--- Log opened śro maj 19 00:00:19 2004 --- Day changed śro maj 19 2004 00:00:19< Bertl> then any reboot() or halt() syscall from inside a vserver, will be forwarded to this script ... 00:00:58< Bertl> try to issue 'reboot -f' inside a vserver, what you probably get is a message in dmesg/syslog saying that the vshelper could not be executed ... 00:01:51< Bertl> there are some vshelper scripts floating around, and the alpha tools should contain a working version, maybe even 0.29.5 does include it ... 00:02:36>> anonymouscoward [~nwalsh@shaggy.internode.com.au] has quit [Ping timeout: 480 seconds] 00:02:51>> netrose [netrose@SP2-24.207.228.55.charter-stl.com] has quit [Ping timeout: 480 seconds] 00:02:58< Bertl> nevertheless, starting a rebootmgr for every server will also solve your issues ... 00:03:32< Bertl> okay, enough for me for today ... good luck and cu tomorrow ... 00:03:41< Bertl> night everyone! 00:03:43< Sebastian> but that´s my problem 00:04:00< Sebastian> i don´t know how i can start the rebootmgr for every vserver ;) 00:04:16< Bertl> read the man page ... or doesn't debian include one? 00:04:22>> Bertl is now known as Bertl_zZ 00:09:10>> Sebastian [~cereal@pD9EAB519.dip.t-dialin.net] has quit [Quit: W)W)ip www.wwip.de | Hosting, Housing, CoLocation and VServer | Forum: http://forum.wwip.de] 00:35:09>> Shotygun [shotgun@shotygun.com] has joined #vserver 00:36:12< Shotygun> Hello chicks and dudes 00:40:17< albeiro> chicks here ? 00:47:32>> Doener_ [~doener@pD9E12688.dip.t-dialin.net] has joined #vserver 00:54:37>> Doener` [~doener@pD958824A.dip.t-dialin.net] has quit [Ping timeout: 480 seconds] 00:55:16< Shotygun> Yeah I thought about it agani when I said that 00:55:23< Shotygun> But you know, few days ago I met a NOC-chick. 00:55:27< Shotygun> Now that's pretty amazing isn't? 00:55:45< Shotygun> IRC NOC Debian chick 00:59:41>> _shuri_ [~shushushu@cpu183.adsl.qc.bellglobal.com] has joined #vserver 00:59:41>> SHu_here [~shushushu@cpu183.adsl.qc.bellglobal.com] has quit [Read error: Connection reset by peer] 00:59:43>> _shuri_ is now known as SHu_here 01:00:15>> monrad [~monrad@213083190253.sonofon.dk] has quit [Quit: Leaving] 01:47:30>> rs [~rs@rs.admin.rhapsodyk.net] has joined #vserver 02:23:35>> rs [~rs@rs.admin.rhapsodyk.net] has quit [Quit: leaving] 03:29:32>> Shotygun [shotgun@shotygun.com] has quit [Remote host closed the connection] 04:19:38>> hvd [~Miranda@62.99.252.14] has quit [Ping timeout: 480 seconds] 05:32:54>> flock [~restless@l192-115-29-147.broadband.actcom.net.il] has quit [Remote host closed the connection] 06:50:11>> Netsplit jupiter.oftc.net <-> nucleon.oftc.net quits: infowolfe, dsanta, serving, tchan, UFOczek, yarihm 06:51:10>> Netsplit over, joins: dsanta 06:51:59>> Netsplit over, joins: tchan 06:59:30>> UFOczek [ufoczek@hood.openbug.net] has joined #vserver 07:23:29>> infowolfe [~infowolfe@pcp04891550pcs.frnkmd01.md.comcast.net] has joined #vserver 07:39:14>> yarihm [~yarihm@217-162-206-157.dclient.hispeed.ch] has joined #vserver 07:40:53>> Netsplit neutron.oftc.net <-> oxygen.oftc.net quits: TheSeer, yarihm, cdub, maharaja, hiaslboy, dsanta, eyck, noel, deadguy, Medivh, (+16 more, use /NETSPLIT to show all of them) 07:40:59>> rmoriz [rmoriz@195.68.242.246] has joined #vserver 07:41:34>> Netsplit over, joins: hiaslboy 07:41:34>> Zoiah [Zoiah@81.17.52.139] has joined #vserver 07:41:39>> Netsplit over, joins: Khahan, _id, Bertl_zZ, infowolfe, yarihm, tchan, dsanta, SHu_here, Doener_, noel (+12 more) 07:57:31>> UFOczek [ufoczek@hood.openbug.net] has joined #vserver 08:22:06>> noel- [~noel@pD9FFEFD9.dip.t-dialin.net] has joined #vserver 08:29:24>> noel [~noel@pD9FFFF99.dip.t-dialin.net] has quit [Ping timeout: 480 seconds] 08:45:24>> serving [~serving@213.186.191.31] has joined #vserver 09:44:54>> Bertl_zZ is now known as Bertl 09:45:10< Bertl> morning everyone! 09:48:30< UFOczek> norning Bertl! 09:49:40< Bertl> hey UFOczek, how is your wolk port? 09:50:08< UFOczek> i didn't finished, ytt 09:50:09< UFOczek> yet 09:53:02< Bertl> okay, have to leave now, cya later ... 09:53:07>> Bertl is now known as Bertl_oO 09:59:55>> rs [rs@ice.aspic.com] has joined #vserver 10:00:01< rs> hello dudues 10:03:41>> Netsplit uranium.oftc.net <-> jupiter.oftc.net quits: TheSeer, cdub, yarihm, maharaja, dsanta, eyck, deadguy, Medivh, Khahan, ccooke, (+10 more, use /NETSPLIT to show all of them) 10:03:56>> Netsplit over, joins: mcp, _id, Khahan, rs, yarihm, tchan, dsanta, SHu_here, Doener_, kestrel (+10 more) 10:43:58>> zev [~zev@masya.aviaserv.com.ua] has joined #vserver 10:57:55>> zev [~zev@masya.aviaserv.com.ua] has quit [Quit: Leaving....] 10:58:05>> zev [~zev@masya.aviaserv.com.ua] has joined #vserver 10:58:08>> zev [~zev@masya.aviaserv.com.ua] has left #vserver [] 11:01:48>> zev [~zev@masya.aviaserv.com.ua] has joined #vserver 11:03:25>> zev [~zev@masya.aviaserv.com.ua] has left #vserver [] 11:32:04>> Bertl_oO is now known as Bertl 11:32:20< Bertl> hello everyone! 11:33:16< rs> hello bertl! 11:33:40< rs> did you get my mail ? 11:33:44< Bertl> hi rs! yep! 11:33:56< Bertl> what was the 'oldest' kernel you rolled back to? 11:34:45< rs> pre14 11:35:13< rs> kernel-image-2.6.6-rc3-vs1.9.0pre14_10.00.Custom_i386.deb 11:35:44< rs> do you whan me to test older one ? 11:36:39< Bertl> okay, and could you retry with 1.9.0.10 (debugging enabled) and do the if set .. so including the debug infos? 11:36:54< rs> I did it 11:37:04< rs> the trace in the mail is with debug info 11:37:32< rs> but the ip command doesn't generate debug before the kernel exception 11:37:49< rs> maybe you want debug info before the command ? 11:38:19< Bertl> hmm, okay so no single debug output while you did this? 11:38:43< Bertl> that is actually good news ;) 11:38:46< rs> just the "freeing up f7673260" 11:38:58< rs> cool :) 11:39:53< Bertl> what I'm not so happy about is, that obviously the EIP values are unuseable in recent dumps :( 11:40:32< rs> why ? 11:40:49< Bertl> because 0060 isn't a sane EIP value ... 11:41:10< Bertl> it's the segment offset register ... 11:41:26< Bertl> the value itself is interpreted and as such basically useless ... 11:46:32< Bertl> hmm, okay, so you say, that oops happened when you did the ip up, right? 11:51:33< Bertl> rs: still there? 11:51:49< rs> yep sorry 11:51:57< Bertl> np 11:52:09< rs> yep, the first ip link set iface up 11:52:36< Bertl> could you do a 'grep -i ipv /proc/self/status' on the terminal you did the ip link set ... ? 11:52:48< rs> ok 11:53:17< rs> I need to reboot it 11:53:23< Bertl> okay ... 11:54:42< Bertl> hmm, could you 'schedule' a recompile with a simple change in the meantime? 11:55:26< rs> yep 11:55:43< Bertl> I have the feeling I know what happens ... 11:55:56< Bertl> kernel/vserver/network.c lin 384 11:56:09< Bertl> - if (!nxi) 11:56:20< Bertl> + if (!nxi || !ifa) 11:57:59< rs> grep -i ipv /proc/self/status 11:57:59< rs> ipv4root: 0100007f/000000ff 0d08c1d5/00ffffff 11:57:59< rs> ipv4root_bcast: 7f08c1d5 11:58:10< Bertl> thought so ;) 11:58:15< rs> without your last modification 11:58:31< rs> what does it mean ? :) 11:58:40< Bertl> you should modify the sshd to _not_ use the chbind 11:58:53< Bertl> (if that is possible ...) 11:59:09< Bertl> nevertheless the modification will probably fix this 11:59:42< Doener_> morning 11:59:44< rs> Bertl: hmm 12:00:03< rs> hmm 12:00:28< rs> I can yes 12:01:07< rs> the chbind is unusfull since I changed the sshd configuration to only bind the host IP 12:01:11< rs> I will try that 12:01:49< Bertl> thing is, with the next step of networking, you will not be able to bring up a vserver on a different ip as the host sshd (from inside a ssh logon ;) 12:02:08< Bertl> (which is probably not what you want ;) 12:02:35< Bertl> but as I said, no relevance to the issue, just the trigger ;) 12:07:06< rs> do you want me to test the kernel with you last modification ? 12:07:17< Bertl> yep, pelase ... 12:07:26< Bertl> please even ;) 12:08:32< rs> what it should do/fix ? 12:08:53< Bertl> the oops?! 12:10:01< rs> ok :) 12:10:45< rs> the pb if that I just changed the way my sshd is started to no longer use chbind 12:10:59< rs> so I wont be able to validate your fix 12:11:12< rs> maybe with a chbinded ip set 12:11:19< Bertl> yep ... 12:14:11< Bertl> considered eth0 is down, then 'chbind --ip 127.0.0.1 ip link set eth0 up' is sufficient to trigger it ;) 12:14:34>> hadge [~michel@h64-5-199-35.gtcust.grouptelecom.net] has joined #vserver 12:14:37>> hadge [~michel@h64-5-199-35.gtcust.grouptelecom.net] has left #vserver [] 12:14:40>> hadge [~michel@h64-5-199-35.gtcust.grouptelecom.net] has joined #vserver 12:14:49< Bertl> hi h-a-d-g-e! 12:15:09< hadge> Hey there, is there any user documentation out there on how to use 1.9? 12:15:39< Bertl> sure, there is the source code, and a paper describing the methods ... 12:16:12< Bertl> aside from that, you use it like the 1.2 or 1.3 branch ... 12:18:30< hadge> ok, cool. I have it setup on one of the pre-1.9s and it works great. What I'm wonering is if there's a way to set limits on HD space usage, memory usage, etc for individual vservers 12:18:59< Bertl> memory usage yes, hard disk not yet, other limits: some ... 12:19:48< hadge> Bertl, So basically, if I want to limit hard drive usage, I just create each vserver on a seperate partition...maybe lvm. That'd likely work 12:20:06< Bertl> yep, sure that also works for per vserver quota ... 12:20:13< rs> re 12:20:56< hadge> where do I look to setup memory limits? 12:20:58< rs> chbind --ip 127.0.0.0 ip link set eth1 up 12:20:58< rs> ipv4root is now 127.0.0.0 12:21:05< rs> Apr 20 12:14:53 bvdsn02.dev.lyceu.net kernel: e1000: eth1 NIC Link is Up 100 Mbps Full Duplex 12:21:08< rs> Apr 20 12:14:53 bvdsn02.dev.lyceu.net kernel: nxd: __unhash_nx_info: f772f9b4[#49156] 12:21:11< rs> Apr 20 12:14:53 bvdsn02.dev.lyceu.net kernel: nxd: dealloc_nx_info(f772f9b4) 12:21:12< rs> seems to work well :) 12:21:50< Bertl> hadge: simplest way is to get used to the alpha util-vserver, this supports configurations which do that ... 12:22:19< Bertl> for example is limiting the memory ... and I guess can explain the setup to you ... 12:23:03< rs> the configuration.xml include in the util-vserver explain it, but it should be better 12:23:18< rs> I will do some doc during my vacations :o) 12:23:48< hadge> I'll look into it, and read up a little before bugging you guys for some hand holding :) 12:24:26< _id> are the alpha utils debianized - or do i need to compile it first (no big deal) ? 12:24:36< _id> re btw ;) 12:25:33< Bertl> _id: what is debianized? broken? 12:25:53< _id> lol - i mean .deb packaged 12:25:58< _id> somewhere 12:26:08< rs> hehe bertl :) 12:26:18< Bertl> probably, IIRC Doener did some efford on 'debianizing' it ;) 12:26:34< Bertl> (Doener: no offense meant ;) 12:26:40< rs> _id: I can send you my debian directory for the last alpha tool, but I think it should be packaged by the official maintener soon 12:26:51< Doener_> what? where? 12:26:54< rs> if it's not already the case 12:26:56< _id> rs - that would be nice 12:26:58 * Doener_ is still very sleepy ;) 12:27:00< _id> hi Doener_ 12:27:04< Doener_> hi _id 12:27:09< Bertl> morning Doener_ ... *hmmm* 12:27:18>> Doener_ is now known as Doener 12:27:38< _id> rs - but i dont know if DCC works throu my fq 12:27:41< _id> fw 12:28:20< rs> wait a minute 12:28:47< _id> i just killed my laptop with "dhclient" - wtf for the first time in years 12:29:10< _id> i had to do a hard reboot 12:29:58< Bertl> okay, lunch time ... bbl ... 12:30:02>> Bertl is now known as Bertl_oO 12:32:16< rs> http://rs.rhapsodyk.net/vserver/util-vserver/debian.tgz 12:32:20< _id> thanx 12:32:50< rs> shoud be used with the 0.29.214 version 12:34:37< _id> exact this one ok 12:34:50>> serving [~serving@213.186.191.31] has quit [Read error: Connection reset by peer] 12:52:43< hadge> when updating my util-vserver, shoudl I make uninstall before make install-ing the newer version? 13:00:24>> hvd [~Miranda@62.99.252.14] has joined #vserver 13:01:57< hvd> anyone that can explain me what patch -D does ;-? im yust trying add ctx patch to wolk (hi mcp) .. 13:05:34< Doener> hvd: hmm... 13:06:26< Doener> hvd: you were talking while Bertl told that to mcp ;) 13:06:39< Doener> Mai 15 01:54:56 Bertl: so -D name would do a completely ifdefed version of the patch w/o doing any ifdefing in the source? 13:06:39< Doener> Mai 15 01:55:08 sure, that's what it is for ;) 13:06:39< Doener> Mai 15 01:55:13 cool 13:09:04< hvd> yes but i tried .. it did not work the way i thought it worked ;-) .. 13:09:14< hvd> maybe im dump ;-) 13:09:20< hvd> (not quiet shure) 13:11:52< Doener> test.c: void main() {} 13:11:52< Doener> test2.c: void main() { return; } 13:11:52< Doener> doener@doener:~/src/test$ patch -D hvd < diff 13:11:52< Doener> result: #ifndef hvd 13:11:52< Doener> void main() {} 13:11:54< Doener> #else 13:11:57< Doener> void main() { return; } 13:11:59< Doener> #endif 13:12:19< Doener> oh, missed the diff line... diff -Nru test.c test2.c > diff 13:14:43>> Bertl_oO is now known as Bertl 13:15:04< Doener> basically you can now switch between patched/non-patched using preprocessor directives 13:16:08< Bertl> hvd: no you are not dump, not even dumb I guess ... 13:16:21< hvd> bertl ;-( .. 13:16:24< hvd> bertl ;-) .. 13:16:37< hvd> maybe my patch is broken .. 13:16:44< hvd> *upgrading* 13:18:06< Bertl> but what you probably want is to use the -D on the diff ... 13:19:40< hvd> ahh maybe thats the fault ;-) .. 13:19:51< Bertl> but be careful -D doesn't work with -r 13:20:15< hvd> *grml* 13:20:30< hvd> for i in bla do ;-) 13:20:53< Bertl> for i in `lsdiff `; do ;) 13:21:22< hvd> ok i will see .. ;-) 13:22:02< hvd> did you ever diff up against grsec ? (im not shure about procfs.c) 13:22:19< Bertl> no, grsec was always done by somebody else ... 13:22:35< Bertl> simply because I do not use grsec, and nobody could explain it to me yet ;) 13:22:47< hvd> ok i will look at mcps patches ;-) .. 13:23:19< Bertl> rs: so how is 1.9.0.10+fix? 13:23:22< _id> does anyone run mysqld in a vserver ? 13:23:27< Bertl> yep 13:23:38< _id> with loopback or IP 13:23:45< Bertl> don't know ... 13:24:24< _id> special CAPS ? 13:24:36< Bertl> [mysqld] 13:24:36< Bertl> port=0 13:24:36< Bertl> datadir=/var/lib/mysql 13:24:36< Bertl> socket=/var/lib/mysql/mysql.sock 13:25:00 * hvd runs mysql in vserver perfect .. ;-) 13:25:02< Bertl> CapInh: 0000000000000000 13:25:02< Bertl> CapPrm: 00000000f40c04ff 13:25:02< Bertl> CapEff: 00000000f40c04ff 13:25:02< Bertl> CapBset: 00000000f40c04ff 13:25:12< _id> hmm port 0 - i guess you run it via 127.0.0.1 13:25:25< Bertl> I'd say via unix socket ;) 13:25:26< _id> ok i going to install it 13:25:42< _id> oh right 13:28:59< Bertl> hey again even vs1.27 isn't noticeable on the host ;) 13:29:45< Bertl> http://khack.osdl.org/stp/292866/ 13:29:56< Bertl> http://khack.osdl.org/stp/292868/ 13:30:00< hvd> bertl did you see my question yesterday regarding natted ipvs/policy routing ? 13:30:13< Bertl> no, obviously missed it ... let's hear 13:30:31< hvd> *digging up my logs* 13:32:22< hvd> anyone played around with natted ipvs, policy based routing and vserver ? 13:32:23< hvd> setup is the following: ipvs box (loadbalancer), two master servers (master-1, master-2) both running a vserver with openldap server (vserver-1, vserver-2) .. 13:32:23< hvd> it works perfect if srcip =! vserver.* 13:32:23< hvd> if srcip == vserver.* we have a problem .. even with policy routing the packet gets send via lo .. therefor not passing through the loadbalancer ... 13:32:31< hvd> or i was unable to setup policy routing to force the packet to be forwarded via loadbalancer .. 13:32:36< hvd> so my questsion was if there is a way to do this at tcp_minisocks.c in the kernel .. 13:32:39< hvd> or if someone would have an idea on hwo todo that ;-) .. 13:32:58< hvd> *repost done* 13:33:16< Bertl> hmm, you are talking about 'load balancing' on the same host? 13:33:42< _id> i guess he has 3 servers 13:33:45< hvd> no .. to master servers .. running both an ldapserver on each in a vserver .. 13:34:01< hvd> s/to/two/ 13:34:09< hvd> and a dedicated box doing nattet ipvs 13:34:12< Bertl> could you draw a simple sketch of your network setup? maybe ascii? 13:34:19< hvd> will try ;-) .. 13:41:41< Bertl> rs: it seems that you have some special config option enabled making the oops/stack trace harder to read ... 13:53:30>> hvd [~Miranda@62.99.252.14] has quit [Read error: Connection reset by peer] 13:59:49>> hadge [~michel@h64-5-199-35.gtcust.grouptelecom.net] has quit [Quit: Leaving] 14:07:55>> anonymouscoward [~nwalsh@shaggy.internode.com.au] has joined #vserver 14:08:14< Bertl> hey coward! 14:15:36< anonymouscoward> hey there - just so as not to annoy others - how do I prevent those online offline messages I keep sending, or is that a server side thing? 14:16:07< Bertl> you eman when you join or leave? 14:16:58< rs> re 14:17:31< rs> Bertl: seems to work well, thx :) 14:17:40< rs> Bertl: which kind of options ? 14:18:02< anonymouscoward> no - those idle notification messages - could be my client of course 14:18:26< Bertl> I do not really know yet ... just my kernel spews out: 14:18:26< Bertl> Oops: 0000 [#1] 14:18:26< Bertl> CPU: 0 14:18:26< Bertl> EIP: 0060:[<901200a5>] Not tainted 14:18:26< Bertl> EFLAGS: 00000282 (2.6.6-vs1.9.0) 14:18:26< Bertl> EIP is at ifa_in_nx_info+0x15/0x40 14:18:34< Bertl> ... 14:18:35< Bertl> Call Trace: 14:18:35< Bertl> [<9020c64a>] devinet_ioctl+0x1ba/0x570 14:18:35< Bertl> [<9020e7c5>] inet_ioctl+0x45/0x80 14:18:43>> hvd [~Miranda@62.99.252.14] has joined #vserver 14:18:50< Bertl> so I see the address and the symbols ... 14:19:04< Bertl> while yours just gives the symbols ... 14:19:15< rs> strange 14:19:45< Bertl> anonymouscoward: you probably get a message when you've been marked as being idle, which is a client issue ... 14:19:46< rs> special things are: modules are disabled, spinlock, debug are unabled 14:20:00< anonymouscoward> /m anonymouscoward +i 14:20:18< anonymouscoward> mmm - distinct lack of irc skills on my part 14:20:28< Bertl> rs I'll upload my current config ... maybe you can check it against yours? 14:21:07< anonymouscoward> Bertl: so you guys don't see that message? - that's good. 14:21:16< Bertl> 14:07 -!- anonymouscoward [~nwalsh@shaggy.internode.com.au] has joined #vserver 14:21:21< Bertl> that is all I saw ;) 14:21:58< rs> Bertl: ok 14:22:04< Bertl> http://vserver.13thfloor.at/Stuff/QEMU/2.6.6-vs1.9.0.config 14:22:21< Bertl> this is a qemu config, so you will see some differences regarding hw and such ... 14:22:25< anonymouscoward> yeah - that way me joining - its just during the day when I leave the connection to #vserver on that those idle messages appear. I was worried it might anny others. 14:24:58< rs> Bertl: 14:25:00< rs> oups 14:25:13< rs> I have: CONFIG_4KSTACKS=y CONFIG_X86_FIND_SMP_CONFIG=y CONFIG_X86_MPPARSE=y 14:25:56< Bertl> hmm, maybe the 4KSTACKS influence the output? let's see ... 14:27:06< anonymouscoward> hmm - to make that clearer - I leave my irc client connected to #vserver during the day and come back to the window from time to time. When I return messages about me being idle or returning have come up in the irc window. Anyway - its nothing to worry about. 14:32:57>> serving [~serving@213.186.191.31] has joined #vserver 14:40:46< rs> ok 14:46:05>> ApoIIo [~Apollo@caracal.norcomcable.ca] has joined #vserver 15:00:22< Bertl> rs: the 4Kstack is not the option we are looking for ... 15:00:27< Bertl> EIP: 0060:[<901204e9>] Not tainted 15:00:27< Bertl> EFLAGS: 00000286 (2.6.6-vs1.9.0) 15:00:32< Bertl> (with 4k stacks) 15:00:54< rs> ok 15:16:17< Bertl> back in a few ... 15:16:22>> Bertl is now known as Bertl_oO 15:17:09>> riel [~riel@riel.netop.oftc.net] has joined #vserver 15:24:55>> netrose [netrose@24.207.228.55] has joined #vserver 15:29:30>> Bertl_oO is now known as Bertl 15:30:11< Bertl> okay, I'm back ... 15:32:16>> Shotygun [shotgun@shotygun.com] has joined #vserver 15:32:33< Shotygun> 'lo 15:32:38< Bertl> hi Shotygun! 15:32:50< Shotygun> Hey Bert =) 15:50:28>> serving [~serving@213.186.191.31] has quit [Ping timeout: 480 seconds] 16:30:09>> ApoIIo [~Apollo@caracal.norcomcable.ca] has left #vserver [] 17:02:21>> lilo [levin@lilo.usercloak.oftc.net] has quit [Ping timeout: 480 seconds] 17:02:26< hvd> bertl: is there an official vserver logo ? 17:02:52< Bertl> unfortunately not yet ... 17:07:12>> lilo [levin@lilo.usercloak.oftc.net] has joined #vserver 17:07:17< Bertl> hi lilo! 17:07:21< hvd> jack had a logo showing an ibm e-series server with many servers inside .. 17:07:27< hvd> but cant find it any more .. 17:07:31< Bertl> hvd: IIRC the wargames guys did some logo ... 17:08:42< Bertl> but their site seems down, at least for me ;) 17:11:01< hvd> url ? 17:12:09< Bertl> wargames.unix.se 17:13:24< Doener> exec /usr/local/sbin/chbind --ip 82.211.9.2 --ip 82.211.12.2 /etc/init.d/inetd start 17:13:30< Doener> and from netstat -plunt: tcp 0 0 0.0.0.0:37 0.0.0.0:* LISTEN 14766/inetd 17:14:00< Doener> is that expected? other services show up as being bound to 82.211.9.2 17:14:12< Doener> 2.4.26-vs1.27 17:14:39< Doener> debian *runs away from Bertl* 17:14:41< Doener> ;) 17:14:48< Shotygun> lol 17:14:59< Bertl> interesting info (for german readers): http://www.iku-ag.de/unternehmen/vserver.jsp 17:15:43< Bertl> Doener: use chcontext --secure in front of that ... 17:15:58< Doener> that is from vsyswrapper... 17:19:01< Doener> hmm... now it is in its own context... not sure if that actually is what i wanted to achieve ;) 17:20:05< Bertl> don't know what you wanted to achieve? 17:21:26< Doener> i just wanted to have inetd bound to something else than 0.0.0.0, so that a inetd in a vserver won't get in conflict with it... 17:22:13< Bertl> well, then your chbind will be sufficient (unless debian did brake something) 17:22:24< Bertl> break even ... 17:22:48< Doener> vanilla kernel ;) 17:22:54< Bertl> what would you expect to see from the netstat? 17:23:02< Bertl> 82.211.9.2,82.211.12.2 8-) 17:23:03< Doener> udp 0 0 82.211.9.2:53 0.0.0.0:* 14769/named 17:23:08< Doener> something like that 17:23:22< Bertl> you know that you can't bind more than one address? 17:24:04< Doener> d'oh...go on and blame me forever... i had changed named.conf to bind only to that ip address... 17:24:29< Bertl> okay, will do so *G* 17:24:36< Doener> oops... 17:24:47< Bertl> anyway have to leave now ... so cya later? maybe! 17:24:54< Doener> cya Bertl 17:25:00>> Bertl is now known as Bertl_oO 17:25:23< Doener> at least I said 'forever' and not 'for everything'... 17:28:05< hvd> http://www.linuxvirtualserver.org/logo/logo.html 17:28:19< hvd> is zwar fuer ipvs 17:28:32< hvd> grml .. its for ipvs but might fit as well for ctx .. 17:42:30>> serving [~serving@213.186.191.31] has joined #vserver 19:36:31>> _id [~id@217.230.18.2] has quit [Ping timeout: 480 seconds] 19:51:09>> _id [~id@p50835AA6.dip.t-dialin.net] has joined #vserver 19:57:34>> rs [rs@ice.aspic.com] has quit [Quit: leaving] 20:32:59>> dsanta [~santa@c68.190.156.105.roc.mn.charter.com] has quit [Quit: leaving] 20:33:19>> dsanta [~santa@c68.190.156.105.roc.mn.charter.com] has joined #vserver 20:44:10>> gilbert [gilbert@208-186-222-203.nrp4.brv.mn.frontiernet.net] has joined #vserver 20:44:23< gilbert> hey everyone 20:45:53< Doener> hi gilbert 20:49:03< gilbert> hey man 20:49:11< gilbert> do you know much about quotas 20:50:35< gilbert> im just getting a feel for this and seeing what other peoples experiences are with quotas before i apply anything 20:51:17< Doener> neither in general nor in context with vserver... sorry 20:53:13< gilbert> ok thanks for your input anyways 20:53:19< gilbert> i think i found some stuff 20:53:45< gilbert> and thanks to everyone else out there this is really helping me secure my servers better 20:56:11< gilbert> i noticed also that this tool on the vserver sites not avaialabe: '[PHP based Admin Interface] (PHP Based V-Server Interface)' if you need some server resources for hosting it i might be able to see what i can do for whoever is interested 21:00:14< Doener> hmm... funny... they fixed the link in their channel topic not too long ago 21:01:13< gilbert> ok, well if its important to anyone a mirror could be setup perminately 21:37:27>> Bertl_oO is now known as Bertl 21:37:38< Bertl> evening everyone! 21:39:08< Bertl> gilbert, if you are interested in spending some time on this, we could try to setup a mirror for linux-vserver ... but I assure you, this will need some work on both sides ... 21:46:46< Shotygun> Evening Bert, tell me, is 1.9.0 good for production? 21:52:44< Bertl> well, it's development ... so you have to expect the unexpected ;) 21:53:18< Bertl> but I'd says it should be as good as the 1.3 branch (development too) but for sure not as tested as the stable branch (1.2) 21:57:59>> riel [~riel@riel.netop.oftc.net] has left #vserver [Excess food] 22:17:55< Bertl> Shotygun: and at least two persons are using it in a production scenario ... 22:19:18< Shotygun> I havn't tested it but I find no reason why not to use it for production and I just wanted to see if there is any chance that I'm wrong =) 22:21:57< Bertl> maybe one 'reason' against it, would be that there is a greater possibility for security loopholes in 1.9.x than in 1.2x ... so it might be that your customer uses 1.9.x to her advantage ;) 22:31:37< Bertl> hmm, anyone seen loger recently? 22:32:49< Bertl> sladen: do you have a minute for me? 22:32:56< gilbert> no sorry havent 22:33:27< gilbert> seen loger but really havent been that aquainted with loger 22:37:04< gilbert> hey everyone (side-note) i have some questions about quotas and such 22:37:34< Bertl> okay, let's hear ... 22:37:38< gilbert> there kind of random, cause im trying to figure out what my best approach is 22:38:26< gilbert> well to start my Kernel is 2.4.26 with the 1.27 release 22:39:19< gilbert> do i need to patch my kernel with the latest releases from the quota 22:39:29< sladen> Bertl: possibly 22:39:34< gilbert> section in addon 22:40:03< gilbert> or is there a way to create something like an extended partition easily in Webmin 22:40:43< gilbert> cause i dont think thats really feasible when the disk is already in use 22:41:19< Bertl> sladen: I just noticed that loger is no more ... and I would appreciate some logging of the channel, and as you are by far the best archiver I know, I'd like to ask you, if you could imagine to log and archive the channel for us, if Alexey doesn't want to do it any longer ... 22:42:19< Bertl> gilbert: let me explain the basic types of 'quota' (or what folks consider quota) 22:42:28< sladen> Bertl: okay, I'll try and look into it 22:42:41< Bertl> sladen: great, thanks in advance! 22:43:10< Bertl> gilbert: first, there is what we know as normal filesystem limits ... 22:43:45< Bertl> you take a partition of 2GB and put some filesystem on it, then you'll have about 1.8GB available space and a bunch of inodes to use ... 22:44:15< Bertl> (this can be queried with df and df -i 22:44:17< Bertl> ) 22:44:27< gilbert> ok 22:44:40< Bertl> there is an equivalent of 'Disk Limits' for vservers on a shared partition 22:45:07< Bertl> which allows you, to take a shared partition of, let's say 2GB and 100000 inodes 22:45:38< Bertl> and put 4 vservers on it, 'reserving' 300MB and 10000 inodes for each of them 22:46:12< Bertl> df and df -i will then show the 'new'/'virtual' limits inside a vserver, and the 2GB/100k on the host 22:47:07< Bertl> this, so far, has nothing to do with quota, except that the current implementation requires something which I called quota hashes to allow for this kind of vserver Disk Limits ... 22:47:35< Bertl> sounds simple, so far? 22:52:26< gilbert> uhhh 22:52:54< gilbert> im aborbin man :) and trying to let it soak in thanks for the details 22:53:19< Bertl> okay, let me know when you are ready for the quota part ;) 22:53:37< Bertl> (if you need quota at all ;) 22:54:05< gilbert> :) your awsome man 22:54:52< Bertl> you are welcome ... 22:59:53< gilbert> what are inodes? 23:01:36< Bertl> the unix filesystem is based on inodes (not on files as you might think) and each inode is a basic unit capable of storing information ... 23:01:48< sladen> Bertl: are there logs currently? 23:01:49< Shotygun> You can compare inode as DOS' "clusters" 23:01:49< Bertl> they can be used to store directory information as well as file data 23:02:02< gilbert> ok 23:02:21< Bertl> sladen: yep, we had some, but the host is down atm, I contacted alexey and asked him to provide the latest version ... 23:02:32>> hvd [~Miranda@62.99.252.14] has quit [Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org] 23:02:39< Bertl> http://213.159.117.8/logs/vserver-logs/ 23:03:39< Bertl> sent a copy of the mail to the mailing list, which is also down, atm :( 23:07:07< Bertl> Shotygun: hmm, DOS hat 'clusters'? 23:07:12< Bertl> s/hat/had/ 23:08:02< Shotygun> Yeah, they described it as cluster if I remember right, which is same as inode. 23:10:54< sladen> Bertl: after the outage you may have noticed last week or so, I now have a nice new fat RAID array and can start mirroring/serving more stuff again 23:11:06< sladen> I had major diskspace issues before 23:12:05< Bertl> you forgot 'shiny', but sounds great! ;) 23:15:19< Bertl> ahh, seems like the ml is being restored just this instant ... 23:15:35< Shotygun> Bert as much and I love receiving special discounts over the mass amounts of viagra I order over daily basis, don't you think the mailing list should be restricted to registered users only? =) 23:15:58< _id> re - ok i have a minor problem - i can easily connect to my mysqldb (installed inside vserver) via SOCKS - but as soon as i want to connect via localhost (lo) or DNS name (IP) i get errors 23:16:19< Bertl> Shotygun: no, I don't think that it should be restricted in any way ... 23:16:37< _id> with mysqladmin - i just want to set the db root pass ;) 23:16:51< Shotygun> Why not? What good come out from it to open to the public? 23:17:01< _id> msql plain works fine even with DNS name 23:17:12< Shotygun> Most people will register anyway for not taking the chance that the reply will come only to the mailing list.. 23:17:20< Bertl> _id: try to describe the errors ... 23:18:04< _id> i issue the command /usr/bin/mysqladmin -h db1 -u root -p fu 23:18:08< Bertl> Shotygun: it's just not the way I want a ml to be ... for example take lkml, they have much more traffic than we do, and no restritions at all ... 23:18:44< _id> i get : connect to server at 'db1' failed 23:18:52< Shotygun> Okie 23:19:14< _id> error 'access denied for user 'root@db1' using passwords yes 23:20:01< Bertl> well, 'access denied' looks to me like a config issue, doesn't it? 23:20:47< _id> yeah - but if i type : mysql -h db1 - i am in 23:21:23< Bertl> which probably is because this one uses a different interface? 23:22:07< Shotygun> Bert did you read the mail over the mailing list about the tomcat? 23:22:22< Shotygun> I havn't tried tomcat but I'm kind of curious what could be the problem 23:23:06< Shotygun> _id don't forget that in vserver you don't go through the localhost device 23:23:12< Shotygun> (If I remember correctly) 23:23:43< _id> yes i # out the skip-network part to get the port 3306 open in /etc/my.conf 23:23:58< _id> netstat shows mysqld is ready 23:24:42< Bertl> Shotygun: I'm catching up ... 23:24:46< Shotygun> The reason you being denied sounds like you limited the user you try to log with (root) to log from localhost only, check the address.. 23:24:52< SHu_here> hello there 23:25:14< _id> ok 23:25:37< SHu_here> hey Bertl [PHP based Admin Interface] (PHP Based V-Server Interface) the link is no longer working 23:25:52< Shotygun> mysql> select Host,User from user where User="root"; 23:25:52< Shotygun> +-----------+------+ 23:25:52< Shotygun> | Host | User | 23:25:52< Shotygun> +-----------+------+ 23:25:52< Shotygun> | localhost | root | 23:25:53< Shotygun> +-----------+------+ 23:26:18< Bertl> SHu_here: heard about that, you should try to contact the developer(s) ... 23:26:31< Shotygun> Just UPDATE user SET Host="the-vserver-IP" WHERE User="root"; 23:27:33< Doener> SHu_here: i'm just talking to one of the devs... 23:27:58< Shotygun> Bert would you like me to run a bot in this channel that will archive things up? 23:30:52< Bertl> Shotygun: please have a chat with paul (sladen), maybe he can use some help with that ... 23:31:20< Shotygun> sladen: Alive? =) 23:33:06< Shotygun> Bertl: 'Babelfish'ing the URL =P 23:33:34< sladen> /me pops up again 23:33:45< sladen> you may have threeeeeeee-wishes 23:34:01< Shotygun> 1) I wish I would be rich 23:34:09< Shotygun> 2) I wish I would have a hot chick with me at the moment 23:34:19< Shotygun> 3) I wish to know if you need any help with the archiving or you on it already 23:34:39< sladen> alas, 1 and 2 are a little difficult; but for number 3 23:35:36< sladen> Shotygun: I can't set something up just yet, but if you can start logging stuff in the meantime, I'll try and piece it all together at some stage (assuming we can get hold of the back-dated stuff) 23:36:09< Shotygun> How do you do the archiving anyway? 23:37:23< sladen> the mailing list, or the IRC. The mailing list is hypermail with time spent on custom headers/footers; for the IRC--I don't yet! 23:37:51< Bertl> Shotygun: *bling* you are rich now, you are just not allowed to spend all the money, hmm, any money, and look under your sofa, there is a hot chick from kfc .... 23:38:09< sladen> squaaak 23:38:26< _id> hehe 23:38:28< Shotygun> As for the IRC we can just stick up some eggdrop here with few lines of TCL and for it will cycle up the logs over daily basis, and gzip them or whatever. 23:38:42< Shotygun> I don't mind doing that but I'm not going to make the webadmin that will dig those logs =P 23:38:46< sladen> Shotygun: sounds excellent 23:39:17< Shotygun> The question is what do we do with the log files, there should be some searchable method for it.. 23:39:25< sladen> Shotygun: gawd no. You don't even have to put them up anyway; just need something who knows what they're doing and can do it reasonabley quickly to go and do it! :-) 23:40:00< sladen> searching and sorting them can be done retrospectively; (assuming they've been logged) 23:40:19< Bertl> I think the archives alexey did, should be fairly complete ... 23:40:34< Bertl> and I do not see any reason why he should not provide them ... 23:41:11< Shotygun> Let me tell you what I can do, I can put an eggdrop that will write specific events to a file and sort it in dirs/tarballs or whatever. My question is how you gonna handle the data. 23:43:22< SHu_here> Bertl: [17:35] (cereal): nono actually we´re working on vserver 1.0 which will be released sonn 23:43:31< SHu_here> so the site will re-open soon 23:43:38< Bertl> I'd suggest, make a file each day, containing all the joins/leaves and messages, wrap it up at 0 GMT, and let sladen care about the details ... 23:43:56< Shotygun> Okie 23:44:01< Shotygun> On it 23:44:43< sladen> Shotygun: yup, if you just log everything into one file, we can it out/discard it later--but not the other way around 23:44:54< sladen> we can grep it out/discard 23:45:40< Bertl> SHu_here: hmm, vserver 1.0 interesting ... 23:45:42< Shotygun> If I log everything to one file it will be easy, but it will also be hard to track/maintain. 23:46:30< sladen> Shotygun: if you make a new file each day (like Bertl suggested, archive it at 00:00 UTC each day 23:48:44< Shotygun> Okie 23:50:07< Bertl> okay, leaving for now, thanks again Shotygun and paul, will be back later ... 23:50:16>> Bertl is now known as Bertl_oO 23:53:51>> taxcollector [~taxcollec@192.16.167.161] has joined #vserver 23:55:46< Shotygun> sladen: I'm now setting up the eggy 23:57:52< sladen> is that mister taxcollector ? 23:58:14< _id> nope he is real ;) --- Log closed czw maj 20 00:00:46 2004