you dig out topics I always forget ... ignore/etc ... [01:13] might be interesting if something like tbf could be done with that scheduler [01:13] which would prevent a vserver from monopolizng the disk i/o [01:13] Bertl: :) [01:14] it might be pointless to do that though, it may work as expected in it's stock form [01:15] whoa... lots of new programs [01:15] vfiles, vkill, vlimit, vcheck, vprofile [01:15] http://vserver.13thfloor.at/Experimental/patch-2.4.25-vs1.3.8-q0.14rc1.diff [01:16] what's that do? just the nfs fix? [01:16] hmm, and some other 'pending' stuff ... mostly cleanups ... [01:16] want a delta? [01:17] no plans to just add the quota/cq stuff to the official tree? [01:17] that's been around for a long time... [01:17] yeah, well, it wasn't that much tested, but it is tested by the community now ... so probably that'll get in either in 1.4 or in the 2.6.x branch ... [01:18] ah, found it, searching for vproc was maybe a bit too restrictive ;) [01:18] especially talon has tested and discovered bugs for many cornercases ... [01:19] Doener: sorry missed your request ... [01:19] i found a bug, this is an OLD server though [01:19] c17e [01:19] let's hear ... [01:19] usage is 2.1GB but no matter how many times I set it it says 8GB [01:20] everything else updates fine [01:20] hmm, disk limits? [01:20] yes [01:20] i'm sure it's fixed [01:21] i think it's like dl0.03 or 4 [01:21] didn't we use the block size? 4k in that ancient version? [01:21] i dunno, just one context is messed up [01:21] just because setting it to 2GB might actually mean 8GB ... [01:22] oh, hrm [01:23] that might be it [01:23] lemme see [01:24] hrm [01:24] might not be, it DOES set the limit correctly [01:24] just not the usage [01:25] hm, you did try another value 'just for the fun of doing it' right? [01:26] but it might be an issue of dl0.03/4 ... much has changed since ... [01:29] [root@vps7 cli]#/root/cq-tools-0.06/cqdlim -x 63 -S 0,1000000,1000,100000,10 /dev/ubd/2 [01:29] inodes: 0/1000000 [01:29] blocks: 1000/100000 (10%) [01:29] [root@vps7 cli]#vserver towels exec df -k [01:29] ipv4root is now 69.10.156.7 69.10.156.8 69.10.156.9 [01:29] New security context is 63 [01:29] Filesystem 1K-blocks Used Available Use% Mounted on [01:29] /dev/hdv1 100000 1000 88940 2% / [01:29] hrm [01:29] looks correct [01:34] this is strange [01:34] /root/cq-tools-0.06/cqdlim -x 44 -S 0,10000000,96535,20480000,10 -v /dev/ubd/2 [01:34] [root@vps7 cli]#vserver lucid exec df -h [01:34] ipv4root is now 69.10.150.240 [01:34] New security context is 44 [01:34] Filesystem Size Used Avail Use% Mounted on [01:34] /dev/hdv1 15G 8.9G 5.2G 64% / [01:37] hmm ... looks interesting ... [01:37] is it the same disk? [01:37] hrm [01:37] on 1.3.8... [01:37] i just ran a 'vserver test1 build' [01:37] got a page full of... [01:37] Can't set the new security context [01:37] : Invalid argument [01:38] after the cp was done [01:38] could you give the testme.sh a spin? [01:38] http://vserver.13thfloor.at/Stuff/testme.sh [01:39] odd [01:40] Linux-VServer Test [V0.07] (C) 2003-2004 H.Poetzl [01:40] chcontext is working. [01:40] chbind is working. [01:40] Linux 2.4.25-vs1.3.7 i686/0.29.2/0.29.2 [E] [01:40] --- [01:40] [001]# succeeded. [01:40] [011]# succeeded. [01:40] [031]# succeeded. [01:40] [101]# succeeded. [01:40] [102]# succeeded. [01:40] [201]# succeeded. [01:40] [202]# succeeded. [01:40] the 1.3.7 is my fault ... [01:40] yeah [01:40] i changed the ip to a valid one [01:40] same thing [01:41] enrico? any ideas? [01:41] [root@vserver root]# chcontext --ctx 2 bash [01:41] New security context is 2 [01:41] [root@vserver root]# [01:41] this is a fresh install [01:42] running /etc/init.d/v_sendmail start also works [01:42] yeah, the testme.sh verified core functionality ... [01:42] so chcontext/chbind seem to work... [01:44] can you trace with 'sh -x $(which vserver) ... build' where it is coming from? [01:45] hrm [01:45] can I try with a vserver test1 enter ? [01:46] copying on this server takes forever :) [01:46] if it gives the same errors, yes ;) [01:46] + '[' enter = suexec ']' [01:46] + '[' enter = exec ']' [01:46] + '[' enter = enter ']' [01:46] + testperm test1 [01:46] + return [01:46] + exec /usr/sbin/vserver test1 exec /bin/bash -login [01:46] ipv4root is now 192.168.1.101 [01:46] Can't set the new security context [01:46] : Invalid argument [01:46] there is more before that [01:46] you want it all? [01:47] too bad, here is the text BEFORE what I just pasted [01:47] ++ dirname /usr/sbin/vserver [01:47] + : /usr/sbin/util-vserver-vars [01:47] + test -e /usr/sbin/util-vserver-vars [01:47] + . /usr/sbin/util-vserver-vars [01:47] ++ PKGLIBDIR=/usr/lib/util-vserver [01:47] ++ SBINDIR=/usr/sbin [01:47] ++ VROOTDIR=/vservers [01:47] + USR_SBIN=/usr/sbin [01:47] + USR_LIB_VSERVER=/usr/lib/util-vserver [01:47] + VSERVER_CMD=/usr/sbin/vserver [01:47] + CHBIND_CMD=/usr/sbin/chbind [01:47] + CHCONTEXT_CMD=/usr/sbin/chcontext [01:47] + SAVE_S_CONTEXT_CMD=/usr/lib/util-vserver/save_s_context [01:47] + CAPCHROOT_CMD=/usr/lib/util-vserver/capchroot [01:47] + VSERVERKILLALL_CMD=/usr/lib/util-vserver/vserverkillall [01:47] + DEFAULTPATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin [01:47] + SILENT= [01:47] + NODEV= [01:47] + true [01:47] + '[' test1 = --silent ']' [01:47] + '[' test1 = --nodev ']' [01:47] + break [01:47] + '[' 2 -lt 2 ']' [01:47] + '[' enter = build ']' [01:47] + '[' '!' -f /etc/vservers/test1.conf ']' [01:47] + '[' '!' -d /vservers/test1/. ']' [01:47] + '[' enter = start ']' [01:47] + '[' enter = running ']' [01:47] + '[' enter = status ']' [01:47] + '[' enter = stop ']' [01:47] + '[' enter = restart ']' [01:48] Action: Doener thinks we should introduce a no-paste service ;) [01:48] hmm .. what does this require ... [01:50] [root@vserver root]# cat /var/run/vservers/test1.ctx [01:50] S_CONTEXT=49152 [01:50] S_PROFILE=prod [01:50] hrm, should the context be that high? [01:50] ah, okay! [01:50] that isN#t allowed [01:50] isn't allowed I mean ... [01:50] what isn't? [01:50] it's in the dynamic range, you cannot create a context in the dynamic range ... (at least not by specifying the context id) [01:51] i set the context to 10 and it sorta works now [01:51] don't get THAT error anymore [01:51] /usr/lib/util-vserver/save_s_context: line 26: /var/run/vservers/test1.ctx: Permission denied [01:51] it's dropping privileges before it can write that file now [01:51] hrm, you are not using tagxid on that partition right? [01:53] Bertl: hmm... how far are new devel/stable releases away? any sense in still documenting the 'old' proc-flag logic? [01:54] nope, 1.3.8 is basically released ... [01:54] (and has the new logic) [02:00] Bertl: i am. [02:00] hrm, where are chctx/lsctx these days? [02:01] well, do not use tagxid on the rootfs ... [02:01] oh no [02:01] it's only on /vservers [02:01] i missed what you said [02:01] /dev/sda3 on / type ext3 (rw) [02:01] /dev/sdb1 on /vservers type ext3 (rw,tagxid) [02:01] is chctx still needed? [02:02] well, if you want to change the context id yes ... [02:02] soor (~as@pD958A735.dip.t-dialin.net) joined #vserver. [02:03] hi soor! [02:03] hi all [02:03] where is it? [02:03] it's now called chxid ... [02:03] ... [02:04] should be in enricos tools ... [02:04] nope [02:04] not in 0.29.2 [02:04] hmm, maybe you should give the alpha util-vserver a try ... [02:05] it's there [02:05] 0.29.196 [02:06] figured .2 would be newer than .196 [02:06] _shur1 (~shushushu@vserver.electronicbox.net) left irc: Ping timeout: 483 seconds [02:07] hrm.... [02:07] dietlibc >= 0:0.22 is needed by util-vserver-0.29.196-0 [02:07] [root@vserver util-vserver-0.29.196]# rpm -q dietlibc [02:07] dietlibc-0.21-8 [02:07] fuck. [02:07] --without dietlibc [02:07] (at rpmbuild) [02:08] got it [02:09] question regarding vlimit... [02:09] -MSH = ? / Soft / Hard ? [02:09] and how am I supposed to find out what can be limited? in the vserver patch somewhere? [02:11] 'vlimit -a -c 0' should tell you, what your kernel is supporting [02:11] 'M' is minimum [02:11] infowolfe (~infowolfe@66.93.53.207) left irc: [02:11] hrm... [02:13] i think that's broke :) [02:13] [root@vserver root]# vlimit -a -c 0 [02:13] vc_get_rlimit(): No such process [02:13] 5 N/A N/A 0x2600 [02:13] vc_get_rlimit(): No such process [02:13] 6 N/A N/A 0x04000c470 [02:13] vc_get_rlimit(): No such process [02:13] 9 N/A N/A 0x04000c470 [02:13] that's with .29.2 still though [02:13] lemme try .196 [02:13] 'No such process' means 'No such context' and values are bogus [02:14] context 0 has no limits ... [02:14] try an existing ctx at '-c' [02:15] i have a question too..... with S_NICE i can set a nice level to a vserver, but is it possible to renice a vserver withot restarting it ? [02:15] yep, you could renice all processes in a context ... [02:16] (possible from context 1) [02:16] hmm k try it :) [02:16] thx [02:16] well at least it should be ... [02:16] [root@vserver root]# vlimit -a -c 10 [02:16] 5 N/A N/A INF [02:16] 6 N/A N/A 0x03e8 [02:16] 9 N/A N/A INF [02:16] ohhh... so much better :) [02:17] ensc, hmm vlimit does report in hex, can this be changed/made an option? [02:18] Bertl: no, but hex values are making the most sense for limits ;) [02:19] ah, okay, I 'just' refer everyone asking to you ... ;) [02:21] esands (~nic@mdr11-port292.jetstart.maxnet.co.nz) left irc: Quit: back later [02:24] hrm [02:24] so what's the method to destroy a context these days? [02:25] vserver stop ... [02:25] well, it couldn't create /var/run/vsevers/vserver.ctx [02:25] so it's blank [02:25] i got it though [02:26] hmm, still don't understand why that file creation failed? [02:26] the dirs are there, and in context 0? [02:26] i think perhaps [02:26] the file existed [02:26] and the S_CONTEXT inside it was different? [02:26] would that do it? [02:26] hmml could you check with lsxid in that file? [02:27] or a similar file if it fails again ... [02:27] worked this time [02:28] with new tools [02:28] hmm, okay .. [02:29] ok, added proc security paper to the wiki :) [02:33] Bertl: what about the vshelper stuff, is testing still needed? [02:33] well, it should work, but testing is always good ... [02:33] added it yesterday to vs0.09 ;) [02:36] 1.3.8 supports vshelper? [02:36] where can I get that btw? [02:37] hrm, to use quotas inside a vserver I need modified quota tools, right? [02:37] yes, vshelper is in 1.3.x and vs0.09 [02:37] no, unmodified quota tools .. [02:37] hrm [02:37] i added the CAP_QUOTACTL mount [02:37] er, cap [02:38] sounds good ... [02:38] what else is needed? [02:38] you have to use the vroot device to be secure [02:38] oh shit [02:38] vr-tools [02:38] damn i'm out of the vserver loop [02:38] then specify fs, ufs in the /etc/mtab ... [02:38] it has to be ufs? [02:39] no, but if you use ext2 or ext3, the tools try to work on the lowlevel block device ... [02:39] which fails for security reasons ... [02:42] where are vr-tools now? [02:42] not in Stuff/Experimental... [02:42] they are on the stable page ... [02:42] I'll add a link to devel/exp next time ... [02:43] Bertl: are there incr. patches for experimental? [02:43] not yet, would you like some? [02:44] yepp, i have to patch in extra drivers for my wlan card, and non incr. patches cause a full kernel rebuild for me [02:45] starting with? [02:45] oh, vrsetup is in .196 anyway [02:45] shit, what is the mknod major/minor? [02:45] not on the doc page [02:45] 4,x [02:45] block device .. [02:47] ok [02:47] added to the wiki doc [02:48] well, I do not create device nodes by hand ;) [02:49] oh [02:49] you use devfs ? [02:49] yup, guilty! [02:49] grrrrr [02:49] so i ran [02:49] mknod /dev/vroot/0 b 4 0 [02:49] vrsetup /dev/vroot/0 /dev/sdb1 [02:50] cp -af /dev/vroot/0 /vservers/test1/dev/hdv1 [02:50] [root@vserver:test1 /]quotaon -a [02:50] quotaon: using //aquota.group on /dev/hdv1 [/]: No such device or address [02:50] add a quota hash ;) [02:50] grrr [02:51] paul (~irssi@p5089EE6B.dip.t-dialin.net) left irc: Quit: leaving [02:51] _shur1 (~shushushu@vserver.electronicbox.net) joined #vserver. [02:51] Doener: http://vserver.13thfloor.at/Experimental/delta-2.6.3-vs0.07-vs0.08.diff and http://vserver.13thfloor.at/Experimental/delta-2.6.3-vs0.08-vs0.09.diff [02:52] thx :) [02:52] ... [02:52] hi _shur1? [02:52] [root@vserver cq-tools-0.06]# ./cqhadd /dev/sdb1 [02:52] [root@vserver cq-tools-0.06]# vrsetup /dev/vroot/0 /dev/sdb1 [02:52] [root@vserver cq-tools-0.06]# cp -af /dev/vroot/0 /vservers/test1/dev/hdv1 [02:52] same thing... [02:53] it is set to ufs in fstab/mtab [02:53] ./cqhadd -x /dev/sdb1 [02:53] the help doesn't say that :) [02:53] yeah, I know, it's outdated, so what? [02:54] 8-) [02:54] ok [02:54] that worked [02:56] what is #6 for vlimit? [02:56] i tried setting it and now stuffs broken [02:57] looks like 6 is nproc [02:57] [root@vserver 10]# cat limit [02:57] PROC: 3/256 [02:57] VM: -9450/256 [02:57] VML: 0/-1 [02:57] RSS: 428/64 [02:57] that's not good [02:57] oh shit, it's bytes [02:57] hmm, VM = -9450 ... interesting ... [02:57] how did you do that? [02:58] no clue [02:58] you are always one step ahead in breaking things ;) [02:58] but now I get [02:58] [root@vserver 10]# vserver test1 enter [02:58] WARNING: can not find configuration, assuming legacy method [02:58] ipv4root is now 192.168.1.101 [02:58] New security context is 10 [02:58] Broken pipe [02:58] i really have no friggin idea [02:58] i guess set try setting the limits each to '256' [02:58] and see what it does for you. [02:59] root@vserver 10]# cat limit [02:59] PROC: 3/256 [02:59] VM: -11574/256000 [02:59] VML: 0/-1 [02:59] RSS: 428/64000 [02:59] everytime i do an enter [02:59] it ends with broken pipe [02:59] and subtracts about 3KB (bash?) to VM [02:59] 3MB but yes might be ... [03:00] i thought we had a way kill a vserver without entering the context now? [03:00] could be that the 'error path' isn't handled correctly ... [03:00] yes, there is vkill? [03:01] vserver stop doesn't use it or something [03:01] Stopping the virtual server test1 [03:01] Server test1 is running [03:01] ipv4root is now 192.168.1.101 [03:01] New security context is 10 [03:01] sleeping 5 seconds [03:01] Killing all processes [03:01] /usr/lib/util-vserver/legacy/vserver: line 780: 24869 Broken pipe $_CHBIND --silent $IPOPT --bcast $IPROOTBCAST $_CHCONTEXT $CAPS --secure --silent --ctx $S_CONTEXT $VSERVERKILLALL_CMD [03:01] i thought we had fixed this a long time ago? :) [03:02] hmm it seems that this is an old script, not the vkill I'm referring to ... [03:02] perhaps enrico wondered why the fuck something was done the way it was and decided it was wrong [03:02] Topic changed on #vserver by ChanServ!services@services.oftc.net: http://linux-vserver.org/ || latest stable 1.26, devel 1.3.7, exp 0.09 [03:03] vkill -h [03:03] This is vkill V0.01 [03:03] options are: [03:03] -h print this help message [03:03] -k kill (signal num) [03:03] -p target pid (def. 0) [03:03] -x context id [03:03] -V verify interface version [03:03] -- end of options [03:03] [root@vserver util-vserver]# vkill [03:03] No pid specified [03:03] where can I get the new one? [03:03] no, this is the legacy script and I do not want to introduce anything new there [03:03] this is my tool, and IIRC enrico has something similar in his alpha tools ... [03:03] ensc: i'm using alpha! [03:03] should I remove util-vserver-legacy ? [03:03] matta: yes, alpha has a -legacy package which is doing the stable stuff [03:04] note the 'legacy' at '/usr/lib/util-vserver/legacy/vserver'... [03:04] ok [03:05] Last message repeated 1 time(s). [03:05] so i removed util-vserver-legacy [03:05] re-installed everything except that... [03:05] ran hash [03:05] /usr/sbin/vserver: line 166: /usr/lib/util-vserver/legacy/vserver: No such file or directory [03:05] is there something else I need to do? [03:05] ... and can not start your old vservers [03:05] if this isn't in the util-vserver branch, you can get the original tool from: [03:05] http://www.13thfloor.at/vserver/d_release/v1.3.1/vkill-0.01.tar.bz2 [03:05] the syscall is there since 1.3.1 as you can see ... [03:06] i think... it is showing the old config format [03:06] ensc: i don't have any old vservers :) [03:07] matta: when you have *.conf files without the new-style directory configuration, the old vservers will be assumed [03:08] where is the new style configuration documented? [03:08] in doc/configuration.xml ;) [03:08] and what was the command to build without dietlibc ? [03:08] hehe ... this _is_ the punchline .. always ... [03:08] rpmbuild -bb --without-dietlibc ? [03:08] but best introduction would be probably 'vserver - build --help' and a '-m skeleton' vserver [03:08] Is there any documentation for enrico's utils? [03:09] *bong* round two ... [03:09] netrose: http://www.linux-vserver.org/index.php?page=alpha+util-vserver gives a small introduction [03:09] enrico, I guess you have to write some documentation ... [03:10] At least how the tools are supposed to be used, what's each parameter, etc... [03:10] somebody offered to write stylesheets for the configuration.xml file but I never heard from him aganin [03:10] this happens from time to time ... [03:10] netrose: all (new) tools are having a '--help' option [03:11] Yes, but for example: vlimit --help gives me... [03:11] Usage: vlimit [-c|--ctx ] [-a|--all] [-MSH -- ]* [03:11] vserver test1 build -m apt-rpm -- -d fc1 --flags sched,nproc,lock --hostname test3.office.tektonic.net --context 13 [03:11] Ok, what's 'M', what's 'S', and what's 'H' [03:11] that looks reasonable? [03:12] netrose: Minimum, Soft, Hard [03:12] this is used for the limits ... [03:12] Minimum, Soft and Hard for what? [03:12] currently the kernel only supports Hard (Maximum) [03:12] -- ??? [03:12] limits for VM,VML,RSS and NPROC [03:13] netrose: the number of the limit; I do not know the names of the currently (3) supported limits [03:13] those are the numbers used in the rlimit fields [03:13] is that in numerical order? VM is 1, VML is 2, etc...? [03:13] nope, sec [03:13] See, this kind of documentation is what we really need. [03:13] Before we make the tools even more complicated. [03:14] /usr/include/asm/resource.h [03:14] #define RLIMIT_CPU 0 /* CPU time in ms */ [03:14] #define RLIMIT_FSIZE 1 /* Maximum filesize */ [03:14] #define RLIMIT_DATA 2 /* max data size */ [03:14] #define RLIMIT_STACK 3 /* max stack size */ [03:14] #define RLIMIT_CORE 4 /* max core file size */ [03:14] #define RLIMIT_RSS 5 /* max resident set size */ [03:14] #define RLIMIT_NPROC 6 /* max number of processes */ [03:14] #define RLIMIT_NOFILE 7 /* max number of open files */ [03:14] #define RLIMIT_MEMLOCK 8 /* max locked-in-memory address space */ [03:14] #define RLIMIT_AS 9 /* address space limit */ [03:14] #define RLIMIT_LOCKS 10 /* maximum file locks held */ [03:14] Which ones are supported? [03:15] hrm [03:15] what do I have to do to get an apt-rpm install going? [03:15] Reading Package Lists... Done [03:15] Building Dependency Tree... Done [03:15] Reading Package Lists... Done [03:15] Building Dependency Tree... Done [03:15] ensc: Couldn't find package glibc [03:15] that's all I get [03:15] where is it looking? using the hosts apt config ? [03:15] netrose: let me check because I suspect an off by one issue there ... [03:16] Bertl: no, it's right [03:16] ah okay ... [03:16] matta: /etc/vservers/.distributions/*/apt/sources.list [03:16] 5,6, 9 is supported, 6 and 9 enforced [03:17] ok [03:18] Doener (~doener@pD9588247.dip.t-dialin.net) left irc: Quit: Leaving [03:20] ensc, could you add the RLIMIT_* names (just the second part to the options in a later release? [03:22] ok [03:22] i'm still confused on setattr [03:22] so if I want /proc/mounts to be viewable from contexts 0 and 1 [03:22] ensc maybe with an additional synonym/alias from VM to AS [03:23] it would be setattr --hide --admin --watch /proc/mounts ? [03:23] yep, except that /proc/mounts doesn't work this way ;) [03:23] this proc stuff is for non proc entries ... [03:24] /proc/mounts actually points to /proc/self/mounts which in turn is /proc//mounts [03:24] Doener (~doener@pD9588247.dip.t-dialin.net) joined #vserver. [03:24] Bertl: hrm [03:24] that sucks [03:24] i thought you had hid /proc/mounts? [03:24] yep, it's an addon patch ... [03:25] http://vserver.13thfloor.at/Experimental/no-proc-mounts-vs1.24.diff [03:25] ugh [03:25] this is a mess [03:25] you are here to clean it up, right? [03:26] the user friendly/actually works aspects of a lot of this needs work... yes [03:27] okay, have to go to bed now ... need some sleep ... [03:27] nevertheless, it's fine to have? you back ... doing vserver again [03:28] lol perhaps [03:28] need to get a lot of the stuff I was talking about working first :) [03:28] i'm willing to help it get done though [03:29] great! okay, have a nice wossname, everyone ... cu tomorrow ... [03:29] Nick change: Bertl -> Bertl_zZ [03:53] ExpiryJames (~james@h24-71-63-164.ok.shawcable.net) left irc: Quit: Leaving [03:56] _shur1 (~shushushu@vserver.electronicbox.net) left irc: Ping timeout: 483 seconds [04:01] _shur1 (~shushushu@vserver.electronicbox.net) joined #vserver. [04:02] ensc: are you here? [04:02] yep [04:03] so [04:03] with the .196 tools [04:03] they don't mount proc [04:03] i assume because of the private namespace [04:03] but when I try to mount I get permission denied [04:03] what do I do in a situation such as this? [04:03] yes, when entering vserver with 'ssh' you will see /proc [04:04] oh [04:04] hrm [04:04] strange [04:04] to make 'enter' work, you need two small patches [04:04] what is fstab in the config dir? does this just get copied to /etc/fstab in the vserver on every start? [04:05] it is used to mount the directories into the vserver [04:05] don't know if I copy it into the vserver... [04:05] http://savannah.nongnu.org/cgi-bin/viewcvs/util-vserver/util-vserver/lib/flags.c.diff?r1=1.2&r2=1.3 [04:05] http://savannah.nongnu.org/cgi-bin/viewcvs/util-vserver/util-vserver/lib/vserver.h.diff?r1=1.28&r2=1.29 [04:06] patches will be in 0.29.197 and later [04:07] this package management is messing with me [04:07] apt-get doesn't work within the vserver [04:07] perhaps it doesn't work without /proc [04:09] apt-get/rpm are not working *within* the vserver [04:09] (since rpmdb is stored outside of it) [04:09] do you have tried 'vapt-get'? [04:09] ah, right [04:09] i installed rpm [04:09] but didn't initdb [04:09] or 'vrpm'? [04:09] yeah, that's what i've been using [04:09] vapt-get [04:09] i just wanted it working inside the vserver also [04:10] it doesn't appear vsysvwrapper exists anymore [04:10] not written yet [04:10] netrose (john877@FL3-24.217.241.239.charter-stl.com) left irc: Ping timeout: 480 seconds [04:10] you have to copy /vservers/.pkg/<...>/etc/state to /vservers/<...>/var/lib/rpm [04:10] sometime, I will write a conversation tool. But it does not have a high priority [04:11] well, that's going to screw with a lot of people [04:11] the vrpm/vapt-get stuff is nice and all [04:11] but i'm sure most people manage each vserver locally [04:11] matta: that's why it is called 'alpha' [04:11] hrm [04:11] matta: the external storage is needed because of security reason [04:11] s [04:12] or do you trust rpm that it does not do bad things on a specially prepared rpmdb? [04:13] i understand for vapt-get [04:13] which is great for someone managing a bunch of vservers for themself [04:13] but for hosting where each user has their own environment, that's not gonna fly [04:15] where do I configure the ip in the new config? [04:15] I was guessing interfaces/ip, but that wasn't it [04:15] interfaces//ip [04:15] hrm [04:16] is something like 00 or 01 or foo or bar or ... [04:16] would '0' work? [04:16] yep [04:16] hrm [04:16] i guess something else needs to be done [04:16] [root@vserver interfaces]# cat 0/ip [04:16] 192.168.1.101 [04:17] that's all it should really need, right? [04:17] you must set 'dev', and 'prefix' [04:17] (or mask) [04:17] hrm [04:17] prefix is subnet mask? [04:17] then, you can assign a 'name' too [04:17] i was wondering that [04:17] prefix is e.g. 21, while mask is 255.255.248.0 [04:17] this is all under 'id' [04:17] ? [04:18] yep [04:18] 'dev' can be configured udner interfaces/ too [04:18] same for mask/prefix [04:18] and those who don't set it will inherit [04:18] ? [04:18] (when having multiple interfaces) [04:18] yep [04:18] the old tools didn't require mask to be set [04:19] it just got it from the interface [04:19] perhaps, it can be left unset too [04:21] hrm [04:21] it doesn't look like setattr is actually doing anything [04:21] setattr --admin --watch --hide /proc/partitions [04:21] that should let context 0 and 1 see the file, correct? [04:22] but not anything else? [04:22] [root@vserver interfaces]# showattr /proc/partitions [04:22] AwhbiX /proc/partitions [04:23] mmh, the 'w' and 'h' flags should be set too [04:23] hmm... it's working for me... [04:23] doener:/home/doener# setattr --admin --watch --hide /proc/partitions [04:23] doener:/home/doener# showattr /proc/partitions [04:23] AWHbi- /proc/partitions [04:23] Doener: which version? [04:23] this is 1.3.8 [04:24] i'm on 2.6.3 0.09 [04:24] hrm [04:24] me too... [04:24] Doener: what tools? [04:24] .196 [04:24] hrm [04:24] weird [04:24] [root@vserver root]# setattr --hide --admin --watch /proc/partitions && showattr /proc/partitions [04:24] AwhbiX /proc/partitions [04:25] strange [04:25] perhaps herbert can shed some light tomorrow [04:25] 'X' means you have an xid assigned to it [04:25] [root@vserver root]# lsxid /proc/partitions [04:25] 0 /proc/partitions [04:25] isn't everything 0 by default? [04:26] I am just telling, what the kernel says [04:26] hmm... what gives showattr /proc/loadavg ? [04:27] or any other entry you didn't change... [04:27] what is --barrier ? [04:27] [root@vserver root]# showattr /proc/swaps [04:27] AwhbiX /proc/swaps [04:27] i bet no one else is mounted with tagxid, are you? [04:28] for your vservers partition [04:28] hmm... per default admin and hide should be set... [04:28] lemme try 2.6.3 [04:31] matta: could you give me a link to 1.3.8 (split-)patches? they're not yet on the page... [04:31] i forget the link [04:31] http://vserver.13thfloor.at/Experimental/patch-2.4.25-vs1.3.8rc1.diff [04:31] that's the full patch [04:33] guess i can live with that also... [04:35] [root@vserver root]# showattr /proc/partitions [04:35] AwhbiX /proc/partitions [04:35] [root@vserver root]# setattr --admin --hide --watch /proc/partitions && showattr /proc/partitions [04:35] AwhbiX /proc/partitions [04:35] hrm [04:35] that's without tagxid... doub that would have done much [04:35] will have to test 2.6 [04:46] netrose (~john877@FL3-24.217.241.239.charter-stl.com) joined #vserver. [04:51] well [04:51] this isn't cool [04:51] hm? [04:51] booting 2.6.3 under vmware... [04:51] Feb 23 20:52:32: vcpu-0| [msg.log.monpanic] *** VMware Workstation internal monitor error *** [04:51] Feb 23 20:52:32: vcpu-0| PANIC F(135):777 bugNr=13647 [04:51] panics vmware [04:52] CPU is set to p4-celeron.. which this is [04:56] <_shur1> checking for number of syscall 'vserver'... configure: error: Can not determine value of __NR_vserver; please verify your glibc/kernelheaders, and/or set CPPFLAGS='-D=__NR_vserver=' environment when calling configure. [04:56] <_shur1> vs:~/util-vserver-0.29.196# [04:56] <_shur1> anybody know what is the problem? [04:58] _shur1: the __NR_vserver macro is neither defined in your glibc, nor kernel headers [04:59] <_shur1> what that mean.... [04:59] <_shur1> the frist time i got this error when compiling utilis-vserver [05:00] __NR_vserver is the number of the vserver syscall, and it is defined usually in [05:00] formerly I assumed 273, but this caused problems e.g. on Sparc where it is 267 [05:02] <_shur1> ok i got it [05:02] <_shur1> is beacause of 2.6 [05:12] hmm... this is interesting... [05:14] matta: could you add a line to fs/ioctl.c in 2.4.25-vs1.3.8 ? just a #include after the proc_fs.h include... [05:21] serving (~serving@213.186.188.205) left irc: Read error: Connection reset by peer [05:33] Nick change: cdub -> cgone [05:59] matta? [06:04] hello? [06:10] [03:16] matta: could you add a line to fs/ioctl.c in 2.4.25-vs1.3.8 ? just a #include after the proc_fs.h include... [06:24] i'll give it a shot [06:24] one sec. [06:25] take your time [06:33] that has no effect on the setattr/showattr issue [06:33] [root@vserver root]# setattr --admin --watch --hide /proc/partitions [06:33] [root@vserver root]# showattr /proc/partitions [06:33] AwhbiX /proc/partitions [06:35] hmm... that's the only obvious difference i've found between 1.3.8 and 0.09 regarding those flags... maybe i'm too tired... [06:54] expiryjames (~james@cindi.ca) joined #vserver. [07:21] serving (~serving@213.186.188.205) joined #vserver. [07:29] Frank00polo (~franko@wbar7.dal1-4-13-067-211.dsl-verizon.net) joined #vserver. [07:42] Frank00polo (~franko@wbar7.dal1-4-13-067-211.dsl-verizon.net) left irc: Quit: ChatZilla 0.9.52B [Mozilla rv:1.6/1] [08:27] serving (~serving@213.186.188.205) left irc: Read error: Connection reset by peer [09:46] serving (~serving@213.186.188.205) joined #vserver. [11:00] esands (~nic@mdr11-port292.jetstart.maxnet.co.nz) joined #vserver. [11:06] kestrel (athomas@home.swapoff.org) left irc: Ping timeout: 480 seconds [11:34] rs (rs@ice.aspic.com) joined #vserver. [11:35] hello dudes [11:35] Nick change: Bertl_zZ -> Bertl [11:36] hi everyone ... [11:37] hey [11:38] Is CAP_NET_RAW sufficent to run either a web or mail server? [11:41] well, you do not need that for both [11:42] the vserver chcontext --secure (which is used by default) only leaves the required caps on, CAP_NET_RAW isn't one of them [11:48] I'm getting this message: [11:48] [nic@stateless:/usr/share/doc/bridge-utils] vserver test status [11:48] Vserver 'test' is not running [11:48] Any idea why this might be? [11:48] and is it running? [11:48] How do I check that. I've run vserver test start [11:49] seems to be pingable, and I can do vserver test enter and ping externally [11:49] okay try with 'chcontext --ctx ps auxwww' [11:49] where is the context number you got, when you started the test vserver [11:50] if you don't know that number, for whatever reason, have a look in /var/run/vservers/test.*' [11:51] /usr/local/var/run/vservers/ is empty, but there is a whole pile of instances in /usr/local/var/run/vservers.rev/ [11:52] hmm, okay you are using the alpha tools, right? [11:52] yep. Let me reboot to get back to a clean slate [11:52] it might be that vserver status doesn't work as expected [11:53] you should also test with vserver-stat in this case ... [11:53] Could be. [11:53] I keep getting /proc empty messages as well. [11:53] did you setup /proc security yet? [11:53] I assume after a reboot I can delete evertying in /usr/local/var/run/vservers.rev/ [11:53] I assume you are using 1.3.x or vs0.0x [11:54] "/proc security" ?? 1.3.7 [11:54] yep in devel and exp /proc is basically turned off by default [11:55] you have to enable the /proc entries with setattr or vproc utility [11:55] (alpha tools include the setattr) [11:55] Why is it turned off? vproc isn't included with the alpha util-vserver [11:56] but setattr is ;) [11:56] Is setattr used before 'vserver test start' ?? [11:56] probably not ... you only have to use it once after system startup, to enable the /proc entries you would like a vserver to see [11:57] and it's turned off, because nowadays /proc is used for many things which would do harm to the host if available ... [11:57] Ok. Is this the a nice receipe for 'setting' a vserver for use once build has been completed? [11:57] ( like detaching your scsi disks, rebooting your system) [11:57] s/this the/there/ [11:57] yes, definitely not something you want a person to do. [11:58] So 'sudo mount -t proc proc /uml/vservers/test/proc' is a bad idea? [11:58] if you want to get proc working fast, just do setattr --~admin /proc/[a-z]* /proc/[a-z]*/* /proc/[a-z]*/*/* [11:58] mounting proc in a vserver is done automatically, only the 'entries' are hidden by default [11:59] you can verify that by simply doing: [11:59] chcontext --ctx 100 ls /proc [11:59] actually I'd prefer to know what I'm doing. [11:59] you'll only see pids and symlinks [12:00] [nic@stateless:~] sudo chcontext --ctx 100 ls /proc [12:00] New security context is 100 [12:00] 1 366 mounts self [12:00] nice. [12:00] with the showattr tool you can have a look at the 'current' flags [12:00] showattr /proc/cpuinfo [12:00] if you now do setattr --~admin /proc/cpuinfo [12:00] the 'admin' flag will go away,a nd a chcontext --ctx 100 ls /proc [12:00] will show that entry [12:01] hmm.. anyone here ever tried to use vserver in a cluster environment? [12:01] not yet! [12:01] Er. [12:01] [nic@stateless:~] sudo showattr /proc/cpuinfo [12:01] -wH--- /proc/cpuinfo [12:01] [nic@stateless:~] sudo setattr --~admin /proc/cpuinfo [12:01] [nic@stateless:~] sudo showattr /proc/cpuinfo [12:01] -wH--- /proc/cpuinfo [12:01] [nic@stateless:~] sudo chcontext --ctx 100 ls /proc [12:01] New security context is 100 [12:01] i'll get my hands on a 8 node ibm eServer environment next weekend.. [12:01] 1 390 mounts self [12:02] and i was wondering wether it would work with vservers or not.. [12:02] should ... somehow ... [12:02] i have to admit i hardly have a clue how it works ;> [12:02] the cluster part that is [12:02] esands: better use the vproc tool for now, the logic is a little flawd, and was changed/will be changed in 1.3.8 ... see http://www.linux-vserver.org/index.php?page=Proc-Security [12:03] for details ... [12:03] have to run now, will be back in about 2 hours ... [12:03] Nick change: Bertl -> Bertl_oO [12:04] thanks for the help again [12:12] ensc (~ircensc@ultra.csn.tu-chemnitz.de) left irc: Ping timeout: 480 seconds [12:31] stubbsd (~stubbsd@217.206.216.194) joined #vserver. [12:35] kestrela (~athomas@syd-h43C.adsl.AlwaysONLINE.net.au) joined #vserver. [12:35] hello [12:58] kestrel (athomas@home.swapoff.org) joined #vserver. [12:58] esands (~nic@mdr11-port292.jetstart.maxnet.co.nz) left irc: Quit: later [13:09] meebey (meebey@meebey.net) left irc: Remote host closed the connection [13:46] Nick change: Bertl_oO -> Bertl [13:47] hi everyone .. [13:47] hi Bertl [13:49] hi rs, how's your vserver? [13:52] great, I gonna to test the 0.09 with the 2.6.3 over NFS [13:53] hey, sounds interesting ... [13:53] with the hosting node as a diskless node booting in PXE [13:53] yep intresting [13:53] even better ;) [13:54] sounds like the 1.3.8 prerelease has some bugs with the flags ... [13:54] iunlink flags ? [13:55] nope the vproc/security stuff [13:55] (just reading the irc history ;) [13:55] hehe ok sorry [13:55] is the 0.09 affected ? [13:55] nothing to be sorry about ... [13:55] nope we tested 0.09 in this regard, should not be ... [13:56] nice [13:56] brb [15:24] serving (~serving@213.186.188.205) left irc: Read error: Connection reset by peer [16:30] paul (~irssi@p5089E005.dip.t-dialin.net) joined #vserver. [16:31] hi [16:36] chaosle (~yvan@bragi.fh-brandenburg.de) joined #vserver. [16:36] hi all [16:39] i just googled 3 hours, to find out what to do with rhe split-2.4.25... file. can anybody give me a hint ? or tell me where to find an newbee howto for vservers ... especialy about the kernel patching part ? [16:42] 32 people and nobody can help me ?!? :) [16:45] ben (~ben@bengrimm-host225.dsl.visi.com) joined #vserver. [16:45] hi ben, i just googled 3 hours, to find out what to do with rhe split-2.4.25... file. can you give me a hint ? or tell me where to find an newbee howto for vservers ... especialy about the kernel patching part ? [16:45] hi chaosle [16:46] hi chaosle! [16:46] hi bertl [16:46] simple ... there is a patch ... [16:46] linux-2.4.25-vs1.26 for example [16:46] Bertl's too fast ;-) [16:46] the one with .diff ? yes [16:46] ben oh okay, I slow down then ;) [16:46] hehe [16:47] naa, you got 'im [16:47] okay, and if somebody is interested in modifying stuff included in this patch [16:47] he might appreciate it if the patch would be in small chunks ... [16:48] each chunk covering a logical area (of the modifications) [16:48] re [16:48] sure [16:48] so for example one for the vroot device, another one for the scheduler ... [16:48] ic .. its only a splitted big patch file ? can i merge them together or do i have to install dem one by one ? [16:48] and even further, each chunk available in an alternate form to be applied against, say for example, a ck patch [16:49] i mean patch the kernel [16:49] you do not have to use the split patches at all, that is why there is a 'combined' patch too [16:49] especially if you're new, you probably have little or no reason to leave out a patch [16:49] if you look at: [16:49] http://www.13thfloor.at/vserver/s_release/v1.26/ [16:50] you see there is a patch*.diff, and a split*.tar [16:50] on the 13thfloor site i can download the patch 2.4.25...diff and the other one, the split ...tar.gz .... [16:50] exactly my problem ... want to know if i need both [16:50] both contain the same modifications to a vanilla kernel --- [16:50] so you do only need one [16:51] serving (~serving@213.186.190.91) joined #vserver. [16:52] and what ist the command to patch ?? (sorry new in kernel hacking never used a diff file :) [16:53] untar your kernel source [16:53] cd into the dir [16:53] and patch -p1 < patch.diff [16:54] (replace your filenames as appropriate) [16:54] Bertl, ben thx a lot 4 help ! [16:57] sure thing [16:57] bertl, figured out my problems with vapt-get [16:57] is the alpha patch contains the per context quota feature, or I have to apply an additionnal patch like for the devel branch ? [16:57] was the version of util-vserver I used to create the server (0.29.195) [16:58] I switched back to 0.28.199 and made a new vserver and all was well again [16:58] if I get time I'll try to figure out what the difference was that caused the failure [17:00] serving (~serving@213.186.190.91) left irc: Ping timeout: 499 seconds [17:00] ben: did you tell enrico? [17:01] or send a mail? [17:01] rs: there is no alpha patch, what do you mean? [17:01] experimental sorry [17:01] no, that doesn't support quota/dlims yet [17:02] ben (~ben@bengrimm-host225.dsl.visi.com) left irc: Read error: Connection reset by peer [17:02] but you can work around if you need that by using different partitions ... [17:02] neither with an additionnal patch ? [17:02] no patch yet [17:03] ok [17:03] ben (~ben@bengrimm-host225.dsl.visi.com) joined #vserver. [17:03] 15:02 < Bertl> ben: did you tell enrico? or send a mail? [17:03] berlt, nope, probably should though [17:03] you plan to integrate it in the patch or to port your quota patch ? [17:03] in the MAIN patch [17:03] yes ;) [17:04] pretty cool =) [17:04] I haven't tried creating a server with a newer version though, so it may already be fixed [17:04] okay, in this case, check that out, and report then ... [17:05] I was getting to it ;-) [17:07] just rolling back the tools to the previous version did not help though, existing servers created with the newer version were 'broken' [17:08] (and the newer tools work to install on servers created with the older tools) [17:19] valen_ (~john@sprocket.hosting365.ie) joined #vserver. [17:19] hi valen_! [17:19] Guys, do you give any support for freevps ? [17:19] if possible, why not? [17:19] Or even advice. I'm almost crying here... [17:19] I've a vps server that's controlled with hsphere. [17:20] I had it working for months fine, then decided it was good enough to let some customers use it. [17:20] Only now that I've setup two vservers for customers...if you ssh into one of them, the kernel hard-hangs. [17:20] It gets really slow, then feels like the box is out of RAM, then stops responding. [17:21] hmm, probably a bug in the FreeVPS code ... [17:21] You can ping it, but it loses over %50% of packets. It's very very wierd. [17:21] or might be a hardware related issue ... [17:21] ssh-ing to the host works? [17:23] Yep. That's no problem. As soon as you ssh to the vserver, it dies. [17:23] hmm, do you get an oops? [17:23] They haven't released any bugfixes to VPS in ages though, so there is nothing new to try. No oops, nothing. I've got syslog logging to tty12, and it shows nothing either. [17:24] hmm, okay, so you have direct access to the machine? [17:24] Yep. It's in our test rack beside me. [17:25] okay, do you have magic sysreq compiled in? [17:25] No, alas. It's the standard freeVPS kernel from freevps.org. I think I'll try compile it up. [17:25] ls /proc/sysrq-trigger [17:25] does this list anything? [17:26] Ah. It's crashed again. I'll just give it a kick... [17:28] in any case you should verify the hardware with memtest86 and similar ... and if that turns out to be okay, but freevps not, you can always switch to linux-vserver ... [17:28] Well, I thought that also, so copied the OS to another machine that's been running fine for months. [17:30] mids (mids@mids.student.utwente.nl) left irc: Ping timeout: 480 seconds [17:52] loger joined #vserver. [17:52] ok, setting watch for all entries did the trick... [17:53] see, but not 'all' entries are required, you might test which entry actually is required ... [17:53] that's what i'm currently doing :) [17:53] just wanted to see if it would work at all [17:53] ah okay .. one step ahead ... as always ... [17:55] hmm... where to find xtrace? [17:57] mids (mids@mids.student.utwente.nl) joined #vserver. [17:57] Doener: forget it I meant -x tracing ... [17:58] ahh [17:58] but I realized that vserver-stat is a binary ... [17:58] hmm, and we have the source, right? [17:59] Bertl: [17:59] you fixed the setattr not doing anything bug? [17:59] yes, now looking for the oom exit f** up memory accounting bug ;) [18:00] want to test the setattr in the meantime? [18:00] [root@ls754 root]# cat /proc/cpuinfo [18:00] processor : 0 [18:00] vendor_id : AuthenticAMD [18:00] cpu family : 15 [18:00] model : 5 [18:00] model name : AMD Opteron(tm) Processor 240 [18:00] stepping : 1 [18:00] cpu MHz : 1394.586 [18:00] cache size : 1024 KB [18:00] werd... [18:00] hmm why? [18:11] why? [18:11] 64-bit [18:11] it's dual [18:12] and you only get one entry? [18:15] huh? [18:16] dual = SMP = 2x CPU ? [18:16] okay matt, obviously I can't follow you, what is weird about an AMD Opteron? [18:17] lol [18:17] nothing, just exotic :) [18:17] they're considerable faster than Xeon's in all the benchmark's i've seen [18:17] aha ... [18:23] hr, [18:23] i'm still waiting on my mind blowing response to my poll... [18:23] s/,/m/ [18:23] i just want to see someone running 2000-3000 concurrent processes :) [18:24] kind of hard, most 2.4.x kernels do not work with >= 3000 procs [18:24] expiryjames (~james@cindi.ca) left irc: Quit: Leaving [18:25] right... [18:25] i guess the 1300 process one is good [18:25] that's about where I was where my server was crashing daily [18:26] hrm, they seemed to have installed 32-bit fedora [18:32] hmm... how to get an average load average? [18:32] sysstat [18:32] simple, you average load averages ,) [18:33] hehe, no interest in watching it myself [18:33] top [18:33] Bertl: sar! [18:34] cat /proc/loadavg !! [18:34] that's not averaged [18:35] make up an average in your head [18:38] miller7 (~none@adsl49-static-gw1.access.acn.gr) joined #vserver. [18:38] hi miller7! [18:38] hello people [18:38] hey bert! [18:39] lots of people here today [18:49] hrm [18:50] 1800 procs w/ 1GB RAM [18:50] wonder what the swap is like there [18:50] too small ;) [18:51] i have 850 procs w/ 1GB of ram and am using 500MB of swap [18:52] ahh, finally fixed the funny memory accounting bug ... [18:52] serving (~serving@213.186.190.121) joined #vserver. [18:54] matta: that one is also using 500mb of swap [18:55] Bertl: what was it? :) [18:56] same bug as last time ... [18:56] check in fork() after the copy [18:57] [root@WWWW root]# sleep 10 & [18:57] -bash: fork: Cannot allocate memory [18:57] looks good? [19:03] hrm [19:05] <_shur1> Bertl [19:05] <_shur1> i am not able to compile .0.29.196 with 2.6.3 [19:05] <_shur1> checking for number of syscall 'vserver'... configure: error: Can not determine value of __NR_vserver; please verify your glibc/kernelheaders, and/or set CPPFLAGS='-D=__NR_vserver=' environment when calling configure. [19:05] <_shur1> vs:~/util-vserver-0.29.196# [19:05] <_shur1> how can i fix that??? [19:06] ensc (~ircensc@ultra.csn.tu-chemnitz.de) joined #vserver. [19:07] _shur1: ask again! [19:08] <_shur1> ensc how can i fix the checking for number of syscall 'vserver'... configure: error: Can not determine value of __NR_vserver; please verify your glibc/kernelheaders, and/or set CPPFLAGS='-D=__NR_vserver=' environment when calling configure. [19:08] <_shur1> error i got with 2.6.3 [19:09] 2.6.3 should define the value correctly, btw ... [19:09] _shur1: call ./configure as 'CPPFLAGS="-D__NR_vserver=273" ./configure ...' [19:10] stubbsd (~stubbsd@217.206.216.194) left irc: Ping timeout: 480 seconds [19:15] matta: http://vserver.13thfloor.at/Experimental/delta-vs1.3.8rc1-vs1.3.8rc2.diff [19:16] that brings the iattr stuff in sync with vs0.09 and fixes the fork() issue ... [19:16] ensc: how's your local network? [19:17] currently, I have connection again. But malfunctions are announced till tomorrow, 1200 CET. [19:18] are they replacing the lines or switches? [19:19] yes, new routers and changes in the infrastructure [19:21] stubbsd (~stubbsd@217.206.216.194) joined #vserver. [19:23] ben (~ben@bengrimm-host225.dsl.visi.com) left #vserver. [19:30] kloo (~kloo@213-84-79-23.adsl.xs4all.nl) left irc: Ping timeout: 480 seconds [19:31] ben- (ben@bengrimm-host229.dsl.visi.com) joined #vserver. [19:31] miller7 (~none@adsl49-static-gw1.access.acn.gr) left irc: Read error: Connection reset by peer [19:37] Is the 1.3.8 release out, yet? [19:41] not yet, but rc2 ... [19:42] http://vserver.13thfloor.at/Experimental/delta-vs1.3.8rc1-vs1.3.8rc2.diff [19:42] http://vserver.13thfloor.at/Experimental/patch-2.4.25-vs1.3.8rc1.diff [19:47] _shur1 (~shushushu@vserver.electronicbox.net) left irc: Ping timeout: 480 seconds [19:55] _shur1 (~shushushu@vserver.electronicbox.net) joined #vserver. [20:03] miller7 (~none@adsl49-static-gw1.access.acn.gr) joined #vserver. [20:04] thanks [20:15] Nick change: cgone -> cdub [20:20] hi cw! [20:28] stubbsd (~stubbsd@217.206.216.194) left irc: Quit: Leaving [20:28] Renegade (~Renegade@shuttle3.ee.ic.ac.uk) joined #vserver. [20:28] hi Renegade! [20:29] Bertl: hello [20:29] Nick change: Renegade -> Guest5 [20:30] gmm, Guest5 ... and I thoght you used virtuozzo until now ... [20:30] Guest5 (~Renegade@shuttle3.ee.ic.ac.uk) left irc: Client Quit [20:30] Renegade-2000 (~Renegade-@shuttle3.ee.ic.ac.uk) joined #vserver. [20:30] Renegade-2000 (~Renegade-@shuttle3.ee.ic.ac.uk) left irc: Read error: Connection reset by peer [20:30] Renegade-2000 (~Renegade-@shuttle3.ee.ic.ac.uk) joined #vserver. [20:31] doesn't matter that much who you are ... [20:31] Im a renegade ;-) [20:31] well ..... just checking this channel.... [20:32] hmm for what? [20:32] Im thinking to develope something like this.... [20:32] Its just an IDEA [20:32] not sure now.... [20:33] Take me more as guest.... than active member... [20:33] like what? [20:34] 'Im thinking to develope something like this....' like what? [20:34] --- Layer 4 switching -- [20:39] hmm, might be that you confuse linux virtual server, with Linux-VServer ? [20:40] well, anyway, you are welcome here ... [20:40] Nick change: talon_afk -> talon [20:40] hi talon! [20:41] almost done restoring my workstation. [20:41] Doener_zZz (~doener@pD9E12E60.dip.t-dialin.net) joined #vserver. [20:42] solaris 9 seems to be a good upgrade path so far. still have to put back all that open source software on it though. and wedge in the openlook deskset utils. [20:42] so how are things going today? [20:43] fine, thanks ... [20:45] _shur1 (~shushushu@vserver.electronicbox.net) left irc: Quit: changing servers [20:45] _shur1 (~shushushu@vserver.electronicbox.net) joined #vserver. [20:49] Doener (~doener@pD9588247.dip.t-dialin.net) left irc: Ping timeout: 480 seconds [20:53] Bertl: thanks for the info... [20:53] np [21:24] Nick change: Bertl -> Bertl_oO [21:31] rs (rs@ice.aspic.com) left irc: Quit: pula [21:42] Nick change: talon -> talon_afk [22:11] Bertl [22:12] so i tried to run 2.6.3-0.09 last night, it makes vmware core dump [22:12] very strange, like the kernel inside the vmware doesn't panic, but vmware itself [22:51] godo to know [22:56] mids (mids@mids.student.utwente.nl) left irc: Ping timeout: 480 seconds [22:57] mids (mids@mids.student.utwente.nl) joined #vserver. [23:03] loger joined #vserver. [23:12] mmh, are there e1000 issues on 2.4.25? I never had so much lockups in the last two years like in the last two days :( [23:26] Doener_zZz (~doener@pD9E12E60.dip.t-dialin.net) got netsplit. [23:26] serving (~serving@213.186.190.121) got netsplit. [23:26] chaosle (~yvan@bragi.fh-brandenburg.de) got netsplit. [23:26] kestrel (athomas@home.swapoff.org) got netsplit. [23:26] Mcleod (~altec@202.9.60.199) got netsplit. [23:26] talon_afk (talon@host-63-149-223-100.irwinresearch.com) got netsplit. [23:26] Doener_zZz (~doener@pD9E12E60.dip.t-dialin.net) returned to #vserver. [23:26] serving (~serving@213.186.190.121) returned to #vserver. [23:26] chaosle (~yvan@bragi.fh-brandenburg.de) returned to #vserver. [23:26] kestrel (athomas@home.swapoff.org) returned to #vserver. [23:26] Mcleod (~altec@202.9.60.199) returned to #vserver. [23:26] talon_afk (talon@host-63-149-223-100.irwinresearch.com) returned to #vserver. [23:27] ensc (~ircensc@ultra.csn.tu-chemnitz.de) left irc: Read error: No route to host [23:27] Nick change: cdub -> cgone [23:28] ensc (~ircensc@ultra.csn.tu-chemnitz.de) joined #vserver. [23:40] http://www.tektonic.net/public/vserver_hosting_req.txt [23:40] any input? [23:49] netrose_ (john877@FL3-24.217.241.239.charter-stl.com) joined #vserver. [23:50] netrose (~john877@FL3-24.217.241.239.charter-stl.com) left irc: Ping timeout: 499 seconds [23:51] matta: some of them are already forfilled and I don't believe most of them are actual show-stoppers. [23:51] matta: and I'm already using vserver in my hosting environment, but I'm not providing vservers. [23:52] i know most are complete [23:52] i'm talking to compete with the likes of Virtuozzo/UML in hosting and have no negative side affects [23:52] for VPS hosting [00:00] --- Wed Feb 25 2004