--- Log opened nie maj 09 00:00:56 2004 00:01:52>> shuri [~shushushu@cpu183.adsl.qc.bellglobal.com] has quit [Quit: http://base2091.com] 02:00:49>> Bertl_oO is now known as Bertl_zZ 02:56:09>> dionv is now known as dionv_zZ 03:31:46>> virtuoso [~s0t0na@213.158.10.72] has joined #vserver 03:34:27>> virtuoso [~s0t0na@213.158.10.72] has left #vserver [] 03:35:29>> virtuoso [~s0t0na@213.158.10.72] has joined #vserver 03:35:47>> virtuoso [~s0t0na@213.158.10.72] has left #vserver [] 03:35:53>> virtuoso [~s0t0na@213.158.10.72] has joined #vserver 05:56:53>> infowolfe_ [~infowolfe@pcp04891550pcs.frnkmd01.md.comcast.net] has joined #vserver 05:56:53>> infowolfe [~infowolfe@pcp04891550pcs.frnkmd01.md.comcast.net] has quit [Read error: Connection reset by peer] 08:18:08>> infowolfe_ [~infowolfe@pcp04891550pcs.frnkmd01.md.comcast.net] has quit [Ping timeout: 480 seconds] 08:21:35>> infowolfe [~infowolfe@pcp04891550pcs.frnkmd01.md.comcast.net] has joined #vserver 08:21:35>> infowolfe_ [~infowolfe@pcp04891550pcs.frnkmd01.md.comcast.net] has joined #vserver 08:22:29>> infowolfe [~infowolfe@pcp04891550pcs.frnkmd01.md.comcast.net] has quit [Quit: ] 08:22:31>> infowolfe_ [~infowolfe@pcp04891550pcs.frnkmd01.md.comcast.net] has quit [Quit: ] 08:55:58>> nalfein [~gaertner@212.68.83.129] has quit [Quit: Serverwechsel] 09:00:12>> serving [~serving@213.186.191.61] has quit [Read error: Connection reset by peer] 09:20:10>> _id [~id@217.81.158.198] has quit [Ping timeout: 480 seconds] 09:30:58>> _id [~id@pD95E93DA.dip.t-dialin.net] has joined #vserver 09:35:10>> Khahan [~Filbert@D5E0628B.kabel.telenet.be] has quit [Remote host closed the connection] 10:00:08>> Khahan [~Filbert@D5E0628B.kabel.telenet.be] has joined #vserver 10:18:30>> virtuoso [~s0t0na@213.158.10.72] has quit [Ping timeout: 480 seconds] 10:19:24>> virtuoso [~s0t0na@177ppp11.telegraph.spb.ru] has joined #vserver 10:27:38>> virtuoso [~s0t0na@177ppp11.telegraph.spb.ru] has quit [Read error: Connection reset by peer] 10:31:18>> _id [~id@pD95E93DA.dip.t-dialin.net] has quit [Ping timeout: 480 seconds] 10:34:40>> _id [~id@pD9E6121B.dip.t-dialin.net] has joined #vserver 10:36:47< _id> re 10:56:14>> serving [~serving@213.186.191.61] has joined #vserver 11:11:54>> Doener_ [~doener@pD9E12739.dip.t-dialin.net] has joined #vserver 11:18:47>> Doener` [~doener@pD9E12B5C.dip.t-dialin.net] has quit [Ping timeout: 480 seconds] 11:39:40>> ccooke [~ccooke@spc1-walt1-4-0-cust238.lond.broadband.ntl.com] has quit [Ping timeout: 480 seconds] 11:44:57>> _id [~id@pD9E6121B.dip.t-dialin.net] has quit [Ping timeout: 480 seconds] 12:08:15>> _id [~id@pD9E61560.dip.t-dialin.net] has joined #vserver 13:42:42< _id> kennt einer von euch http://www.psoft.net/ ? 13:44:55< Doener_> the freevps guys? yepp, i guess quite a number of us know them ;) 13:46:33< _id> did you try their package too ? it seems a bit outdated 13:46:46< _id> and only RH support 13:48:07< Doener_> didn't try it 13:48:55< _id> no big deal 13:49:08< _id> i just saw it on the net 13:49:36< _id> any they linked linux-vservers.org as their partners 13:50:05< Doener_> there's a link back to them on the wiki ;) 13:50:18< Doener_> somewhere at the bottom 13:55:12>> ccooke [~ccooke@spc1-walt1-4-0-cust238.lond.broadband.ntl.com] has joined #vserver 14:02:52>> mhepp [~mhepp@r72s22p13.home.nbox.cz] has joined #vserver 14:14:21>> axu [gl@83-64-20-92.dynamic.home.xdsl-line.inode.at] has joined #vserver 14:14:25< axu> hi folks :) 14:18:35>> Khahan [~Filbert@D5E0628B.kabel.telenet.be] has quit [Ping timeout: 480 seconds] 14:18:43>> nalfein [~gaertner@212.68.83.129] has joined #vserver 14:24:22>> Khahan [~Filbert@D5E0628B.kabel.telenet.be] has joined #vserver 15:02:44>> Bertl_zZ is now known as Bertl 15:02:56< Bertl> morning everyone! 15:04:23< mcp> good night Bertl 15:04:50< Bertl> are you that tired? 15:05:15< mcp> yes, but I won't sleep. I can sleep when I'm dead :) 15:05:36< Bertl> that's a word! 15:07:56< Bertl> going to check out 2.6.6-rc3-bk11 now ... 15:13:49< Bertl> hey only one minor change for vserver (at first glance ;) 15:16:58>> _id [~id@pD9E61560.dip.t-dialin.net] has quit [Remote host closed the connection] 15:37:14>> _id [~id@pD9E61560.dip.t-dialin.net] has joined #vserver 15:37:35< Bertl> welcome back _id? 15:37:55< _id> thx 15:54:38>> dionv_zZ is now known as dionv 15:54:45< Bertl> hi dionv! 15:55:03< dionv> Hi Bertl. 15:55:42< dionv> Bertl: THanks for the suggestions the other night... 15:56:04< dionv> Unfortunately my vserver guest is still complaining. Need to figure out the issue... 15:56:36< dionv> I saw something yesterday between infowolfe and pflanze that might be related though, so I'll have to see what they came up with. 15:57:53>> infowolfe [~infowolfe@pcp04891550pcs.frnkmd01.md.comcast.net] has joined #vserver 15:58:00< Bertl> what is it complaining about? 15:59:10< dionv> Incorrect fstab entries... 15:59:41< Bertl> hmm, so you still have the mount/umount active in the scripts? 15:59:44< dionv> The directory I'm using for my vserver guests is on a reiserfs partition, vserver guest is complaing it can't mount the ext2/3 partition 16:00:17< dionv> I thought I had disabled mount/dismount. I'm on Gentoo and ended up disabling all startup scripts (I think) 16:00:51< dionv> My mistake syslog-ng and vixie-cron are still listed 16:01:15< Bertl> hmm, well, they will not do mount, right? 16:01:41< dionv> Ok, removed those two and started my vserver guest, it only complained about /proc not being mounted this time. 16:01:55< dionv> Looks like one of those two may need something else. 16:02:28< Bertl> so you want to say that either syslog or cron does call 'mount'? 16:02:51< Bertl> boy, if that's true, then gentoo is really a weirdo distro ... 16:03:21< Bertl> usually a sysv based init consist of four parts: 16:03:30< dionv> Looks like vixie-cron has a need for localmount... 16:03:43< Bertl> some inittab (which is read by init) 16:03:47< dionv> I think inforwolfe mentioned something abou tthat yesterday to pflanze 16:03:53>> monrad [~monrad@213083190226.sonofon.dk] has joined #vserver 16:04:19< Bertl> okay, seems then like gentoo is strange ... maybe infowolfe can figure it all out ... 16:04:24< Bertl> hi monrad! 16:04:31< monrad> hi 16:04:33< dionv> inittab, yup. 16:04:54< dionv> inittab determines which runlevel to use, in thise case "default"... 16:05:13< Bertl> the other three parts are: some sysinit script, the runlevel script and the service scripts 16:05:43< dionv> Right. 16:06:20< Bertl> a service script, like cron, has nothing to do with mounting filesystems and such 16:06:46< Bertl> this is either done in a 'mount' service script, or from within the sysinit script itself 16:07:07< Bertl> (because it only makes sense on system startup) 16:08:27>> lexo_ [~LeXo@lns-th2-4f-81-56-252-185.adsl.proxad.net] has joined #vserver 16:08:36< Bertl> hi lexo_? 16:09:31< dionv> I would agree, however, it seems that the script for vixie-cron in Gentoo has a dependancy of localmount, which tries to mount filesystems. 16:09:54< Bertl> well, doesn't that sound a little weird? 16:10:06< dionv> Actually, in this case it ned clock, localmount and logger. 16:10:07< infowolfe> dionv, i have a little script that takes care of that 16:10:19< dionv> Yeah, it does. I'm still learnign the ins and outs of Gentoo. 16:10:19< infowolfe> it's a nasty hack, but yah... 16:10:48< dionv> infowolfe: Thanks, I saw some stuff from you yesterday about it, but my scrollback didn't go back far enough this morning. 16:11:27< Bertl> but maybe the 'correct' approach in this case would be to disable the localmount script at the first line (or wherever appropriate?) 16:11:53< Bertl> because in no particular case it will make any sense inside the vserver 16:12:13< dionv> infowolfe: Is there a link to the script? Unfortunately I have to leave now. 16:12:22< Bertl> so just letting it succeed without doing/trying anything would be a good idea ... 16:12:30< infowolfe> dionv, if you can hold on for a second, i can paste it in here 16:12:36< dionv> ok 16:12:59< infowolfe> #!/bin/bash 16:12:59< infowolfe> if [ -f /dev/initctl ];then 16:12:59< infowolfe> rm /dev/initctl 16:12:59< infowolfe> fi 16:12:59< infowolfe> touch /dev/initctl 16:12:59< infowolfe> for i in {/bin/{mount,umount},/sbin/{swapon,swapoff,hwclock}}; do cp /bin/true $i;done 16:13:25< infowolfe> that fudges gentoo so it'll work without any cosmetic problems (which are blockers unfortunately) 16:13:33< infowolfe> you'd have to edit the initscripts if you didn't do it my way 16:13:34< Bertl> hmm, well, ugly but effective, I guess ;) 16:14:13< dionv> got it. thanks. gotta go. 16:14:15< infowolfe> definately ugly 16:14:24>> dionv is now known as dionv_awfk 16:14:31< infowolfe> but it makes it all work without any superfluous editting 16:14:31>> dionv_awfk is now known as dionv_afk 16:14:43< Bertl> infowolfe: right ... 16:15:23< infowolfe> Bertl, gentoo hides the mount/unmount stuff all over the place :-p 16:15:28>> franck [~LeXo@lns-th2-4f-81-56-252-185.adsl.proxad.net] has quit [Ping timeout: 480 seconds] 18:27:10>> yarihm [~yarihm@217-162-206-157.dclient.hispeed.ch] has joined #vserver 18:27:18< Bertl> hi yarihm! 18:27:26< yarihm> hi Bertl 18:27:28< yarihm> hi rest :) 18:32:51< Doener_> hi yarihm 18:35:30< Bertl> anybody interested in testing vserver memory limits for 2.6? 18:46:59< yarihm> i have no 2.6-machines here :( 18:54:20>> dionv_afk is now known as dionv 18:54:34< dionv> infowolfe? 18:57:33< dionv> Bertl? 18:57:44< Bertl> yep? 18:58:05< dionv> Guest vserver is complaining about proc not being mounted... 18:58:15< dionv> Is this specific to vservers or a Gentoo issue? 18:58:52< Bertl> what patches? 18:59:06< dionv> Ooo, er...one sec... 18:59:52< dionv> vserver-sources (kernel) 2.4.25.1.3.8-r2, util-vserver 0.29_p196-r1 19:00:40< Bertl> well I asume it's vs1.3.8 and util-vserver 0.29.196 then 19:01:16< dionv> um, yep. 19:01:35< Bertl> http://www.linux-vserver.org/index.php?page=Proc-Security 19:02:36< dionv> Hmm. I thought my conf file handled that. Let me double-check... 19:03:17< Bertl> recent tools util-vserver-0.29.211 and later should handle that with a special script ... 19:04:02< dionv> Whoops, not conf, /etc/init.d/vserver 19:04:08< dionv> Has the following: 19:04:28< dionv> "/usr/sbin/setattr -R --~hide /proc/*" 19:05:03< dionv> There's a bunch of vproc commands commented out, but it looks like this setattr replaces them. Is that correct? 19:05:04< Bertl> hmm, well, this is basically disabling the entire proc security, which isn't such a good idea, but ... 19:05:44< Bertl> as usual, it's up to you ... 19:07:33< dionv> Hmm. I've changed it so that the setattr command is commented and the vproc commands for cmdlin, loadavg, meminfo, mounts, stat, and uptime are used... 19:07:44< dionv> "vproc -e /proc/" 19:08:22< dionv> The vserver started without complaining about proc, but I can't enter it... 19:08:36< dionv> Getting the error : "chcontext: vc_new_s_context(): Invalid argument" 19:09:26< Bertl> try bash -x vserver enter 19:10:37< dionv> Lots of output... 19:10:58< dionv> Checking error near the end... 19:10:58< Bertl> yeah, what is the 'last' coommand before the error? 19:11:35< dionv> "+ exec /usr/lib/util-vserver/legacy/vserver gentoo-stage3 enter" 19:11:43< Bertl> then do 19:11:52< Bertl> bash -x /usr/lib/util-vserver/legacy/vserver gentoo-stage3 enter 19:12:42< dionv> More stuff...last command before error again? 19:12:47< Bertl> yep 19:12:57< dionv> "+ exec /usr/lib/util-vserver/legacy/vserver gentoo-stage3 exec /bin/bash -login" 19:13:05< Bertl> and again ... 19:13:15< Bertl> bash -x /usr/lib/util-vserver/legacy/vserver gentoo-stage3 exec /bin/bash -login 19:13:56< dionv> "+ exec /usr/lib/util-vserver/legacy/vserver gentoo-stage3 suexec root /bin/bash -login" 19:14:28< dionv> Which procduces: 19:14:33< dionv> "+ exec /usr/sbin/chbind --ip 192.168.1.222 --bcast 192.168.1.255 /usr/sbin/chcontext --cap CAP_NET_RAW --secure --ctx 49160 --hostname stage3.smalleroslutions.ca /usr/lib/util-vserver/legacy/save_s_context /var/run/vservers/gentoo-stage3.ctx /usr/lib/util-vserver/capchroot --suid root . /bin/bash -login" 19:15:16< dionv> Which produces: 19:15:28< dionv> "/usr/sbin/chbind: /usr/sbin/chbind: cannot execute binary file" 19:16:07< dionv> Perms on chbin are: -rwxr-xr-x 1 root root 8292 Apr 29 13:01 /usr/sbin/chbind 19:16:21< dionv> chbind* (Dang fingers) 19:17:19< Bertl> so, let's try with 19:17:26< Bertl> ldd /usr/sbin/chbind 19:17:47< dionv> " libvserver.so.0 => /usr/lib/libvserver.so.0 (0x40020000) 19:17:48< dionv> libc.so.6 => /lib/libc.so.6 (0x40028000) 19:17:50< dionv> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)" 19:18:18< Bertl> hmm, okay ... what about 19:18:26< dionv> Hmm. Better turn off the smileys I guess, eh? Those are = > (but you probably knew that ;) 19:19:13< Bertl> exec /usr/sbin/chbind --ip 192.168.1.222 --bcast 192.168.1.255 /usr/sbin/chcontext --cap CAP_NET_RAW --secure --ctx 49160 --hostname stage3 /bin/bash 19:19:22< Bertl> remove the exec# 19:19:35< Bertl> /usr/sbin/chbind --ip 192.168.1.222 --bcast 192.168.1.255 /usr/sbin/chcontext --cap CAP_NET_RAW --secure --ctx 49160 --hostname stage3 /bin/bash 19:20:21< dionv> Same: "ipv4root is now 192.168.1.222 19:20:23< dionv> chcontext: vc_new_s_context(): Invalid argument" 19:20:44< Bertl> okay, then we reduce to /usr/sbin/chcontext --ctx 49160 /bin/bash 19:21:09< dionv> "chcontext: vc_new_s_context(): Invalid argument" 19:21:18< dionv> Beginning to woner about chontext, I am. 19:21:29< Bertl> fine, now we know that your dynamic context 49160 doesn't exist 19:21:58< Bertl> probably the vserver 'was' started, but has no services enabled, which 'automatically' stops it again ... 19:22:15< dionv> Ah. I should start some services in it then? 19:22:42< Bertl> if the last process inside a context dies, it is gone ... 19:22:56< Bertl> if you use dynamic context id's you can't enter it then ... 19:23:26< Bertl> if you use static id's you are able to enter the context regardless of the fact that it is running or not ... 19:23:39< Bertl> (at least with the right tools) 19:24:00< Bertl> 0.29.196 is a little outdated btw ... 19:25:38< dionv> Yeah, I saw a new version was posted, but was waiting for it to make it into Gentoo's Portage system. Maybe I can't wait. 19:25:55< Bertl> hmm, well we are at 0.29.213 atm 19:26:14< Bertl> so it's more than 15 versions old ... 19:26:39< dionv> Eesh. That's ancient in computer years ;) 19:26:43< dionv> I chroot'ed into the vserver, added syslog-ng as a service, then tried to start the vserver again... 19:26:51< Bertl> stop it first 19:27:01< dionv> Did that. 19:27:10< Bertl> okay, did it start the service? 19:27:25< dionv> No, it's complaining about the filesystem: 19:27:38< dionv> "* Checking root filesystem... 19:27:40< dionv> fsck.ext2: Is a directory while trying to open / 19:27:41< dionv> /: 19:27:43< dionv> The superblock could not be read or does not describe a correct ext2 19:27:44< dionv> filesystem. If the device is valid and it really contains an ext2 19:27:46< dionv> filesystem (and not swap or ufs or something else), then the superblock 19:27:47< dionv> is corrupt, and you might try running e2fsck with an alternate superblock: 19:27:49< dionv> e2fsck -b 8193 19:27:50< dionv> * Filesystem couldn't be fixed :( [ !! ]" 19:28:11< dionv> I tried putting an fstab entry in before telling it to use reiserfs, but it doesn't like it either. 19:28:15< Bertl> well, that is something gentoo specific ... 19:28:56< Bertl> obviously the different services start other not-related ones like those required to mount local filesystems and such ... 19:29:10< dionv> I'm beginning to wonder if I'm making the right choice trying to use Gentoo for this project ;) 19:29:20< Bertl> infowolf proposed a dirty but effective workaround ... 19:29:21< dionv> I like Gentoo, but this is eating up too much of my time. 19:29:36< dionv> Yeah, I tried it, but maybe I did it wrong. 19:30:10< dionv> Do you recall if it needs to be added to the startup scripts? I didn't see if he said so or not. 19:30:28< Bertl> no, but it obviously missed the e2fsck binary ... 19:30:54< Bertl> fsck.ext2 it is called btw 19:32:03>> lexo_ is now known as franck 19:32:21< Bertl> hi franck` 19:32:54< dionv> Getting closer. Changed the script to check fsck.ext2, now vserver guest starts up with this: 19:33:08< dionv> " vserver gentoo-stage3 start 19:33:10< dionv> WARNING: can not find configuration, assuming legacy method 19:33:11< dionv> Starting the virtual server gentoo-stage3 19:33:13< dionv> Server gentoo-stage3 is not running 19:33:15< dionv> ipv4root is now 192.168.1.222 19:33:16< dionv> Host name is now stage3.smallersolutions.ca 19:33:18< dionv> New security context is 49165 19:33:19< dionv> * Caching service dependencies... 19:33:21< dionv> grep: /proc/cpuinfo: No such file or directory 19:33:23< dionv> * Syncing hardware clock to system clock [UTC]... [ ok ] 19:33:24< dionv> * Remounting root filesystem read-only (if necessary)... [ ok ] 19:33:25< dionv> * Checking root filesystem... [ ok ] 19:33:27< dionv> * Remounting root filesystem read/write... [ ok ] 19:33:28< dionv> * Setting hostname to gentoo-stage3... 19:33:30< dionv> hostname: you must be root to change the host name 19:33:31< dionv> * Failed to set the hostname [ !! ] 19:33:33< dionv> * Checking all filesystems... [ ok ] 19:33:34< dionv> * Mounting local filesystems... [ ok ] 19:33:36< dionv> awk: cmd. line:17: fatal: cannot open file `/proc/filesystems' for reading (No such file or directory) 19:33:37< dionv> * Activating (possibly) more swap... [ ok ] 19:33:39< dionv> grep: /proc/cpuinfo: No such file or directory 19:33:41< dionv> * Setting system clock to hardware clock [UTC]... [ ok ] 19:33:42< dionv> * ERROR: Problem starting needed services. 19:33:44< dionv> * "syslog-ng" was not started." 19:34:18< Bertl> hmm, nice, you want my opinion? forget gentoo, too much stuff to cleanup ... 19:34:24< dionv> LOL 19:34:35< Bertl> that said, somebody posted some scripts on the ml, for gento IIRC 19:34:57< axu> hi bertl :) 19:35:06< Bertl> From: Bogdan Agica 19:35:12< Bertl> I managed to hack the Gentoo boot scripts to a usable state. I have 19:35:12< Bertl> placed the archive of the init.d directory at 19:35:12< Bertl> http://80.86.106.246/init.d.tbz 19:35:22< axu> heard of someone running openvpn in a vserver ? (tun/tap) 19:35:22< Bertl> Note: The URL will be available 7 days from now on. Should anybody want 19:35:22< Bertl> to place it somewhere else on the web, feel free to. 19:35:51< Bertl> axu: not yet, but it will for sure require some caps 19:36:23< axu> Bertl: jep : thought so to :) 19:36:33< axu> +o 19:37:58< dionv> Bertl: Got it, thanks. 19:38:09< Bertl> you're welcome 19:39:39< dionv> Bertl: I'll go off and play with this some. We'll see what happens. Thanks for your help. 19:39:49>> dionv is now known as dionv_afk 19:55:36>> g0atygun is now known as Shotygun 19:55:37< Shotygun> http://www2.b3ta.com/heyhey16k/ 19:55:42< Shotygun> Funny flash.. 19:56:48< Bertl> very bad design .. still loading here ... 19:56:56< Shotygun> It's worth it. 19:59:05< Bertl> are you sure .. still loading ... 20:00:06< Shotygun> Hmm maybe something broken on your side? 20:00:22< Shotygun> Wait I will mirror it for ya 20:00:26< Bertl> don't think so ... it's fetching data ... 20:01:11< Shotygun> http://www.metnix.com/www2.b3ta.com/heyhey16k/ 20:01:19< Bertl> now it's done, but it still stays black ... 20:01:28< Shotygun> Maybe you got old flash version? 20:01:40< Shotygun> I know several people who watched it already 20:01:41< Bertl> probably ... 20:01:48< Bertl> Shockwave Flash 5.0 r50 20:01:54< Shotygun> Old 20:01:58< Shotygun> Time to update? =D 20:02:08< Bertl> hmm, why? 20:02:18< Shotygun> Hmm.. for future purposes?=P 20:02:31< Bertl> basically I think flash is a step in the wrong direction ... 20:03:06< Shotygun> True, but if you can't beat them - join them. 20:03:39< Bertl> thanks, but not me, you can tell me the story, if you think it's so funny ... 20:04:11< Shotygun> It's not a story, it's a song, about spectrum 16k 20:04:31< Bertl> hmm, and why do I need flash for a song? 20:05:07< Shotygun> Because of the cartoon animation to it which is quite adding, and mostly because I don't have the original song? =P 20:05:23< Shotygun> (attached to it..) 20:05:28< Bertl> hmm, why don't you record it from the flash then? 20:07:21< Shotygun> http://www.aas.mcmail.com/aas024/mp3.htm#top 20:07:27< Shotygun> http://www.mjhibbett.net/h16k.mp3 20:07:29< Shotygun> That's the right link. 20:08:22< Shotygun> The annoying intro beep isn't in the flash =P 20:11:09< Shotygun> Hmm it's a bit diff from the flash one. 20:11:17< Shotygun> But very much bit.. 20:16:56< eyck> where can I get it in something readable? like mpeg or ogm? 20:18:44< Shotygun> You are all so hard =) 20:19:07< Bertl> eyck: it's not worth the efford ... 20:19:30< Shotygun> =| 20:19:59< axu> should be no problem to hack the x sources and write evey frame of a flashanimation into a bitmap wich is afterward put together with mencoder for example. also capturing audio iss really easy with alsa :) ...for a programmer ;) 20:20:40< Shotygun> All that bother for some animation that suppose to make you smile and nothing but that? jesh.. 20:20:41< Bertl> Shotygun: maybe you also like this one: 20:20:51< Bertl> http://www.rathergood.com/moon_song/ 20:20:56< Shotygun> Next time I will learn to shut up =P 20:21:14< Shotygun> Yeah I know this one, actually it annoys me =P 20:22:58< Bertl> a -really_ funny flash site was the following: http://www.parapluesch.de/flash_neu/anstalt.swf 20:23:23< Bertl> not that I'm so fond of flash, but this was funny ... 20:23:43< eyck> hmm, if it's supposed to be simple and funny... then why force people to go hunting some exotic software to view it? 20:24:51< Shotygun> I havn't forced, but I assume you may need it in the future anyway for one thing or another.. 20:25:00< Bertl> I guess flash was invented because java always requires a system upgrade ;) 20:25:37< Shotygun> I think flash was invented only because it's more WYSIWYG than java.. 20:26:45< Bertl> eyck: btw, any good 'free' alternatives to flash? was looking for something like this, but didn't find anything ... 20:33:30< axu> svg :) 20:37:36< axu> anyone a hint where to start with this ? : Note: Cannot open TUN/TAP dev /dev/net/tun: 20:38:01< axu> hardlink to the tun dev ? 20:42:23< axu> hmm, ic noone uses tun tap with vserver (google says) 20:43:02< axu> is there any vserver usable vpn ? 20:46:07< Bertl> I'd say load the module ... 20:46:40< axu> have to be more carefull with selecting software... 2 unnecassary reboots just beause i choose unvserverish software :( 20:47:04< axu> bertl: hehe, yerah, funny isntz it 20:47:12>> axu [gl@83-64-20-92.dynamic.home.xdsl-line.inode.at] has left #vserver [Leaving] 20:56:29 * pflanze wonders if unify can detect identical files even if they are not at the same sub-path in both locations 20:57:10< Bertl> basically yes ;) 20:58:01< pflanze> heh why does it need a template-and-sister pair? 20:58:23< pflanze> (s/sister/sibling/?) 20:58:55 * pflanze will have to look closer 20:59:05< Bertl> unify is the result of the idea to join different rpm based servers ... 20:59:49< Bertl> the basic idea is valid for arbitrary files, as long as they conform to the 'unlink-first-then-replace' logic ... 21:00:13< pflanze> It'd be cool if it could unify files over *all* vservers over *all* places (without excluded paths of course). 21:00:20< pflanze> All at once. 21:00:37< Bertl> well, you could, if you would know which files 'can' be unified ... 21:00:49< Bertl> an example: 21:01:04< Bertl> let's assume that /var/log/messages is empty 21:01:16< pflanze> exclude var/log/ :) 21:01:28< Bertl> let's further assume that /etc/wossname.conf is empty too .. 21:01:55< Bertl> in some vserver, both will 'look' like the same, and naturally become a good candidate for unification ;) 21:19:47>> axu [gl@83-64-20-92.dynamic.home.xdsl-line.inode.at] has joined #vserver 21:19:48< axu> re 21:22:26< axu> im still trying to get openvpn+tun working in a vserver but got no clou how to get the /dev/net/tun into the vserver.... (tried a hardlink but vservers / is on another disk...) anone a hint on how /dev stuff works in vservers ? 21:24:31< Bertl> you have /dev/net/tun on the host? 21:24:57< Bertl> then copy it over to the vserver (for example with cp -va) 21:25:33< axu> Bertl: thats all ? 21:25:57< axu> Bertl: why didnt you tell me that last time i asked ? :) 21:26:33< Bertl> 20:37 < axu> anyone a hint where to start with this ? : Note: Cannot open 21:26:33< Bertl> TUN/TAP dev /dev/net/tun: 21:26:48< Bertl> didn't imply that it is available on the host ... 21:26:53< Bertl> that was why I suggested: 21:27:04< Bertl> 20:46 < Bertl> I'd say load the module ... 21:27:44< axu> i said something like yeah, funny isnt it :) 21:27:46< axu> :) 21:28:15< Bertl> ah, must have missed that 8-) 21:28:39 * Bertl .oO( funny isn't it? ) 21:31:43< axu> bertl: well, ok, now the real vserver stuff starts :) SIOCSIFADDR: Permission denied, SIOCSIFFLAGS: Permission denied, SIOCSIFDSTADDR: Permission denied, SIOCSIFMTU: Operation not permitted :) tahts funny :) 21:32:00< axu> CAP_SET_ time :) 21:32:20< Bertl> I'd say, cleanup your config first ... 21:33:04< axu> Bertl: any when you say thiongs like that you mean.... ? 21:33:31< Bertl> on vserver start, you get SIOCSIFADDR: Permission denied, SIOCSIFFLAGS: Permission denied, 21:33:34< Bertl> SIOCSIFDSTADDR: Permission denied, SIOCSIFMTU: Operation not 21:33:37< Bertl> permitted 21:33:39< Bertl> ? 21:33:45< axu> *check* 21:33:57< Bertl> or when you try to configure the vpn? 21:34:32< Bertl> well, you are probably on the right track, so just ignore me ;) 21:36:19< axu> not, on vserverstarrt, when i start the openvpn. well, the right track. i guess im gonna look for a list of available CAPS and try putting stuff in the vservers conf that sounds simmilar# 21:36:38< Bertl> try CAP_NET_ADMIN 21:37:41< axu> ok 21:38:57< axu> ok :) now these three are left missing: SIOCSIFFLAGS: SIOCSIFDSTADDR:SIOCSIFFLAGS: 21:42:51< yarihm> is there a mirror for paul sladens stuff? www.paul.sladen.org is often down, at least from here 21:42:54< axu> bertl: is tzhere a way to query the capabilities a vserver is started with ? 21:43:16< Bertl> yarihm: hum, paul is usually the mirror guy ;) 21:44:01< Bertl> yarihm: are you looking for something specific? 21:44:35< Bertl> axu: grep Cap /proc/self/status (from inside the vserver) 21:45:32< yarihm> Bertl: yeah, his bind9-no-capset-stuff 21:46:44< yarihm> Bertl: i have the debian-newvserver.sh script locally somewhere ... the problem is that i'd like to have a line in /etc/apt/sources.list so that i can do a cronjob for upgrades (if any) ... 21:47:07< axu> Bertl: hehe, i believe that you know what those things you see than are all about *g* 21:47:16< axu> s/than/then/ 21:48:37< Bertl> it's a bitmask, each bit is one capability ... 21:49:04< Bertl> there are tools to interpret this ... but you have to search for them (lcap or pcapset) 21:49:11< axu> bertl: i .... learned something today ;) 21:49:47< axu> apt-get install lcap :) 21:50:12< Bertl> hmm, debian has lcap, right! 21:51:44< axu> Current capabilities: 0x00000000 hmmm...doesnts sound right :) 21:52:21< Bertl> ah, I remember, lcap reads from some protected interface ... not from the proc ... 21:53:00< axu> /proc/sys/lids/lock_init_children 21:53:04< Bertl> axu: do some math, use the /include/linux/capability.h files, and make your own table ... 21:53:43< axu> bertl: what you suggest takes me about a week or so todo 21:54:00< yarihm> Bertl: you don't have the packages in question, do you? 21:54:22< Bertl> for bind9, it was just changing one configure option 21:54:34< Bertl> it was called something like --disable-linux-caps 21:54:51< Bertl> (no I don't have the packages) 21:58:02< yarihm> Bertl: yeah, i know ... i could do it on my own. i could set DISABLE_CAPS or something for the vservers too, but if there is already a package ... :-\ 21:58:49< yarihm> well, maybe i have more luck tomorrow and the packages are back online 21:59:02< Doener_> yarihm: http://apt.hostsharing.net/vserver/pool/main/b/bind9/ 21:59:13< Doener_> call me google-bot ;) 21:59:26< Doener_> next time it's your turn *g* 22:05:33< mhepp> bye! 22:05:36>> mhepp [~mhepp@r72s22p13.home.nbox.cz] has quit [Quit: mhepp caught signal: Autobus error] 22:05:51>> shuri [~shushushu@cpu183.adsl.qc.bellglobal.com] has joined #vserver 22:10:23>> axu [gl@83-64-20-92.dynamic.home.xdsl-line.inode.at] has quit [Read error: Connection reset by peer] 22:10:49< Bertl> hi shuri! 22:11:43< yarihm> Doener_: argh ... 22:11:47< yarihm> Doener_: thanx 22:14:34< shuri> hi Bertl 22:15:16< shuri> 4 days uptime with pre14 22:23:22< Bertl> great .. interested in testing memory limits/accounting? 22:26:47< UFOczek> i have one free box. 22:27:08< Bertl> interested? 22:27:46< UFOczek> yup 22:28:55< Bertl> okay, let me finish a small aptch, you'll need 2.6.6-rc3-bk11 22:29:04< UFOczek> ok :) 22:30:48< UFOczek> -bk11 ? 22:30:57< UFOczek> ah, rught 22:30:58< UFOczek> right 22:31:19< Bertl> you can downlaod it from kernel org (as patch to rc3) 22:37:40< Bertl> http://vserver.13thfloor.at/Experimental/patch-2.6.6-rc3-bk11-vs1.9.0pre14.3.diff 22:37:48>> hiaslboy_weekEND is now known as hiaslboy 22:37:58< Bertl> this includes first support for RSS enforcement ... 22:39:34< UFOczek> hehe. 22:39:55< UFOczek> when i was using 2.4.21 and vserver patch i found funny bug :-) 22:40:15< Bertl> yeah, which one? 22:40:31< UFOczek> when load av >= 1, i was unable to enter vserver (vserver www enter?) :-) 22:41:00< Bertl> hmm, sounds strange .. very strange actually ... 22:41:21< UFOczek> i don't know how it's for 2.6 - i'm waiting for patchs, wolk, grs,vserver. 22:41:56< UFOczek> patchs=patches :-) 22:47:16< UFOczek> first, 2.6.5 22:47:23< UFOczek> next, 2.6.6-rc3-bk11 ? 22:47:28< UFOczek> and then patch-2.6.6-rc3-bk11-vs1.9.0pre14.3.diff ? 22:47:45< Bertl> 2.6.5, then 2.6.6-rc3, then 2.6.6-rc3-bk11, then the aptch 22:47:54< UFOczek> ah. 22:48:21< UFOczek> :) 22:56:25< UFOczek> hm :-)) 22:56:47< Bertl> any issues so far? 22:57:10< UFOczek> yup 22:57:28< UFOczek> libsafe.so[851]: overflow caused by memcpy() 22:57:29< UFOczek> ;-) 22:57:51< UFOczek> libsafe.so[851]: detected an attempt to write across stack boundary. 22:57:52< Bertl> hmm, with or without any limits? 22:57:58< UFOczek> i didnt compile, yet 22:58:01< UFOczek> but wait. 22:58:13< Bertl> hmm, so probably not vserver related then ;) 22:58:24< UFOczek> yes, it isnt ;) 23:02:23< UFOczek> sorry, i can't do it now. 23:03:56< Bertl> np 23:04:27< yarihm> is it a known issue that bind9 can't be chrooted under a vserver? 23:05:16< UFOczek> yup 23:05:22< yarihm> i get some strange error, it says that my kernel is too old to do so, but i run 2.4.25. the exact message is: 23:05:24< yarihm> named: -u not supported on Linux kernels older than 2.3.99-pre3 or 2.2.18 when using threads 23:05:31< yarihm> UFOczek: referring to me? 23:05:44< UFOczek> i had to add S_CAPS for vserver confg 23:06:29< yarihm> UFOczek: well, i thought the CAPS-thing was adressed by having --options-nocaps or something the like as compilation-options for bind9 23:06:31< Bertl> adding CAPs is reducing or breaking security ... 23:06:59< UFOczek> :-) 23:07:05< yarihm> Bertl: yeah, i'd like to avoid that, but has someone ever mentioned that chrooting bind in a vserver doesn't work? 23:07:11< Bertl> named is running here without any issues ... 23:07:21< yarihm> Bertl: in a chroot? 23:07:34< Bertl> in a vserver, without any caps 23:07:49< yarihm> yeah, i mean in a chroot inside the vserver 23:08:03< Bertl> what would be the difference of a chroot? 23:08:15< yarihm> not fscking up my vserver-chroot? 23:08:21< yarihm> if compromised i mean 23:08:47< Bertl> no, I mean, what would named require to run in a chroot() which it doesn't require running in the vserver chroot() ? 23:09:43< yarihm> i don't know ... i would have expected it to work too ... but maybe i'm misunderstanding your question :- 23:09:58< Bertl> okay, look vserver uses chroot() okay? 23:10:04< yarihm> Bertl: you mean what's the point of running a service inside a chroot inside a vserver 23:10:09< yarihm> Bertl: yeah 23:10:11< Bertl> no, forget that ... 23:10:26< Bertl> a) vserver uses chroot() 23:10:34< yarihm> k so far 23:10:41< Bertl> b) named works here in a vserver without any caps 23:10:52< yarihm> here to 23:10:55< yarihm> +o 23:11:07< Bertl> c) why should another chroot() require anything else? 23:11:18< yarihm> i don't know 23:12:03< yarihm> but it is a fact that it does not work ... inside a vserver i can't chroot bind9 here ... :( i mean it's not that i'd understand why this is 23:12:30< Bertl> try the same 'chrooted' bind on the host ... (or from the host) does it work there? 23:13:42< yarihm> Bertl: gotta check 23:15:19>> axu [gl@81-223-242-222.dynamic.xdsl-line.inode.at] has joined #vserver 23:15:30< axu> hi again :) 23:16:24< Bertl> wb, axu! 23:16:39< yarihm> Bertl: no ... it doesn't run there either 23:17:00< Bertl> bingo! 23:17:16< yarihm> hrmpf ... why could that be? 23:17:56< yarihm> probably the package i use is not proper or so 23:18:06< Bertl> probably bind detects the vserver patch and refuses to run in a chroot() ;) 23:18:13< yarihm> :) 23:27:36< yarihm> but that's in fact rather ugly, bind now runs as root ... :-\ 23:28:04< yarihm> that can't be, i hope sladen's packages work better ... or i made a config-error 23:28:58< Bertl> you can make it run as non root, if you do not use priviledged port ;) 23:29:29< yarihm> yeah ... very good, so i'll just make a DNAT from port 53 to 2000 or what :) 23:30:00< yarihm> it seems the package is unable to drop privileges ... i mean that can't be serious 23:30:04< Bertl> no, you simply tell the world that they should use your secure nameserver at port 2000 ;) 23:30:11< yarihm> :D 23:57:05>> hiaslboy [matthias@e-16.vc-graz.ac.at] has quit [Quit: using sirc version 2.211+KSIRC/1.3.10] 23:58:35>> _id [~id@pD9E61560.dip.t-dialin.net] has quit [Ping timeout: 480 seconds] --- Log closed pon maj 10 00:00:11 2004